From 9f36dfcd68bb969838307d65141ca8905abff6d3 Mon Sep 17 00:00:00 2001
From: Ilya Kreymer <ikreymer@gmail.com>
Date: Thu, 15 Aug 2019 08:25:26 -0700
Subject: [PATCH] webrtc ice: Add 'min/max-rtp-port' props for setting RTP port
 range

default min port == 0, max port == 65535 -- if min port == 0, uses existing random port selection (range ignored)
add 'gathering_started' flag to avoid changing ports after gathering has started
validity checks: min port <= max port enforced, error thrown otherwise
include tests to ensure port range is being utilized (by @hhardy)

Change-Id: I5fcc747bb3416c37e2dfdb6d83c9552e30583212
Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/119>
---
 ext/webrtc/gstwebrtcice.c        | 57 ++++++++++++++++++++++++++++++
 ext/webrtc/gstwebrtcice.h        |  3 ++
 ext/webrtc/icestream.c           | 19 ++++++++++
 tests/check/elements/webrtcbin.c | 75 +++++++++++++++++++++++++++++++++++++++-
 4 files changed, 153 insertions(+), 1 deletion(-)

diff --git a/ext/webrtc/gstwebrtcice.c b/ext/webrtc/gstwebrtcice.c
index 5b7cda7..c98ec3e 100644
--- a/ext/webrtc/gstwebrtcice.c
+++ b/ext/webrtc/gstwebrtcice.c
@@ -56,6 +56,8 @@ enum
   PROP_AGENT,
   PROP_ICE_TCP,
   PROP_ICE_UDP,
+  PROP_MIN_RTP_PORT,
+  PROP_MAX_RTP_PORT,
 };
 
 static guint gst_webrtc_ice_signals[LAST_SIGNAL] = { 0 };
@@ -1009,6 +1011,21 @@ gst_webrtc_ice_set_property (GObject * object, guint prop_id,
       g_object_set_property (G_OBJECT (ice->priv->nice_agent),
           "ice-udp", value);
       break;
+
+    case PROP_MIN_RTP_PORT:
+      ice->min_rtp_port = g_value_get_uint (value);
+      if (ice->min_rtp_port > ice->max_rtp_port)
+        g_warning ("Set min-rtp-port to %u which is larger than"
+            " max-rtp-port %u", ice->min_rtp_port, ice->max_rtp_port);
+      break;
+
+    case PROP_MAX_RTP_PORT:
+      ice->max_rtp_port = g_value_get_uint (value);
+      if (ice->min_rtp_port > ice->max_rtp_port)
+        g_warning ("Set max-rtp-port to %u which is smaller than"
+            " min-rtp-port %u", ice->max_rtp_port, ice->min_rtp_port);
+      break;
+
     default:
       G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
       break;
@@ -1033,6 +1050,15 @@ gst_webrtc_ice_get_property (GObject * object, guint prop_id,
       g_object_get_property (G_OBJECT (ice->priv->nice_agent),
           "ice-udp", value);
       break;
+
+    case PROP_MIN_RTP_PORT:
+      g_value_set_uint (value, ice->min_rtp_port);
+      break;
+
+    case PROP_MAX_RTP_PORT:
+      g_value_set_uint (value, ice->max_rtp_port);
+      break;
+
     default:
       G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
       break;
@@ -1120,6 +1146,37 @@ gst_webrtc_ice_class_init (GstWebRTCICEClass * klass)
           TRUE, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS));
 
   /**
+   * GstWebRTCICE:min-rtp-port:
+   *
+   * Minimum port for local rtp port range.
+   * min-rtp-port must be <= max-rtp-port
+   *
+   * Since: 1.20
+   */
+  g_object_class_install_property (gobject_class,
+      PROP_MIN_RTP_PORT,
+      g_param_spec_uint ("min-rtp-port", "ICE RTP candidate min port",
+          "Minimum port for local rtp port range. "
+          "min-rtp-port must be <= max-rtp-port",
+          0, 65535, 0, G_PARAM_READWRITE | G_PARAM_STATIC_STRINGS));
+
+  /**
+   * GstWebRTCICE:max-rtp-port:
+   *
+   * Maximum port for local rtp port range.
+   * min-rtp-port must be <= max-rtp-port
+   *
+   * Since: 1.20
+   */
+  g_object_class_install_property (gobject_class,
+      PROP_MAX_RTP_PORT,
+      g_param_spec_uint ("max-rtp-port", "ICE RTP candidate max port",
+          "Maximum port for local rtp port range. "
+          "max-rtp-port must be >= min-rtp-port",
+          0, 65535, 65535,
+          G_PARAM_READWRITE | G_PARAM_CONSTRUCT | G_PARAM_STATIC_STRINGS));
+
+  /**
    * GstWebRTCICE::add-local-ip-address:
    * @object: the #GstWebRTCICE
    * @address: The local IP address
diff --git a/ext/webrtc/gstwebrtcice.h b/ext/webrtc/gstwebrtcice.h
index 283672f..5e7543c 100644
--- a/ext/webrtc/gstwebrtcice.h
+++ b/ext/webrtc/gstwebrtcice.h
@@ -51,6 +51,9 @@ struct _GstWebRTCICE
   GHashTable                       *turn_servers;
 
   GstWebRTCICEPrivate              *priv;
+
+  guint                             min_rtp_port;
+  guint                             max_rtp_port;
 };
 
 struct _GstWebRTCICEClass
diff --git a/ext/webrtc/icestream.c b/ext/webrtc/icestream.c
index 36363f2..924c9cb 100644
--- a/ext/webrtc/icestream.c
+++ b/ext/webrtc/icestream.c
@@ -46,6 +46,7 @@ struct _GstWebRTCICEStreamPrivate
 {
   gboolean gathered;
   GList *transports;
+  gboolean gathering_started;
 };
 
 #define gst_webrtc_ice_stream_parent_class parent_class
@@ -187,6 +188,24 @@ gst_webrtc_ice_stream_gather_candidates (GstWebRTCICEStream * stream)
   }
 
   g_object_get (stream->ice, "agent", &agent, NULL);
+
+  if (!stream->priv->gathering_started) {
+    if (stream->ice->min_rtp_port != 0 || stream->ice->max_rtp_port != 65535) {
+      if (stream->ice->min_rtp_port > stream->ice->max_rtp_port) {
+        GST_ERROR_OBJECT (stream->ice,
+            "invalid port range: min-rtp-port %d must be <= max-rtp-port %d",
+            stream->ice->min_rtp_port, stream->ice->max_rtp_port);
+        return FALSE;
+      }
+
+      nice_agent_set_port_range (agent, stream->stream_id,
+          NICE_COMPONENT_TYPE_RTP, stream->ice->min_rtp_port,
+          stream->ice->max_rtp_port);
+    }
+    /* mark as gathering started to prevent changing ports again */
+    stream->priv->gathering_started = TRUE;
+  }
+
   if (!nice_agent_gather_candidates (agent, stream->stream_id)) {
     g_object_unref (agent);
     return FALSE;
diff --git a/tests/check/elements/webrtcbin.c b/tests/check/elements/webrtcbin.c
index 89a141c..f6b46aa 100644
--- a/tests/check/elements/webrtcbin.c
+++ b/tests/check/elements/webrtcbin.c
@@ -692,7 +692,6 @@ test_webrtc_wait_for_answer_error_eos (struct test_webrtc *t)
   test_webrtc_wait_for_state_mask (t, states);
 }
 
-#if 0
 static void
 test_webrtc_wait_for_ice_gathering_complete (struct test_webrtc *t)
 {
@@ -709,6 +708,7 @@ test_webrtc_wait_for_ice_gathering_complete (struct test_webrtc *t)
   g_mutex_unlock (&t->lock);
 }
 
+#if 0
 static void
 test_webrtc_wait_for_ice_connection (struct test_webrtc *t,
     GstWebRTCICEConnectionState states)
@@ -904,6 +904,78 @@ GST_START_TEST (test_audio)
 
 GST_END_TEST;
 
+static void
+_check_ice_port_restriction (struct test_webrtc *t, GstElement * element,
+    guint mlineindex, gchar * candidate, GstElement * other, gpointer user_data)
+{
+  GRegex *regex;
+  GMatchInfo *match_info;
+
+  gchar *candidate_port;
+  gchar *candidate_protocol;
+  gchar *candidate_typ;
+  guint port_as_int;
+  guint peer_number;
+
+  regex =
+      g_regex_new ("candidate:(\\d+) (1) (UDP|TCP) (\\d+) ([0-9.]+|[0-9a-f:]+)"
+      " (\\d+) typ ([a-z]+)", 0, 0, NULL);
+
+  g_regex_match (regex, candidate, 0, &match_info);
+  fail_unless (g_match_info_get_match_count (match_info) == 8, candidate);
+
+  candidate_protocol = g_match_info_fetch (match_info, 2);
+  candidate_port = g_match_info_fetch (match_info, 6);
+  candidate_typ = g_match_info_fetch (match_info, 7);
+
+  peer_number = t->webrtc1 == element ? 1 : 2;
+
+  port_as_int = atoi (candidate_port);
+
+  if (!g_strcmp0 (candidate_typ, "host") && port_as_int != 9) {
+    guint expected_min = peer_number * 10000 + 1000;
+    guint expected_max = expected_min + 999;
+
+    fail_unless (port_as_int >= expected_min);
+    fail_unless (port_as_int <= expected_max);
+  }
+
+  g_free (candidate_port);
+  g_free (candidate_protocol);
+  g_free (candidate_typ);
+  g_match_info_free (match_info);
+  g_regex_unref (regex);
+}
+
+GST_START_TEST (test_ice_port_restriction)
+{
+  struct test_webrtc *t = create_audio_test ();
+  GObject *webrtcice;
+
+  VAL_SDP_INIT (offer, _count_num_sdp_media, GUINT_TO_POINTER (1), NULL);
+  VAL_SDP_INIT (answer, _count_num_sdp_media, GUINT_TO_POINTER (1), NULL);
+
+  /*
+   *  Ports are defined as follows "{peer}{protocol}000"
+   *  - peer number: "1" for t->webrtc1, "2" for t->webrtc2
+   */
+  g_object_get (t->webrtc1, "ice-agent", &webrtcice, NULL);
+  g_object_set (webrtcice, "min-rtp-port", 11000, "max-rtp-port", 11999, NULL);
+  g_object_unref (webrtcice);
+
+  g_object_get (t->webrtc2, "ice-agent", &webrtcice, NULL);
+  g_object_set (webrtcice, "min-rtp-port", 21000, "max-rtp-port", 21999, NULL);
+  g_object_unref (webrtcice);
+
+  t->on_ice_candidate = _check_ice_port_restriction;
+  test_validate_sdp (t, &offer, &answer);
+
+  test_webrtc_wait_for_ice_gathering_complete (t);
+  test_webrtc_free (t);
+}
+
+GST_END_TEST;
+
 static struct test_webrtc *
 create_audio_video_test (void)
 {
@@ -2896,6 +2968,7 @@ webrtcbin_suite (void)
     tcase_add_test (tc, test_sdp_no_media);
     tcase_add_test (tc, test_session_stats);
     tcase_add_test (tc, test_audio);
+    tcase_add_test (tc, test_ice_port_restriction);
     tcase_add_test (tc, test_audio_video);
     tcase_add_test (tc, test_media_direction);
     tcase_add_test (tc, test_media_setup);
-- 
2.7.4