Allow remote fingerprint update during a call

talk/session/media/channel.cc

 /*
  * libjingle
  * Copyright 2004 Google Inc.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
  *
  *  1. Redistributions of source code must retain the above copyright notice,
  *     this list of conditions and the following disclaimer.
  *  2. Redistributions in binary form must reproduce the above copyright notice,
@@ skipping 155 matching lines @@
                          TransportController* transport_controller,
                          const std::string& content_name,
                          bool rtcp)
     : worker_thread_(thread),
       transport_controller_(transport_controller),
       media_channel_(media_channel),
       content_name_(content_name),
       rtcp_transport_enabled_(rtcp),
       transport_channel_(nullptr),
       rtcp_transport_channel_(nullptr),
+      srtp_filter_(new SrtpFilter()),
       enabled_(false),
       writable_(false),
       rtp_ready_to_send_(false),
       rtcp_ready_to_send_(false),
       was_ever_writable_(false),
       local_content_direction_(MD_INACTIVE),
       remote_content_direction_(MD_INACTIVE),
       has_received_packet_(false),
       dtls_keyed_(false),
       secure_required_(false),
@@ skipping 143 matching lines @@
   UpdateWritableState_w();
   SetReadyToSend(true, new_tc && new_tc->writable());
 }
 
 void BaseChannel::ConnectToTransportChannel(TransportChannel* tc) {
   ASSERT(worker_thread_ == rtc::Thread::Current());
 
   tc->SignalWritableState.connect(this, &BaseChannel::OnWritableState);
   tc->SignalReadPacket.connect(this, &BaseChannel::OnChannelRead);
   tc->SignalReadyToSend.connect(this, &BaseChannel::OnReadyToSend);
+  tc->SignalDtlsSrtpSetup.connect(this, &BaseChannel::OnDtlsSrtpSetup);
 }
 
 void BaseChannel::DisconnectFromTransportChannel(TransportChannel* tc) {
   ASSERT(worker_thread_ == rtc::Thread::Current());
 
   tc->SignalWritableState.disconnect(this);
   tc->SignalReadPacket.disconnect(this);
   tc->SignalReadyToSend.disconnect(this);
 }
 
@@ skipping 60 matching lines @@
 }
 
 bool BaseChannel::IsReadyToReceive() const {
   // Receive data if we are enabled and have local content,
   return enabled() && IsReceiveContentDirection(local_content_direction_);
 }
 
 bool BaseChannel::IsReadyToSend() const {
   // Send outgoing data if we are enabled, have local and remote content,
   // and we have had some form of connectivity.
-  return enabled() &&
-         IsReceiveContentDirection(remote_content_direction_) &&
+  return enabled() && IsReceiveContentDirection(remote_content_direction_) &&
          IsSendContentDirection(local_content_direction_) &&
          was_ever_writable();
 }
 
 bool BaseChannel::SendPacket(rtc::Buffer* packet,
                              const rtc::PacketOptions& options) {
   return SendPacket(false, packet, options);
 }
 
 bool BaseChannel::SendRtcp(rtc::Buffer* packet,
@@ skipping 36 matching lines @@
   bool rtcp = PacketIsRtcp(channel, data, len);
   rtc::Buffer packet(data, len);
   HandlePacket(rtcp, &packet, packet_time);
 }
 
 void BaseChannel::OnReadyToSend(TransportChannel* channel) {
   ASSERT(channel == transport_channel_ || channel == rtcp_transport_channel_);
   SetReadyToSend(channel == rtcp_transport_channel_, true);
 }
 
+void BaseChannel::OnDtlsSrtpSetup(TransportChannel* channel) {

[pthatcher1, 2015/11/18 20:42:43]

Since this will be fired on the worker thread, we might want to put an "_w" on
the end.

+  // When the channel signals the DTLS-SRTP has been setup, set the
+  // |was_ever_writable| to false, allowing re-setup SRTP here.
+  LOG(LS_INFO) << "TransportChannel has DTLS-SRTP set up.";
+  was_ever_writable_ = false;

[pthatcher1, 2015/11/18 20:42:43]

That's not what "was ever writable" means.  It it was ever writable, you can't
go back to not ever being writable.

Why not just do "srtp_filter_.reset(new SrtpFilter());" right here and then wait
until it's writable before setting up the keys?  

In fact, it might make sense to leave it null when it's not setup, and then do
srtp_filter_.release() right here and then check for null in ChannelWritable_w()
to see if it should be setup again.

Now that I think about it, that probably makes the most sense because then all
the places where we would use srtp_filter_, we can check to see if it's null,
and if it is, that's when we can drop a packet because we can't decrypt it.

+}
+
 void BaseChannel::SetReadyToSend(bool rtcp, bool ready) {
   if (rtcp) {
     rtcp_ready_to_send_ = ready;
   } else {
     rtp_ready_to_send_ = ready;
   }
 
   if (rtp_ready_to_send_ &&
       // In the case of rtcp mux |rtcp_transport_channel_| will be null.
       (rtcp_ready_to_send_ || !rtcp_transport_channel_)) {
@@ skipping 45 matching lines @@
   if (!ValidPacket(rtcp, packet)) {
     LOG(LS_ERROR) << "Dropping outgoing " << content_name_ << " "
                   << PacketType(rtcp)
                   << " packet: wrong size=" << packet->size();
     return false;
   }
 
   rtc::PacketOptions updated_options;
   updated_options = options;
   // Protect if needed.
-  if (srtp_filter_.IsActive()) {
+  if (srtp_filter_->IsActive()) {
     bool res;
     uint8_t* data = packet->data();
     int len = static_cast<int>(packet->size());
     if (!rtcp) {
     // If ENABLE_EXTERNAL_AUTH flag is on then packet authentication is not done
     // inside libsrtp for a RTP packet. A external HMAC module will be writing
     // a fake HMAC value. This is ONLY done for a RTP packet.
     // Socket layer will update rtp sendtime extension header if present in
     // packet with current time before updating the HMAC.
 #if !defined(ENABLE_EXTERNAL_AUTH)
-      res = srtp_filter_.ProtectRtp(
+      res = srtp_filter_->ProtectRtp(
           data, len, static_cast<int>(packet->capacity()), &len);
 #else
       updated_options.packet_time_params.rtp_sendtime_extension_id =
           rtp_abs_sendtime_extn_id_;
-      res = srtp_filter_.ProtectRtp(
+      res = srtp_filter_->ProtectRtp(
           data, len, static_cast<int>(packet->capacity()), &len,
           &updated_options.packet_time_params.srtp_packet_index);
       // If protection succeeds, let's get auth params from srtp.
       if (res) {
         uint8_t* auth_key = NULL;
         int key_len;
-        res = srtp_filter_.GetRtpAuthParams(
+        res = srtp_filter_->GetRtpAuthParams(
             &auth_key, &key_len,
             &updated_options.packet_time_params.srtp_auth_tag_len);
         if (res) {
           updated_options.packet_time_params.srtp_auth_key.resize(key_len);
           updated_options.packet_time_params.srtp_auth_key.assign(
               auth_key, auth_key + key_len);
         }
       }
 #endif
       if (!res) {
         int seq_num = -1;
         uint32_t ssrc = 0;
         GetRtpSeqNum(data, len, &seq_num);
         GetRtpSsrc(data, len, &ssrc);
         LOG(LS_ERROR) << "Failed to protect " << content_name_
                       << " RTP packet: size=" << len
                       << ", seqnum=" << seq_num << ", SSRC=" << ssrc;
         return false;
       }
     } else {
-      res = srtp_filter_.ProtectRtcp(data, len,
-                                     static_cast<int>(packet->capacity()),
-                                     &len);
+      res = srtp_filter_->ProtectRtcp(
+          data, len, static_cast<int>(packet->capacity()), &len);
       if (!res) {
         int type = -1;
         GetRtcpType(data, len, &type);
         LOG(LS_ERROR) << "Failed to protect " << content_name_
                       << " RTCP packet: size=" << len << ", type=" << type;
         return false;
       }
     }
 
     // Update the length of the packet now that we've added the auth tag.
@@ skipping 41 matching lines @@
   }
 
   // We are only interested in the first rtp packet because that
   // indicates the media has started flowing.
   if (!has_received_packet_ && !rtcp) {
     has_received_packet_ = true;
     signaling_thread()->Post(this, MSG_FIRSTPACKETRECEIVED);
   }
 
   // Unprotect the packet, if needed.
-  if (srtp_filter_.IsActive()) {
+  if (srtp_filter_->IsActive()) {
     char* data = packet->data<char>();
     int len = static_cast<int>(packet->size());
     bool res;
     if (!rtcp) {
-      res = srtp_filter_.UnprotectRtp(data, len, &len);
+      res = srtp_filter_->UnprotectRtp(data, len, &len);
       if (!res) {
         int seq_num = -1;
         uint32_t ssrc = 0;
         GetRtpSeqNum(data, len, &seq_num);
         GetRtpSsrc(data, len, &ssrc);
         LOG(LS_ERROR) << "Failed to unprotect " << content_name_
                       << " RTP packet: size=" << len
                       << ", seqnum=" << seq_num << ", SSRC=" << ssrc;
         return;
       }
     } else {
-      res = srtp_filter_.UnprotectRtcp(data, len, &len);
+      res = srtp_filter_->UnprotectRtcp(data, len, &len);
       if (!res) {
         int type = -1;
         GetRtcpType(data, len, &type);
         LOG(LS_ERROR) << "Failed to unprotect " << content_name_
                       << " RTCP packet: size=" << len << ", type=" << type;
         return;
       }
     }
 
     packet->SetSize(len);
@@ skipping 91 matching lines @@
   for (std::vector<ConnectionInfo>::const_iterator it = infos.begin();
        it != infos.end(); ++it) {
     if (it->best_connection) {
       LOG(LS_INFO) << "Using " << it->local_candidate.ToSensitiveString()
                    << "->" << it->remote_candidate.ToSensitiveString();
       break;
     }
   }
 
   // If we're doing DTLS-SRTP, now is the time.
-  if (!was_ever_writable_ && ShouldSetupDtlsSrtp()) {
+  if (!was_ever_writable_ && ShouldSetupDtlsSrtp() && IsUsingDtlsSrtp()) {
+    // If we're using DTLS-SRTP, instead of resetting the SRTP context, just
+    // recreate a SRTP context.
+    srtp_filter_.reset(new SrtpFilter());
+
     if (!SetupDtlsSrtp(false)) {
       SignalDtlsSetupFailure_w(false);
       return;
     }
 
     if (rtcp_transport_channel_) {
       if (!SetupDtlsSrtp(true)) {
         SignalDtlsSetupFailure_w(true);
         return;
       }
@@ skipping 25 matching lines @@
   } else {
     GetDefaultSrtpCryptoSuiteNames(&ciphers);
   }
   return tc->SetSrtpCiphers(ciphers);
 }
 
 bool BaseChannel::ShouldSetupDtlsSrtp() const {
   return true;
 }
 
+bool BaseChannel::IsUsingDtlsSrtp() const {
+  return (transport_channel_ && transport_channel_->IsDtlsActive()) ||
+         (rtcp_transport_channel_ && rtcp_transport_channel_->IsDtlsActive());
+}
+
 // This function returns true if either DTLS-SRTP is not in use
 // *or* DTLS-SRTP is successfully set up.
 bool BaseChannel::SetupDtlsSrtp(bool rtcp_channel) {
   bool ret = false;
 
   TransportChannel* channel =
       rtcp_channel ? rtcp_transport_channel_ : transport_channel_;
 
   // No DTLS
   if (!channel->IsDtlsActive())
@@ skipping 51 matching lines @@
 
   if (role == rtc::SSL_SERVER) {
     send_key = &server_write_key;
     recv_key = &client_write_key;
   } else {
     send_key = &client_write_key;
     recv_key = &server_write_key;
   }
 
   if (rtcp_channel) {
-    ret = srtp_filter_.SetRtcpParams(
-        selected_cipher,
-        &(*send_key)[0],
-        static_cast<int>(send_key->size()),
-        selected_cipher,
-        &(*recv_key)[0],
-        static_cast<int>(recv_key->size()));
+    ret = srtp_filter_->SetRtcpParams(
+        selected_cipher, &(*send_key)[0], static_cast<int>(send_key->size()),
+        selected_cipher, &(*recv_key)[0], static_cast<int>(recv_key->size()));
   } else {
-    ret = srtp_filter_.SetRtpParams(
-        selected_cipher,
-        &(*send_key)[0],
-        static_cast<int>(send_key->size()),
-        selected_cipher,
-        &(*recv_key)[0],
-        static_cast<int>(recv_key->size()));
+    ret = srtp_filter_->SetRtpParams(
+        selected_cipher, &(*send_key)[0], static_cast<int>(send_key->size()),
+        selected_cipher, &(*recv_key)[0], static_cast<int>(recv_key->size()));
   }
 
   if (!ret)
     LOG(LS_WARNING) << "DTLS-SRTP key installation failed";
   else
     dtls_keyed_ = true;
 
   return ret;
 }
 
@@ skipping 59 matching lines @@
   bool dtls = false;
   ret = CheckSrtpConfig(cryptos, &dtls, error_desc);
   if (!ret) {
     return false;
   }
   switch (action) {
     case CA_OFFER:
       // If DTLS is already active on the channel, we could be renegotiating
       // here. We don't update the srtp filter.
       if (!dtls) {
-        ret = srtp_filter_.SetOffer(cryptos, src);
+        ret = srtp_filter_->SetOffer(cryptos, src);
       }
       break;
     case CA_PRANSWER:
       // If we're doing DTLS-SRTP, we don't want to update the filter
       // with an answer, because we already have SRTP parameters.
       if (!dtls) {
-        ret = srtp_filter_.SetProvisionalAnswer(cryptos, src);
+        ret = srtp_filter_->SetProvisionalAnswer(cryptos, src);
       }
       break;
     case CA_ANSWER:
       // If we're doing DTLS-SRTP, we don't want to update the filter
       // with an answer, because we already have SRTP parameters.
       if (!dtls) {
-        ret = srtp_filter_.SetAnswer(cryptos, src);
+        ret = srtp_filter_->SetAnswer(cryptos, src);
       }
       break;
     default:
       break;
   }
   if (!ret) {
     SafeSetError("Failed to setup SRTP filter.", error_desc);
     return false;
   }
   return true;
@@ skipping 1273 matching lines @@
   return (data_channel_type_ == DCT_RTP);
 }
 
 void DataChannel::OnStreamClosedRemotely(uint32_t sid) {
   rtc::TypedMessageData<uint32_t>* message =
       new rtc::TypedMessageData<uint32_t>(sid);
   signaling_thread()->Post(this, MSG_STREAMCLOSEDREMOTELY, message);
 }
 
 }  // namespace cricket