Skip to content

Redact ice server credentials in logs #1408

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
biglittlebigben merged 7 commits into from
Feb 11, 2026
Merged

Redact ice server credentials in logs #1408

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
5a76f83
Redact ice server credentials in logs
biglittlebigben Feb 10, 2026
5eb03e3
generated protobuf
github-actions[bot] Feb 10, 2026
172fe88
No size for redacted username/pwd
biglittlebigben Feb 11, 2026
4d6eeb5
Merge remote-tracking branch 'origin/benjamin/redact_ice_credentials_…
biglittlebigben Feb 11, 2026
42a803a
typo
biglittlebigben Feb 11, 2026
26d90c1
generated protobuf
github-actions[bot] Feb 11, 2026
e092f0d
changes
biglittlebigben Feb 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .changeset/calm-snails-fix.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"@livekit/protocol": patch
---

Redact ice server credentials in logs
8 changes: 4 additions & 4 deletions livekit/livekit_rtc.pb.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

28 changes: 16 additions & 12 deletions protobufs/livekit_rtc.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ message SignalRequest {
// Simulate conditions, for client validations
SimulateScenario simulate = 13;
// client triggered ping to server
int64 ping = 14; // deprecated by ping_req (message Ping)
int64 ping = 14; // deprecated by ping_req (message Ping)
// update a participant's own metadata, name, or attributes
// requires canUpdateOwnParticipantMetadata permission
UpdateParticipantMetadata update_metadata = 15;
Expand Down Expand Up @@ -102,7 +102,7 @@ message SignalResponse {
// server initiated track unpublish
TrackUnpublishedResponse track_unpublished = 17;
// respond to ping
int64 pong = 18; // deprecated by pong_resp (message Pong)
int64 pong = 18; // deprecated by pong_resp (message Pong)
// sent when client reconnects
ReconnectResponse reconnect = 19;
// respond to Ping
Expand Down Expand Up @@ -152,7 +152,7 @@ message AddTrackRequest {
// true to add track and initialize to muted
bool muted = 6;
// true if DTX (Discontinuous Transmission) is disabled for audio
bool disable_dtx = 7 [deprecated = true]; // deprecated in favor of audio_features
bool disable_dtx = 7 [deprecated = true]; // deprecated in favor of audio_features
TrackSource source = 8;
repeated VideoLayer layers = 9;

Expand All @@ -161,7 +161,7 @@ message AddTrackRequest {
// server ID of track, publish new codec to exist track
string sid = 11;

bool stereo = 12 [deprecated = true]; // deprecated in favor of audio_features
bool stereo = 12 [deprecated = true]; // deprecated in favor of audio_features
// true if RED (Redundant Encoding) is disabled for audio
bool disable_red = 13;

Expand Down Expand Up @@ -268,7 +268,7 @@ message TrackUnpublishedResponse {
}

message SessionDescription {
string type = 1; // "answer" | "offer" | "pranswer" | "rollback"
string type = 1; // "answer" | "offer" | "pranswer" | "rollback"
string sdp = 2;
uint32 id = 3;
map<string, string> mid_to_track_id = 4;
Expand Down Expand Up @@ -330,9 +330,9 @@ message UpdateLocalVideoTrack {
message LeaveRequest {
// indicates action clients should take on receiving this message
enum Action {
DISCONNECT = 0; // should disconnect
RESUME = 1; // should attempt a resume with `reconnect=1` in join URL
RECONNECT = 2; // should attempt a reconnect, i. e. no `reconnect=1`
DISCONNECT = 0; // should disconnect
RESUME = 1; // should attempt a resume with `reconnect=1` in join URL
RECONNECT = 2; // should attempt a reconnect, i. e. no `reconnect=1`
}

// sent when server initiates the disconnect due to server-restart
Expand Down Expand Up @@ -371,8 +371,12 @@ message UpdateParticipantMetadata {

message ICEServer {
repeated string urls = 1;
string username = 2;
string credential = 3;
string username = 2 [
Copy link
Contributor

@boks1971 boks1971 Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Might be okay to not do this for "username"?

Copy link
Contributor Author

@biglittlebigben biglittlebigben Feb 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We started redacting user and participant names in other places, particularly SIP and io. I think usernames should generally be redacted.

(logger.redact) = true
];
string credential = 3 [
(logger.redact) = true
];
}

message SpeakersChanged {
Expand Down Expand Up @@ -591,7 +595,7 @@ message JoinRequest {
string metadata = 3 [
(logger.redact) = true,
(logger.redact_format) = "<redacted ({{ .Size }} bytes)>"
]; // if not empty, will overwrite `metadata` in token
]; // if not empty, will overwrite `metadata` in token

// will set keys provided via this
// will overwrite if the same key is in the token
Expand All @@ -617,7 +621,7 @@ message WrappedJoinRequest {
}

Compression compression = 1;
bytes join_request = 2; // marshalled JoinRequest + potentially compressed
bytes join_request = 2; // marshalled JoinRequest + potentially compressed
}

message MediaSectionsRequirement {
Expand Down
Loading