fix(e2ee): revert to PR #904 branch, add MAT-144 diagnostics
PR #921 requires custom WebRTC build not yet available. Added diagnostic logging: encryption_type per track, frame_cryptors count, and DEC_FAILED re-keying cooldown (5s) to reduce log spam. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Christian Gick
11
Dockerfile
11
Dockerfile
@@ -1,8 +1,7 @@
|
||||
# Stage 1: Build patched Rust FFI with native HKDF support for Element Call E2EE
|
||||
# Fork: onestacked/livekit-rust-sdks branch EC-compat-changes-webrtc-change
|
||||
# PR: https://github.com/livekit/rust-sdks/pull/921 (proper HKDF at WebRTC C++ level)
|
||||
# Replaces #904 which used a callback hack that only worked for the first frame cryptor
|
||||
# (audio), causing DEC_FAILED on video tracks (MAT-144).
|
||||
# Stage 1: Build patched Rust FFI with HKDF support for Element Call E2EE
|
||||
# Fork: onestacked/livekit-rust-sdks branch EC-compat-changes
|
||||
# PR: https://github.com/livekit/rust-sdks/pull/904
|
||||
# NOTE: PR #921 (native HKDF at C++ level) requires custom WebRTC build not yet available.
|
||||
# Must use rust:latest (trixie/sid) — bookworm GCC 12 can't compile webrtc C++20 code
|
||||
FROM rust:latest AS rust-build
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
@@ -10,7 +9,7 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
libva-dev libglib2.0-dev nasm make clang \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
WORKDIR /build
|
||||
RUN git clone --branch EC-compat-changes-webrtc-change --depth 1 --recurse-submodules \
|
||||
RUN git clone --branch EC-compat-changes --depth 1 --recurse-submodules \
|
||||
https://github.com/onestacked/livekit-rust-sdks.git
|
||||
WORKDIR /build/livekit-rust-sdks/livekit-ffi
|
||||
RUN cargo build --release
|
||||
|
||||
19
voice.py
19
voice.py
@@ -671,14 +671,12 @@ class VoiceSession:
|
||||
|
||||
@self.lk_room.on("track_subscribed")
|
||||
def on_ts(t, pub, p):
|
||||
logger.info("Track sub: %s %s kind=%s muted=%s", p.identity, pub.sid, t.kind, pub.muted)
|
||||
# NOTE: Do NOT create rtc.AudioStream here — it competes with AgentSession's
|
||||
# internal audio pipeline for event loop time, causing intermittent VAD failures
|
||||
# (user_state stuck on "away"). See MAT-40. Use e2ee_state_changed for flow confirmation.
|
||||
# MAT-144: Pre-derive HKDF in Python, pass derived key with KDF_RAW.
|
||||
# This ensures exact HKDF match with Element Call JS for both audio AND video.
|
||||
# MAT-144: Log encryption_type to diagnose frame cryptor creation
|
||||
enc_type = getattr(pub, 'encryption_type', 'N/A')
|
||||
logger.info("Track sub: %s %s kind=%s muted=%s enc_type=%s source=%s",
|
||||
p.identity, pub.sid, t.kind, pub.muted, enc_type,
|
||||
getattr(pub, 'source', 'N/A'))
|
||||
# Store video track for on-demand vision (look_at_screen tool)
|
||||
# Screen share = source "screen_share" or "screenshare"; camera = "camera" or default
|
||||
if int(t.kind) == 2: # video track (LiveKit: 1=audio, 2=video)
|
||||
track_source = getattr(pub, 'source', None) or "unknown"
|
||||
self._video_track = t
|
||||
@@ -690,6 +688,13 @@ class VoiceSession:
|
||||
track_type, caller_id, len(self._caller_all_keys))
|
||||
try:
|
||||
kp_local = self.lk_room.e2ee_manager.key_provider
|
||||
# MAT-144: Log frame cryptors count for diagnostics
|
||||
try:
|
||||
fc_map = self.lk_room.e2ee_manager.frame_cryptors()
|
||||
logger.info("E2EE_DIAG: frame_cryptors count=%d keys=%s",
|
||||
len(fc_map), list(fc_map.keys()) if fc_map else [])
|
||||
except Exception:
|
||||
logger.info("E2EE_DIAG: frame_cryptors() not available")
|
||||
if self._caller_all_keys:
|
||||
for idx, base_k in sorted(self._caller_all_keys.items()):
|
||||
_derive_and_set_key(kp_local, caller_id, base_k, idx)
|
||||
|
||||
Reference in New Issue
Block a user