From 20232a914fb2d00808424cdbcbb1d5a7888f9450 Mon Sep 17 00:00:00 2001 From: Qingsi Wang Date: Fri, 6 Sep 2019 12:51:17 -0700 Subject: [PATCH] Use obfuscated IPs in logging in p2p/ and pc/. Bug: None Change-Id: I0e7e76ec2d61a1e2719975701a32c1cfc04f97d5 Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/151960 Reviewed-by: Steve Anton Reviewed-by: Alex Drake Commit-Queue: Qingsi Wang Cr-Commit-Position: refs/heads/master@{#29103} --- p2p/base/p2p_transport_channel.cc | 14 ++++++++------ p2p/base/port.cc | 2 +- p2p/base/relay_port.cc | 4 ++-- p2p/base/tcp_port.cc | 8 ++++---- p2p/base/turn_port.cc | 16 +++++++++------- p2p/base/turn_server.cc | 11 ++++++----- p2p/client/basic_port_allocator.cc | 8 ++++---- pc/jsep_transport.cc | 3 ++- pc/jsep_transport_controller.cc | 2 +- 9 files changed, 37 insertions(+), 31 deletions(-) diff --git a/p2p/base/p2p_transport_channel.cc b/p2p/base/p2p_transport_channel.cc index 23a99495d3..72e36e1d25 100644 --- a/p2p/base/p2p_transport_channel.cc +++ b/p2p/base/p2p_transport_channel.cc @@ -1026,7 +1026,7 @@ void P2PTransportChannel::OnUnknownAddress(PortInterface* port, if (port_muxed) { RTC_LOG(LS_INFO) << "Connection already exists for peer reflexive " "candidate: " - << remote_candidate.ToString(); + << remote_candidate.ToSensitiveString(); return; } else { RTC_NOTREACHED(); @@ -1049,7 +1049,7 @@ void P2PTransportChannel::OnUnknownAddress(PortInterface* port, RTC_LOG(LS_INFO) << "Adding connection from " << (remote_candidate_is_new ? "peer reflexive" : "resurrected") - << " candidate: " << remote_candidate.ToString(); + << " candidate: " << remote_candidate.ToSensitiveString(); AddConnection(connection); connection->HandleBindingRequest(stun_msg); @@ -1259,7 +1259,7 @@ void P2PTransportChannel::RemoveRemoteCandidate( }); if (iter != remote_candidates_.end()) { RTC_LOG(LS_VERBOSE) << "Removed remote candidate " - << cand_to_remove.ToString(); + << cand_to_remove.ToSensitiveString(); remote_candidates_.erase(iter, remote_candidates_.end()); } } @@ -1352,8 +1352,9 @@ bool P2PTransportChannel::CreateConnection(PortInterface* port, if (!remote_candidate.IsEquivalent(connection->remote_candidate())) { RTC_LOG(INFO) << "Attempt to change a remote candidate." " Existing remote candidate: " - << connection->remote_candidate().ToString() - << "New remote candidate: " << remote_candidate.ToString(); + << connection->remote_candidate().ToSensitiveString() + << "New remote candidate: " + << remote_candidate.ToSensitiveString(); } return false; } @@ -1415,7 +1416,8 @@ void P2PTransportChannel::RememberRemoteCandidate( // Make sure this candidate is not a duplicate. if (IsDuplicateRemoteCandidate(remote_candidate)) { - RTC_LOG(INFO) << "Duplicate candidate: " << remote_candidate.ToString(); + RTC_LOG(INFO) << "Duplicate candidate: " + << remote_candidate.ToSensitiveString(); return; } diff --git a/p2p/base/port.cc b/p2p/base/port.cc index 17e462eef6..3582da6a9b 100644 --- a/p2p/base/port.cc +++ b/p2p/base/port.cc @@ -362,7 +362,7 @@ void Port::AddOrReplaceConnection(Connection* conn) { << ToString() << ": A new connection was created on an existing remote address. " "New remote candidate: " - << conn->remote_candidate().ToString(); + << conn->remote_candidate().ToSensitiveString(); ret.first->second->SignalDestroyed.disconnect(this); ret.first->second->Destroy(); ret.first->second = conn; diff --git a/p2p/base/relay_port.cc b/p2p/base/relay_port.cc index bb62ebb90f..808d6cec75 100644 --- a/p2p/base/relay_port.cc +++ b/p2p/base/relay_port.cc @@ -456,7 +456,7 @@ void RelayConnection::OnSendPacket(const void* data, int sent = socket_->SendTo(data, size, GetAddress(), options); if (sent <= 0) { RTC_LOG(LS_VERBOSE) << "OnSendPacket: failed sending to " - << GetAddress().ToString() + << GetAddress().ToSensitiveString() << strerror(socket_->GetError()); RTC_DCHECK(sent < 0); } @@ -669,7 +669,7 @@ void RelayEntry::OnMessage(rtc::Message* pmsg) { if (current_connection_) { const ProtocolAddress* ra = current_connection_->protocol_address(); RTC_LOG(LS_WARNING) << "Relay " << ra->proto << " connection to " - << ra->address.ToString() << " timed out"; + << ra->address.ToSensitiveString() << " timed out"; // Currently we connect to each server address in sequence. If we // have more addresses to try, treat this is an error and move on to diff --git a/p2p/base/tcp_port.cc b/p2p/base/tcp_port.cc index 91b6e1468a..6e5b8dc4a0 100644 --- a/p2p/base/tcp_port.cc +++ b/p2p/base/tcp_port.cc @@ -351,7 +351,7 @@ TCPConnection::TCPConnection(TCPPort* port, // Incoming connections should match one of the network addresses. Same as // what's being checked in OnConnect, but just DCHECKing here. RTC_LOG(LS_VERBOSE) << ToString() << ": socket ipaddr: " - << socket_->GetLocalAddress().ToString() + << socket_->GetLocalAddress().ToSensitiveString() << ", port() Network:" << port->Network()->ToString(); RTC_DCHECK(absl::c_any_of( port_->Network()->GetIPs(), [this](const rtc::InterfaceAddress& addr) { @@ -446,21 +446,21 @@ void TCPConnection::OnConnect(rtc::AsyncPacketSocket* socket) { } else { if (socket->GetLocalAddress().IsLoopbackIP()) { RTC_LOG(LS_WARNING) << "Socket is bound to the address:" - << socket_address.ipaddr().ToString() + << socket_address.ipaddr().ToSensitiveString() << ", rather than an address associated with network:" << port_->Network()->ToString() << ". Still allowing it since it's localhost."; } else if (IPIsAny(port_->Network()->GetBestIP())) { RTC_LOG(LS_WARNING) << "Socket is bound to the address:" - << socket_address.ipaddr().ToString() + << socket_address.ipaddr().ToSensitiveString() << ", rather than an address associated with network:" << port_->Network()->ToString() << ". Still allowing it since it's the 'any' address" ", possibly caused by multiple_routes being disabled."; } else { RTC_LOG(LS_WARNING) << "Dropping connection as TCP socket bound to IP " - << socket_address.ipaddr().ToString() + << socket_address.ipaddr().ToSensitiveString() << ", rather than an address associated with network:" << port_->Network()->ToString(); OnClose(socket, 0); diff --git a/p2p/base/turn_port.cc b/p2p/base/turn_port.cc index 7845b6a362..e86bf09e98 100644 --- a/p2p/base/turn_port.cc +++ b/p2p/base/turn_port.cc @@ -467,21 +467,21 @@ void TurnPort::OnSocketConnect(rtc::AsyncPacketSocket* socket) { })) { if (socket->GetLocalAddress().IsLoopbackIP()) { RTC_LOG(LS_WARNING) << "Socket is bound to the address:" - << socket_address.ipaddr().ToString() + << socket_address.ipaddr().ToSensitiveString() << ", rather than an address associated with network:" << Network()->ToString() << ". Still allowing it since it's localhost."; } else if (IPIsAny(Network()->GetBestIP())) { RTC_LOG(LS_WARNING) << "Socket is bound to the address:" - << socket_address.ipaddr().ToString() + << socket_address.ipaddr().ToSensitiveString() << ", rather than an address associated with network:" << Network()->ToString() << ". Still allowing it since it's the 'any' address" ", possibly caused by multiple_routes being disabled."; } else { RTC_LOG(LS_WARNING) << "Socket is bound to the address:" - << socket_address.ipaddr().ToString() + << socket_address.ipaddr().ToSensitiveString() << ", rather than an address associated with network:" << Network()->ToString() << ". Discarding TURN port."; OnAllocateError( @@ -497,7 +497,8 @@ void TurnPort::OnSocketConnect(rtc::AsyncPacketSocket* socket) { } RTC_LOG(LS_INFO) << "TurnPort connected to " - << socket->GetRemoteAddress().ToString() << " using tcp."; + << socket->GetRemoteAddress().ToSensitiveString() + << " using tcp."; SendRequest(new TurnAllocateRequest(this), 0); } @@ -619,7 +620,7 @@ int TurnPort::SendTo(const void* data, TurnEntry* entry = FindEntry(addr); if (!entry) { RTC_LOG(LS_ERROR) << "Did not find the TurnEntry for address " - << addr.ToString(); + << addr.ToSensitiveString(); return 0; } @@ -663,8 +664,9 @@ bool TurnPort::HandleIncomingPacket(rtc::AsyncPacketSocket* socket, if (remote_addr != server_address_.address) { RTC_LOG(LS_WARNING) << ToString() << ": Discarding TURN message from unknown address: " - << remote_addr.ToString() << " server_address_: " - << server_address_.address.ToString(); + << remote_addr.ToSensitiveString() + << " server_address_: " + << server_address_.address.ToSensitiveString(); return false; } diff --git a/p2p/base/turn_server.cc b/p2p/base/turn_server.cc index cd00e5fdef..e11b6463ab 100644 --- a/p2p/base/turn_server.cc +++ b/p2p/base/turn_server.cc @@ -603,7 +603,8 @@ bool TurnServerConnection::operator<(const TurnServerConnection& c) const { std::string TurnServerConnection::ToString() const { const char* const kProtos[] = {"unknown", "udp", "tcp", "ssltcp"}; rtc::StringBuilder ost; - ost << src_.ToString() << "-" << dst_.ToString() << ":" << kProtos[proto_]; + ost << src_.ToSensitiveString() << "-" << dst_.ToSensitiveString() << ":" + << kProtos[proto_]; return ost.Release(); } @@ -744,7 +745,7 @@ void TurnServerAllocation::HandleSendIndication(const TurnMessage* msg) { RTC_LOG(LS_WARNING) << ToString() << ": Received send indication without permission" " peer=" - << peer_attr->GetAddress().ToString(); + << peer_attr->GetAddress().ToSensitiveString(); } } @@ -768,7 +769,7 @@ void TurnServerAllocation::HandleCreatePermissionRequest( AddPermission(peer_attr->GetAddress().ipaddr()); RTC_LOG(LS_INFO) << ToString() << ": Created permission, peer=" - << peer_attr->GetAddress().ToString(); + << peer_attr->GetAddress().ToSensitiveString(); // Send a success response. TurnMessage response; @@ -817,7 +818,7 @@ void TurnServerAllocation::HandleChannelBindRequest(const TurnMessage* msg) { AddPermission(peer_attr->GetAddress().ipaddr()); RTC_LOG(LS_INFO) << ToString() << ": Bound channel, id=" << channel_id - << ", peer=" << peer_attr->GetAddress().ToString(); + << ", peer=" << peer_attr->GetAddress().ToSensitiveString(); // Send a success response. TurnMessage response; @@ -869,7 +870,7 @@ void TurnServerAllocation::OnExternalPacket( } else { RTC_LOG(LS_WARNING) << ToString() << ": Received external packet without permission, peer=" - << addr.ToString(); + << addr.ToSensitiveString(); } } diff --git a/p2p/client/basic_port_allocator.cc b/p2p/client/basic_port_allocator.cc index 013173ea84..2c81d7146c 100644 --- a/p2p/client/basic_port_allocator.cc +++ b/p2p/client/basic_port_allocator.cc @@ -1581,8 +1581,8 @@ void AllocationSequence::CreateTurnPort(const RelayServerConfig& config) { RTC_LOG(LS_INFO) << "Server and local address families are not compatible. " "Server address: " - << relay_port->address.ipaddr().ToString() - << " Local address: " << network_->GetBestIP().ToString(); + << relay_port->address.ipaddr().ToSensitiveString() + << " Local address: " << network_->GetBestIP().ToSensitiveString(); continue; } @@ -1609,7 +1609,7 @@ void AllocationSequence::CreateTurnPort(const RelayServerConfig& config) { if (!port) { RTC_LOG(LS_WARNING) << "Failed to create relay port with " - << args.server_address->address.ToString(); + << args.server_address->address.ToSensitiveString(); continue; } @@ -1624,7 +1624,7 @@ void AllocationSequence::CreateTurnPort(const RelayServerConfig& config) { if (!port) { RTC_LOG(LS_WARNING) << "Failed to create relay port with " - << args.server_address->address.ToString(); + << args.server_address->address.ToSensitiveString(); continue; } } diff --git a/pc/jsep_transport.cc b/pc/jsep_transport.cc index 82be5338a5..577787305e 100644 --- a/pc/jsep_transport.cc +++ b/pc/jsep_transport.cc @@ -345,7 +345,8 @@ webrtc::RTCError JsepTransport::AddRemoteCandidates( if (!transport) { return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, "Candidate has an unknown component: " + - candidate.ToString() + " for mid " + mid()); + candidate.ToSensitiveString() + " for mid " + + mid()); } RTC_DCHECK(transport->internal() && transport->internal()->ice_transport()); transport->internal()->ice_transport()->AddRemoteCandidate(candidate); diff --git a/pc/jsep_transport_controller.cc b/pc/jsep_transport_controller.cc index 0395835cf5..cfb971aed0 100644 --- a/pc/jsep_transport_controller.cc +++ b/pc/jsep_transport_controller.cc @@ -382,7 +382,7 @@ RTCError JsepTransportController::RemoveRemoteCandidates( } else { RTC_LOG(LS_ERROR) << "Not removing candidate because it does not have a " "transport name set: " - << cand.ToString(); + << cand.ToSensitiveString(); } }