Flag for disabling P2P STUN filter

Temporary flag for disabling P2P STUN validation on UDP sockets to let the cast team use it
until the final design is implemented. The final design will send encoded frames to the
browser process, which will split them into packets and handle the encryption, thus making it
very difficult for the renderer to talk other protocols.

Review URL: https://codereview.chromium.org/111833003

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240000 0039d316-1c4b-4281-b951-d872f2087c98

3 files changed, 15 insertions, 2 deletions

diff --git a/content/browser/renderer_host/p2p/socket_host_udp.cc b/content/browser/renderer_host/p2p/socket_host_udp.cc
index 417cb2b..8201ccb 100644
--- a/content/browser/renderer_host/p2p/socket_host_udp.cc
+++ b/content/browser/renderer_host/p2p/socket_host_udp.cc
@@ -5,10 +5,12 @@
 #include "content/browser/renderer_host/p2p/socket_host_udp.h"
 
 #include "base/bind.h"
+#include "base/command_line.h"
 #include "base/debug/trace_event.h"
 #include "base/stl_util.h"
 #include "content/browser/renderer_host/p2p/socket_host_throttler.h"
 #include "content/common/p2p_messages.h"
+#include "content/public/common/content_switches.h"
 #include "ipc/ipc_sender.h"
 #include "net/base/io_buffer.h"
 #include "net/base/net_errors.h"
@@ -41,6 +43,11 @@ bool IsTransientError(int error) {
          error == net::ERR_OUT_OF_MEMORY;
 }
 
+bool AllowUDPWithoutSTUN() {
+  return CommandLine::ForCurrentProcess()->HasSwitch(
+      switches::kDisableP2PSocketSTUNFilter);
+}
+
 }  // namespace
 
 namespace content {
@@ -155,7 +162,7 @@ void P2PSocketHostUdp::HandleReadResult(int result) {
     if (!ContainsKey(connected_peers_, recv_address_)) {
       P2PSocketHost::StunMessageType type;
       bool stun = GetStunPacketType(&*data.begin(), data.size(), &type);
-      if (stun && IsRequestOrResponse(type)) {
+      if ((stun && IsRequestOrResponse(type)) || AllowUDPWithoutSTUN()) {
         connected_peers_.insert(recv_address_);
       } else if (!stun || type == STUN_DATA_INDICATION) {
         LOG(ERROR) << "Received unexpected data packet from "
@@ -182,7 +189,7 @@ void P2PSocketHostUdp::Send(const net::IPEndPoint& to,
     return;
   }
 
-  if (!ContainsKey(connected_peers_, to)) {
+  if (!ContainsKey(connected_peers_, to) && !AllowUDPWithoutSTUN()) {
     P2PSocketHost::StunMessageType type = P2PSocketHost::StunMessageType();
     bool stun = GetStunPacketType(&*data.begin(), data.size(), &type);
     if (!stun || type == STUN_DATA_INDICATION) {
diff --git a/content/public/common/content_switches.cc b/content/public/common/content_switches.cc
index 177a76a..1c43449 100644
--- a/content/public/common/content_switches.cc
+++ b/content/public/common/content_switches.cc
@@ -265,6 +265,11 @@ const char kDisableLocalStorage[]           = "disable-local-storage";
 // builds.
 const char kDisableLogging[]                = "disable-logging";
 
+// Allows P2P sockets to talk UDP to other servers without using STUN first.
+// For development only, use with caution.
+// TODO(hubbe): Remove this flag.
+const char kDisableP2PSocketSTUNFilter[]    = "disable-p2psocket-stun-filter";
+
 // Disable Pepper3D.
 const char kDisablePepper3d[]               = "disable-pepper-3d";
 
diff --git a/content/public/common/content_switches.h b/content/public/common/content_switches.h
index 23960b1..9e60250 100644
--- a/content/public/common/content_switches.h
+++ b/content/public/common/content_switches.h
@@ -87,6 +87,7 @@ extern const char kDisableKillAfterBadIPC[];
 CONTENT_EXPORT extern const char kDisableLocalStorage[];
 CONTENT_EXPORT extern const char kDisableLogging[];
 extern const char kDisableNavigatorContentUtils[];
+extern const char kDisableP2PSocketSTUNFilter[];
 extern const char kDisablePepper3d[];
 CONTENT_EXPORT extern const char kDisablePinch[];
 CONTENT_EXPORT extern const char kDisablePlugins[];