OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright 2004 The WebRTC project authors. All Rights Reserved. | 2 * Copyright 2004 The WebRTC project authors. All Rights Reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 140 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
151 rtc::Thread* signaling_thread, | 151 rtc::Thread* signaling_thread, |
152 MediaChannel* media_channel, | 152 MediaChannel* media_channel, |
153 const std::string& content_name, | 153 const std::string& content_name, |
154 bool rtcp_mux_required, | 154 bool rtcp_mux_required, |
155 bool srtp_required) | 155 bool srtp_required) |
156 : worker_thread_(worker_thread), | 156 : worker_thread_(worker_thread), |
157 network_thread_(network_thread), | 157 network_thread_(network_thread), |
158 signaling_thread_(signaling_thread), | 158 signaling_thread_(signaling_thread), |
159 content_name_(content_name), | 159 content_name_(content_name), |
160 rtcp_mux_required_(rtcp_mux_required), | 160 rtcp_mux_required_(rtcp_mux_required), |
161 rtp_transport_( | |
162 srtp_required | |
163 ? rtc::WrapUnique<webrtc::RtpTransportInternal>( | |
164 new webrtc::SrtpTransport(rtcp_mux_required, content_name)) | |
165 : rtc::MakeUnique<webrtc::RtpTransport>(rtcp_mux_required)), | |
166 srtp_required_(srtp_required), | 161 srtp_required_(srtp_required), |
167 media_channel_(media_channel), | 162 media_channel_(media_channel), |
168 selected_candidate_pair_(nullptr) { | 163 selected_candidate_pair_(nullptr) { |
169 RTC_DCHECK(worker_thread_ == rtc::Thread::Current()); | 164 RTC_DCHECK(worker_thread_ == rtc::Thread::Current()); |
165 if (srtp_required) { | |
166 auto transport = | |
167 rtc::MakeUnique<webrtc::SrtpTransport>(rtcp_mux_required, content_name); | |
168 srtp_transport_ = transport.get(); | |
169 rtp_transport_ = std::move(transport); | |
170 #if defined(ENABLE_EXTERNAL_AUTH) | 170 #if defined(ENABLE_EXTERNAL_AUTH) |
171 srtp_filter_.EnableExternalAuth(); | 171 srtp_transport_->EnableExternalAuth(); |
172 #endif | 172 #endif |
173 } else { | |
174 rtp_transport_ = rtc::MakeUnique<webrtc::RtpTransport>(rtcp_mux_required); | |
175 srtp_transport_ = nullptr; | |
176 } | |
173 rtp_transport_->SignalReadyToSend.connect( | 177 rtp_transport_->SignalReadyToSend.connect( |
174 this, &BaseChannel::OnTransportReadyToSend); | 178 this, &BaseChannel::OnTransportReadyToSend); |
175 // TODO(zstein): RtpTransport::SignalPacketReceived will probably be replaced | 179 // TODO(zstein): RtpTransport::SignalPacketReceived will probably be replaced |
176 // with a callback interface later so that the demuxer can select which | 180 // with a callback interface later so that the demuxer can select which |
177 // channel to signal. | 181 // channel to signal. |
178 rtp_transport_->SignalPacketReceived.connect(this, | 182 rtp_transport_->SignalPacketReceived.connect(this, |
179 &BaseChannel::OnPacketReceived); | 183 &BaseChannel::OnPacketReceived); |
180 LOG(LS_INFO) << "Created channel for " << content_name; | 184 LOG(LS_INFO) << "Created channel for " << content_name; |
181 } | 185 } |
182 | 186 |
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
314 return; | 318 return; |
315 } | 319 } |
316 | 320 |
317 // When using DTLS-SRTP, we must reset the SrtpFilter every time the transport | 321 // When using DTLS-SRTP, we must reset the SrtpFilter every time the transport |
318 // changes and wait until the DTLS handshake is complete to set the newly | 322 // changes and wait until the DTLS handshake is complete to set the newly |
319 // negotiated parameters. | 323 // negotiated parameters. |
320 if (ShouldSetupDtlsSrtp_n()) { | 324 if (ShouldSetupDtlsSrtp_n()) { |
321 // Set |writable_| to false such that UpdateWritableState_w can set up | 325 // Set |writable_| to false such that UpdateWritableState_w can set up |
322 // DTLS-SRTP when |writable_| becomes true again. | 326 // DTLS-SRTP when |writable_| becomes true again. |
323 writable_ = false; | 327 writable_ = false; |
324 srtp_filter_.ResetParams(); | 328 srtp_filter_.ResetParams(); |
Taylor Brandstetter
2017/08/23 22:13:29
nit: Don't need to actually reset srtp_filter_ her
Zhi Huang
2017/08/24 23:38:07
Right. Previously, srtp_filter_.IsActive() can als
| |
329 if (srtp_transport_) { | |
330 srtp_transport_->ResetParams(); | |
331 } | |
325 } | 332 } |
326 | 333 |
327 // If this BaseChannel doesn't require RTCP mux and we haven't fully | 334 // If this BaseChannel doesn't require RTCP mux and we haven't fully |
328 // negotiated RTCP mux, we need an RTCP transport. | 335 // negotiated RTCP mux, we need an RTCP transport. |
329 if (rtcp_packet_transport) { | 336 if (rtcp_packet_transport) { |
330 LOG(LS_INFO) << "Setting RTCP Transport for " << content_name() << " on " | 337 LOG(LS_INFO) << "Setting RTCP Transport for " << content_name() << " on " |
331 << debug_name << " transport " << rtcp_packet_transport; | 338 << debug_name << " transport " << rtcp_packet_transport; |
332 SetTransport_n(true, rtcp_dtls_transport, rtcp_packet_transport); | 339 SetTransport_n(true, rtcp_dtls_transport, rtcp_packet_transport); |
333 } | 340 } |
334 | 341 |
(...skipping 247 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
582 return; | 589 return; |
583 } | 590 } |
584 | 591 |
585 // Reset the srtp filter if it's not the CONNECTED state. For the CONNECTED | 592 // Reset the srtp filter if it's not the CONNECTED state. For the CONNECTED |
586 // state, setting up DTLS-SRTP context is deferred to ChannelWritable_w to | 593 // state, setting up DTLS-SRTP context is deferred to ChannelWritable_w to |
587 // cover other scenarios like the whole transport is writable (not just this | 594 // cover other scenarios like the whole transport is writable (not just this |
588 // TransportChannel) or when TransportChannel is attached after DTLS is | 595 // TransportChannel) or when TransportChannel is attached after DTLS is |
589 // negotiated. | 596 // negotiated. |
590 if (state != DTLS_TRANSPORT_CONNECTED) { | 597 if (state != DTLS_TRANSPORT_CONNECTED) { |
591 srtp_filter_.ResetParams(); | 598 srtp_filter_.ResetParams(); |
599 if (srtp_transport_) { | |
600 srtp_transport_->ResetParams(); | |
601 } | |
592 } | 602 } |
593 } | 603 } |
594 | 604 |
595 void BaseChannel::OnSelectedCandidatePairChanged( | 605 void BaseChannel::OnSelectedCandidatePairChanged( |
596 IceTransportInternal* ice_transport, | 606 IceTransportInternal* ice_transport, |
597 CandidatePairInterface* selected_candidate_pair, | 607 CandidatePairInterface* selected_candidate_pair, |
598 int last_sent_packet_id, | 608 int last_sent_packet_id, |
599 bool ready_to_send) { | 609 bool ready_to_send) { |
600 RTC_DCHECK((rtp_dtls_transport_ && | 610 RTC_DCHECK((rtp_dtls_transport_ && |
601 ice_transport == rtp_dtls_transport_->ice_transport()) || | 611 ice_transport == rtp_dtls_transport_->ice_transport()) || |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
655 } | 665 } |
656 | 666 |
657 // Protect ourselves against crazy data. | 667 // Protect ourselves against crazy data. |
658 if (!ValidPacket(rtcp, packet)) { | 668 if (!ValidPacket(rtcp, packet)) { |
659 LOG(LS_ERROR) << "Dropping outgoing " << content_name_ << " " | 669 LOG(LS_ERROR) << "Dropping outgoing " << content_name_ << " " |
660 << RtpRtcpStringLiteral(rtcp) | 670 << RtpRtcpStringLiteral(rtcp) |
661 << " packet: wrong size=" << packet->size(); | 671 << " packet: wrong size=" << packet->size(); |
662 return false; | 672 return false; |
663 } | 673 } |
664 | 674 |
665 rtc::PacketOptions updated_options; | 675 if (!srtp_filter_.IsActive() && srtp_required_) { |
666 updated_options = options; | |
667 // Protect if needed. | |
668 if (srtp_filter_.IsActive()) { | |
669 TRACE_EVENT0("webrtc", "SRTP Encode"); | |
670 bool res; | |
671 uint8_t* data = packet->data(); | |
672 int len = static_cast<int>(packet->size()); | |
673 if (!rtcp) { | |
674 // If ENABLE_EXTERNAL_AUTH flag is on then packet authentication is not done | |
675 // inside libsrtp for a RTP packet. A external HMAC module will be writing | |
676 // a fake HMAC value. This is ONLY done for a RTP packet. | |
677 // Socket layer will update rtp sendtime extension header if present in | |
678 // packet with current time before updating the HMAC. | |
679 #if !defined(ENABLE_EXTERNAL_AUTH) | |
680 res = srtp_filter_.ProtectRtp( | |
681 data, len, static_cast<int>(packet->capacity()), &len); | |
682 #else | |
683 if (!srtp_filter_.IsExternalAuthActive()) { | |
684 res = srtp_filter_.ProtectRtp( | |
685 data, len, static_cast<int>(packet->capacity()), &len); | |
686 } else { | |
687 updated_options.packet_time_params.rtp_sendtime_extension_id = | |
688 rtp_abs_sendtime_extn_id_; | |
689 res = srtp_filter_.ProtectRtp( | |
690 data, len, static_cast<int>(packet->capacity()), &len, | |
691 &updated_options.packet_time_params.srtp_packet_index); | |
692 // If protection succeeds, let's get auth params from srtp. | |
693 if (res) { | |
694 uint8_t* auth_key = NULL; | |
695 int key_len; | |
696 res = srtp_filter_.GetRtpAuthParams( | |
697 &auth_key, &key_len, | |
698 &updated_options.packet_time_params.srtp_auth_tag_len); | |
699 if (res) { | |
700 updated_options.packet_time_params.srtp_auth_key.resize(key_len); | |
701 updated_options.packet_time_params.srtp_auth_key.assign( | |
702 auth_key, auth_key + key_len); | |
703 } | |
704 } | |
705 } | |
706 #endif | |
707 if (!res) { | |
708 int seq_num = -1; | |
709 uint32_t ssrc = 0; | |
710 GetRtpSeqNum(data, len, &seq_num); | |
711 GetRtpSsrc(data, len, &ssrc); | |
712 LOG(LS_ERROR) << "Failed to protect " << content_name_ | |
713 << " RTP packet: size=" << len | |
714 << ", seqnum=" << seq_num << ", SSRC=" << ssrc; | |
715 return false; | |
716 } | |
717 } else { | |
718 res = srtp_filter_.ProtectRtcp(data, len, | |
719 static_cast<int>(packet->capacity()), | |
720 &len); | |
721 if (!res) { | |
722 int type = -1; | |
723 GetRtcpType(data, len, &type); | |
724 LOG(LS_ERROR) << "Failed to protect " << content_name_ | |
725 << " RTCP packet: size=" << len << ", type=" << type; | |
726 return false; | |
727 } | |
728 } | |
729 | |
730 // Update the length of the packet now that we've added the auth tag. | |
731 packet->SetSize(len); | |
732 } else if (srtp_required_) { | |
733 // The audio/video engines may attempt to send RTCP packets as soon as the | 676 // The audio/video engines may attempt to send RTCP packets as soon as the |
734 // streams are created, so don't treat this as an error for RTCP. | 677 // streams are created, so don't treat this as an error for RTCP. |
735 // See: https://bugs.chromium.org/p/webrtc/issues/detail?id=6809 | 678 // See: https://bugs.chromium.org/p/webrtc/issues/detail?id=6809 |
736 if (rtcp) { | 679 if (rtcp) { |
737 return false; | 680 return false; |
738 } | 681 } |
739 // However, there shouldn't be any RTP packets sent before SRTP is set up | 682 // However, there shouldn't be any RTP packets sent before SRTP is set up |
740 // (and SetSend(true) is called). | 683 // (and SetSend(true) is called). |
741 LOG(LS_ERROR) << "Can't send outgoing RTP packet when SRTP is inactive" | 684 LOG(LS_ERROR) << "Can't send outgoing RTP packet when SRTP is inactive" |
742 << " and crypto is required"; | 685 << " and crypto is required"; |
743 RTC_NOTREACHED(); | 686 RTC_NOTREACHED(); |
744 return false; | 687 return false; |
745 } | 688 } |
746 | 689 |
690 rtc::PacketOptions updated_options; | |
691 updated_options = options; | |
Taylor Brandstetter
2017/08/23 22:13:29
Since the options are updated inside of srtp_trans
Zhi Huang
2017/08/24 23:38:07
Done.
| |
692 if (srtp_filter_.IsActive()) { | |
693 RTC_DCHECK(srtp_transport_); | |
694 RTC_DCHECK(srtp_transport_->IsActive()); | |
695 // Bon voyage. | |
696 int flags = secure_dtls() ? PF_SRTP_BYPASS : PF_NORMAL; | |
697 return srtp_transport_->SendPacket(rtcp, packet, updated_options, flags); | |
698 } | |
699 | |
747 // Bon voyage. | 700 // Bon voyage. |
748 int flags = (secure() && secure_dtls()) ? PF_SRTP_BYPASS : PF_NORMAL; | 701 return rtp_transport_->SendPacket(rtcp, packet, updated_options, PF_NORMAL); |
749 return rtp_transport_->SendPacket(rtcp, packet, updated_options, flags); | |
750 } | 702 } |
751 | 703 |
752 bool BaseChannel::HandlesPayloadType(int packet_type) const { | 704 bool BaseChannel::HandlesPayloadType(int packet_type) const { |
753 return rtp_transport_->HandlesPayloadType(packet_type); | 705 return rtp_transport_->HandlesPayloadType(packet_type); |
754 } | 706 } |
755 | 707 |
756 void BaseChannel::OnPacketReceived(bool rtcp, | 708 void BaseChannel::OnPacketReceived(bool rtcp, |
757 rtc::CopyOnWriteBuffer* packet, | 709 rtc::CopyOnWriteBuffer* packet, |
758 const rtc::PacketTime& packet_time) { | 710 const rtc::PacketTime& packet_time) { |
759 if (!has_received_packet_ && !rtcp) { | 711 if (!has_received_packet_ && !rtcp) { |
760 has_received_packet_ = true; | 712 has_received_packet_ = true; |
761 signaling_thread()->Post(RTC_FROM_HERE, this, MSG_FIRSTPACKETRECEIVED); | 713 signaling_thread()->Post(RTC_FROM_HERE, this, MSG_FIRSTPACKETRECEIVED); |
762 } | 714 } |
763 | 715 |
764 // Unprotect the packet, if needed. | 716 if (!srtp_filter_.IsActive() && srtp_required_) { |
765 if (srtp_filter_.IsActive()) { | |
766 TRACE_EVENT0("webrtc", "SRTP Decode"); | |
767 char* data = packet->data<char>(); | |
768 int len = static_cast<int>(packet->size()); | |
769 bool res; | |
770 if (!rtcp) { | |
771 res = srtp_filter_.UnprotectRtp(data, len, &len); | |
772 if (!res) { | |
773 int seq_num = -1; | |
774 uint32_t ssrc = 0; | |
775 GetRtpSeqNum(data, len, &seq_num); | |
776 GetRtpSsrc(data, len, &ssrc); | |
777 LOG(LS_ERROR) << "Failed to unprotect " << content_name_ | |
778 << " RTP packet: size=" << len << ", seqnum=" << seq_num | |
779 << ", SSRC=" << ssrc; | |
780 return; | |
781 } | |
782 } else { | |
783 res = srtp_filter_.UnprotectRtcp(data, len, &len); | |
784 if (!res) { | |
785 int type = -1; | |
786 GetRtcpType(data, len, &type); | |
787 LOG(LS_ERROR) << "Failed to unprotect " << content_name_ | |
788 << " RTCP packet: size=" << len << ", type=" << type; | |
789 return; | |
790 } | |
791 } | |
792 | |
793 packet->SetSize(len); | |
794 } else if (srtp_required_) { | |
795 // Our session description indicates that SRTP is required, but we got a | 717 // Our session description indicates that SRTP is required, but we got a |
796 // packet before our SRTP filter is active. This means either that | 718 // packet before our SRTP filter is active. This means either that |
797 // a) we got SRTP packets before we received the SDES keys, in which case | 719 // a) we got SRTP packets before we received the SDES keys, in which case |
798 // we can't decrypt it anyway, or | 720 // we can't decrypt it anyway, or |
799 // b) we got SRTP packets before DTLS completed on both the RTP and RTCP | 721 // b) we got SRTP packets before DTLS completed on both the RTP and RTCP |
800 // transports, so we haven't yet extracted keys, even if DTLS did | 722 // transports, so we haven't yet extracted keys, even if DTLS did |
801 // complete on the transport that the packets are being sent on. It's | 723 // complete on the transport that the packets are being sent on. It's |
802 // really good practice to wait for both RTP and RTCP to be good to go | 724 // really good practice to wait for both RTP and RTCP to be good to go |
803 // before sending media, to prevent weird failure modes, so it's fine | 725 // before sending media, to prevent weird failure modes, so it's fine |
804 // for us to just eat packets here. This is all sidestepped if RTCP mux | 726 // for us to just eat packets here. This is all sidestepped if RTCP mux |
(...skipping 185 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
990 if (role == rtc::SSL_SERVER) { | 912 if (role == rtc::SSL_SERVER) { |
991 send_key = &server_write_key; | 913 send_key = &server_write_key; |
992 recv_key = &client_write_key; | 914 recv_key = &client_write_key; |
993 } else { | 915 } else { |
994 send_key = &client_write_key; | 916 send_key = &client_write_key; |
995 recv_key = &server_write_key; | 917 recv_key = &server_write_key; |
996 } | 918 } |
997 | 919 |
998 if (!srtp_filter_.IsActive()) { | 920 if (!srtp_filter_.IsActive()) { |
999 if (rtcp) { | 921 if (rtcp) { |
1000 ret = srtp_filter_.SetRtcpParams(selected_crypto_suite, &(*send_key)[0], | 922 RTC_DCHECK(srtp_transport_); |
1001 static_cast<int>(send_key->size()), | 923 ret = srtp_transport_->SetRtcpParams( |
1002 selected_crypto_suite, &(*recv_key)[0], | 924 selected_crypto_suite, &(*send_key)[0], |
1003 static_cast<int>(recv_key->size())); | 925 static_cast<int>(send_key->size()), selected_crypto_suite, |
926 &(*recv_key)[0], static_cast<int>(recv_key->size())); | |
1004 } else { | 927 } else { |
1005 ret = srtp_filter_.SetRtpParams(selected_crypto_suite, &(*send_key)[0], | 928 RTC_DCHECK(srtp_transport_); |
1006 static_cast<int>(send_key->size()), | 929 // If the SRTP crypto keys are from DTLS handshake, explicitly call |
1007 selected_crypto_suite, &(*recv_key)[0], | 930 // |EnableDtlsSrtp| to activate SrtpFilter. |
1008 static_cast<int>(recv_key->size())); | 931 srtp_filter_.EnableDtlsSrtp(); |
Taylor Brandstetter
2017/08/23 22:13:29
Why does srtp_filter_ even need to know if DTLS-SR
Zhi Huang
2017/08/24 23:38:07
Done.
| |
932 ret = srtp_transport_->SetRtpParams( | |
933 selected_crypto_suite, &(*send_key)[0], | |
934 static_cast<int>(send_key->size()), selected_crypto_suite, | |
935 &(*recv_key)[0], static_cast<int>(recv_key->size())); | |
1009 } | 936 } |
1010 } else { | 937 } else { |
1011 if (rtcp) { | 938 if (rtcp) { |
1012 // RTCP doesn't need to be updated because UpdateRtpParams is only used | 939 // RTCP doesn't need to be updated because UpdateRtpParams is only used |
1013 // to update the set of encrypted RTP header extension IDs. | 940 // to update the set of encrypted RTP header extension IDs. |
1014 ret = true; | 941 ret = true; |
1015 } else { | 942 } else { |
1016 ret = srtp_filter_.UpdateRtpParams( | 943 ret = srtp_transport_->UpdateRtpParams( |
1017 selected_crypto_suite, | 944 selected_crypto_suite, &(*send_key)[0], |
1018 &(*send_key)[0], static_cast<int>(send_key->size()), | 945 static_cast<int>(send_key->size()), selected_crypto_suite, |
1019 selected_crypto_suite, | |
1020 &(*recv_key)[0], static_cast<int>(recv_key->size())); | 946 &(*recv_key)[0], static_cast<int>(recv_key->size())); |
1021 } | 947 } |
1022 } | 948 } |
1023 | 949 |
1024 if (!ret) { | 950 if (!ret) { |
1025 LOG(LS_WARNING) << "DTLS-SRTP key installation failed"; | 951 LOG(LS_WARNING) << "DTLS-SRTP key installation failed"; |
1026 } else { | 952 } else { |
1027 dtls_keyed_ = true; | 953 dtls_keyed_ = true; |
1028 UpdateTransportOverhead(); | 954 UpdateTransportOverhead(); |
1029 } | 955 } |
1030 return ret; | 956 return ret; |
1031 } | 957 } |
1032 | 958 |
1033 void BaseChannel::MaybeSetupDtlsSrtp_n() { | 959 void BaseChannel::MaybeSetupDtlsSrtp_n() { |
1034 if (srtp_filter_.IsActive()) { | 960 if (srtp_filter_.IsActive()) { |
1035 return; | 961 return; |
1036 } | 962 } |
1037 | 963 |
1038 if (!ShouldSetupDtlsSrtp_n()) { | 964 if (!ShouldSetupDtlsSrtp_n()) { |
1039 return; | 965 return; |
1040 } | 966 } |
1041 | 967 |
968 if (!srtp_transport_) { | |
969 EnableSrtpTransport_n(); | |
970 } | |
971 | |
1042 if (!SetupDtlsSrtp_n(false)) { | 972 if (!SetupDtlsSrtp_n(false)) { |
1043 SignalDtlsSrtpSetupFailure_n(false); | 973 SignalDtlsSrtpSetupFailure_n(false); |
1044 return; | 974 return; |
1045 } | 975 } |
1046 | 976 |
1047 if (rtcp_dtls_transport_) { | 977 if (rtcp_dtls_transport_) { |
1048 if (!SetupDtlsSrtp_n(true)) { | 978 if (!SetupDtlsSrtp_n(true)) { |
1049 SignalDtlsSrtpSetupFailure_n(true); | 979 SignalDtlsSrtpSetupFailure_n(true); |
1050 return; | 980 return; |
1051 } | 981 } |
(...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1115 bool* dtls, | 1045 bool* dtls, |
1116 std::string* error_desc) { | 1046 std::string* error_desc) { |
1117 *dtls = rtp_dtls_transport_ && rtp_dtls_transport_->IsDtlsActive(); | 1047 *dtls = rtp_dtls_transport_ && rtp_dtls_transport_->IsDtlsActive(); |
1118 if (*dtls && !cryptos.empty()) { | 1048 if (*dtls && !cryptos.empty()) { |
1119 SafeSetError("Cryptos must be empty when DTLS is active.", error_desc); | 1049 SafeSetError("Cryptos must be empty when DTLS is active.", error_desc); |
1120 return false; | 1050 return false; |
1121 } | 1051 } |
1122 return true; | 1052 return true; |
1123 } | 1053 } |
1124 | 1054 |
1055 void BaseChannel::EnableSrtpTransport_n() { | |
1056 if (srtp_transport_ == nullptr) { | |
1057 rtp_transport_->SignalReadyToSend.disconnect(this); | |
1058 rtp_transport_->SignalPacketReceived.disconnect(this); | |
1059 | |
1060 auto transport = rtc::MakeUnique<webrtc::SrtpTransport>( | |
1061 std::move(rtp_transport_), content_name_); | |
1062 srtp_transport_ = transport.get(); | |
1063 rtp_transport_ = std::move(transport); | |
1064 | |
1065 rtp_transport_->SignalReadyToSend.connect( | |
1066 this, &BaseChannel::OnTransportReadyToSend); | |
1067 rtp_transport_->SignalPacketReceived.connect( | |
1068 this, &BaseChannel::OnPacketReceived); | |
1069 | |
1070 if (rtp_abs_sendtime_extn_id_ != -1) { | |
1071 srtp_transport_->CacheRtpAbsSendTimeHeaderExtension( | |
1072 rtp_abs_sendtime_extn_id_); | |
1073 } | |
1074 LOG(LS_INFO) << "Wrapping RtpTransport in SrtpTransport."; | |
Taylor Brandstetter
2017/08/23 22:13:29
I don't think upgrading from plain RTP to SRTP is
Zhi Huang
2017/08/24 23:38:07
I would like to talk about this a little bit more.
| |
1075 } | |
1076 } | |
1077 | |
1125 bool BaseChannel::SetSrtp_n(const std::vector<CryptoParams>& cryptos, | 1078 bool BaseChannel::SetSrtp_n(const std::vector<CryptoParams>& cryptos, |
1126 ContentAction action, | 1079 ContentAction action, |
1127 ContentSource src, | 1080 ContentSource src, |
1128 const std::vector<int>& encrypted_extension_ids, | 1081 const std::vector<int>& encrypted_extension_ids, |
1129 std::string* error_desc) { | 1082 std::string* error_desc) { |
1130 TRACE_EVENT0("webrtc", "BaseChannel::SetSrtp_w"); | 1083 TRACE_EVENT0("webrtc", "BaseChannel::SetSrtp_w"); |
1131 if (action == CA_UPDATE) { | 1084 if (action == CA_UPDATE) { |
1132 // no crypto params. | 1085 // no crypto params. |
1133 return true; | 1086 return true; |
1134 } | 1087 } |
1135 bool ret = false; | 1088 bool ret = false; |
1136 bool dtls = false; | 1089 bool dtls = false; |
1137 ret = CheckSrtpConfig_n(cryptos, &dtls, error_desc); | 1090 ret = CheckSrtpConfig_n(cryptos, &dtls, error_desc); |
1138 if (!ret) { | 1091 if (!ret) { |
1139 return false; | 1092 return false; |
1140 } | 1093 } |
1141 srtp_filter_.SetEncryptedHeaderExtensionIds(src, encrypted_extension_ids); | 1094 if (!srtp_transport_ && !dtls) { |
1095 EnableSrtpTransport_n(); | |
1096 } | |
1097 if (srtp_transport_) { | |
1098 srtp_transport_->SetEncryptedHeaderExtensionIds(src, | |
1099 encrypted_extension_ids); | |
1100 } | |
1142 switch (action) { | 1101 switch (action) { |
1143 case CA_OFFER: | 1102 case CA_OFFER: |
1144 // If DTLS is already active on the channel, we could be renegotiating | 1103 // If DTLS is already active on the channel, we could be renegotiating |
1145 // here. We don't update the srtp filter. | 1104 // here. We don't update the srtp filter. |
1146 if (!dtls) { | 1105 if (!dtls) { |
1147 ret = srtp_filter_.SetOffer(cryptos, src); | 1106 ret = srtp_filter_.SetOffer(cryptos, src); |
1148 } | 1107 } |
1149 break; | 1108 break; |
1150 case CA_PRANSWER: | 1109 case CA_PRANSWER: |
1151 // If we're doing DTLS-SRTP, we don't want to update the filter | 1110 // If we're doing DTLS-SRTP, we don't want to update the filter |
1152 // with an answer, because we already have SRTP parameters. | 1111 // with an answer, because we already have SRTP parameters. |
1153 if (!dtls) { | 1112 if (!dtls) { |
1154 ret = srtp_filter_.SetProvisionalAnswer(cryptos, src); | 1113 ret = srtp_filter_.SetProvisionalAnswer(cryptos, src); |
1114 if (ret) { | |
1115 if (srtp_filter_.send_cipher_suite() && | |
1116 srtp_filter_.recv_cipher_suite()) { | |
1117 auto send_key = srtp_filter_.send_key(); | |
1118 auto recv_key = srtp_filter_.recv_key(); | |
1119 ret = srtp_transport_->SetRtpParams( | |
1120 *(srtp_filter_.send_cipher_suite()), &(*send_key)[0], | |
1121 static_cast<int>(send_key->size()), | |
1122 *(srtp_filter_.recv_cipher_suite()), &(*recv_key)[0], | |
1123 static_cast<int>(recv_key->size())); | |
1124 } else { | |
1125 LOG(LS_INFO) << "No crypto keys are provided for SDES."; | |
1126 } | |
1127 } | |
1155 } | 1128 } |
1156 break; | 1129 break; |
1157 case CA_ANSWER: | 1130 case CA_ANSWER: |
1158 // If we're doing DTLS-SRTP, we don't want to update the filter | 1131 // If we're doing DTLS-SRTP, we don't want to update the filter |
1159 // with an answer, because we already have SRTP parameters. | 1132 // with an answer, because we already have SRTP parameters. |
1160 if (!dtls) { | 1133 if (!dtls) { |
1161 ret = srtp_filter_.SetAnswer(cryptos, src); | 1134 ret = srtp_filter_.SetAnswer(cryptos, src); |
1135 if (ret) { | |
1136 if (srtp_filter_.send_cipher_suite() && | |
1137 srtp_filter_.recv_cipher_suite()) { | |
1138 auto send_key = srtp_filter_.send_key(); | |
1139 auto recv_key = srtp_filter_.recv_key(); | |
1140 ret = srtp_transport_->SetRtpParams( | |
1141 *(srtp_filter_.send_cipher_suite()), &(*send_key)[0], | |
1142 static_cast<int>(send_key->size()), | |
1143 *(srtp_filter_.recv_cipher_suite()), &(*recv_key)[0], | |
1144 static_cast<int>(recv_key->size())); | |
1145 } else { | |
1146 // Explicitly reset the |srtp_transport_| if no crypto param is | |
1147 // provided in the answer. No need to call |ResetParams()| for | |
1148 // |srtp_filter_| because it resets the params inside |SetAnswer|. | |
1149 srtp_transport_->ResetParams(); | |
1150 LOG(LS_INFO) << "No crypto keys are provided for SDES."; | |
Taylor Brandstetter
2017/08/23 22:13:29
This looks the same as the code above; could it be
Zhi Huang
2017/08/24 23:38:07
Yes, that would be cleaner.
| |
1151 } | |
1152 } | |
1162 } | 1153 } |
1163 break; | 1154 break; |
1164 default: | 1155 default: |
1165 break; | 1156 break; |
1166 } | 1157 } |
1167 // Only update SRTP filter if using DTLS. SDES is handled internally | 1158 // Only update SRTP filter if using DTLS. SDES is handled internally |
1168 // by the SRTP filter. | 1159 // by the SRTP filter. |
1169 // TODO(jbauch): Only update if encrypted extension ids have changed. | 1160 // TODO(jbauch): Only update if encrypted extension ids have changed. |
1170 if (ret && dtls_keyed_ && rtp_dtls_transport_ && | 1161 if (ret && dtls_keyed_ && rtp_dtls_transport_ && |
1171 rtp_dtls_transport_->dtls_state() == DTLS_TRANSPORT_CONNECTED) { | 1162 rtp_dtls_transport_->dtls_state() == DTLS_TRANSPORT_CONNECTED) { |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1204 break; | 1195 break; |
1205 case CA_ANSWER: | 1196 case CA_ANSWER: |
1206 ret = rtcp_mux_filter_.SetAnswer(enable, src); | 1197 ret = rtcp_mux_filter_.SetAnswer(enable, src); |
1207 if (ret && rtcp_mux_filter_.IsActive()) { | 1198 if (ret && rtcp_mux_filter_.IsActive()) { |
1208 // We permanently activated RTCP muxing; signal that we no longer need | 1199 // We permanently activated RTCP muxing; signal that we no longer need |
1209 // the RTCP transport. | 1200 // the RTCP transport. |
1210 std::string debug_name = | 1201 std::string debug_name = |
1211 transport_name_.empty() | 1202 transport_name_.empty() |
1212 ? rtp_transport_->rtp_packet_transport()->debug_name() | 1203 ? rtp_transport_->rtp_packet_transport()->debug_name() |
1213 : transport_name_; | 1204 : transport_name_; |
1214 ; | |
1215 LOG(LS_INFO) << "Enabling rtcp-mux for " << content_name() | 1205 LOG(LS_INFO) << "Enabling rtcp-mux for " << content_name() |
1216 << "; no longer need RTCP transport for " << debug_name; | 1206 << "; no longer need RTCP transport for " << debug_name; |
1217 if (rtp_transport_->rtcp_packet_transport()) { | 1207 if (rtp_transport_->rtcp_packet_transport()) { |
1218 SetTransport_n(true, nullptr, nullptr); | 1208 SetTransport_n(true, nullptr, nullptr); |
1219 SignalRtcpMuxFullyActive(transport_name_); | 1209 SignalRtcpMuxFullyActive(transport_name_); |
1220 } | 1210 } |
1221 UpdateWritableState_n(); | 1211 UpdateWritableState_n(); |
1222 } | 1212 } |
1223 break; | 1213 break; |
1224 case CA_UPDATE: | 1214 case CA_UPDATE: |
(...skipping 208 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1433 send_time_extension ? send_time_extension->id : -1; | 1423 send_time_extension ? send_time_extension->id : -1; |
1434 invoker_.AsyncInvoke<void>( | 1424 invoker_.AsyncInvoke<void>( |
1435 RTC_FROM_HERE, network_thread_, | 1425 RTC_FROM_HERE, network_thread_, |
1436 Bind(&BaseChannel::CacheRtpAbsSendTimeHeaderExtension_n, this, | 1426 Bind(&BaseChannel::CacheRtpAbsSendTimeHeaderExtension_n, this, |
1437 rtp_abs_sendtime_extn_id)); | 1427 rtp_abs_sendtime_extn_id)); |
1438 #endif | 1428 #endif |
1439 } | 1429 } |
1440 | 1430 |
1441 void BaseChannel::CacheRtpAbsSendTimeHeaderExtension_n( | 1431 void BaseChannel::CacheRtpAbsSendTimeHeaderExtension_n( |
1442 int rtp_abs_sendtime_extn_id) { | 1432 int rtp_abs_sendtime_extn_id) { |
1443 rtp_abs_sendtime_extn_id_ = rtp_abs_sendtime_extn_id; | 1433 rtp_abs_sendtime_extn_id_ = rtp_abs_sendtime_extn_id; |
Taylor Brandstetter
2017/08/23 22:13:29
If this were always called after the SRTP transpor
Zhi Huang
2017/08/24 23:38:07
This is called after SetTransportParameters which
| |
1434 if (srtp_transport_) { | |
1435 srtp_transport_->CacheRtpAbsSendTimeHeaderExtension( | |
1436 rtp_abs_sendtime_extn_id_); | |
1437 } | |
1444 } | 1438 } |
1445 | 1439 |
1446 void BaseChannel::OnMessage(rtc::Message *pmsg) { | 1440 void BaseChannel::OnMessage(rtc::Message *pmsg) { |
1447 TRACE_EVENT0("webrtc", "BaseChannel::OnMessage"); | 1441 TRACE_EVENT0("webrtc", "BaseChannel::OnMessage"); |
1448 switch (pmsg->message_id) { | 1442 switch (pmsg->message_id) { |
1449 case MSG_SEND_RTP_PACKET: | 1443 case MSG_SEND_RTP_PACKET: |
1450 case MSG_SEND_RTCP_PACKET: { | 1444 case MSG_SEND_RTCP_PACKET: { |
1451 RTC_DCHECK(network_thread_->IsCurrent()); | 1445 RTC_DCHECK(network_thread_->IsCurrent()); |
1452 SendPacketMessageData* data = | 1446 SendPacketMessageData* data = |
1453 static_cast<SendPacketMessageData*>(pmsg->pdata); | 1447 static_cast<SendPacketMessageData*>(pmsg->pdata); |
(...skipping 265 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1719 constexpr int kUdpOverhaed = 8; | 1713 constexpr int kUdpOverhaed = 8; |
1720 constexpr int kTcpOverhaed = 20; | 1714 constexpr int kTcpOverhaed = 20; |
1721 transport_overhead_per_packet += | 1715 transport_overhead_per_packet += |
1722 selected_candidate_pair_->local_candidate().protocol() == | 1716 selected_candidate_pair_->local_candidate().protocol() == |
1723 TCP_PROTOCOL_NAME | 1717 TCP_PROTOCOL_NAME |
1724 ? kTcpOverhaed | 1718 ? kTcpOverhaed |
1725 : kUdpOverhaed; | 1719 : kUdpOverhaed; |
1726 | 1720 |
1727 if (secure()) { | 1721 if (secure()) { |
1728 int srtp_overhead = 0; | 1722 int srtp_overhead = 0; |
1729 if (srtp_filter_.GetSrtpOverhead(&srtp_overhead)) | 1723 if (srtp_transport_->GetSrtpOverhead(&srtp_overhead)) |
1730 transport_overhead_per_packet += srtp_overhead; | 1724 transport_overhead_per_packet += srtp_overhead; |
1731 } | 1725 } |
1732 | 1726 |
1733 return transport_overhead_per_packet; | 1727 return transport_overhead_per_packet; |
1734 } | 1728 } |
1735 | 1729 |
1736 void BaseChannel::UpdateTransportOverhead() { | 1730 void BaseChannel::UpdateTransportOverhead() { |
1737 int transport_overhead_per_packet = GetTransportOverheadPerPacket(); | 1731 int transport_overhead_per_packet = GetTransportOverheadPerPacket(); |
1738 if (transport_overhead_per_packet) | 1732 if (transport_overhead_per_packet) |
1739 invoker_.AsyncInvoke<void>( | 1733 invoker_.AsyncInvoke<void>( |
(...skipping 714 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
2454 | 2448 |
2455 void RtpDataChannel::OnDataChannelReadyToSend(bool writable) { | 2449 void RtpDataChannel::OnDataChannelReadyToSend(bool writable) { |
2456 // This is usded for congestion control to indicate that the stream is ready | 2450 // This is usded for congestion control to indicate that the stream is ready |
2457 // to send by the MediaChannel, as opposed to OnReadyToSend, which indicates | 2451 // to send by the MediaChannel, as opposed to OnReadyToSend, which indicates |
2458 // that the transport channel is ready. | 2452 // that the transport channel is ready. |
2459 signaling_thread()->Post(RTC_FROM_HERE, this, MSG_READYTOSENDDATA, | 2453 signaling_thread()->Post(RTC_FROM_HERE, this, MSG_READYTOSENDDATA, |
2460 new DataChannelReadyToSendMessageData(writable)); | 2454 new DataChannelReadyToSendMessageData(writable)); |
2461 } | 2455 } |
2462 | 2456 |
2463 } // namespace cricket | 2457 } // namespace cricket |
OLD | NEW |