| Index: webrtc/pc/srtpfilter.cc
|
| diff --git a/webrtc/pc/srtpfilter.cc b/webrtc/pc/srtpfilter.cc
|
| index 82ab4e14320484d124a1479792196e980edbbf73..5094987a76568336780cf8214eb402c03a3a69c0 100644
|
| --- a/webrtc/pc/srtpfilter.cc
|
| +++ b/webrtc/pc/srtpfilter.cc
|
| @@ -51,7 +51,9 @@
|
| #endif
|
| }
|
|
|
| -SrtpFilter::SrtpFilter() {
|
| +SrtpFilter::SrtpFilter()
|
| + : state_(ST_INIT),
|
| + signal_silent_time_in_ms_(0) {
|
| }
|
|
|
| SrtpFilter::~SrtpFilter() {
|
| @@ -224,15 +226,7 @@
|
| return true;
|
| }
|
|
|
| -void SrtpFilter::EnableExternalAuth() {
|
| - RTC_DCHECK(!IsActive());
|
| - external_auth_enabled_ = true;
|
| -}
|
| -
|
| -bool SrtpFilter::IsExternalAuthEnabled() const {
|
| - return external_auth_enabled_;
|
| -}
|
| -
|
| +#if defined(ENABLE_EXTERNAL_AUTH)
|
| bool SrtpFilter::IsExternalAuthActive() const {
|
| if (!IsActive()) {
|
| LOG(LS_WARNING) << "Failed to check IsExternalAuthActive: SRTP not active";
|
| @@ -242,6 +236,7 @@
|
| RTC_CHECK(send_session_);
|
| return send_session_->IsExternalAuthActive();
|
| }
|
| +#endif
|
|
|
| void SrtpFilter::set_signal_silent_time(int signal_silent_time_in_ms) {
|
| signal_silent_time_in_ms_ = signal_silent_time_in_ms;
|
| @@ -343,9 +338,6 @@
|
|
|
| send_session_->set_signal_silent_time(signal_silent_time_in_ms_);
|
| recv_session_->set_signal_silent_time(signal_silent_time_in_ms_);
|
| - if (external_auth_enabled_) {
|
| - send_session_->EnableExternalAuth();
|
| - }
|
| }
|
|
|
| bool SrtpFilter::NegotiateParams(const std::vector<CryptoParams>& answer_params,
|
| @@ -607,6 +599,7 @@
|
| }
|
|
|
| bool SrtpSession::GetRtpAuthParams(uint8_t** key, int* key_len, int* tag_len) {
|
| +#if defined(ENABLE_EXTERNAL_AUTH)
|
| RTC_DCHECK(thread_checker_.CalledOnValidThread());
|
| RTC_DCHECK(IsExternalAuthActive());
|
| if (!IsExternalAuthActive()) {
|
| @@ -631,24 +624,20 @@
|
| *key_len = external_hmac->key_length;
|
| *tag_len = rtp_auth_tag_len_;
|
| return true;
|
| +#else
|
| + return false;
|
| +#endif
|
| }
|
|
|
| int SrtpSession::GetSrtpOverhead() const {
|
| return rtp_auth_tag_len_;
|
| }
|
|
|
| -void SrtpSession::EnableExternalAuth() {
|
| - RTC_DCHECK(!session_);
|
| - external_auth_enabled_ = true;
|
| -}
|
| -
|
| -bool SrtpSession::IsExternalAuthEnabled() const {
|
| - return external_auth_enabled_;
|
| -}
|
| -
|
| +#if defined(ENABLE_EXTERNAL_AUTH)
|
| bool SrtpSession::IsExternalAuthActive() const {
|
| return external_auth_active_;
|
| }
|
| +#endif
|
|
|
| bool SrtpSession::GetSendStreamPacketIndex(void* p,
|
| int in_len,
|
| @@ -730,12 +719,13 @@
|
| // id EXTERNAL_HMAC_SHA1 in the policy structure.
|
| // We want to set this option only for rtp packets.
|
| // By default policy structure is initialized to HMAC_SHA1.
|
| +#if defined(ENABLE_EXTERNAL_AUTH)
|
| // Enable external HMAC authentication only for outgoing streams and only
|
| // for cipher suites that support it (i.e. only non-GCM cipher suites).
|
| - if (type == ssrc_any_outbound && IsExternalAuthEnabled() &&
|
| - !rtc::IsGcmCryptoSuite(cs)) {
|
| + if (type == ssrc_any_outbound && !rtc::IsGcmCryptoSuite(cs)) {
|
| policy.rtp.auth_type = EXTERNAL_HMAC_SHA1;
|
| }
|
| +#endif
|
| policy.next = nullptr;
|
|
|
| int err = srtp_create(&session_, &policy);
|
| @@ -748,7 +738,9 @@
|
| srtp_set_user_data(session_, this);
|
| rtp_auth_tag_len_ = policy.rtp.auth_tag_len;
|
| rtcp_auth_tag_len_ = policy.rtcp.auth_tag_len;
|
| +#if defined(ENABLE_EXTERNAL_AUTH)
|
| external_auth_active_ = (policy.rtp.auth_type == EXTERNAL_HMAC_SHA1);
|
| +#endif
|
| return true;
|
| }
|
|
|
| @@ -768,12 +760,13 @@
|
| LOG(LS_ERROR) << "Failed to install SRTP event handler, err=" << err;
|
| return false;
|
| }
|
| -
|
| +#if defined(ENABLE_EXTERNAL_AUTH)
|
| err = external_crypto_init();
|
| if (err != srtp_err_status_ok) {
|
| LOG(LS_ERROR) << "Failed to initialize fake auth, err=" << err;
|
| return false;
|
| }
|
| +#endif
|
| inited_ = true;
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 2734643002:
Revert of Improve testing of SRTP external auth code paths. (Closed)
