Negotiate the same SRTP crypto suites for every DTLS association formed.

webrtc/pc/webrtcsession_unittest.cc

 /*
  *  Copyright 2012 The WebRTC project authors. All Rights Reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
@@ skipping 402 matching lines @@
   void RemoveInterface(const SocketAddress& addr) {
     network_manager_.RemoveInterface(addr);
   }
 
   // If |cert_generator| != null or |rtc_configuration| contains |certificates|
   // then DTLS will be enabled unless explicitly disabled by |rtc_configuration|
   // options. When DTLS is enabled a certificate will be used if provided,
   // otherwise one will be generated using the |cert_generator|.
   void Init(
       std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
-      PeerConnectionInterface::RtcpMuxPolicy rtcp_mux_policy) {
+      PeerConnectionInterface::RtcpMuxPolicy rtcp_mux_policy,
+      const rtc::CryptoOptions& crypto_options) {
     ASSERT_TRUE(session_.get() == NULL);
     fake_sctp_transport_factory_ = new FakeSctpTransportFactory();
     session_.reset(new WebRtcSessionForTest(
         media_controller_.get(), rtc::Thread::Current(), rtc::Thread::Current(),
         rtc::Thread::Current(), allocator_.get(), &observer_,
         std::unique_ptr<cricket::TransportController>(
-            new cricket::TransportController(rtc::Thread::Current(),
-                                             rtc::Thread::Current(),
-                                             allocator_.get())),
+            new cricket::TransportController(
+                rtc::Thread::Current(), rtc::Thread::Current(),
+                allocator_.get(),
+                /*redetermine_role_on_ice_restart=*/true, crypto_options)),
         std::unique_ptr<FakeSctpTransportFactory>(
             fake_sctp_transport_factory_)));
     session_->SignalDataChannelOpenMessage.connect(
         this, &WebRtcSessionTest::OnDataChannelOpenMessage);
 
     configuration_.rtcp_mux_policy = rtcp_mux_policy;
     EXPECT_EQ(PeerConnectionInterface::kIceConnectionNew,
         observer_.ice_connection_state_);
     EXPECT_EQ(PeerConnectionInterface::kIceGatheringNew,
         observer_.ice_gathering_state_);
 
     EXPECT_TRUE(session_->Initialize(options_, std::move(cert_generator),
                                      configuration_));
     session_->set_metrics_observer(metrics_observer_);
+    crypto_options_ = crypto_options;
   }
 
   void OnDataChannelOpenMessage(const std::string& label,
                                 const InternalDataChannelInit& config) {
     last_data_channel_label_ = label;
     last_data_channel_config_ = config;
   }
 
   void Init() {
-    Init(nullptr, PeerConnectionInterface::kRtcpMuxPolicyNegotiate);
-  }
-
-  void Init(PeerConnectionInterface::RtcpMuxPolicy rtcp_mux_policy) {
-    Init(nullptr, rtcp_mux_policy);
+    Init(nullptr, PeerConnectionInterface::kRtcpMuxPolicyNegotiate,
+         rtc::CryptoOptions());
   }
 
   void InitWithBundlePolicy(
       PeerConnectionInterface::BundlePolicy bundle_policy) {
     configuration_.bundle_policy = bundle_policy;
     Init();
   }
 
   void InitWithRtcpMuxPolicy(
       PeerConnectionInterface::RtcpMuxPolicy rtcp_mux_policy) {
     PeerConnectionInterface::RTCConfiguration configuration;
-    Init(rtcp_mux_policy);
+    Init(nullptr, rtcp_mux_policy, rtc::CryptoOptions());
+  }
+
+  void InitWithCryptoOptions(const rtc::CryptoOptions& crypto_options) {
+    Init(nullptr, PeerConnectionInterface::kRtcpMuxPolicyNegotiate,
+         crypto_options);
   }
 
   // Successfully init with DTLS; with a certificate generated and supplied or
   // with a store that generates it for us.
   void InitWithDtls(RTCCertificateGenerationMethod cert_gen_method) {
     std::unique_ptr<FakeRTCCertificateGenerator> cert_generator;
     if (cert_gen_method == ALREADY_GENERATED) {
       configuration_.certificates.push_back(
           FakeRTCCertificateGenerator::GenerateCertificate());
     } else if (cert_gen_method == DTLS_IDENTITY_STORE) {
       cert_generator.reset(new FakeRTCCertificateGenerator());
       cert_generator->set_should_fail(false);
     } else {
       RTC_CHECK(false);
     }
     Init(std::move(cert_generator),
-         PeerConnectionInterface::kRtcpMuxPolicyNegotiate);
+         PeerConnectionInterface::kRtcpMuxPolicyNegotiate,
+         rtc::CryptoOptions());
   }
 
   // Init with DTLS with a store that will fail to generate a certificate.
   void InitWithDtlsIdentityGenFail() {
     std::unique_ptr<FakeRTCCertificateGenerator> cert_generator(
         new FakeRTCCertificateGenerator());
     cert_generator->set_should_fail(true);
     Init(std::move(cert_generator),
-         PeerConnectionInterface::kRtcpMuxPolicyNegotiate);
+         PeerConnectionInterface::kRtcpMuxPolicyNegotiate,
+         rtc::CryptoOptions());
   }
 
   void InitWithGcm() {
     rtc::CryptoOptions crypto_options;
     crypto_options.enable_gcm_crypto_suites = true;
-    channel_manager_->SetCryptoOptions(crypto_options);
-    with_gcm_ = true;
-    Init();
+    InitWithCryptoOptions(crypto_options);
   }
 
   void SendAudioVideoStream1() {
     send_stream_1_ = true;
     send_stream_2_ = false;
     send_audio_ = true;
     send_video_ = true;
   }
 
   void SendAudioVideoStream2() {
@@ skipping 75 matching lines @@
         session_options->bundle_enabled &&
         (session_options->has_audio() || session_options->has_video() ||
          session_options->has_data());
 
     if (session_->data_channel_type() == cricket::DCT_SCTP && data_channel_) {
       session_options->data_channel_type = cricket::DCT_SCTP;
     } else if (session_->data_channel_type() == cricket::DCT_QUIC) {
       session_options->data_channel_type = cricket::DCT_QUIC;
     }
 
-    if (with_gcm_) {
-      session_options->crypto_options.enable_gcm_crypto_suites = true;
-    }
+    session_options->crypto_options = crypto_options_;
   }
 
   void GetOptionsForAnswer(cricket::MediaSessionOptions* session_options) {
     // ParseConstraintsForAnswer is used to set some defaults.
     ASSERT_TRUE(webrtc::ParseConstraintsForAnswer(nullptr, session_options));
 
     AddStreamsToOptions(session_options);
     session_options->bundle_enabled =
         session_options->bundle_enabled &&
         (session_options->has_audio() || session_options->has_video() ||
          session_options->has_data());
 
     if (session_->data_channel_type() != cricket::DCT_RTP) {
       session_options->data_channel_type = session_->data_channel_type();
     }
 
-    if (with_gcm_) {
-      session_options->crypto_options.enable_gcm_crypto_suites = true;
-    }
+    session_options->crypto_options = crypto_options_;
   }
 
   // Creates a local offer and applies it. Starts ICE.
   // Call SendAudioVideoStreamX() before this function
   // to decide which streams to create.
   void InitiateCall() {
     SessionDescriptionInterface* offer = CreateOffer();
     SetLocalDescriptionWithoutError(offer);
     EXPECT_TRUE_WAIT(PeerConnectionInterface::kIceGatheringNew !=
         observer_.ice_gathering_state_,
@@ skipping 901 matching lines @@
   rtc::scoped_refptr<FakeMetricsObserver> metrics_observer_;
   // The following flags affect options created for CreateOffer/CreateAnswer.
   bool send_stream_1_ = false;
   bool send_stream_2_ = false;
   bool send_audio_ = false;
   bool send_video_ = false;
   rtc::scoped_refptr<DataChannel> data_channel_;
   // Last values received from data channel creation signal.
   std::string last_data_channel_label_;
   InternalDataChannelInit last_data_channel_config_;
-  bool with_gcm_ = false;
+  rtc::CryptoOptions crypto_options_;
 };
 
 TEST_P(WebRtcSessionTest, TestInitializeWithDtls) {
   InitWithDtls(GetParam());
   // SDES is disabled when DTLS is on.
   EXPECT_EQ(cricket::SEC_DISABLED, session_->SdesPolicy());
 }
 
 TEST_F(WebRtcSessionTest, TestInitializeWithoutDtls) {
   Init();
@@ skipping 1807 matching lines @@
 // should not receive any changes in the ICE state.
 TEST_F(WebRtcSessionTest, TestAddChannelToConnectedBundle) {
   LoopbackNetworkConfiguration config;
   LoopbackNetworkManager loopback_network_manager(this, config);
   // Both BUNDLE and RTCP-mux need to be enabled for the ICE state to remain
   // connected. Disabling either of these two means that we need to wait for the
   // answer to find out if more transports are needed.
   configuration_.bundle_policy =
       PeerConnectionInterface::kBundlePolicyMaxBundle;
   options_.disable_encryption = true;
-  Init(PeerConnectionInterface::kRtcpMuxPolicyRequire);
+  InitWithRtcpMuxPolicy(PeerConnectionInterface::kRtcpMuxPolicyRequire);
 
   // Negotiate an audio channel with MAX_BUNDLE enabled.
   SendAudioOnlyStream2();
   SessionDescriptionInterface* offer = CreateOffer();
   SetLocalDescriptionWithoutError(offer);
   EXPECT_EQ_WAIT(PeerConnectionInterface::kIceGatheringComplete,
                  observer_.ice_gathering_state_, kIceCandidatesTimeout);
   std::string sdp;
   offer->ToString(&sdp);
   SessionDescriptionInterface* answer = webrtc::CreateSessionDescription(
@@ skipping 962 matching lines @@
 }
 
 // TODO(bemasc): Add a TestIceStatesBundle with BUNDLE enabled.  That test
 // currently fails because upon disconnection and reconnection OnIceComplete is
 // called more than once without returning to IceGatheringGathering.
 
 INSTANTIATE_TEST_CASE_P(WebRtcSessionTests,
                         WebRtcSessionTest,
                         testing::Values(ALREADY_GENERATED,
                                         DTLS_IDENTITY_STORE));