0ct0pu5/bromite
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update webRTC patch

Browse source
This commit is contained in:
csagan5 2022-04-11 16:15:14 +02:00 committed by Yifeng Wu
parent 2d50b240b1
commit af3c64c59b
2 changed files with 52 additions and 33 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
build/patches/Change-default-webRTC-policy-to-not-use-any-address.patch
View file

@ -1,33 +0,0 @@
From: csagan5 <32685696+csagan5@users.noreply.github.com>
Date: Sat, 9 May 2020 14:42:37 +0200
Subject: Change default webRTC policy to not use any address
This prevents leakage of the local IP address.
See also: https://github.com/bromite/bromite/issues/553
---
.../peerconnection/peer_connection_dependency_factory.cc | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/third_party/blink/renderer/modules/peerconnection/peer_connection_dependency_factory.cc b/third_party/blink/renderer/modules/peerconnection/peer_connection_dependency_factory.cc
--- a/third_party/blink/renderer/modules/peerconnection/peer_connection_dependency_factory.cc
+++ b/third_party/blink/renderer/modules/peerconnection/peer_connection_dependency_factory.cc
@@ -821,12 +821,13 @@ PeerConnectionDependencyFactory::CreatePortAllocator(
port_config.enable_nonproxied_udp = false;
break;
case kDefault:
- port_config.enable_multiple_routes = true;
- port_config.enable_nonproxied_udp = true;
+ port_config.enable_multiple_routes = false;
+ port_config.enable_nonproxied_udp = false;
+ port_config.enable_default_local_candidate = false;
break;
}
- VLOG(3) << "WebRTC routing preferences: "
+ LOG(INFO) << "WebRTC routing preferences: "
<< "policy: " << policy
<< ", multiple_routes: " << port_config.enable_multiple_routes
<< ", nonproxied_udp: " << port_config.enable_nonproxied_udp
--
2.25.1

52
build/patches/webRTC-do-not-expose-local-IP-addresses.patch Normal file
View file

@ -0,0 +1,52 @@
From: csagan5 <32685696+csagan5@users.noreply.github.com>
Date: Sat, 9 May 2020 14:42:37 +0200
Subject: webRTC: do not expose local IP addresses
Prevent leaks of local IP address and public IP address (when using VPN)
See also:
* build/patches/Change-default-webRTC-policy-to-not-use-any-address.patch
* https://github.com/bromite/bromite/issues/553
* https://github.com/bromite/bromite/issues/589
---
chrome/browser/ui/browser_ui_prefs.cc | 2 +-
.../peerconnection/peer_connection_dependency_factory.cc | 6 ++++--
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/chrome/browser/ui/browser_ui_prefs.cc b/chrome/browser/ui/browser_ui_prefs.cc
--- a/chrome/browser/ui/browser_ui_prefs.cc
+++ b/chrome/browser/ui/browser_ui_prefs.cc
@@ -93,7 +93,7 @@ void RegisterBrowserUserPrefs(user_prefs::PrefRegistrySyncable* registry) {
false);
#endif
registry->RegisterStringPref(prefs::kWebRTCIPHandlingPolicy,
- blink::kWebRTCIPHandlingDefault);
+ blink::kWebRTCIPHandlingDisableNonProxiedUdp);
registry->RegisterStringPref(prefs::kWebRTCUDPPortRange, std::string());
registry->RegisterBooleanPref(prefs::kWebRtcEventLogCollectionAllowed, false);
registry->RegisterListPref(prefs::kWebRtcLocalIpsAllowedUrls);
diff --git a/third_party/blink/renderer/modules/peerconnection/peer_connection_dependency_factory.cc b/third_party/blink/renderer/modules/peerconnection/peer_connection_dependency_factory.cc
--- a/third_party/blink/renderer/modules/peerconnection/peer_connection_dependency_factory.cc
+++ b/third_party/blink/renderer/modules/peerconnection/peer_connection_dependency_factory.cc
@@ -106,7 +106,9 @@ WebRTCIPHandlingPolicy GetWebRTCIPHandlingPolicy(const String& preference) {
return kDefaultPublicInterfaceOnly;
if (preference == kWebRTCIPHandlingDisableNonProxiedUdp)
return kDisableNonProxiedUdp;
- return kDefault;
+ if (preference == kWebRTCIPHandlingDefault)
+ return kDefault;
+ return kDisableNonProxiedUdp;
}
bool IsValidPortRange(uint16_t min_port, uint16_t max_port) {
@@ -826,7 +828,7 @@ PeerConnectionDependencyFactory::CreatePortAllocator(
break;
}
- VLOG(3) << "WebRTC routing preferences: "
+ LOG(INFO) << "WebRTC routing preferences: "
<< "policy: " << policy
<< ", multiple_routes: " << port_config.enable_multiple_routes
<< ", nonproxied_udp: " << port_config.enable_nonproxied_udp
--
2.25.1