Chromium Code Reviews Chromium Code Reviews
Issue 1378753003:
WebRTC might leak srflx ip address when multiple_routes disabled and IceTransportType is relay (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc@master| Index: webrtc/p2p/client/basicportallocator.cc |
| diff --git a/webrtc/p2p/client/basicportallocator.cc b/webrtc/p2p/client/basicportallocator.cc |
| index 3c77b4feabaa4a63664dc76cdccf119ca77f91e3..a16c8c469e84e19179d33a40ae9a219646b494c9 100644 |
| --- a/webrtc/p2p/client/basicportallocator.cc |
| +++ b/webrtc/p2p/client/basicportallocator.cc |
| @@ -473,9 +473,14 @@ void BasicPortAllocatorSession::OnCandidateReady( |
| ProtocolType pvalue; |
| bool candidate_signalable = CheckCandidateFilter(c); |
| + |
| + // Here we only allow the port if the CF_HOST was originally specified in the |
| + // allocator's candidate filter, as when enumeration is disabled, the port's |
| + // filter has been modified to prevent local address leakage. If this local |
| + // port is not filtered out, it'll send STUN ping and cause IP address leak. |
|
pthatcher1
2015/09/30 05:32:10
I think this could be a little more, perhaps with
guoweis_webrtc
2015/09/30 16:29:28
Done.
|
| bool candidate_pairable = |
| candidate_signalable || |
| - (c.address().IsAnyIP() && |
| + ((allocator_->candidate_filter() & CF_HOST) && c.address().IsAnyIP() && |
| (port->SharedSocket() || c.protocol() == TCP_PROTOCOL_NAME)); |
|
pthatcher1
2015/09/30 05:32:10
This is getting a little hard to read. Perhaps so
guoweis_webrtc
2015/09/30 16:29:28
Done.
|
| bool candidate_protocol_enabled = |
| StringToProto(c.protocol().c_str(), &pvalue) && |
