Remove the support of fallback from DTLS to SDES.

The support of fallback from DTLS to SDES is removed in this CL.
Setting an SDP with both DTLS fingerprint and SDES crypto would fail.

BUG=webrtc:8266

Review-Url: https://codereview.webrtc.org/3011133002
Cr-Commit-Position: refs/heads/master@{#19903}

p2p/base/jseptransport.cc

@@ -330,12 +330,7 @@ bool JsepTransport::ApplyLocalTransportDescription(
     std::string* error_desc) {
   dtls_transport->ice_transport()->SetIceParameters(
       local_description_->GetIceParameters());
-  bool ret = true;
+  return true;
-  if (certificate_) {
-    ret = dtls_transport->SetLocalCertificate(certificate_);
-    RTC_DCHECK(ret);
-  }
-  return ret;
 }
 
 bool JsepTransport::ApplyRemoteTransportDescription(

p2p/base/transportcontroller.cc

@@ -257,6 +257,10 @@ DtlsTransportInternal* TransportController::CreateDtlsTransport_n(
   dtls->ice_transport()->SetIceRole(ice_role_);
   dtls->ice_transport()->SetIceTiebreaker(ice_tiebreaker_);
   dtls->ice_transport()->SetIceConfig(ice_config_);
+  if (certificate_) {
+    bool set_cert_success = dtls->SetLocalCertificate(certificate_);
+    RTC_DCHECK(set_cert_success);
+  }
 
   // Connect to signals offered by the channels. Currently, the DTLS channel
   // forwards signals from the ICE channel, so we only need to connect to the
@@ -535,12 +539,15 @@ bool TransportController::SetLocalCertificate_n(
   certificate_ = certificate;
 
   // Set certificate for JsepTransport, which verifies it matches the
-  // fingerprint in SDP, and only applies it to the DTLS transport if a
+  // fingerprint in SDP, and DTLS transport.
-  // fingerprint attribute is present in SDP. This is used for fallback from
+  // Fallback from DTLS to SDES is not supported.
-  // DTLS to SDES.
   for (auto& kv : transports_) {
     kv.second->SetLocalCertificate(certificate_);
   }
+  for (auto& channel : channels_) {
+    bool set_cert_success = channel->dtls()->SetLocalCertificate(certificate_);
+    RTC_DCHECK(set_cert_success);
+  }
   return true;
 }
 

p2p/base/transportdescriptionfactory.cc

@@ -119,20 +119,6 @@ bool TransportDescriptionFactory::SetSecurityInfo(
   if (!desc->identity_fingerprint) {
     return false;
   }
-  std::string digest_alg;
-  if (!certificate_->ssl_certificate().GetSignatureDigestAlgorithm(
-          &digest_alg)) {
-    LOG(LS_ERROR) << "Failed to retrieve the certificate's digest algorithm";
-    return false;
-  }
-
-  desc->identity_fingerprint.reset(
-      rtc::SSLFingerprint::Create(digest_alg, certificate_->identity()));
-  if (!desc->identity_fingerprint.get()) {
-    LOG(LS_ERROR) << "Failed to create identity fingerprint, alg="
-                  << digest_alg;
-    return false;
-  }
 
   // Assign security role.
   desc->connection_role = role;

pc/peerconnectioninterface_unittest.cc

@@ -2249,10 +2249,10 @@ TEST_F(PeerConnectionInterfaceTest, ReceiveFireFoxOffer) {
 #endif
 }
 
-// Test that an offer can be received which offers DTLS with SDES fallback.
+// Test that fallback from DTLS to SDES is not supported.
-// Regression test for issue:
+// The fallback was previously supported but was removed to simplify the code
-// https://bugs.chromium.org/p/webrtc/issues/detail?id=6972
+// and because it's non-standard.
-TEST_F(PeerConnectionInterfaceTest, ReceiveDtlsSdesFallbackOffer) {
+TEST_F(PeerConnectionInterfaceTest, DtlsSdesFallbackNotSupported) {
   FakeConstraints constraints;
   constraints.AddMandatory(webrtc::MediaConstraintsInterface::kEnableDtlsSrtp,
                            true);
@@ -2266,8 +2266,7 @@ TEST_F(PeerConnectionInterfaceTest, ReceiveDtlsSdesFallbackOffer) {
   std::unique_ptr<SessionDescriptionInterface> desc(
       webrtc::CreateSessionDescription(SessionDescriptionInterface::kOffer,
                                        kDtlsSdesFallbackSdp, nullptr));
-  EXPECT_TRUE(DoSetSessionDescription(std::move(desc), false));
+  EXPECT_FALSE(DoSetSessionDescription(std::move(desc), false));
-  CreateAnswerAsLocalDescription();
 }
 
 // Test that we can create an audio only offer and receive an answer with a