diff --git a/api/peer_connection_interface.h b/api/peer_connection_interface.h index 2f8e401572..a9026d984e 100644 --- a/api/peer_connection_interface.h +++ b/api/peer_connection_interface.h @@ -457,11 +457,14 @@ class RTC_EXPORT PeerConnectionInterface : public rtc::RefCountInterface { // Use new combined audio/video bandwidth estimation? absl::optional combined_audio_video_bwe; +#if defined(WEBRTC_FUCHSIA) + // TODO(bugs.webrtc.org/11066): Remove entirely once Fuchsia does not use. // TODO(bugs.webrtc.org/9891) - Move to crypto_options // Can be used to disable DTLS-SRTP. This should never be done, but can be // useful for testing purposes, for example in setting up a loopback call // with a single PeerConnection. absl::optional enable_dtls_srtp; +#endif ///////////////////////////////////////////////// // The below fields are not part of the standard. diff --git a/pc/peer_connection.cc b/pc/peer_connection.cc index e5a83b0a18..1a17fd4368 100644 --- a/pc/peer_connection.cc +++ b/pc/peer_connection.cc @@ -280,8 +280,12 @@ bool DtlsEnabled(const PeerConnectionInterface::RTCConfiguration& configuration, bool default_enabled = (dependencies.cert_generator || !configuration.certificates.empty()); +#if defined(WEBRTC_FUCHSIA) // The `configuration` can override the default value. return configuration.enable_dtls_srtp.value_or(default_enabled); +#else + return default_enabled; +#endif } } // namespace @@ -303,7 +307,9 @@ bool PeerConnectionInterface::RTCConfiguration::operator==( bool disable_link_local_networks; absl::optional screencast_min_bitrate; absl::optional combined_audio_video_bwe; +#if defined(WEBRTC_FUCHSIA) absl::optional enable_dtls_srtp; +#endif TcpCandidatePolicy tcp_candidate_policy; CandidateNetworkPolicy candidate_network_policy; int audio_jitter_buffer_max_packets; @@ -372,7 +378,9 @@ bool PeerConnectionInterface::RTCConfiguration::operator==( disable_link_local_networks == o.disable_link_local_networks && screencast_min_bitrate == o.screencast_min_bitrate && combined_audio_video_bwe == o.combined_audio_video_bwe && +#if defined(WEBRTC_FUCHSIA) enable_dtls_srtp == o.enable_dtls_srtp && +#endif ice_candidate_pool_size == o.ice_candidate_pool_size && prune_turn_ports == o.prune_turn_ports && turn_port_prune_policy == o.turn_port_prune_policy && diff --git a/pc/peer_connection_crypto_unittest.cc b/pc/peer_connection_crypto_unittest.cc index 1741b99289..9c9e9b6c55 100644 --- a/pc/peer_connection_crypto_unittest.cc +++ b/pc/peer_connection_crypto_unittest.cc @@ -211,7 +211,6 @@ SdpContentMutator RemoveDtlsFingerprint() { // no SDES cryptos. TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsEnabled) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto offer = caller->CreateOffer(); @@ -225,7 +224,6 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsEnabled) { } TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsEnabled) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -240,6 +238,7 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsEnabled) { answer->description())); } +#if defined(WEBRTC_FUCHSIA) // When DTLS is disabled, the SDP offer/answer should include SDES cryptos and // should not have a DTLS fingerprint. TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsDisabled) { @@ -256,6 +255,7 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsDisabled) { EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolSavpf), offer->description())); } + TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsDisabled) { RTCConfiguration config; config.enable_dtls_srtp.emplace(false); @@ -293,6 +293,7 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenEncryptionDisabled) { EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolAvpf), offer->description())); } + TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenEncryptionDisabled) { PeerConnectionFactoryInterface::Options options; options.disable_encryption = true; @@ -462,13 +463,13 @@ TEST_P(PeerConnectionCryptoTest, FailToSetRemoteAnswerWithNoCryptosWhenSdesOn) { EXPECT_FALSE(caller->SetRemoteDescription(std::move(answer))); } +#endif // The following group tests that two PeerConnections can successfully exchange // an offer/answer when DTLS is on and that they will refuse any offer/answer // applied locally/remotely if it does not include a DTLS fingerprint. TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenDtlsOn) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -483,7 +484,6 @@ TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenDtlsOn) { TEST_P(PeerConnectionCryptoTest, FailToSetLocalOfferWithNoFingerprintWhenDtlsOn) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto offer = caller->CreateOffer(); @@ -494,7 +494,6 @@ TEST_P(PeerConnectionCryptoTest, TEST_P(PeerConnectionCryptoTest, FailToSetRemoteOfferWithNoFingerprintWhenDtlsOn) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -506,7 +505,6 @@ TEST_P(PeerConnectionCryptoTest, TEST_P(PeerConnectionCryptoTest, FailToSetLocalAnswerWithNoFingerprintWhenDtlsOn) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -517,7 +515,6 @@ TEST_P(PeerConnectionCryptoTest, TEST_P(PeerConnectionCryptoTest, FailToSetRemoteAnswerWithNoFingerprintWhenDtlsOn) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto caller = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config); @@ -528,6 +525,7 @@ TEST_P(PeerConnectionCryptoTest, EXPECT_FALSE(caller->SetRemoteDescription(std::move(answer))); } +#if defined(WEBRTC_FUCHSIA) // Test that an offer/answer can be exchanged when encryption is disabled. TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenNoEncryption) { PeerConnectionFactoryInterface::Options options; @@ -547,19 +545,18 @@ TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenNoEncryption) { ASSERT_TRUE(answer); ASSERT_TRUE(caller->SetRemoteDescription(std::move(answer))); } +#endif // Tests that a DTLS call can be established when the certificate is specified // in the PeerConnection config and no certificate generator is specified. TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenDtlsCertificateInConfig) { RTCConfiguration caller_config; - caller_config.enable_dtls_srtp.emplace(true); caller_config.certificates.push_back( FakeRTCCertificateGenerator::GenerateCertificate()); auto caller = CreatePeerConnectionWithAudioVideo(caller_config); RTCConfiguration callee_config; - callee_config.enable_dtls_srtp.emplace(true); callee_config.certificates.push_back( FakeRTCCertificateGenerator::GenerateCertificate()); auto callee = CreatePeerConnectionWithAudioVideo(callee_config); @@ -630,7 +627,6 @@ class PeerConnectionCryptoDtlsCertGenTest TEST_P(PeerConnectionCryptoDtlsCertGenTest, TestCertificateGeneration) { RTCConfiguration config; - config.enable_dtls_srtp.emplace(true); auto owned_fake_certificate_generator = std::make_unique(); auto* fake_certificate_generator = owned_fake_certificate_generator.get(); @@ -754,7 +750,6 @@ TEST_P(PeerConnectionCryptoTest, SessionErrorIfFingerprintInvalid) { auto caller = CreatePeerConnectionWithAudioVideo(); RTCConfiguration callee_config; - callee_config.enable_dtls_srtp.emplace(true); callee_config.certificates.push_back(callee_certificate); auto callee = CreatePeerConnectionWithAudioVideo(callee_config); diff --git a/pc/peer_connection_end_to_end_unittest.cc b/pc/peer_connection_end_to_end_unittest.cc index 78dcda3202..6498be5e00 100644 --- a/pc/peer_connection_end_to_end_unittest.cc +++ b/pc/peer_connection_end_to_end_unittest.cc @@ -396,6 +396,7 @@ TEST_P(PeerConnectionEndToEndTest, Call) { WaitForCallEstablished(); } +#if defined(IS_FUCHSIA) TEST_P(PeerConnectionEndToEndTest, CallWithSdesKeyNegotiation) { config_.enable_dtls_srtp = false; CreatePcs(webrtc::CreateOpusAudioEncoderFactory(), @@ -404,6 +405,7 @@ TEST_P(PeerConnectionEndToEndTest, CallWithSdesKeyNegotiation) { Negotiate(); WaitForCallEstablished(); } +#endif TEST_P(PeerConnectionEndToEndTest, CallWithCustomCodec) { class IdLoggingAudioEncoderFactory : public webrtc::AudioEncoderFactory { diff --git a/pc/peer_connection_integrationtest.cc b/pc/peer_connection_integrationtest.cc index 1e17fa1869..f2e4b1d525 100644 --- a/pc/peer_connection_integrationtest.cc +++ b/pc/peer_connection_integrationtest.cc @@ -269,6 +269,7 @@ TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithDtls) { webrtc::kEnumCounterKeyProtocolSdes)); } +#if defined(WEBRTC_FUCHSIA) // Uses SDES instead of DTLS for key agreement. TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithSdes) { PeerConnectionInterface::RTCConfiguration sdes_config; @@ -292,6 +293,7 @@ TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithSdes) { 0, webrtc::metrics::NumEvents("WebRTC.PeerConnection.KeyProtocol", webrtc::kEnumCounterKeyProtocolDtls)); } +#endif // Basic end-to-end test specifying the `enable_encrypted_rtp_header_extensions` // option to offer encrypted versions of all header extensions alongside the diff --git a/rtc_tools/data_channel_benchmark/peer_connection_client.cc b/rtc_tools/data_channel_benchmark/peer_connection_client.cc index 6d2ee8101d..cd02e7118a 100644 --- a/rtc_tools/data_channel_benchmark/peer_connection_client.cc +++ b/rtc_tools/data_channel_benchmark/peer_connection_client.cc @@ -159,7 +159,6 @@ bool PeerConnectionClient::InitializePeerConnection( server.urls.push_back(kStunServer); config.servers.push_back(server); config.sdp_semantics = webrtc::SdpSemantics::kUnifiedPlan; - config.enable_dtls_srtp = true; webrtc::PeerConnectionDependencies dependencies(this); auto result =