[webrtc-pc] disallow pairing ice-tcp candidates with local ip addresses (#2465)

fippo has just created a new issue for https://github.com/w3c/webrtc-pc:

== disallow pairing ice-tcp candidates with local ip addresses ==
After reading [the post about using onicecandidateerror for portscanning](https://medium.com/tenable-techblog/using-webrtc-ice-servers-for-port-scanning-in-chrome-ce17b19dd474) (see also #2426) I wondered if ICE-TCP can be used to detect whether a TCP port is open as well.
It is possible (in Chrome) even if the remote port never responds to any stun requests.

With @alvestrand's help I've just landed a change in chrome/webrtc.org that disallows pairing with an ICE-TCP candidate that has a local IP address:
It seems unlikely that ICE-TCP is used often on the local network (which would imply UDP is blocked) but if you know cases where this would now be broken please holler.

We'll also need some text in the security considerations.

Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/2465 using your GitHub account

Received on Wednesday, 5 February 2020 19:07:25 UTC