WebKit Bugzilla
Attachment 341874 Details for
Bug 186249
: [WK1] Add an option to restrict communication to localhost sockets
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
bug-186249-20180603152053.patch (text/plain), 10.45 KB, created by
youenn fablet
on 2018-06-03 15:20:54 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
youenn fablet
Created:
2018-06-03 15:20:54 PDT
Size:
10.45 KB
patch
obsolete
>Subversion Revision: 232334 >diff --git a/Source/ThirdParty/libwebrtc/ChangeLog b/Source/ThirdParty/libwebrtc/ChangeLog >index e18bc5a3221c87f70eaa8ba2c5c89ee50cfbecc2..20e90b0776fdc6b6634d8acdd1cc53efcc90bd4c 100644 >--- a/Source/ThirdParty/libwebrtc/ChangeLog >+++ b/Source/ThirdParty/libwebrtc/ChangeLog >@@ -1,3 +1,16 @@ >+2018-06-03 Youenn Fablet <youenn@apple.com> >+ >+ [WK1] Add an option to restrict communication to localhost sockets >+ https://bugs.webkit.org/show_bug.cgi?id=186249 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Export new symbols used for WK1. >+ >+ * Configurations/libwebrtc.iOS.exp: >+ * Configurations/libwebrtc.iOSsim.exp: >+ * Configurations/libwebrtc.mac.exp: >+ > 2018-05-30 David Kilzer <ddkilzer@apple.com> > > Fix leak of a CVPixelBufferRef due to early rerturn in -[RTCVideoEncoderH264 encode:codecSpecificInfo:frameTypes:] >diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog >index 0aaa60b78ce9b6aadfff835ac97af6f18e9bce6d..c4b462bcd41f5c73fa8f7f71dfabd9cd78e3a9c6 100644 >--- a/Source/WebCore/ChangeLog >+++ b/Source/WebCore/ChangeLog >@@ -1,3 +1,23 @@ >+2018-06-03 Youenn Fablet <youenn@apple.com> >+ >+ [WK1] Add an option to restrict communication to localhost sockets >+ https://bugs.webkit.org/show_bug.cgi?id=186249 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Covered by existing tests. >+ Set explicitly webrtc socket IP address to 127.0.0.1 in testing mode. >+ For that purpose, we need WK1 to create a wrapper around a socket factory, >+ this wrapper being responsible of setting or not the IP address to 127.0.0.1. >+ >+ * platform/mediastream/libwebrtc/LibWebRTCProvider.cpp: >+ (WebCore::prepareSocketAddress): >+ (WebCore::BasicPacketSocketFactory::BasicPacketSocketFactory): >+ (WebCore::BasicPacketSocketFactory::setDisableNonLocalhostConnections): >+ (WebCore::BasicPacketSocketFactory::CreateClientTcpSocket): >+ (WebCore::LibWebRTCProvider::createPeerConnection): >+ * platform/mediastream/libwebrtc/LibWebRTCProvider.h: >+ > 2018-06-01 Youenn Fablet <youenn@apple.com> > > Add an option to restrict communication to localhost sockets >diff --git a/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.iOS.exp b/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.iOS.exp >index d09288397193885408cec4116425a245df20bb46..89f4e8b8a9c75a2de32bcf90a4ce503fb2ea2d54 100644 >--- a/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.iOS.exp >+++ b/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.iOS.exp >@@ -127,3 +127,7 @@ __ZN6webrtc32createVideoToolboxEncoderFactoryEv > __ZN6webrtc29setH264HardwareEncoderAllowedEb > __ZN6webrtc20pixelBufferFromFrameERKNS_10VideoFrameE > __ZN6webrtc18pixelBufferToFrameEP10__CVBuffer >+__ZN3rtc24BasicPacketSocketFactory19CreateAsyncResolverEv >+__ZN3rtc24BasicPacketSocketFactory21CreateClientTcpSocketERKNS_13SocketAddressES3_RKNS_9ProxyInfoERKNSt3__112basic_stringIcNS7_11char_traitsIcEENS7_9allocatorIcEEEERKNS_22PacketSocketTcpOptionsE >+__ZN3rtc24BasicPacketSocketFactoryC2Ev >+__ZN3rtc24BasicPacketSocketFactoryD2Ev >diff --git a/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.iOSsim.exp b/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.iOSsim.exp >index d09288397193885408cec4116425a245df20bb46..89f4e8b8a9c75a2de32bcf90a4ce503fb2ea2d54 100644 >--- a/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.iOSsim.exp >+++ b/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.iOSsim.exp >@@ -127,3 +127,7 @@ __ZN6webrtc32createVideoToolboxEncoderFactoryEv > __ZN6webrtc29setH264HardwareEncoderAllowedEb > __ZN6webrtc20pixelBufferFromFrameERKNS_10VideoFrameE > __ZN6webrtc18pixelBufferToFrameEP10__CVBuffer >+__ZN3rtc24BasicPacketSocketFactory19CreateAsyncResolverEv >+__ZN3rtc24BasicPacketSocketFactory21CreateClientTcpSocketERKNS_13SocketAddressES3_RKNS_9ProxyInfoERKNSt3__112basic_stringIcNS7_11char_traitsIcEENS7_9allocatorIcEEEERKNS_22PacketSocketTcpOptionsE >+__ZN3rtc24BasicPacketSocketFactoryC2Ev >+__ZN3rtc24BasicPacketSocketFactoryD2Ev >diff --git a/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.mac.exp b/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.mac.exp >index d09288397193885408cec4116425a245df20bb46..89f4e8b8a9c75a2de32bcf90a4ce503fb2ea2d54 100644 >--- a/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.mac.exp >+++ b/Source/ThirdParty/libwebrtc/Configurations/libwebrtc.mac.exp >@@ -127,3 +127,7 @@ __ZN6webrtc32createVideoToolboxEncoderFactoryEv > __ZN6webrtc29setH264HardwareEncoderAllowedEb > __ZN6webrtc20pixelBufferFromFrameERKNS_10VideoFrameE > __ZN6webrtc18pixelBufferToFrameEP10__CVBuffer >+__ZN3rtc24BasicPacketSocketFactory19CreateAsyncResolverEv >+__ZN3rtc24BasicPacketSocketFactory21CreateClientTcpSocketERKNS_13SocketAddressES3_RKNS_9ProxyInfoERKNSt3__112basic_stringIcNS7_11char_traitsIcEENS7_9allocatorIcEEEERKNS_22PacketSocketTcpOptionsE >+__ZN3rtc24BasicPacketSocketFactoryC2Ev >+__ZN3rtc24BasicPacketSocketFactoryD2Ev >diff --git a/Source/WebCore/platform/mediastream/libwebrtc/LibWebRTCProvider.cpp b/Source/WebCore/platform/mediastream/libwebrtc/LibWebRTCProvider.cpp >index 7ca69919e07f6ef01c07a63148fd10584e429025..0e48ddd24fa2fb4af0efdeaa7a8c9aba03d643b9 100644 >--- a/Source/WebCore/platform/mediastream/libwebrtc/LibWebRTCProvider.cpp >+++ b/Source/WebCore/platform/mediastream/libwebrtc/LibWebRTCProvider.cpp >@@ -34,6 +34,7 @@ > #include <webrtc/api/audio_codecs/builtin_audio_encoder_factory.h> > #include <webrtc/api/peerconnectionfactoryproxy.h> > #include <webrtc/modules/audio_processing/include/audio_processing.h> >+#include <webrtc/p2p/base/basicpacketsocketfactory.h> > #include <webrtc/p2p/client/basicportallocator.h> > #include <webrtc/pc/peerconnectionfactory.h> > #include <webrtc/rtc_base/physicalsocketserver.h> >@@ -51,11 +52,50 @@ UniqueRef<LibWebRTCProvider> LibWebRTCProvider::create() > #endif > > #if USE(LIBWEBRTC) >+static inline rtc::SocketAddress prepareSocketAddress(const rtc::SocketAddress& address, bool disableNonLocalhostConnections) >+{ >+ auto result = address; >+ if (disableNonLocalhostConnections) >+ result.SetIP("127.0.0.1"); >+ return result; >+} >+ >+class BasicPacketSocketFactory : public rtc::BasicPacketSocketFactory { >+public: >+ explicit BasicPacketSocketFactory(rtc::Thread& networkThread) >+ : m_socketFactory(makeUniqueRef<rtc::BasicPacketSocketFactory>(&networkThread)) >+ { >+ } >+ >+ void setDisableNonLocalhostConnections(bool disableNonLocalhostConnections) { m_disableNonLocalhostConnections = disableNonLocalhostConnections; } >+ >+ rtc::AsyncPacketSocket* CreateUdpSocket(const rtc::SocketAddress& address, uint16_t minPort, uint16_t maxPort) final >+ { >+ return m_socketFactory->CreateUdpSocket(prepareSocketAddress(address, m_disableNonLocalhostConnections), minPort, maxPort); >+ } >+ >+ rtc::AsyncPacketSocket* CreateServerTcpSocket(const rtc::SocketAddress& address, uint16_t minPort, uint16_t maxPort, int options) final >+ { >+ return m_socketFactory->CreateServerTcpSocket(prepareSocketAddress(address, m_disableNonLocalhostConnections), minPort, maxPort, options); >+ } >+ >+ rtc::AsyncPacketSocket* CreateClientTcpSocket(const rtc::SocketAddress& localAddress, const rtc::SocketAddress& remoteAddress, const rtc::ProxyInfo& info, const std::string& name, int options) >+ { >+ return m_socketFactory->CreateClientTcpSocket(prepareSocketAddress(localAddress, m_disableNonLocalhostConnections), remoteAddress, info, name, options); >+ } >+ >+private: >+ bool m_disableNonLocalhostConnections { false }; >+ UniqueRef<rtc::BasicPacketSocketFactory> m_socketFactory; >+}; >+ > struct PeerConnectionFactoryAndThreads : public rtc::MessageHandler { > std::unique_ptr<rtc::Thread> networkThread; > std::unique_ptr<rtc::Thread> signalingThread; > bool networkThreadWithSocketServer { false }; > std::unique_ptr<LibWebRTCAudioModule> audioDeviceModule; >+ std::unique_ptr<rtc::NetworkManager> networkManager; >+ std::unique_ptr<BasicPacketSocketFactory> packetSocketFactory; > > private: > void OnMessage(rtc::Message*); >@@ -164,17 +204,20 @@ rtc::scoped_refptr<webrtc::PeerConnectionInterface> LibWebRTCProvider::createPee > { > // Default WK1 implementation. > ASSERT(m_useNetworkThreadWithSocketServer); >- auto* factory = this->factory(); >- if (!factory) >- return nullptr; >+ auto& factoryAndThreads = getStaticFactoryAndThreads(m_useNetworkThreadWithSocketServer); >+ >+ if (!factoryAndThreads.networkManager) >+ factoryAndThreads.networkManager = std::make_unique<rtc::BasicNetworkManager>(); > >- return m_factory->CreatePeerConnection(configuration, nullptr, nullptr, &observer); >+ if (!factoryAndThreads.packetSocketFactory) >+ factoryAndThreads.packetSocketFactory = std::make_unique<BasicPacketSocketFactory>(*factoryAndThreads.networkThread); >+ factoryAndThreads.packetSocketFactory->setDisableNonLocalhostConnections(m_disableNonLocalhostConnections); >+ >+ return createPeerConnection(observer, *factoryAndThreads.networkManager, *factoryAndThreads.packetSocketFactory, WTFMove(configuration)); > } > > rtc::scoped_refptr<webrtc::PeerConnectionInterface> LibWebRTCProvider::createPeerConnection(webrtc::PeerConnectionObserver& observer, rtc::NetworkManager& networkManager, rtc::PacketSocketFactory& packetSocketFactory, webrtc::PeerConnectionInterface::RTCConfiguration&& configuration) > { >- ASSERT(!m_useNetworkThreadWithSocketServer); >- > auto& factoryAndThreads = getStaticFactoryAndThreads(m_useNetworkThreadWithSocketServer); > > std::unique_ptr<cricket::BasicPortAllocator> portAllocator; >diff --git a/Source/WebCore/platform/mediastream/libwebrtc/LibWebRTCProvider.h b/Source/WebCore/platform/mediastream/libwebrtc/LibWebRTCProvider.h >index 553ba6c0971b7863c48bd795b6fbc3b0ee44a8e0..9d2d13a795380f322a87f9bbbedf150f27b4bcf9 100644 >--- a/Source/WebCore/platform/mediastream/libwebrtc/LibWebRTCProvider.h >+++ b/Source/WebCore/platform/mediastream/libwebrtc/LibWebRTCProvider.h >@@ -107,7 +107,7 @@ public: > void disableEnumeratingAllNetworkInterfaces() { m_enableEnumeratingAllNetworkInterfaces = false; } > void enableEnumeratingAllNetworkInterfaces() { m_enableEnumeratingAllNetworkInterfaces = true; } > >- virtual void disableNonLocalhostConnections() { }; >+ virtual void disableNonLocalhostConnections() { m_disableNonLocalhostConnections = true; } > > protected: > LibWebRTCProvider() = default; >@@ -123,6 +123,7 @@ protected: > bool m_useNetworkThreadWithSocketServer { true }; > > rtc::scoped_refptr<webrtc::PeerConnectionFactoryInterface> m_factory; >+ bool m_disableNonLocalhostConnections { false }; > #endif > }; >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=341874">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 186249
: 341874