Skip to site navigation (Press enter)

[webkit-changes] [272270] branches/safari-611-branch

repstein Tue, 02 Feb 2021 17:41:20 -0800

Title: [272270] branches/safari-611-branch

Revision: 272270
Author: [email protected]
Date: 2021-02-02 17:40:42 -0800 (Tue, 02 Feb 2021)

Log Message

Cherry-pick r271696. rdar://problem/73887913


    Check for TURN username/credentials sizes in RTCPeerConnection constructor
    https://bugs.webkit.org/show_bug.cgi?id=220789

    Reviewed by Eric Carlson.

    Source/WebCore:

    Covered by updated test.

    * Modules/mediastream/RTCPeerConnection.cpp:
    (WebCore::RTCPeerConnection::iceServersFromConfiguration):

    LayoutTests:

    * webrtc/stun-server-filtering-expected.txt:
    * webrtc/stun-server-filtering.html:

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@271696 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

branches/safari-611-branch/LayoutTests/ChangeLog
branches/safari-611-branch/LayoutTests/webrtc/stun-server-filtering-expected.txt
branches/safari-611-branch/LayoutTests/webrtc/stun-server-filtering.html
branches/safari-611-branch/Source/WebCore/ChangeLog
branches/safari-611-branch/Source/WebCore/Modules/mediastream/RTCPeerConnection.cpp

Diff

Modified: branches/safari-611-branch/LayoutTests/ChangeLog (272269 => 272270)


--- branches/safari-611-branch/LayoutTests/ChangeLog	2021-02-03 01:40:38 UTC (rev 272269)
+++ branches/safari-611-branch/LayoutTests/ChangeLog	2021-02-03 01:40:42 UTC (rev 272270)
@@ -1,5 +1,39 @@
 2021-02-02  Alan Coon  <[email protected]>
 
+        Cherry-pick r271696. rdar://problem/73887913
+
+    Check for TURN username/credentials sizes in RTCPeerConnection constructor
+    https://bugs.webkit.org/show_bug.cgi?id=220789
+    
+    Reviewed by Eric Carlson.
+    
+    Source/WebCore:
+    
+    Covered by updated test.
+    
+    * Modules/mediastream/RTCPeerConnection.cpp:
+    (WebCore::RTCPeerConnection::iceServersFromConfiguration):
+    
+    LayoutTests:
+    
+    * webrtc/stun-server-filtering-expected.txt:
+    * webrtc/stun-server-filtering.html:
+    
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@271696 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2021-01-21  Youenn Fablet  <[email protected]>
+
+            Check for TURN username/credentials sizes in RTCPeerConnection constructor
+            https://bugs.webkit.org/show_bug.cgi?id=220789
+
+            Reviewed by Eric Carlson.
+
+            * webrtc/stun-server-filtering-expected.txt:
+            * webrtc/stun-server-filtering.html:
+
+2021-02-02  Alan Coon  <[email protected]>
+
         Cherry-pick r271674. rdar://problem/73889860
 
     [ Big Sur ] platform/mac/fast/text/international/bidi-fallback-font-weight.html is failing

Modified: branches/safari-611-branch/LayoutTests/webrtc/stun-server-filtering-expected.txt (272269 => 272270)


--- branches/safari-611-branch/LayoutTests/webrtc/stun-server-filtering-expected.txt	2021-02-03 01:40:38 UTC (rev 272269)
+++ branches/safari-611-branch/LayoutTests/webrtc/stun-server-filtering-expected.txt	2021-02-03 01:40:42 UTC (rev 272270)
@@ -1,4 +1,5 @@
 
 PASS RTCPeerConnection and local STUN server
 PASS RTCPeerConnection and local TURN server
+PASS RTCPeerConnection and big TURN username/credential

Modified: branches/safari-611-branch/LayoutTests/webrtc/stun-server-filtering.html (272269 => 272270)


--- branches/safari-611-branch/LayoutTests/webrtc/stun-server-filtering.html	2021-02-03 01:40:38 UTC (rev 272269)
+++ branches/safari-611-branch/LayoutTests/webrtc/stun-server-filtering.html	2021-02-03 01:40:42 UTC (rev 272270)
@@ -27,4 +27,18 @@
     assert_equals(event.url, 'turn:blabla.local');
     assert_equals(event.errorCode, 701);
 }, "RTCPeerConnection and local TURN server");
+
+test(() => {
+    let string509 = '';
+    for (let cptr = 0; cptr < 509; ++cptr)
+        string509 += 'a';
+
+    new RTCPeerConnection({iceServers:[{username: 'test', credential: string509, urls:['turn:foo.com']}]});
+    new RTCPeerConnection({iceServers:[{username: string509, credential: 'test', urls:['turn:foo.com']}]});
+
+    let string510 = string509 + 'a';
+
+    assert_throws(new TypeError, () => new RTCPeerConnection({iceServers:[{username: 'test', credential: string510, urls:['turn:foo.com']}]}));
+    assert_throws(new TypeError, () => new RTCPeerConnection({iceServers:[{username: string510, credential: 'test', urls:['turn:foo.com']}]}));
+}, "RTCPeerConnection and big TURN username/credential");
 </script>

Modified: branches/safari-611-branch/Source/WebCore/ChangeLog (272269 => 272270)


--- branches/safari-611-branch/Source/WebCore/ChangeLog	2021-02-03 01:40:38 UTC (rev 272269)
+++ branches/safari-611-branch/Source/WebCore/ChangeLog	2021-02-03 01:40:42 UTC (rev 272270)
@@ -1,5 +1,41 @@
 2021-02-02  Alan Coon  <[email protected]>
 
+        Cherry-pick r271696. rdar://problem/73887913
+
+    Check for TURN username/credentials sizes in RTCPeerConnection constructor
+    https://bugs.webkit.org/show_bug.cgi?id=220789
+    
+    Reviewed by Eric Carlson.
+    
+    Source/WebCore:
+    
+    Covered by updated test.
+    
+    * Modules/mediastream/RTCPeerConnection.cpp:
+    (WebCore::RTCPeerConnection::iceServersFromConfiguration):
+    
+    LayoutTests:
+    
+    * webrtc/stun-server-filtering-expected.txt:
+    * webrtc/stun-server-filtering.html:
+    
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@271696 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2021-01-21  Youenn Fablet  <[email protected]>
+
+            Check for TURN username/credentials sizes in RTCPeerConnection constructor
+            https://bugs.webkit.org/show_bug.cgi?id=220789
+
+            Reviewed by Eric Carlson.
+
+            Covered by updated test.
+
+            * Modules/mediastream/RTCPeerConnection.cpp:
+            (WebCore::RTCPeerConnection::iceServersFromConfiguration):
+
+2021-02-02  Alan Coon  <[email protected]>
+
         Cherry-pick r271651. rdar://problem/73889797
 
     REGRESSION (Big Sur): position:absolute elements inside nested overflow:scroll don't track scrolling

Modified: branches/safari-611-branch/Source/WebCore/Modules/mediastream/RTCPeerConnection.cpp (272269 => 272270)


--- branches/safari-611-branch/Source/WebCore/Modules/mediastream/RTCPeerConnection.cpp	2021-02-03 01:40:38 UTC (rev 272269)
+++ branches/safari-611-branch/Source/WebCore/Modules/mediastream/RTCPeerConnection.cpp	2021-02-03 01:40:42 UTC (rev 272270)
@@ -372,6 +372,12 @@
                 if (serverURL.protocolIs("turn") || serverURL.protocolIs("turns")) {
                     if (server.credential.isNull() || server.username.isNull())
                         return Exception { InvalidAccessError, "TURN/TURNS server requires both username and credential" };
+                    // https://tools.ietf.org/html/rfc8489#section-14.3
+                    if (server.credential.length() > 64 || server.username.length() > 64) {
+                        constexpr size_t MaxTurnUsernameLength = 509;
+                        if (server.credential.utf8().length() > MaxTurnUsernameLength || server.username.utf8().length() > MaxTurnUsernameLength)
+                            return Exception { TypeError, "TURN/TURNS username and/or credential are too long" };
+                    }
                 } else if (!serverURL.protocolIs("stun"))
                     return Exception { NotSupportedError, "ICE server protocol not supported" };
             }

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes