mollyim/webrtc
1
0
Fork 0
mirror of https://github.com/mollyim/webrtc.git synced 2025-05-12 21:30:45 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Log resolved & unresolved turn server address as sensitive string.

Browse source 
This should help to debug problems with DNS resolution of turn server
name. E.g. DNS server returns fake IP address to block turn server.

Similar change to stun_port.cc were done in
https://webrtc-review.googlesource.com/c/src/+/215926

Bug: None
Change-Id: If1cc410f4cd0f89620d3678aabf05a0f1b22a393
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/290992
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Yury Yarashevich <yura.yaroshevich@gmail.com>
Cr-Commit-Position: refs/heads/main@{#39152}
This commit is contained in:
Yury Yarashevich 2023-01-19 17:56:03 +01:00 committed by WebRTC LUCI CQ
parent 4cb2ac0e30
commit 41010f95bb
5 changed files with 64 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
p2p/base/stun_port.cc
View file

@ -332,9 +332,9 @@ int UDPPort::SendTo(const void* data,
if (send_error_count_ < kSendErrorLogLimit) {
++send_error_count_;
RTC_LOG(LS_ERROR) << ToString() << ": UDP send of " << size
<< " bytes to host " << addr.ToSensitiveString() << " ("
<< addr.ToResolvedSensitiveString()
<< ") failed with error " << error_;
<< " bytes to host "
<< addr.ToSensitiveNameAndAddressString()
<< " failed with error " << error_;
}
} else {
send_error_count_ = 0;
@ -631,9 +631,8 @@ void UDPPort::OnSendPacket(const void* data, size_t size, StunRequest* req) {
if (socket_->SendTo(data, size, sreq->server_addr(), options) < 0) {
RTC_LOG_ERR_EX(LS_ERROR, socket_->GetError())
<< "UDP send of " << size << " bytes to host "
<< sreq->server_addr().ToSensitiveString() << " ("
<< sreq->server_addr().ToResolvedSensitiveString()
<< ") failed with error " << error_;
<< sreq->server_addr().ToSensitiveNameAndAddressString()
<< " failed with error " << error_;
}
stats_.stun_binding_requests_sent++;
}

30
p2p/base/turn_port.cc
View file

@ -393,9 +393,10 @@ void TurnPort::PrepareAddress() {
// Insert the current address to prevent redirection pingpong.
attempted_server_addresses_.insert(server_address_.address);
RTC_LOG(LS_INFO) << ToString() << ": Trying to connect to TURN server via "
<< ProtoToString(server_address_.proto) << " @ "
<< server_address_.address.ToSensitiveString();
RTC_LOG(LS_INFO)
<< ToString() << ": Trying to connect to TURN server via "
<< ProtoToString(server_address_.proto) << " @ "
<< server_address_.address.ToSensitiveNameAndAddressString();
if (!CreateTurnClientSocket()) {
RTC_LOG(LS_ERROR) << "Failed to create TURN client socket";
OnAllocateError(SERVER_NOT_REACHABLE_ERROR,
@ -502,21 +503,21 @@ void TurnPort::OnSocketConnect(rtc::AsyncPacketSocket* socket) {
})) {
if (socket->GetLocalAddress().IsLoopbackIP()) {
RTC_LOG(LS_WARNING) << "Socket is bound to the address:"
<< socket_address.ipaddr().ToSensitiveString()
<< socket_address.ToSensitiveNameAndAddressString()
<< ", rather than an address associated with network:"
<< Network()->ToString()
<< ". Still allowing it since it's localhost.";
} else if (IPIsAny(Network()->GetBestIP())) {
RTC_LOG(LS_WARNING)
<< "Socket is bound to the address:"
<< socket_address.ipaddr().ToSensitiveString()
<< socket_address.ToSensitiveNameAndAddressString()
<< ", rather than an address associated with network:"
<< Network()->ToString()
<< ". Still allowing it since it's the 'any' address"
", possibly caused by multiple_routes being disabled.";
} else {
RTC_LOG(LS_WARNING) << "Socket is bound to the address:"
<< socket_address.ipaddr().ToSensitiveString()
<< socket_address.ToSensitiveNameAndAddressString()
<< ", rather than an address associated with network:"
<< Network()->ToString() << ". Discarding TURN port.";
OnAllocateError(
@ -712,11 +713,10 @@ bool TurnPort::HandleIncomingPacket(rtc::AsyncPacketSocket* socket,
// alternative server redirection. TODO(guoweis): add a unit test for this
// race condition.
if (remote_addr != server_address_.address) {
RTC_LOG(LS_WARNING) << ToString()
<< ": Discarding TURN message from unknown address: "
<< remote_addr.ToSensitiveString()
<< " server_address_: "
<< server_address_.address.ToSensitiveString();
RTC_LOG(LS_WARNING)
<< ToString() << ": Discarding TURN message from unknown address: "
<< remote_addr.ToSensitiveNameAndAddressString() << " server_address_: "
<< server_address_.address.ToSensitiveNameAndAddressString();
return false;
}
@ -791,7 +791,7 @@ bool TurnPort::SetAlternateServer(const rtc::SocketAddress& address) {
AttemptedServerSet::iterator iter = attempted_server_addresses_.find(address);
if (iter != attempted_server_addresses_.end()) {
RTC_LOG(LS_WARNING) << ToString() << ": Redirection to ["
<< address.ToSensitiveString()
<< address.ToSensitiveNameAndAddressString()
<< "] ignored, allocation failed.";
return false;
}
@ -812,9 +812,9 @@ bool TurnPort::SetAlternateServer(const rtc::SocketAddress& address) {
}
RTC_LOG(LS_INFO) << ToString() << ": Redirecting from TURN server ["
<< server_address_.address.ToSensitiveString()
<< "] to TURN server [" << address.ToSensitiveString()
<< "]";
<< server_address_.address.ToSensitiveNameAndAddressString()
<< "] to TURN server ["
<< address.ToSensitiveNameAndAddressString() << "]";
server_address_ = ProtocolAddress(address, server_address_.proto);
// Insert the current address to prevent redirection pingpong.

16
rtc_base/socket_address.cc
View file

@ -179,13 +179,21 @@ std::string SocketAddress::ToSensitiveString() const {
return sb.str();
}
std::string SocketAddress::ToResolvedSensitiveString() const {
if (IsUnresolvedIP()) {
return "";
std::string SocketAddress::ToSensitiveNameAndAddressString() const {
if (IsUnresolvedIP() || literal_ || hostname_.empty()) {
return ToSensitiveString();
}
char buf[1024];
rtc::SimpleStringBuilder sb(buf);
sb << ipaddr().ToSensitiveString() << ":" << port();
sb << HostAsSensitiveURIString() << ":" << port();
sb << " (";
if (ip_.family() == AF_INET6) {
sb << "[" << ipaddr().ToSensitiveString() << "]";
} else {
sb << ipaddr().ToSensitiveString();
}
sb << ":" << port() << ")";
return sb.str();
}

6
rtc_base/socket_address.h
View file

@ -126,9 +126,9 @@ class RTC_EXPORT SocketAddress {
// Same as ToString but anonymizes it by hiding the last part.
std::string ToSensitiveString() const;
// Returns hostname:port string if address is resolved, otherwise returns
// empty string.
std::string ToResolvedSensitiveString() const;
// Returns sensitive description of address in a form which both includes
// resolved and unresolved addresses based on their availability.
std::string ToSensitiveNameAndAddressString() const;
// Parses hostname:port and [hostname]:port.
bool FromString(absl::string_view str);

29
rtc_base/socket_address_unittest.cc
View file

@ -334,4 +334,33 @@ TEST(SocketAddressTest, TestToSensitiveString) {
EXPECT_EQ(kTestV6AddrFullAnonymizedString, addr_v6.ToSensitiveString());
}
TEST(SocketAddressTest, TestToSensitiveNameAndAddressString) {
SocketAddress ipv4OnlyLiteral("1.2.3.4", 5678);
EXPECT_EQ("1.2.3.x:5678", ipv4OnlyLiteral.ToSensitiveNameAndAddressString());
SocketAddress ipv4OnlyAddress(IPAddress(0x01020304), 5678);
EXPECT_EQ("1.2.3.x:5678", ipv4OnlyAddress.ToSensitiveNameAndAddressString());
SocketAddress hostOnly("webrtc.org", 443);
EXPECT_EQ("webrtc.org:443", hostOnly.ToSensitiveNameAndAddressString());
SocketAddress hostAndIpv4("webrtc.org", 80);
hostAndIpv4.SetResolvedIP(IPAddress(0x01020304));
EXPECT_EQ("webrtc.org:80 (1.2.3.x:80)",
hostAndIpv4.ToSensitiveNameAndAddressString());
SocketAddress ipv6OnlyLiteral(kTestV6AddrString, 5678);
EXPECT_EQ(kTestV6AddrFullAnonymizedString,
ipv6OnlyLiteral.ToSensitiveNameAndAddressString());
SocketAddress ipv6OnlyAddress(IPAddress(kTestV6Addr), 5678);
EXPECT_EQ(kTestV6AddrFullAnonymizedString,
ipv6OnlyAddress.ToSensitiveNameAndAddressString());
SocketAddress hostAndIpv6("webrtc.org", 5678);
hostAndIpv6.SetResolvedIP(IPAddress(kTestV6Addr));
EXPECT_EQ("webrtc.org:5678 (" + kTestV6AddrFullAnonymizedString + ")",
hostAndIpv6.ToSensitiveNameAndAddressString());
}
} // namespace rtc