)]}'
{
  "commit": "aa54326daa32892de997bb6fd60701b8e03c718a",
  "tree": "b2245bc5ec55a4386b83b5222abb1ff973783767",
  "parents": [
    "f685c00979b202fc5b05df337485664e56b6c581"
  ],
  "author": {
    "name": "Harald Alvestrand",
    "email": "hta@webrtc.org",
    "time": "Wed Apr 22 20:16:27 2026"
  },
  "committer": {
    "name": "webrtc-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "email": "webrtc-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Wed Apr 22 22:20:25 2026"
  },
  "message": "Discard unauthenticated TURN responses to unauthenticated requests\n\nIn StunRequestManager::CheckResponse, if a TURN request was sent\nwithout authentication (initial ALLOCATE), we now explicitly discard\nany success response. We also restrict allowed error responses to\n401 Unauthorized and 300 Try Alternate.\n\nThis prevents an authentication bypass (b/504572664) where an attacker\ncould hijack a TURN session by forging a success response to the initial\nunauthenticated request.\n\nAdd regression test for unauthenticated TURN ALLOCATE success.\n\nBug: chromium:504572664\nChange-Id: Ie5619e10b6b6dccac3221661632e9f1d6312f760\nReviewed-on: https://webrtc-review.googlesource.com/c/src/+/466100\nCommit-Queue: Harald Alvestrand \u003chta@webrtc.org\u003e\nReviewed-by: Danil Chapovalov \u003cdanilchap@webrtc.org\u003e\nCr-Commit-Position: refs/heads/main@{#47529}\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "3afabe1e42f8e0c95b2bc8faf2a58a21e48cd22c",
      "old_mode": 33188,
      "old_path": "p2p/base/stun_request.cc",
      "new_id": "1a18d2ba21928cd24bc0dd0db2001614de2086e1",
      "new_mode": 33188,
      "new_path": "p2p/base/stun_request.cc"
    },
    {
      "type": "modify",
      "old_id": "8a53aae3c46fd8285e325c5d8d34352f57183429",
      "old_mode": 33188,
      "old_path": "p2p/base/turn_port_unittest.cc",
      "new_id": "b23f33ad4c857dc1e32d1f9e7984a72a2c61b2ef",
      "new_mode": 33188,
      "new_path": "p2p/base/turn_port_unittest.cc"
    }
  ]
}
