Log resolved & unresolved turn server address as sensitive string.
This should help to debug problems with DNS resolution of turn server
name. E.g. DNS server returns fake IP address to block turn server.
Similar change to stun_port.cc were done in
https://webrtc-review.googlesource.com/c/src/+/215926
Bug: None
Change-Id: If1cc410f4cd0f89620d3678aabf05a0f1b22a393
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/290992
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Yury Yarashevich <yura.yaroshevich@gmail.com>
Cr-Commit-Position: refs/heads/main@{#39152}
diff --git a/rtc_base/socket_address.cc b/rtc_base/socket_address.cc
index 93d6860..8601fc9 100644
--- a/rtc_base/socket_address.cc
+++ b/rtc_base/socket_address.cc
@@ -179,13 +179,21 @@
return sb.str();
}
-std::string SocketAddress::ToResolvedSensitiveString() const {
- if (IsUnresolvedIP()) {
- return "";
+std::string SocketAddress::ToSensitiveNameAndAddressString() const {
+ if (IsUnresolvedIP() || literal_ || hostname_.empty()) {
+ return ToSensitiveString();
}
char buf[1024];
rtc::SimpleStringBuilder sb(buf);
- sb << ipaddr().ToSensitiveString() << ":" << port();
+ sb << HostAsSensitiveURIString() << ":" << port();
+ sb << " (";
+ if (ip_.family() == AF_INET6) {
+ sb << "[" << ipaddr().ToSensitiveString() << "]";
+ } else {
+ sb << ipaddr().ToSensitiveString();
+ }
+ sb << ":" << port() << ")";
+
return sb.str();
}
diff --git a/rtc_base/socket_address.h b/rtc_base/socket_address.h
index 99e14d8..b58a6db 100644
--- a/rtc_base/socket_address.h
+++ b/rtc_base/socket_address.h
@@ -126,9 +126,9 @@
// Same as ToString but anonymizes it by hiding the last part.
std::string ToSensitiveString() const;
- // Returns hostname:port string if address is resolved, otherwise returns
- // empty string.
- std::string ToResolvedSensitiveString() const;
+ // Returns sensitive description of address in a form which both includes
+ // resolved and unresolved addresses based on their availability.
+ std::string ToSensitiveNameAndAddressString() const;
// Parses hostname:port and [hostname]:port.
bool FromString(absl::string_view str);
diff --git a/rtc_base/socket_address_unittest.cc b/rtc_base/socket_address_unittest.cc
index d1c911a..f10e43f 100644
--- a/rtc_base/socket_address_unittest.cc
+++ b/rtc_base/socket_address_unittest.cc
@@ -334,4 +334,33 @@
EXPECT_EQ(kTestV6AddrFullAnonymizedString, addr_v6.ToSensitiveString());
}
+TEST(SocketAddressTest, TestToSensitiveNameAndAddressString) {
+ SocketAddress ipv4OnlyLiteral("1.2.3.4", 5678);
+ EXPECT_EQ("1.2.3.x:5678", ipv4OnlyLiteral.ToSensitiveNameAndAddressString());
+
+ SocketAddress ipv4OnlyAddress(IPAddress(0x01020304), 5678);
+ EXPECT_EQ("1.2.3.x:5678", ipv4OnlyAddress.ToSensitiveNameAndAddressString());
+
+ SocketAddress hostOnly("webrtc.org", 443);
+ EXPECT_EQ("webrtc.org:443", hostOnly.ToSensitiveNameAndAddressString());
+
+ SocketAddress hostAndIpv4("webrtc.org", 80);
+ hostAndIpv4.SetResolvedIP(IPAddress(0x01020304));
+ EXPECT_EQ("webrtc.org:80 (1.2.3.x:80)",
+ hostAndIpv4.ToSensitiveNameAndAddressString());
+
+ SocketAddress ipv6OnlyLiteral(kTestV6AddrString, 5678);
+ EXPECT_EQ(kTestV6AddrFullAnonymizedString,
+ ipv6OnlyLiteral.ToSensitiveNameAndAddressString());
+
+ SocketAddress ipv6OnlyAddress(IPAddress(kTestV6Addr), 5678);
+ EXPECT_EQ(kTestV6AddrFullAnonymizedString,
+ ipv6OnlyAddress.ToSensitiveNameAndAddressString());
+
+ SocketAddress hostAndIpv6("webrtc.org", 5678);
+ hostAndIpv6.SetResolvedIP(IPAddress(kTestV6Addr));
+ EXPECT_EQ("webrtc.org:5678 (" + kTestV6AddrFullAnonymizedString + ")",
+ hostAndIpv6.ToSensitiveNameAndAddressString());
+}
+
} // namespace rtc