Remove the support of fallback from DTLS to SDES.

p2p/base/transportcontroller.cc

 /*
  *  Copyright 2015 The WebRTC Project Authors. All rights reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
@@ skipping 239 matching lines @@
       CreateIceTransportChannel_n(transport_name, component);
   // TODO(deadbeef): To support QUIC, would need to create a
   // QuicTransportChannel here. What is "dtls" in this file would then become
   // "dtls or quic".
   DtlsTransportInternal* dtls =
       CreateDtlsTransportChannel_n(transport_name, component, ice);
   dtls->ice_transport()->SetMetricsObserver(metrics_observer_);
   dtls->ice_transport()->SetIceRole(ice_role_);
   dtls->ice_transport()->SetIceTiebreaker(ice_tiebreaker_);
   dtls->ice_transport()->SetIceConfig(ice_config_);
+  if (certificate_) {
+    bool set_cert_success = dtls->SetLocalCertificate(certificate_);
+    RTC_DCHECK(set_cert_success);
+  }
 
   // Connect to signals offered by the channels. Currently, the DTLS channel
   // forwards signals from the ICE channel, so we only need to connect to the
   // DTLS channel. In the future this won't be the case.
   dtls->SignalWritableState.connect(
       this, &TransportController::OnChannelWritableState_n);
   dtls->SignalReceivingState.connect(
       this, &TransportController::OnChannelReceivingState_n);
   dtls->SignalDtlsHandshakeError.connect(
       this, &TransportController::OnDtlsHandshakeError);
@@ skipping 258 matching lines @@
     const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) {
   RTC_DCHECK(network_thread_->IsCurrent());
 
   // Can't change a certificate, or set a null certificate.
   if (certificate_ || !certificate) {
     return false;
   }
   certificate_ = certificate;
 
   // Set certificate for JsepTransport, which verifies it matches the
-  // fingerprint in SDP, and only applies it to the DTLS transport if a
-  // fingerprint attribute is present in SDP. This is used for fallback from
-  // DTLS to SDES.
+  // fingerprint in SDP, and DTLS transport.
+  // Fallback from DTLS to SDES is not supported.
   for (auto& kv : transports_) {
     kv.second->SetLocalCertificate(certificate_);
   }
+  for (auto& channel : channels_) {
+    bool set_cert_success = channel->dtls()->SetLocalCertificate(certificate_);
+    RTC_DCHECK(set_cert_success);
+  }
   return true;
 }
 
 bool TransportController::GetLocalCertificate_n(
     const std::string& transport_name,
     rtc::scoped_refptr<rtc::RTCCertificate>* certificate) const {
   RTC_DCHECK(network_thread_->IsCurrent());
 
   const JsepTransport* t = GetJsepTransport(transport_name);
   if (!t) {
@@ skipping 328 matching lines @@
         RTC_FROM_HERE, this, MSG_ICEGATHERINGSTATE,
         new rtc::TypedMessageData<IceGatheringState>(new_gathering_state));
   }
 }
 
 void TransportController::OnDtlsHandshakeError(rtc::SSLHandshakeError error) {
   SignalDtlsHandshakeError(error);
 }
 
 }  // namespace cricket