Allow port 53 as a TURN port.

Bug: webrtc:12581 Change-Id: Ib9ce6ad64c5a67ba3ebc6797b10164ff25bfbdec Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/211866 Reviewed-by: Jonas Oreland <jonaso@webrtc.org> Commit-Queue: Harald Alvestrand <hta@webrtc.org> Cr-Commit-Position: refs/heads/master@{#33462}
2021-03-15 10:16:06 +00:00 · 2021-03-15 10:16:06 +00:00 · e657d8759d
commit e657d8759d
parent c88bdad433
2 changed files with 13 additions and 4 deletions
--- a/p2p/base/turn_port.cc
+++ b/p2p/base/turn_port.cc
@ -944,9 +944,9 @@ rtc::DiffServCodePoint TurnPort::StunDscpValue() const {

 // static
 bool TurnPort::AllowedTurnPort(int port) {
-  // Port 80 and 443 are used for existing deployments.
+  // Port 53, 80 and 443 are used for existing deployments.
  // Ports above 1024 are assumed to be OK to use.
-  if (port == 80 || port == 443 || port >= 1024) {
+  if (port == 53 || port == 80 || port == 443 || port >= 1024) {
    return true;
  }
  // Allow any port if relevant field trial is set. This allows disabling the
--- a/p2p/base/turn_port_unittest.cc
+++ b/p2p/base/turn_port_unittest.cc
@ -61,6 +61,8 @@ static const SocketAddress kTurnAlternateIntAddr("99.99.99.6",
                                                 cricket::TURN_SERVER_PORT);
 // Port for redirecting to a TCP Web server. Should not work.
 static const SocketAddress kTurnDangerousAddr("99.99.99.7", 81);
+// Port 53 (the DNS port); should work.
+static const SocketAddress kTurnPort53Addr("99.99.99.7", 53);
 // Port 80 (the HTTP port); should work.
 static const SocketAddress kTurnPort80Addr("99.99.99.7", 80);
 // Port 443 (the HTTPS port); should work.
@ -105,6 +107,8 @@ static const cricket::ProtocolAddress kTurnUdpIPv6ProtoAddr(kTurnUdpIPv6IntAddr,
 static const cricket::ProtocolAddress kTurnDangerousProtoAddr(
    kTurnDangerousAddr,
    cricket::PROTO_TCP);
+static const cricket::ProtocolAddress kTurnPort53ProtoAddr(kTurnPort53Addr,
+                                                           cricket::PROTO_TCP);
 static const cricket::ProtocolAddress kTurnPort80ProtoAddr(kTurnPort80Addr,
                                                           cricket::PROTO_TCP);
 static const cricket::ProtocolAddress kTurnPort443ProtoAddr(kTurnPort443Addr,
@ -1805,8 +1809,8 @@ TEST_F(TurnPortTest, TestTurnDangerousServer) {
  ASSERT_FALSE(turn_port_);
 }

-TEST_F(TurnPortTest, TestTurnDangerousServerPermits443) {
-  CreateTurnPort(kTurnUsername, kTurnPassword, kTurnPort443ProtoAddr);
+TEST_F(TurnPortTest, TestTurnDangerousServerPermits53) {
+  CreateTurnPort(kTurnUsername, kTurnPassword, kTurnPort53ProtoAddr);
  ASSERT_TRUE(turn_port_);
 }

@ -1815,6 +1819,11 @@ TEST_F(TurnPortTest, TestTurnDangerousServerPermits80) {
  ASSERT_TRUE(turn_port_);
 }

+TEST_F(TurnPortTest, TestTurnDangerousServerPermits443) {
+  CreateTurnPort(kTurnUsername, kTurnPassword, kTurnPort443ProtoAddr);
+  ASSERT_TRUE(turn_port_);
+}
+
 TEST_F(TurnPortTest, TestTurnDangerousAlternateServer) {
  const ProtocolType protocol_type = PROTO_TCP;
  std::vector<rtc::SocketAddress> redirect_addresses;