If SRTP sessions exist, don't create new ones when applying answer.

Instead, call the "Update" methods of SrtpSession, which will just call srtp_update, instead of wiping out the session state completely. This was causing decryption to stop working when subsequent offers/answers are applied. We don't know enough about SRTP to understand the root cause, and I wasn't able to write an integration test that reproduces the issue... But at least this fixes the bug that can be reproduced reliably using Hangouts. BUG=webrtc:8251 Review-Url: https://codereview.webrtc.org/3019443002 Cr-Commit-Position: refs/heads/master@{#19874}
2017-09-15 17:52:36 -07:00 · 2017-09-15 17:52:36 -07:00 · 5ada7acf60
commit 5ada7acf60
parent 1c5e6d0a3f
1 changed files with 21 additions and 4 deletions
--- a/pc/srtptransport.cc
+++ b/pc/srtptransport.cc
@ -174,25 +174,42 @@ bool SrtpTransport::SetRtpParams(int send_cs,
                                 int recv_cs,
                                 const uint8_t* recv_key,
                                 int recv_key_len) {
-  CreateSrtpSessions();
+  // If parameters are being set for the first time, we should create new SRTP
+  // sessions and call "SetSend/SetRecv". Otherwise we should call
+  // "UpdateSend"/"UpdateRecv" on the existing sessions, which will internally
+  // call "srtp_update".
+  bool new_sessions = false;
+  if (!send_session_) {
+    RTC_DCHECK(!recv_session_);
+    CreateSrtpSessions();
+    new_sessions = true;
+  }
+
  send_session_->SetEncryptedHeaderExtensionIds(
      send_encrypted_header_extension_ids_);
  if (external_auth_enabled_) {
    send_session_->EnableExternalAuth();
  }
-  if (!send_session_->SetSend(send_cs, send_key, send_key_len)) {
+  bool ret = new_sessions
+                 ? send_session_->SetSend(send_cs, send_key, send_key_len)
+                 : send_session_->UpdateSend(send_cs, send_key, send_key_len);
+  if (!ret) {
    ResetParams();
    return false;
  }

  recv_session_->SetEncryptedHeaderExtensionIds(
      recv_encrypted_header_extension_ids_);
-  if (!recv_session_->SetRecv(recv_cs, recv_key, recv_key_len)) {
+  ret = new_sessions
+            ? recv_session_->SetRecv(recv_cs, recv_key, recv_key_len)
+            : recv_session_->UpdateRecv(recv_cs, recv_key, recv_key_len);
+  if (!ret) {
    ResetParams();
    return false;
  }

-  LOG(LS_INFO) << "SRTP activated with negotiated parameters:"
+  LOG(LS_INFO) << "SRTP " << (new_sessions ? "updated" : "activated")
+               << " with negotiated parameters:"
               << " send cipher_suite " << send_cs << " recv cipher_suite "
               << recv_cs;
  return true;