Also call out the places where it happens explicitly - these are places
that need to be redesigned.
Bug: chromium:1177125
Change-Id: I3237d028dbb22380e8fbf7cedb03e965d1fcf2aa
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/279022
Reviewed-by: Jonas Oreland <jonaso@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#38384}
The one to use is StunMessage::ValidateMessageIntegrity(password).
Bug: chromium:1177125
Change-Id: I345f4d6b60090651bc23c3aa6358d4fb24723f9f
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/278601
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Johannes Kron <kron@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#38338}
This will allow us to see if bad integrity ever occurs, and where integrity
is not applied.
Bug: chromium:1177125
Change-Id: I7abdaba93088e4eef8121205e7dd76b21204cae8
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/278400
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Johannes Kron <kron@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#38330}
Removes all remaining usage of SetType and marks the method as
deprecated.
Bug: none
Change-Id: I98dc613978ffe7ad8a4ffd951dd974d56ed92983
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/265100
Commit-Queue: Tomas Gunnarsson <tommi@webrtc.org>
Reviewed-by: Niels Moller <nisse@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#37137}
This moves the construction of StunMessage instances for
ConnectionRequest, outside of the Prepare() method.
Following this, removing Construct()+Prepare() is relatively
straight forward.
Bug: none
Change-Id: Ibcf0510cef30a6e648005b43602c7ae1fb06729e
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/264558
Reviewed-by: Niels Moller <nisse@webrtc.org>
Reviewed-by: Jonas Oreland <jonaso@webrtc.org>
Commit-Queue: Tomas Gunnarsson <tommi@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#37122}
* Add ctors for providing the type and transaction id at construction.
* Update tests to use them instead of SetType+SetTransactionID
* Make sure stun message enum types are based on uint16_t
* Mark SetTransactionID as deprecated.
* Mark SetStunMagicCookie as deprecated (unused in webrtc).
* Add SetTransactionIdForTest for the one test that uses it (might not
actually need it)
* Make StunRequest::Construct() protected.
* Add a TODO to follow up on this since construction of StunRequest
goes through an unnecessarily complex 3-step process involving
other classes and a virtual method.
Bug: none
Change-Id: Ib013e58f28e7b2b4fcb3b3e1034da31dfc93e9d3
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/264546
Reviewed-by: Niels Moller <nisse@webrtc.org>
Commit-Queue: Tomas Gunnarsson <tommi@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#37079}
This reverts commit 3b18208f13
and is the third attempt at removing stun origin support
Bug: webrtc:12132
Change-Id: Ic41a6d011fb6239907a257cc4c81ec4d2923dc4e
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/236260
Reviewed-by: Taylor Brandstetter <deadbeef@google.com>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Christoffer Jansson <jansson@google.com>
Cr-Commit-Position: refs/heads/main@{#35294}
This is a reland of ba29ce320f
readding the origin to the CreateRelayPortArgs structure to not break
downstream tests yet:
https://webrtc-review.googlesource.com/c/src/+/235300/1..2
Original change's description:
> remove stun origin support
>
> Bug: webrtc:12132
> Change-Id: I0f32e6af77e0c553b0c3b0d047ff03e14c492b31
> Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/234384
> Reviewed-by: Taylor Brandstetter <deadbeef@webrtc.org>
> Reviewed-by: Harald Alvestrand <hta@webrtc.org>
> Commit-Queue: Harald Alvestrand <hta@webrtc.org>
> Cr-Commit-Position: refs/heads/main@{#35202}
Bug: webrtc:12132
Change-Id: Ied840b59bb7c9497e98f9b80eb0a54d30008a40f
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/235300
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Taylor Brandstetter <deadbeef@webrtc.org>
Commit-Queue: Taylor Brandstetter <deadbeef@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#35220}
GICE was removed around M42
BUG=webrtc:4299
Change-Id: I4e83a888c3ecc1681799c07b47b75c9f31b40baa
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/227348
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#34680}
The new verification makes verification a function on a message.
It also stores the password used in the request message, so that
it is easily accessible when verifying the response.
Bug: chromium:1177125
Change-Id: I505df4b54214643a28a6b292c4e2262b9d97b097
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/209060
Reviewed-by: Björn Terelius <terelius@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#33366}
This will cause encoding of a STUN message with an over-long
byte string attribute to fail.
Bug: chromium:1144646
Change-Id: I265174577376ce01439835c03f2d46700842d211
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/191322
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Justin Uberti <juberti@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#32603}
If a STUN attribute is in the "comprehension-required" range
(0x0000-0x7FFF), and the implementation does not recognize it, this
should be treated as an error (as per RFC5389), with different behavior
depending on the type of the message received.
Bug: webrtc:9063
Change-Id: Ic31b0cdd3c26772c21d770b44fe4ee4a1b47030a
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/64500
Commit-Queue: Taylor <deadbeef@webrtc.org>
Reviewed-by: Jonas Oreland <jonaso@webrtc.org>
Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#30925}
This patch improves handshake wrt GOOG_PING support so that
- if goog_ping_enable: sender send it's goog-ping version until it gets
STUN_BINDING_RESPONSE
- receiver only sends it's goog-ping-version if getting a
goog-ping-version in the request
This means that the overhead of STUN_ATTR_GOOG_MISC_INFO is only
- added on STUN_BINDING_REQUEST until a response is received.
- added on STUN_BINDING_RESPONSE if remote peer request it.
This is wire compatible with older versions so that
- new sender will enable GOOG_PING with new/old receiver.
- old sender will enable GOOG_PING with old receiver.
- old version will not enable GOOG_PING with new receiver
(receiver expecting sender to announce first).
BUG: webrtc:11100
Change-Id: Ib3434c593988188150f4c7506918139aaf138d0c
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/165787
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Sebastian Jansson <srte@webrtc.org>
Commit-Queue: Jonas Oreland <jonaso@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#30269}
This patch introduces a new type of STUN ping,
GOOG_PING_REQUEST/RESPONSE which is similar
to a STUN_BINDING but does not transmit any values.
The Connection class automatically sends these if
no STUN attributes has changed since last call to Connection::Ping()
if the remote peer has signaled that it supports it.
BUG=webrtc:11100
Change-Id: Ib1b590f0b90ca6cb56f2eb07cd62f976e246bc8c
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/159961
Commit-Queue: Jonas Oreland <jonaso@webrtc.org>
Reviewed-by: Taylor <deadbeef@webrtc.org>
Reviewed-by: Björn Terelius <terelius@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#30062}
This patch introduces 3 new functions on StunMessages
- Clone, copy a message
- IsStunMethod, verifies that a buffer is a StunMessage
w/o requring a fingerprint
- EqualAttributes, compare attributes in two stun messages
(with filter)
This methods will be used to implement GOOG_PING
BUG=webrtc:11100
Change-Id: I284726c74aa0437be0bb9fbcf943c7d64a18acec
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/160281
Commit-Queue: Jonas Oreland <jonaso@webrtc.org>
Reviewed-by: Björn Terelius <terelius@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#29950}
This patch adds
- Attribute: STUN_ATTR_GOOG_MESSAGE_INTEGRITY_32
which is a ordinary message integrity but truncated to 32-bit
- Method: GOOG_PING,
which will be used for webrtc:11100
Both the attribute and the method has been registered at iana,
https://www.iana.org/assignments/stun-parameters/stun-parameters.xhtml#stun-parameters-4
BUG=webrtc:11100
Change-Id: Iddd5614473fd6f18fbbe76e72d047c617df7123f
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/160180
Commit-Queue: Jonas Oreland <jonaso@webrtc.org>
Reviewed-by: Björn Terelius <terelius@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#29864}
We now have two downstream users of stun.h, so it appears to be
generally usable. I put this in a new dir networking/, but I'm open to
suggestions here (maybe some things in api/ should move in there).
I checked what our downstream users are actually using, and it's
cricket::ComputeStunCredentialHash
cricket::<constants>
cricket::TurnMessage
cricket::GetStunErrorResponseType
cricket::StunAttribute::CreateAddress
cricket::StunErrorCodeAttribute
cricket::StunByteStringAttribute
StunAttribute::CreateUnknownAttributes
cricket::TurnErrorType
cricket::StunMessage
I reckoned that was pretty much everything in stun.h, so I didn't
bother splitting it up. They don't use every function and constant
in there, but all _types_ of functions and constants, so for the
sake of coherence I don't think it makes sense to split it.
There's some old stuff in there like GTURN which could arguably
be split out, but it should likely go away soon anyway, so I don't
think it's worth the effort.
Steps:
1) land this
2) update downstream to point to the new header and target
3) remove p2p/base:stun_types.
Bug: webrtc:11091
Change-Id: I1f05bf06055475d25601197ec6fefb8d3b55e8e3
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/159923
Commit-Queue: Patrik Höglund <phoglund@webrtc.org>
Reviewed-by: Niels Moller <nisse@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#29822}
