commit e657d8759ded3d7df9b4211737d8f8b6d1798469
author Harald Alvestrand <hta@webrtc.org> Mon Mar 15 10:16:06 2021
committer Commit Bot <commit-bot@chromium.org> Mon Mar 15 12:22:01 2021
tree a6012a0e36e3037fb6b5cff41255422e57571803
parent c88bdad43329106e7c642689b725c67cdc397920

Allow port 53 as a TURN port.

Bug: webrtc:12581
Change-Id: Ib9ce6ad64c5a67ba3ebc6797b10164ff25bfbdec
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/211866
Reviewed-by: Jonas Oreland <jonaso@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#33462}

p2p/base/turn_port.cc

diff --git a/p2p/base/turn_port.cc b/p2p/base/turn_port.cc
index 0bcec2c..57de15e 100644
--- a/p2p/base/turn_port.cc
+++ b/p2p/base/turn_port.cc
@@ -944,9 +944,9 @@
 
 // static
 bool TurnPort::AllowedTurnPort(int port) {
-  // Port 80 and 443 are used for existing deployments.
+  // Port 53, 80 and 443 are used for existing deployments.
   // Ports above 1024 are assumed to be OK to use.
-  if (port == 80 || port == 443 || port >= 1024) {
+  if (port == 53 || port == 80 || port == 443 || port >= 1024) {
     return true;
   }
   // Allow any port if relevant field trial is set. This allows disabling the

p2p/base/turn_port_unittest.cc

diff --git a/p2p/base/turn_port_unittest.cc b/p2p/base/turn_port_unittest.cc
index 67a54ee..5df9f67 100644
--- a/p2p/base/turn_port_unittest.cc
+++ b/p2p/base/turn_port_unittest.cc
@@ -61,6 +61,8 @@
                                                  cricket::TURN_SERVER_PORT);
 // Port for redirecting to a TCP Web server. Should not work.
 static const SocketAddress kTurnDangerousAddr("99.99.99.7", 81);
+// Port 53 (the DNS port); should work.
+static const SocketAddress kTurnPort53Addr("99.99.99.7", 53);
 // Port 80 (the HTTP port); should work.
 static const SocketAddress kTurnPort80Addr("99.99.99.7", 80);
 // Port 443 (the HTTPS port); should work.
@@ -105,6 +107,8 @@
 static const cricket::ProtocolAddress kTurnDangerousProtoAddr(
     kTurnDangerousAddr,
     cricket::PROTO_TCP);
+static const cricket::ProtocolAddress kTurnPort53ProtoAddr(kTurnPort53Addr,
+                                                           cricket::PROTO_TCP);
 static const cricket::ProtocolAddress kTurnPort80ProtoAddr(kTurnPort80Addr,
                                                            cricket::PROTO_TCP);
 static const cricket::ProtocolAddress kTurnPort443ProtoAddr(kTurnPort443Addr,
@@ -1805,8 +1809,8 @@
   ASSERT_FALSE(turn_port_);
 }
 
-TEST_F(TurnPortTest, TestTurnDangerousServerPermits443) {
-  CreateTurnPort(kTurnUsername, kTurnPassword, kTurnPort443ProtoAddr);
+TEST_F(TurnPortTest, TestTurnDangerousServerPermits53) {
+  CreateTurnPort(kTurnUsername, kTurnPassword, kTurnPort53ProtoAddr);
   ASSERT_TRUE(turn_port_);
 }
 
@@ -1815,6 +1819,11 @@
   ASSERT_TRUE(turn_port_);
 }
 
+TEST_F(TurnPortTest, TestTurnDangerousServerPermits443) {
+  CreateTurnPort(kTurnUsername, kTurnPassword, kTurnPort443ProtoAddr);
+  ASSERT_TRUE(turn_port_);
+}
+
 TEST_F(TurnPortTest, TestTurnDangerousAlternateServer) {
   const ProtocolType protocol_type = PROTO_TCP;
   std::vector<rtc::SocketAddress> redirect_addresses;