disallow pairing ICE-TCP with a local ip address
BUG=chromium:1038754
Change-Id: Iab7186efd39a94bffde19e0c39a49f6bc61802ec
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/167060
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#30457}
diff --git a/pc/jsep_transport_controller.cc b/pc/jsep_transport_controller.cc
index bc7000f..8d4eee0 100644
--- a/pc/jsep_transport_controller.cc
+++ b/pc/jsep_transport_controller.cc
@@ -59,6 +59,13 @@
}
}
+ // Disallow ICE-TCP with a private IP address.
+ if (cand.protocol() == cricket::TCP_PROTOCOL_NAME &&
+ cand.address().IsPrivateIP()) {
+ return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER,
+ "candidate is TCP and has a private IP address");
+ }
+
return webrtc::RTCError::OK();
}