admin/webrtc_m130
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

If SRTP sessions exist, don't create new ones when applying answer.

Browse Source 
Instead, call the "Update" methods of SrtpSession, which will just call
srtp_update, instead of wiping out the session state completely.

This was causing decryption to stop working when subsequent
offers/answers are applied. We don't know enough about SRTP to
understand the root cause, and I wasn't able to write an integration
test that reproduces the issue... But at least this fixes the bug that
can be reproduced reliably using Hangouts.

BUG=webrtc:8251

Review-Url: https://codereview.webrtc.org/3019443002
Cr-Commit-Position: refs/heads/master@{#19874}
This commit is contained in:
deadbeef 2017-09-15 17:52:36 -07:00 committed by Commit Bot
parent 1c5e6d0a3f
commit 5ada7acf60
1 changed files with 21 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
pc/srtptransport.cc
View File

@ -174,25 +174,42 @@ bool SrtpTransport::SetRtpParams(int send_cs,
int recv_cs, int recv_cs,
const uint8_t* recv_key, const uint8_t* recv_key,
int recv_key_len) { int recv_key_len) {
CreateSrtpSessions(); // If parameters are being set for the first time, we should create new SRTP
// sessions and call "SetSend/SetRecv". Otherwise we should call
// "UpdateSend"/"UpdateRecv" on the existing sessions, which will internally
// call "srtp_update".
bool new_sessions = false;
if (!send_session_) {
RTC_DCHECK(!recv_session_);
CreateSrtpSessions();
new_sessions = true;
}
send_session_->SetEncryptedHeaderExtensionIds( send_session_->SetEncryptedHeaderExtensionIds(
send_encrypted_header_extension_ids_); send_encrypted_header_extension_ids_);
if (external_auth_enabled_) { if (external_auth_enabled_) {
send_session_->EnableExternalAuth(); send_session_->EnableExternalAuth();
} }
if (!send_session_->SetSend(send_cs, send_key, send_key_len)) { bool ret = new_sessions
? send_session_->SetSend(send_cs, send_key, send_key_len)
: send_session_->UpdateSend(send_cs, send_key, send_key_len);
if (!ret) {
ResetParams(); ResetParams();
return false; return false;
} }
recv_session_->SetEncryptedHeaderExtensionIds( recv_session_->SetEncryptedHeaderExtensionIds(
recv_encrypted_header_extension_ids_); recv_encrypted_header_extension_ids_);
if (!recv_session_->SetRecv(recv_cs, recv_key, recv_key_len)) { ret = new_sessions
? recv_session_->SetRecv(recv_cs, recv_key, recv_key_len)
: recv_session_->UpdateRecv(recv_cs, recv_key, recv_key_len);
if (!ret) {
ResetParams(); ResetParams();
return false; return false;
} }
LOG(LS_INFO) << "SRTP activated with negotiated parameters:" LOG(LS_INFO) << "SRTP " << (new_sessions ? "updated" : "activated")
<< " with negotiated parameters:"
<< " send cipher_suite " << send_cs << " recv cipher_suite " << " send cipher_suite " << send_cs << " recv cipher_suite "
<< recv_cs; << recv_cs;
return true; return true;