Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(418)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: webrtc/p2p/base/dtlstransportchannel.cc

Issue 2815513012: Negotiate the same SRTP crypto suites for every DTLS association formed. (Closed)
Patch Set: Merge with master Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « webrtc/p2p/base/dtlstransportchannel.h ('k') | webrtc/p2p/base/dtlstransportchannel_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: webrtc/p2p/base/dtlstransportchannel.cc
diff --git a/webrtc/p2p/base/dtlstransportchannel.cc b/webrtc/p2p/base/dtlstransportchannel.cc
index c4e1f5bcba63666ff17fa0c71b93ff9d4a508ce7..fc16edff14f38db531e31b63d59fbbd6e59e34a1 100644
--- a/webrtc/p2p/base/dtlstransportchannel.cc
+++ b/webrtc/p2p/base/dtlstransportchannel.cc
@@ -108,12 +108,14 @@ void StreamInterfaceChannel::Close() {
state_ = rtc::SS_CLOSED;
}
-DtlsTransport::DtlsTransport(IceTransportInternal* ice_transport)
+DtlsTransport::DtlsTransport(IceTransportInternal* ice_transport,
+ const rtc::CryptoOptions& crypto_options)
: transport_name_(ice_transport->transport_name()),
component_(ice_transport->component()),
network_thread_(rtc::Thread::Current()),
ice_transport_(ice_transport),
downward_(NULL),
+ srtp_ciphers_(GetSupportedDtlsSrtpCryptoSuites(crypto_options)),
ssl_role_(rtc::SSL_CLIENT),
ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_12) {
ice_transport_->SignalWritableState.connect(this,
@@ -318,51 +320,6 @@ bool DtlsTransport::SetupDtls() {
return true;
}
-bool DtlsTransport::SetSrtpCryptoSuites(const std::vector<int>& ciphers) {
- if (srtp_ciphers_ == ciphers)
- return true;
-
- if (dtls_state() == DTLS_TRANSPORT_CONNECTING) {
- LOG(LS_WARNING) << "Ignoring new SRTP ciphers while DTLS is negotiating";
- return true;
- }
-
- if (dtls_state() == DTLS_TRANSPORT_CONNECTED) {
- // We don't support DTLS renegotiation currently. If new set of srtp ciphers
- // are different than what's being used currently, we will not use it.
- // So for now, let's be happy (or sad) with a warning message.
- int current_srtp_cipher;
- if (!dtls_->GetDtlsSrtpCryptoSuite(&current_srtp_cipher)) {
- LOG(LS_ERROR)
- << "Failed to get the current SRTP cipher for DTLS transport";
- return false;
- }
- const std::vector<int>::const_iterator iter =
- std::find(ciphers.begin(), ciphers.end(), current_srtp_cipher);
- if (iter == ciphers.end()) {
- std::string requested_str;
- for (size_t i = 0; i < ciphers.size(); ++i) {
- requested_str.append(" ");
- requested_str.append(rtc::SrtpCryptoSuiteToName(ciphers[i]));
- requested_str.append(" ");
- }
- LOG(LS_WARNING) << "Ignoring new set of SRTP ciphers, as DTLS "
- << "renegotiation is not supported currently "
- << "current cipher = " << current_srtp_cipher << " and "
- << "requested = " << "[" << requested_str << "]";
- }
- return true;
- }
-
- if (dtls_state() != DTLS_TRANSPORT_NEW) {
- LOG(LS_ERROR) << "Can't set SRTP ciphers for a closed session";
- return false;
- }
-
- srtp_ciphers_ = ciphers;
- return true;
-}
-
bool DtlsTransport::GetSrtpCryptoSuite(int* cipher) {
if (dtls_state() != DTLS_TRANSPORT_CONNECTED) {
return false;
« no previous file with comments | « webrtc/p2p/base/dtlstransportchannel.h ('k') | webrtc/p2p/base/dtlstransportchannel_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698