diff options
| author | guoweis <guoweis@chromium.org> | 2015-03-11 17:59:27 -0700 |
|---|---|---|
| committer | Commit bot <commit-bot@chromium.org> | 2015-03-12 01:00:08 +0000 |
| commit | 5f066054fe5db4b86d9fd8a2a22ddff198f131d7 (patch) | |
| tree | daaa9ba682400a28ead8990313c0aa8ca72061f0 /content/renderer/p2p | |
| parent | 2a09dc05582a7cb4664e9f18cb2c4ba1e39e0c98 (diff) | |
| download | chromium_src-5f066054fe5db4b86d9fd8a2a22ddff198f131d7.zip chromium_src-5f066054fe5db4b86d9fd8a2a22ddff198f131d7.tar.gz chromium_src-5f066054fe5db4b86d9fd8a2a22ddff198f131d7.tar.bz2 | |
Only allow non-deprecated IPv6 addresses which don't contain MAC to be used in WebRTC.
Original fix for this bug was not good for mobile since none of the IPv6 in mobile has temporary attributes. Instead, we look for FF:FE and the U/L bit to determine whether this has MAC or not and filter based on that.
BUG=465378
Review URL: https://codereview.chromium.org/1000643003
Cr-Commit-Position: refs/heads/master@{#320195}
Diffstat (limited to 'content/renderer/p2p')
| -rw-r--r-- | content/renderer/p2p/ipc_network_manager.cc | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/content/renderer/p2p/ipc_network_manager.cc b/content/renderer/p2p/ipc_network_manager.cc index ad62327..8ccda2a 100644 --- a/content/renderer/p2p/ipc_network_manager.cc +++ b/content/renderer/p2p/ipc_network_manager.cc @@ -15,6 +15,14 @@ namespace content { namespace { +// According to http://www.ietf.org/rfc/rfc2373.txt, Appendix A, page 19. An +// address which contains MAC will have its 11th and 12th bytes as FF:FE as well +// as the U/L bit as 1. +bool IsMacBasedIPv6Address(const net::IPAddressNumber& ipaddress) { + return ((ipaddress[8] & 0x02) && ipaddress[11] == 0xFF && + ipaddress[12] == 0xFE); +} + rtc::AdapterType ConvertConnectionTypeToAdapterType( net::NetworkChangeNotifier::ConnectionType type) { switch (type) { @@ -88,17 +96,15 @@ void IpcNetworkManager::OnNetworkListChanged( network->AddIP(rtc::IPAddress(address)); networks.push_back(network); } else if (it->address.size() == net::kIPv6AddressSize) { - - // Only allow temporary non-deprecated address to ensure the MAC is not - // included in the address. - if (!(it->ip_address_attributes & net::IP_ADDRESS_ATTRIBUTE_TEMPORARY) || + // Only allow non-deprecated IPv6 addresses which don't contain MAC. + if (IsMacBasedIPv6Address(it->address) || (it->ip_address_attributes & net::IP_ADDRESS_ATTRIBUTE_DEPRECATED)) { continue; } in6_addr address; memcpy(&address, &it->address[0], sizeof(in6_addr)); - rtc::IPAddress ip6_addr(address); + rtc::InterfaceAddress ip6_addr(address, it->ip_address_attributes); if (!rtc::IPIsPrivate(ip6_addr)) { rtc::IPAddress prefix = rtc::TruncateIP(rtc::IPAddress(ip6_addr), it->prefix_length); |