Allow port 53 as a TURN port.

Bug: webrtc:12581
Change-Id: Ib9ce6ad64c5a67ba3ebc6797b10164ff25bfbdec
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/211866
Reviewed-by: Jonas Oreland <jonaso@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#33462}

2 files changed, 13 insertions, 4 deletions

diff --git a/p2p/base/turn_port.cc b/p2p/base/turn_port.cc
index 0bcec2ce25..57de15e0b5 100644
--- a/p2p/base/turn_port.cc
+++ b/p2p/base/turn_port.cc
@@ -944,9 +944,9 @@ rtc::DiffServCodePoint TurnPort::StunDscpValue() const {
 
 // static
 bool TurnPort::AllowedTurnPort(int port) {
-  // Port 80 and 443 are used for existing deployments.
+  // Port 53, 80 and 443 are used for existing deployments.
   // Ports above 1024 are assumed to be OK to use.
-  if (port == 80 || port == 443 || port >= 1024) {
+  if (port == 53 || port == 80 || port == 443 || port >= 1024) {
     return true;
   }
   // Allow any port if relevant field trial is set. This allows disabling the
diff --git a/p2p/base/turn_port_unittest.cc b/p2p/base/turn_port_unittest.cc
index 67a54ee49f..5df9f67ef1 100644
--- a/p2p/base/turn_port_unittest.cc
+++ b/p2p/base/turn_port_unittest.cc
@@ -61,6 +61,8 @@ static const SocketAddress kTurnAlternateIntAddr("99.99.99.6",
                                                  cricket::TURN_SERVER_PORT);
 // Port for redirecting to a TCP Web server. Should not work.
 static const SocketAddress kTurnDangerousAddr("99.99.99.7", 81);
+// Port 53 (the DNS port); should work.
+static const SocketAddress kTurnPort53Addr("99.99.99.7", 53);
 // Port 80 (the HTTP port); should work.
 static const SocketAddress kTurnPort80Addr("99.99.99.7", 80);
 // Port 443 (the HTTPS port); should work.
@@ -105,6 +107,8 @@ static const cricket::ProtocolAddress kTurnUdpIPv6ProtoAddr(kTurnUdpIPv6IntAddr,
 static const cricket::ProtocolAddress kTurnDangerousProtoAddr(
     kTurnDangerousAddr,
     cricket::PROTO_TCP);
+static const cricket::ProtocolAddress kTurnPort53ProtoAddr(kTurnPort53Addr,
+                                                           cricket::PROTO_TCP);
 static const cricket::ProtocolAddress kTurnPort80ProtoAddr(kTurnPort80Addr,
                                                            cricket::PROTO_TCP);
 static const cricket::ProtocolAddress kTurnPort443ProtoAddr(kTurnPort443Addr,
@@ -1805,8 +1809,8 @@ TEST_F(TurnPortTest, TestTurnDangerousServer) {
   ASSERT_FALSE(turn_port_);
 }
 
-TEST_F(TurnPortTest, TestTurnDangerousServerPermits443) {
-  CreateTurnPort(kTurnUsername, kTurnPassword, kTurnPort443ProtoAddr);
+TEST_F(TurnPortTest, TestTurnDangerousServerPermits53) {
+  CreateTurnPort(kTurnUsername, kTurnPassword, kTurnPort53ProtoAddr);
   ASSERT_TRUE(turn_port_);
 }
 
@@ -1815,6 +1819,11 @@ TEST_F(TurnPortTest, TestTurnDangerousServerPermits80) {
   ASSERT_TRUE(turn_port_);
 }
 
+TEST_F(TurnPortTest, TestTurnDangerousServerPermits443) {
+  CreateTurnPort(kTurnUsername, kTurnPassword, kTurnPort443ProtoAddr);
+  ASSERT_TRUE(turn_port_);
+}
+
 TEST_F(TurnPortTest, TestTurnDangerousAlternateServer) {
   const ProtocolType protocol_type = PROTO_TCP;
   std::vector<rtc::SocketAddress> redirect_addresses;