Created the DtlsSrtpTransport.

pc/channel.cc

 /*
  *  Copyright 2004 The WebRTC project authors. All Rights Reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
@@ skipping 45 matching lines @@
 enum {
   MSG_EARLYMEDIATIMEOUT = 1,
   MSG_SEND_RTP_PACKET,
   MSG_SEND_RTCP_PACKET,
   MSG_CHANNEL_ERROR,
   MSG_READYTOSENDDATA,
   MSG_DATARECEIVED,
   MSG_FIRSTPACKETRECEIVED,
 };
 
-// Value specified in RFC 5764.
-static const char kDtlsSrtpExporterLabel[] = "EXTRACTOR-dtls_srtp";
-
 static const int kAgcMinus10db = -10;
 
 static void SafeSetError(const std::string& message, std::string* error_desc) {
   if (error_desc) {
     *error_desc = message;
   }
 }
 
 struct VoiceChannelErrorMessageData : public rtc::MessageData {
   VoiceChannelErrorMessageData(uint32_t in_ssrc,
@@ skipping 69 matching lines @@
                          bool srtp_required)
     : worker_thread_(worker_thread),
       network_thread_(network_thread),
       signaling_thread_(signaling_thread),
       content_name_(content_name),
       rtcp_mux_required_(rtcp_mux_required),
       srtp_required_(srtp_required),
       media_channel_(media_channel),
       selected_candidate_pair_(nullptr) {
   RTC_DCHECK(worker_thread_ == rtc::Thread::Current());
-  if (srtp_required) {
-    auto transport =
-        rtc::MakeUnique<webrtc::SrtpTransport>(rtcp_mux_required, content_name);
-    srtp_transport_ = transport.get();
-    rtp_transport_ = std::move(transport);
-#if defined(ENABLE_EXTERNAL_AUTH)
-    srtp_transport_->EnableExternalAuth();
-#endif
-  } else {
-    rtp_transport_ = rtc::MakeUnique<webrtc::RtpTransport>(rtcp_mux_required);
-    srtp_transport_ = nullptr;
-  }
+  rtp_transport_ = rtc::MakeUnique<webrtc::RtpTransport>(rtcp_mux_required);
   rtp_transport_->SignalReadyToSend.connect(
       this, &BaseChannel::OnTransportReadyToSend);
   // TODO(zstein):  RtpTransport::SignalPacketReceived will probably be replaced
   // with a callback interface later so that the demuxer can select which
   // channel to signal.
   rtp_transport_->SignalPacketReceived.connect(this,
                                                &BaseChannel::OnPacketReceived);
   LOG(LS_INFO) << "Created channel for " << content_name;
 }
 
@@ skipping 131 matching lines @@
     return;
   }
 
   // When using DTLS-SRTP, we must reset the SrtpTransport every time the
   // DtlsTransport changes and wait until the DTLS handshake is complete to set
   // the newly negotiated parameters.
   if (ShouldSetupDtlsSrtp_n()) {
     // Set |writable_| to false such that UpdateWritableState_w can set up
     // DTLS-SRTP when |writable_| becomes true again.
     writable_ = false;
-    dtls_active_ = false;
-    if (srtp_transport_) {
-      srtp_transport_->ResetParams();
+    if (dtls_srtp_transport_) {
+      dtls_srtp_transport_->ResetParams();
     }
   }
 
   // If this BaseChannel doesn't require RTCP mux and we haven't fully
   // negotiated RTCP mux, we need an RTCP transport.
   if (rtcp_packet_transport) {
     LOG(LS_INFO) << "Setting RTCP Transport for " << content_name() << " on "
                  << debug_name << " transport " << rtcp_packet_transport;
     SetTransport_n(true, rtcp_dtls_transport, rtcp_packet_transport);
   }
@@ skipping 43 matching lines @@
   }
 
   if (rtcp && new_dtls_transport) {
     RTC_CHECK(!(ShouldSetupDtlsSrtp_n() && srtp_active()))
         << "Setting RTCP for DTLS/SRTP after the DTLS is active "
         << "should never happen.";
   }
 
   if (new_dtls_transport) {
     ConnectToDtlsTransport(new_dtls_transport);
+    if (dtls_srtp_transport_) {
+      rtcp ? dtls_srtp_transport_->SetRtcpDtlsTransport(new_dtls_transport)
+           : dtls_srtp_transport_->SetRtpDtlsTransport(new_dtls_transport);
+    }
   } else {
     ConnectToPacketTransport(new_packet_transport);
   }
   auto& socket_options = rtcp ? rtcp_socket_options_ : socket_options_;
   for (const auto& pair : socket_options) {
     new_packet_transport->SetOption(pair.first, pair.second);
   }
 }
 
 void BaseChannel::ConnectToDtlsTransport(DtlsTransportInternal* transport) {
@@ skipping 183 matching lines @@
   if (!ShouldSetupDtlsSrtp_n()) {
     return;
   }
 
   // Reset the SrtpTransport if it's not the CONNECTED state. For the CONNECTED
   // state, setting up DTLS-SRTP context is deferred to ChannelWritable_w to
   // cover other scenarios like the whole transport is writable (not just this
   // TransportChannel) or when TransportChannel is attached after DTLS is
   // negotiated.
   if (state != DTLS_TRANSPORT_CONNECTED) {
-    dtls_active_ = false;
-    if (srtp_transport_) {
-      srtp_transport_->ResetParams();
+    if (dtls_srtp_transport_) {
+      dtls_srtp_transport_->ResetParams();
     }
   }
 }
 
 void BaseChannel::OnSelectedCandidatePairChanged(
     IceTransportInternal* ice_transport,
     CandidatePairInterface* selected_candidate_pair,
     int last_sent_packet_id,
     bool ready_to_send) {
   RTC_DCHECK((rtp_dtls_transport_ &&
@@ skipping 73 matching lines @@
       // (and SetSend(true) is called).
       LOG(LS_ERROR) << "Can't send outgoing RTP packet when SRTP is inactive"
                     << " and crypto is required";
       RTC_NOTREACHED();
       return false;
     }
     // Bon voyage.
     return rtcp ? rtp_transport_->SendRtcpPacket(packet, options, PF_NORMAL)
                 : rtp_transport_->SendRtpPacket(packet, options, PF_NORMAL);
   }
-  RTC_DCHECK(srtp_transport_);
-  RTC_DCHECK(srtp_transport_->IsActive());
+
+  if (dtls_srtp_transport_) {
+    RTC_DCHECK(!sdes_transport_);
+    RTC_DCHECK(dtls_srtp_transport_->IsActive());
+    // Bon voyage.
+    return rtcp ? dtls_srtp_transport_->SendRtcpPacket(packet, options,
+                                                       PF_SRTP_BYPASS)
+                : dtls_srtp_transport_->SendRtpPacket(packet, options,
+                                                      PF_SRTP_BYPASS);
+  }
+
+  RTC_DCHECK(sdes_transport_);
+  RTC_DCHECK(sdes_transport_->IsActive());
   // Bon voyage.
-  return rtcp ? srtp_transport_->SendRtcpPacket(packet, options, PF_SRTP_BYPASS)
-              : srtp_transport_->SendRtpPacket(packet, options, PF_SRTP_BYPASS);
+  return rtcp ? sdes_transport_->SendRtcpPacket(packet, options, PF_SRTP_BYPASS)
+              : sdes_transport_->SendRtpPacket(packet, options, PF_SRTP_BYPASS);
 }
 
 bool BaseChannel::HandlesPayloadType(int packet_type) const {
   return rtp_transport_->HandlesPayloadType(packet_type);
 }
 
 void BaseChannel::OnPacketReceived(bool rtcp,
                                    rtc::CopyOnWriteBuffer* packet,
                                    const rtc::PacketTime& packet_time) {
   if (!has_received_packet_ && !rtcp) {
@@ skipping 103 matching lines @@
 void BaseChannel::SignalDtlsSrtpSetupFailure_s(bool rtcp) {
   RTC_DCHECK(signaling_thread() == rtc::Thread::Current());
   SignalDtlsSrtpSetupFailure(this, rtcp);
 }
 
 bool BaseChannel::ShouldSetupDtlsSrtp_n() const {
   // Since DTLS is applied to all transports, checking RTP should be enough.
   return rtp_dtls_transport_ && rtp_dtls_transport_->IsDtlsActive();
 }
 
-// This function returns true if either DTLS-SRTP is not in use
-// *or* DTLS-SRTP is successfully set up.
-bool BaseChannel::SetupDtlsSrtp_n(bool rtcp) {
-  RTC_DCHECK(network_thread_->IsCurrent());
-  bool ret = false;
-
-  DtlsTransportInternal* transport =
-      rtcp ? rtcp_dtls_transport_ : rtp_dtls_transport_;
-  RTC_DCHECK(transport);
-  RTC_DCHECK(transport->IsDtlsActive());
-
-  int selected_crypto_suite;
-
-  if (!transport->GetSrtpCryptoSuite(&selected_crypto_suite)) {
-    LOG(LS_ERROR) << "No DTLS-SRTP selected crypto suite";
-    return false;
-  }
-
-  LOG(LS_INFO) << "Installing keys from DTLS-SRTP on " << content_name() << " "
-               << RtpRtcpStringLiteral(rtcp);
-
-  int key_len;
-  int salt_len;
-  if (!rtc::GetSrtpKeyAndSaltLengths(selected_crypto_suite, &key_len,
-      &salt_len)) {
-    LOG(LS_ERROR) << "Unknown DTLS-SRTP crypto suite" << selected_crypto_suite;
-    return false;
-  }
-
-  // OK, we're now doing DTLS (RFC 5764)
-  std::vector<unsigned char> dtls_buffer(key_len * 2 + salt_len * 2);
-
-  // RFC 5705 exporter using the RFC 5764 parameters
-  if (!transport->ExportKeyingMaterial(kDtlsSrtpExporterLabel, NULL, 0, false,
-                                       &dtls_buffer[0], dtls_buffer.size())) {
-    LOG(LS_WARNING) << "DTLS-SRTP key export failed";
-    RTC_NOTREACHED();  // This should never happen
-    return false;
-  }
-
-  // Sync up the keys with the DTLS-SRTP interface
-  std::vector<unsigned char> client_write_key(key_len + salt_len);
-  std::vector<unsigned char> server_write_key(key_len + salt_len);
-  size_t offset = 0;
-  memcpy(&client_write_key[0], &dtls_buffer[offset], key_len);
-  offset += key_len;
-  memcpy(&server_write_key[0], &dtls_buffer[offset], key_len);
-  offset += key_len;
-  memcpy(&client_write_key[key_len], &dtls_buffer[offset], salt_len);
-  offset += salt_len;
-  memcpy(&server_write_key[key_len], &dtls_buffer[offset], salt_len);
-
-  std::vector<unsigned char> *send_key, *recv_key;
-  rtc::SSLRole role;
-  if (!transport->GetSslRole(&role)) {
-    LOG(LS_WARNING) << "GetSslRole failed";
-    return false;
-  }
-
-  if (role == rtc::SSL_SERVER) {
-    send_key = &server_write_key;
-    recv_key = &client_write_key;
-  } else {
-    send_key = &client_write_key;
-    recv_key = &server_write_key;
-  }
-
-  if (rtcp) {
-    if (!dtls_active()) {
-      RTC_DCHECK(srtp_transport_);
-      ret = srtp_transport_->SetRtcpParams(
-          selected_crypto_suite, &(*send_key)[0],
-          static_cast<int>(send_key->size()), selected_crypto_suite,
-          &(*recv_key)[0], static_cast<int>(recv_key->size()));
-    } else {
-      // RTCP doesn't need to call SetRtpParam because it is only used
-      // to make the updated encrypted RTP header extension IDs take effect.
-      ret = true;
-    }
-  } else {
-    RTC_DCHECK(srtp_transport_);
-    ret = srtp_transport_->SetRtpParams(selected_crypto_suite, &(*send_key)[0],
-                                        static_cast<int>(send_key->size()),
-                                        selected_crypto_suite, &(*recv_key)[0],
-                                        static_cast<int>(recv_key->size()));
-    dtls_active_ = ret;
-  }
-
-  if (!ret) {
-    LOG(LS_WARNING) << "DTLS-SRTP key installation failed";
-  } else {
-    UpdateTransportOverhead();
-  }
-  return ret;
-}
-
 void BaseChannel::MaybeSetupDtlsSrtp_n() {
   if (dtls_active()) {
     return;
   }
 
   if (!ShouldSetupDtlsSrtp_n()) {
     return;
   }
 
-  if (!srtp_transport_) {
-    EnableSrtpTransport_n();
+  if (!dtls_srtp_transport_) {
+    EnableDtlsSrtp_n();
   }
 
-  if (!SetupDtlsSrtp_n(false)) {
+  if (!dtls_srtp_transport_->SetupDtlsSrtp(false)) {
     SignalDtlsSrtpSetupFailure_n(false);
     return;
   }
 
   if (rtcp_dtls_transport_) {
-    if (!SetupDtlsSrtp_n(true)) {
+    if (!dtls_srtp_transport_->SetupDtlsSrtp(true)) {
       SignalDtlsSrtpSetupFailure_n(true);
       return;
     }
   }
 }
 
 void BaseChannel::ChannelNotWritable_n() {
   RTC_DCHECK(network_thread_->IsCurrent());
   if (!writable_)
     return;
@@ skipping 56 matching lines @@
                                     bool* dtls,
                                     std::string* error_desc) {
   *dtls = rtp_dtls_transport_ && rtp_dtls_transport_->IsDtlsActive();
   if (*dtls && !cryptos.empty()) {
     SafeSetError("Cryptos must be empty when DTLS is active.", error_desc);
     return false;
   }
   return true;
 }
 
-void BaseChannel::EnableSrtpTransport_n() {
-  if (srtp_transport_ == nullptr) {
-    rtp_transport_->SignalReadyToSend.disconnect(this);
-    rtp_transport_->SignalPacketReceived.disconnect(this);
+void BaseChannel::EnableSdes_n() {
+  if (sdes_transport_) {
+    return;
+  }
+  // DtlsSrtpTransport and SrtpTransport shouldn't be enabled at the same
+  // time.
+  RTC_DCHECK(!dtls_srtp_transport_);
+  rtp_transport_->SignalReadyToSend.disconnect(this);
+  rtp_transport_->SignalPacketReceived.disconnect(this);
 
-    auto transport = rtc::MakeUnique<webrtc::SrtpTransport>(
-        std::move(rtp_transport_), content_name_);
-    srtp_transport_ = transport.get();
-    rtp_transport_ = std::move(transport);
+  auto transport = rtc::MakeUnique<webrtc::SrtpTransport>(
+      std::move(rtp_transport_), content_name_);
+  sdes_transport_ = transport.get();
+#if defined(ENABLE_EXTERNAL_AUTH)
+  sdes_transport_->EnableExternalAuth();
+#endif
+  rtp_transport_ = std::move(transport);
 
-    rtp_transport_->SignalReadyToSend.connect(
-        this, &BaseChannel::OnTransportReadyToSend);
-    rtp_transport_->SignalPacketReceived.connect(
-        this, &BaseChannel::OnPacketReceived);
-    LOG(LS_INFO) << "Wrapping RtpTransport in SrtpTransport.";
+  rtp_transport_->SignalReadyToSend.connect(
+      this, &BaseChannel::OnTransportReadyToSend);
+  rtp_transport_->SignalPacketReceived.connect(this,
+                                               &BaseChannel::OnPacketReceived);
+  LOG(LS_INFO) << "Wrapping RtpTransport in SrtpTransport.";
+}
+
+void BaseChannel::EnableDtlsSrtp_n() {
+  if (dtls_srtp_transport_) {
+    return;
+  }
+  // DtlsSrtpTransport and SrtpTransport shouldn't be enabled at the same
+  // time.
+  RTC_DCHECK(!sdes_transport_);
+  rtp_transport_->SignalReadyToSend.disconnect(this);
+  rtp_transport_->SignalPacketReceived.disconnect(this);
+
+  std::unique_ptr<webrtc::SrtpTransport> srtp_transport =
+      rtc::MakeUnique<webrtc::SrtpTransport>(std::move(rtp_transport_),
+                                             content_name_);
+  srtp_transport->SetSendEncryptedHeaderExtensionIds(
+      send_encrypted_header_extension_ids_);
+  srtp_transport->SetRecvEncryptedHeaderExtensionIds(
+      recv_encrypted_header_extension_ids_);
+#if defined(ENABLE_EXTERNAL_AUTH)
+  srtp_transport->EnableExternalAuth();
+#endif
+  std::unique_ptr<webrtc::DtlsSrtpTransport> transport =
+      rtc::MakeUnique<webrtc::DtlsSrtpTransport>(std::move(srtp_transport));
+  dtls_srtp_transport_ = transport.get();
+  dtls_srtp_transport_->SetRtcpDtlsTransport(rtcp_dtls_transport_);
+  dtls_srtp_transport_->SetRtpDtlsTransport(rtp_dtls_transport_);
+
+  rtp_transport_ = std::move(transport);
+  rtp_transport_->SignalReadyToSend.connect(
+      this, &BaseChannel::OnTransportReadyToSend);
+  rtp_transport_->SignalPacketReceived.connect(this,
+                                               &BaseChannel::OnPacketReceived);
+  LOG(LS_INFO) << "Wrapping SrtpTransport in DtlsSrtpTransport.";
+}
+
+void BaseChannel::CacheEncryptedHeaderExtensionIds(
+    cricket::ContentSource source,
+    const std::vector<int>& extension_ids) {
+  if (source == cricket::CS_LOCAL) {
+    recv_encrypted_header_extension_ids_ = extension_ids;
+  } else {
+    send_encrypted_header_extension_ids_ = extension_ids;
   }
 }
 
 bool BaseChannel::SetSrtp_n(const std::vector<CryptoParams>& cryptos,
                             ContentAction action,
                             ContentSource src,
                             const std::vector<int>& encrypted_extension_ids,
                             std::string* error_desc) {
   TRACE_EVENT0("webrtc", "BaseChannel::SetSrtp_w");
   if (action == CA_UPDATE) {
     // no crypto params.
     return true;
   }
   bool ret = false;
   bool dtls = false;
   ret = CheckSrtpConfig_n(cryptos, &dtls, error_desc);
   if (!ret) {
     return false;
   }
+  // Cache the encrypted extension ids. |SetSrtp_n| could happen before the
+  // certficate is ready and the |rtp_dtls_transport_| is active. The

[Taylor Brandstetter, 2017/09/27 23:54:48]

certificate

+  // |dtls_srtp_transport_| is not enabled until the |rtp_dtls_transport_| is
+  // active.
+  CacheEncryptedHeaderExtensionIds(src, encrypted_extension_ids);
 
+  if (!dtls) {
+    ret = SetSdesSrtp_n(cryptos, action, src, encrypted_extension_ids);
+  } else {
+    ret = SetDtlsSrtp_n(src, encrypted_extension_ids);
+  }
+
+  if (!ret) {
+    SafeSetError("Failed to setup SRTP.", error_desc);
+    return false;
+  }
+  return true;
+}
+
+bool BaseChannel::SetSdesSrtp_n(
+    const std::vector<CryptoParams>& cryptos,
+    ContentAction action,
+    ContentSource src,
+    const std::vector<int>& encrypted_extension_ids) {
+  if (cryptos.empty()) {
+    return true;
+  }
   // If SRTP was not required, but we're setting a description that uses SDES,
   // we need to upgrade to an SrtpTransport.
-  if (!srtp_transport_ && !dtls && !cryptos.empty()) {
-    EnableSrtpTransport_n();
+  if (!sdes_transport_) {
+    EnableSdes_n();
   }
-  if (srtp_transport_) {
-    srtp_transport_->SetEncryptedHeaderExtensionIds(src,
-                                                    encrypted_extension_ids);
+  if (sdes_transport_) {
+    src == cricket::CS_LOCAL
+        ? sdes_transport_->SetRecvEncryptedHeaderExtensionIds(
+              encrypted_extension_ids)
+        : sdes_transport_->SetSendEncryptedHeaderExtensionIds(
+              encrypted_extension_ids);
   }
+
+  bool ret = true;
   switch (action) {
     case CA_OFFER:
-      // If DTLS is already active on the channel, we could be renegotiating
-      // here. We don't update the srtp filter.
-      if (!dtls) {
-        ret = sdes_negotiator_.SetOffer(cryptos, src);
-      }
+      ret = sdes_negotiator_.SetOffer(cryptos, src);
       break;
     case CA_PRANSWER:
-      // If we're doing DTLS-SRTP, we don't want to update the filter
-      // with an answer, because we already have SRTP parameters.
-      if (!dtls) {
-        ret = sdes_negotiator_.SetProvisionalAnswer(cryptos, src);
-      }
+      ret = sdes_negotiator_.SetProvisionalAnswer(cryptos, src);
       break;
     case CA_ANSWER:
-      // If we're doing DTLS-SRTP, we don't want to update the filter
-      // with an answer, because we already have SRTP parameters.
-      if (!dtls) {
-        ret = sdes_negotiator_.SetAnswer(cryptos, src);
-      }
+      ret = sdes_negotiator_.SetAnswer(cryptos, src);
       break;
     default:
       break;
   }
 
   // If setting an SDES answer succeeded, apply the negotiated parameters
   // to the SRTP transport.
-  if ((action == CA_PRANSWER || action == CA_ANSWER) && !dtls && ret) {
+  if ((action == CA_PRANSWER || action == CA_ANSWER) && ret) {
     if (sdes_negotiator_.send_cipher_suite() &&
         sdes_negotiator_.recv_cipher_suite()) {
-      ret = srtp_transport_->SetRtpParams(
+      ret = sdes_transport_->SetRtpParams(
           *(sdes_negotiator_.send_cipher_suite()),
           sdes_negotiator_.send_key().data(),
           static_cast<int>(sdes_negotiator_.send_key().size()),
           *(sdes_negotiator_.recv_cipher_suite()),
           sdes_negotiator_.recv_key().data(),
           static_cast<int>(sdes_negotiator_.recv_key().size()));
     } else {
       LOG(LS_INFO) << "No crypto keys are provided for SDES.";
-      if (action == CA_ANSWER && srtp_transport_) {
-        // Explicitly reset the |srtp_transport_| if no crypto param is
+      if (action == CA_ANSWER && sdes_transport_) {
+        // Explicitly reset the |sdes_transport_| if no crypto param is
         // provided in the answer. No need to call |ResetParams()| for
         // |sdes_negotiator_| because it resets the params inside |SetAnswer|.
-        srtp_transport_->ResetParams();
+        sdes_transport_->ResetParams();
       }
     }
   }
+  return ret;
+}
 
-  // Only update SRTP filter if using DTLS. SDES is handled internally
-  // by the SRTP filter.
-  // TODO(jbauch): Only update if encrypted extension ids have changed.
-  if (ret && dtls_active() && rtp_dtls_transport_ &&
-      rtp_dtls_transport_->dtls_state() == DTLS_TRANSPORT_CONNECTED) {
+bool BaseChannel::SetDtlsSrtp_n(
+    ContentSource src,
+    const std::vector<int>& encrypted_extension_ids) {
+  bool ret = true;
+  if (!dtls_srtp_transport_) {
+    EnableDtlsSrtp_n();
+  }
+  // Update the DtlsSrtpTransport if using DTLS.
+  // TODO(zhihuang): Only update if encrypted extension ids have changed.
+  else {
+    src == cricket::CS_LOCAL
+        ? dtls_srtp_transport_->SetRecvEncryptedHeaderExtensionIds(
+              encrypted_extension_ids)
+        : dtls_srtp_transport_->SetSendEncryptedHeaderExtensionIds(
+              encrypted_extension_ids);
+  }
+
+  if (dtls_active() && dtls_srtp_transport_->rtp_dtls_transport() &&
+      dtls_srtp_transport_->rtp_dtls_transport()->dtls_state() ==
+          DTLS_TRANSPORT_CONNECTED) {
     bool rtcp = false;
-    ret = SetupDtlsSrtp_n(rtcp);
+    ret = dtls_srtp_transport_->SetupDtlsSrtp(rtcp);
   }
-  if (!ret) {
-    SafeSetError("Failed to setup SRTP filter.", error_desc);
-    return false;
-  }
-  return true;
+  return ret;
 }
 
 bool BaseChannel::SetRtcpMux_n(bool enable,
                                ContentAction action,
                                ContentSource src,
                                std::string* error_desc) {
   // Provide a more specific error message for the RTCP mux "require" policy
   // case.
   if (rtcp_mux_required_ && !enable) {
     SafeSetError(
@@ skipping 242 matching lines @@
       send_time_extension ? send_time_extension->id : -1;
   invoker_.AsyncInvoke<void>(
       RTC_FROM_HERE, network_thread_,
       Bind(&BaseChannel::CacheRtpAbsSendTimeHeaderExtension_n, this,
            rtp_abs_sendtime_extn_id));
 #endif
 }
 
 void BaseChannel::CacheRtpAbsSendTimeHeaderExtension_n(
     int rtp_abs_sendtime_extn_id) {
-  if (srtp_transport_) {
-    srtp_transport_->CacheRtpAbsSendTimeHeaderExtension(
+  if (sdes_transport_) {
+    sdes_transport_->CacheRtpAbsSendTimeHeaderExtension(
         rtp_abs_sendtime_extn_id);
   } else {
     LOG(LS_WARNING) << "Trying to cache the Absolute Send Time extension id "
                        "but the SRTP is not active.";
   }
 }
 
 void BaseChannel::OnMessage(rtc::Message *pmsg) {
   TRACE_EVENT0("webrtc", "BaseChannel::OnMessage");
   switch (pmsg->message_id) {
@@ skipping 270 matching lines @@
   constexpr int kUdpOverhaed = 8;
   constexpr int kTcpOverhaed = 20;
   transport_overhead_per_packet +=
       selected_candidate_pair_->local_candidate().protocol() ==
               TCP_PROTOCOL_NAME
           ? kTcpOverhaed
           : kUdpOverhaed;
 
   if (sdes_active()) {
     int srtp_overhead = 0;
-    if (srtp_transport_->GetSrtpOverhead(&srtp_overhead))
+    if (sdes_transport_->GetSrtpOverhead(&srtp_overhead))
       transport_overhead_per_packet += srtp_overhead;
   }
 
   return transport_overhead_per_packet;
 }
 
 void BaseChannel::UpdateTransportOverhead() {
   int transport_overhead_per_packet = GetTransportOverheadPerPacket();
   if (transport_overhead_per_packet)
     invoker_.AsyncInvoke<void>(
@@ skipping 699 matching lines @@
 
 void RtpDataChannel::OnDataChannelReadyToSend(bool writable) {
   // This is usded for congestion control to indicate that the stream is ready
   // to send by the MediaChannel, as opposed to OnReadyToSend, which indicates
   // that the transport channel is ready.
   signaling_thread()->Post(RTC_FROM_HERE, this, MSG_READYTOSENDDATA,
                            new DataChannelReadyToSendMessageData(writable));
 }
 
 }  // namespace cricket