admin/webrtc_m130
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Make requesting SDES available only on Fuchsia builds

Browse Source 
Bug: webrtc:11066
Change-Id: I0707cf63064830a55db31e883dc7b15aa675950b
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/257900
Reviewed-by: Henrik Boström <hbos@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#36438}
This commit is contained in:
Harald Alvestrand 2022-04-04 15:37:31 +00:00 committed by WebRTC LUCI CQ
parent 2f52f054f6
commit ca32793187
6 changed files with 21 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
api/peer_connection_interface.h
View File

@ -457,11 +457,14 @@ class RTC_EXPORT PeerConnectionInterface : public rtc::RefCountInterface {
// Use new combined audio/video bandwidth estimation? // Use new combined audio/video bandwidth estimation?
absl::optional<bool> combined_audio_video_bwe; absl::optional<bool> combined_audio_video_bwe;
#if defined(WEBRTC_FUCHSIA)
// TODO(bugs.webrtc.org/11066): Remove entirely once Fuchsia does not use.
// TODO(bugs.webrtc.org/9891) - Move to crypto_options // TODO(bugs.webrtc.org/9891) - Move to crypto_options
// Can be used to disable DTLS-SRTP. This should never be done, but can be // Can be used to disable DTLS-SRTP. This should never be done, but can be
// useful for testing purposes, for example in setting up a loopback call // useful for testing purposes, for example in setting up a loopback call
// with a single PeerConnection. // with a single PeerConnection.
absl::optional<bool> enable_dtls_srtp; absl::optional<bool> enable_dtls_srtp;
#endif
///////////////////////////////////////////////// /////////////////////////////////////////////////
// The below fields are not part of the standard. // The below fields are not part of the standard.

8
pc/peer_connection.cc
View File

@ -280,8 +280,12 @@ bool DtlsEnabled(const PeerConnectionInterface::RTCConfiguration& configuration,
bool default_enabled = bool default_enabled =
(dependencies.cert_generator || !configuration.certificates.empty()); (dependencies.cert_generator || !configuration.certificates.empty());
#if defined(WEBRTC_FUCHSIA)
// The `configuration` can override the default value. // The `configuration` can override the default value.
return configuration.enable_dtls_srtp.value_or(default_enabled); return configuration.enable_dtls_srtp.value_or(default_enabled);
#else
return default_enabled;
#endif
} }
} // namespace } // namespace
@ -303,7 +307,9 @@ bool PeerConnectionInterface::RTCConfiguration::operator==(
bool disable_link_local_networks; bool disable_link_local_networks;
absl::optional<int> screencast_min_bitrate; absl::optional<int> screencast_min_bitrate;
absl::optional<bool> combined_audio_video_bwe; absl::optional<bool> combined_audio_video_bwe;
#if defined(WEBRTC_FUCHSIA)
absl::optional<bool> enable_dtls_srtp; absl::optional<bool> enable_dtls_srtp;
#endif
TcpCandidatePolicy tcp_candidate_policy; TcpCandidatePolicy tcp_candidate_policy;
CandidateNetworkPolicy candidate_network_policy; CandidateNetworkPolicy candidate_network_policy;
int audio_jitter_buffer_max_packets; int audio_jitter_buffer_max_packets;
@ -372,7 +378,9 @@ bool PeerConnectionInterface::RTCConfiguration::operator==(
disable_link_local_networks == o.disable_link_local_networks && disable_link_local_networks == o.disable_link_local_networks &&
screencast_min_bitrate == o.screencast_min_bitrate && screencast_min_bitrate == o.screencast_min_bitrate &&
combined_audio_video_bwe == o.combined_audio_video_bwe && combined_audio_video_bwe == o.combined_audio_video_bwe &&
#if defined(WEBRTC_FUCHSIA)
enable_dtls_srtp == o.enable_dtls_srtp && enable_dtls_srtp == o.enable_dtls_srtp &&
#endif
ice_candidate_pool_size == o.ice_candidate_pool_size && ice_candidate_pool_size == o.ice_candidate_pool_size &&
prune_turn_ports == o.prune_turn_ports && prune_turn_ports == o.prune_turn_ports &&
turn_port_prune_policy == o.turn_port_prune_policy && turn_port_prune_policy == o.turn_port_prune_policy &&

17
pc/peer_connection_crypto_unittest.cc
View File

@ -211,7 +211,6 @@ SdpContentMutator RemoveDtlsFingerprint() {
// no SDES cryptos. // no SDES cryptos.
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsEnabled) { TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsEnabled) {
RTCConfiguration config; RTCConfiguration config;
config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config); auto caller = CreatePeerConnectionWithAudioVideo(config);
auto offer = caller->CreateOffer(); auto offer = caller->CreateOffer();
@ -225,7 +224,6 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsEnabled) {
} }
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsEnabled) { TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsEnabled) {
RTCConfiguration config; RTCConfiguration config;
config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config); auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config);
@ -240,6 +238,7 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsEnabled) {
answer->description())); answer->description()));
} }
#if defined(WEBRTC_FUCHSIA)
// When DTLS is disabled, the SDP offer/answer should include SDES cryptos and // When DTLS is disabled, the SDP offer/answer should include SDES cryptos and
// should not have a DTLS fingerprint. // should not have a DTLS fingerprint.
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsDisabled) { TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsDisabled) {
@ -256,6 +255,7 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsDisabled) {
EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolSavpf), EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolSavpf),
offer->description())); offer->description()));
} }
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsDisabled) { TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsDisabled) {
RTCConfiguration config; RTCConfiguration config;
config.enable_dtls_srtp.emplace(false); config.enable_dtls_srtp.emplace(false);
@ -293,6 +293,7 @@ TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenEncryptionDisabled) {
EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolAvpf), EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolAvpf),
offer->description())); offer->description()));
} }
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenEncryptionDisabled) { TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenEncryptionDisabled) {
PeerConnectionFactoryInterface::Options options; PeerConnectionFactoryInterface::Options options;
options.disable_encryption = true; options.disable_encryption = true;
@ -462,13 +463,13 @@ TEST_P(PeerConnectionCryptoTest, FailToSetRemoteAnswerWithNoCryptosWhenSdesOn) {
EXPECT_FALSE(caller->SetRemoteDescription(std::move(answer))); EXPECT_FALSE(caller->SetRemoteDescription(std::move(answer)));
} }
#endif
// The following group tests that two PeerConnections can successfully exchange // The following group tests that two PeerConnections can successfully exchange
// an offer/answer when DTLS is on and that they will refuse any offer/answer // an offer/answer when DTLS is on and that they will refuse any offer/answer
// applied locally/remotely if it does not include a DTLS fingerprint. // applied locally/remotely if it does not include a DTLS fingerprint.
TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenDtlsOn) { TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenDtlsOn) {
RTCConfiguration config; RTCConfiguration config;
config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config); auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config);
@ -483,7 +484,6 @@ TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenDtlsOn) {
TEST_P(PeerConnectionCryptoTest, TEST_P(PeerConnectionCryptoTest,
FailToSetLocalOfferWithNoFingerprintWhenDtlsOn) { FailToSetLocalOfferWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config; RTCConfiguration config;
config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config); auto caller = CreatePeerConnectionWithAudioVideo(config);
auto offer = caller->CreateOffer(); auto offer = caller->CreateOffer();
@ -494,7 +494,6 @@ TEST_P(PeerConnectionCryptoTest,
TEST_P(PeerConnectionCryptoTest, TEST_P(PeerConnectionCryptoTest,
FailToSetRemoteOfferWithNoFingerprintWhenDtlsOn) { FailToSetRemoteOfferWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config; RTCConfiguration config;
config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config); auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config);
@ -506,7 +505,6 @@ TEST_P(PeerConnectionCryptoTest,
TEST_P(PeerConnectionCryptoTest, TEST_P(PeerConnectionCryptoTest,
FailToSetLocalAnswerWithNoFingerprintWhenDtlsOn) { FailToSetLocalAnswerWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config; RTCConfiguration config;
config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config); auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config);
@ -517,7 +515,6 @@ TEST_P(PeerConnectionCryptoTest,
TEST_P(PeerConnectionCryptoTest, TEST_P(PeerConnectionCryptoTest,
FailToSetRemoteAnswerWithNoFingerprintWhenDtlsOn) { FailToSetRemoteAnswerWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config; RTCConfiguration config;
config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config); auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config); auto callee = CreatePeerConnectionWithAudioVideo(config);
@ -528,6 +525,7 @@ TEST_P(PeerConnectionCryptoTest,
EXPECT_FALSE(caller->SetRemoteDescription(std::move(answer))); EXPECT_FALSE(caller->SetRemoteDescription(std::move(answer)));
} }
#if defined(WEBRTC_FUCHSIA)
// Test that an offer/answer can be exchanged when encryption is disabled. // Test that an offer/answer can be exchanged when encryption is disabled.
TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenNoEncryption) { TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenNoEncryption) {
PeerConnectionFactoryInterface::Options options; PeerConnectionFactoryInterface::Options options;
@ -547,19 +545,18 @@ TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenNoEncryption) {
ASSERT_TRUE(answer); ASSERT_TRUE(answer);
ASSERT_TRUE(caller->SetRemoteDescription(std::move(answer))); ASSERT_TRUE(caller->SetRemoteDescription(std::move(answer)));
} }
#endif
// Tests that a DTLS call can be established when the certificate is specified // Tests that a DTLS call can be established when the certificate is specified
// in the PeerConnection config and no certificate generator is specified. // in the PeerConnection config and no certificate generator is specified.
TEST_P(PeerConnectionCryptoTest, TEST_P(PeerConnectionCryptoTest,
ExchangeOfferAnswerWhenDtlsCertificateInConfig) { ExchangeOfferAnswerWhenDtlsCertificateInConfig) {
RTCConfiguration caller_config; RTCConfiguration caller_config;
caller_config.enable_dtls_srtp.emplace(true);
caller_config.certificates.push_back( caller_config.certificates.push_back(
FakeRTCCertificateGenerator::GenerateCertificate()); FakeRTCCertificateGenerator::GenerateCertificate());
auto caller = CreatePeerConnectionWithAudioVideo(caller_config); auto caller = CreatePeerConnectionWithAudioVideo(caller_config);
RTCConfiguration callee_config; RTCConfiguration callee_config;
callee_config.enable_dtls_srtp.emplace(true);
callee_config.certificates.push_back( callee_config.certificates.push_back(
FakeRTCCertificateGenerator::GenerateCertificate()); FakeRTCCertificateGenerator::GenerateCertificate());
auto callee = CreatePeerConnectionWithAudioVideo(callee_config); auto callee = CreatePeerConnectionWithAudioVideo(callee_config);
@ -630,7 +627,6 @@ class PeerConnectionCryptoDtlsCertGenTest
TEST_P(PeerConnectionCryptoDtlsCertGenTest, TestCertificateGeneration) { TEST_P(PeerConnectionCryptoDtlsCertGenTest, TestCertificateGeneration) {
RTCConfiguration config; RTCConfiguration config;
config.enable_dtls_srtp.emplace(true);
auto owned_fake_certificate_generator = auto owned_fake_certificate_generator =
std::make_unique<FakeRTCCertificateGenerator>(); std::make_unique<FakeRTCCertificateGenerator>();
auto* fake_certificate_generator = owned_fake_certificate_generator.get(); auto* fake_certificate_generator = owned_fake_certificate_generator.get();
@ -754,7 +750,6 @@ TEST_P(PeerConnectionCryptoTest, SessionErrorIfFingerprintInvalid) {
auto caller = CreatePeerConnectionWithAudioVideo(); auto caller = CreatePeerConnectionWithAudioVideo();
RTCConfiguration callee_config; RTCConfiguration callee_config;
callee_config.enable_dtls_srtp.emplace(true);
callee_config.certificates.push_back(callee_certificate); callee_config.certificates.push_back(callee_certificate);
auto callee = CreatePeerConnectionWithAudioVideo(callee_config); auto callee = CreatePeerConnectionWithAudioVideo(callee_config);

2
pc/peer_connection_end_to_end_unittest.cc
View File

@ -396,6 +396,7 @@ TEST_P(PeerConnectionEndToEndTest, Call) {
WaitForCallEstablished(); WaitForCallEstablished();
} }
#if defined(IS_FUCHSIA)
TEST_P(PeerConnectionEndToEndTest, CallWithSdesKeyNegotiation) { TEST_P(PeerConnectionEndToEndTest, CallWithSdesKeyNegotiation) {
config_.enable_dtls_srtp = false; config_.enable_dtls_srtp = false;
CreatePcs(webrtc::CreateOpusAudioEncoderFactory(), CreatePcs(webrtc::CreateOpusAudioEncoderFactory(),
@ -404,6 +405,7 @@ TEST_P(PeerConnectionEndToEndTest, CallWithSdesKeyNegotiation) {
Negotiate(); Negotiate();
WaitForCallEstablished(); WaitForCallEstablished();
} }
#endif
TEST_P(PeerConnectionEndToEndTest, CallWithCustomCodec) { TEST_P(PeerConnectionEndToEndTest, CallWithCustomCodec) {
class IdLoggingAudioEncoderFactory : public webrtc::AudioEncoderFactory { class IdLoggingAudioEncoderFactory : public webrtc::AudioEncoderFactory {

2
pc/peer_connection_integrationtest.cc
View File

@ -269,6 +269,7 @@ TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithDtls) {
webrtc::kEnumCounterKeyProtocolSdes)); webrtc::kEnumCounterKeyProtocolSdes));
} }
#if defined(WEBRTC_FUCHSIA)
// Uses SDES instead of DTLS for key agreement. // Uses SDES instead of DTLS for key agreement.
TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithSdes) { TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithSdes) {
PeerConnectionInterface::RTCConfiguration sdes_config; PeerConnectionInterface::RTCConfiguration sdes_config;
@ -292,6 +293,7 @@ TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithSdes) {
0, webrtc::metrics::NumEvents("WebRTC.PeerConnection.KeyProtocol", 0, webrtc::metrics::NumEvents("WebRTC.PeerConnection.KeyProtocol",
webrtc::kEnumCounterKeyProtocolDtls)); webrtc::kEnumCounterKeyProtocolDtls));
} }
#endif
// Basic end-to-end test specifying the `enable_encrypted_rtp_header_extensions` // Basic end-to-end test specifying the `enable_encrypted_rtp_header_extensions`
// option to offer encrypted versions of all header extensions alongside the // option to offer encrypted versions of all header extensions alongside the

1
rtc_tools/data_channel_benchmark/peer_connection_client.cc
View File

@ -159,7 +159,6 @@ bool PeerConnectionClient::InitializePeerConnection(
server.urls.push_back(kStunServer); server.urls.push_back(kStunServer);
config.servers.push_back(server); config.servers.push_back(server);
config.sdp_semantics = webrtc::SdpSemantics::kUnifiedPlan; config.sdp_semantics = webrtc::SdpSemantics::kUnifiedPlan;
config.enable_dtls_srtp = true;
webrtc::PeerConnectionDependencies dependencies(this); webrtc::PeerConnectionDependencies dependencies(this);
auto result = auto result =