commit 5ada7acf603e90e71990e9d4ff8f49389f24958c
author deadbeef <deadbeef@webrtc.org> Sat Sep 16 00:52:36 2017
committer Commit Bot <commit-bot@chromium.org> Sat Sep 16 00:52:36 2017
tree 05243bee05cdccb202dd6c0a7fa8bab770e032f8
parent 1c5e6d0a3f6f7ca2f20bbce354fdf4ee92b2ce93

If SRTP sessions exist, don't create new ones when applying answer.

Instead, call the "Update" methods of SrtpSession, which will just call
srtp_update, instead of wiping out the session state completely.

This was causing decryption to stop working when subsequent
offers/answers are applied. We don't know enough about SRTP to
understand the root cause, and I wasn't able to write an integration
test that reproduces the issue... But at least this fixes the bug that
can be reproduced reliably using Hangouts.

BUG=webrtc:8251

Review-Url: https://codereview.webrtc.org/3019443002
Cr-Commit-Position: refs/heads/master@{#19874}

pc/srtptransport.cc

diff --git a/pc/srtptransport.cc b/pc/srtptransport.cc
index f3b5309..64889c6 100644
--- a/pc/srtptransport.cc
+++ b/pc/srtptransport.cc
@@ -174,25 +174,42 @@
                                  int recv_cs,
                                  const uint8_t* recv_key,
                                  int recv_key_len) {
-  CreateSrtpSessions();
+  // If parameters are being set for the first time, we should create new SRTP
+  // sessions and call "SetSend/SetRecv". Otherwise we should call
+  // "UpdateSend"/"UpdateRecv" on the existing sessions, which will internally
+  // call "srtp_update".
+  bool new_sessions = false;
+  if (!send_session_) {
+    RTC_DCHECK(!recv_session_);
+    CreateSrtpSessions();
+    new_sessions = true;
+  }
+
   send_session_->SetEncryptedHeaderExtensionIds(
       send_encrypted_header_extension_ids_);
   if (external_auth_enabled_) {
     send_session_->EnableExternalAuth();
   }
-  if (!send_session_->SetSend(send_cs, send_key, send_key_len)) {
+  bool ret = new_sessions
+                 ? send_session_->SetSend(send_cs, send_key, send_key_len)
+                 : send_session_->UpdateSend(send_cs, send_key, send_key_len);
+  if (!ret) {
     ResetParams();
     return false;
   }
 
   recv_session_->SetEncryptedHeaderExtensionIds(
       recv_encrypted_header_extension_ids_);
-  if (!recv_session_->SetRecv(recv_cs, recv_key, recv_key_len)) {
+  ret = new_sessions
+            ? recv_session_->SetRecv(recv_cs, recv_key, recv_key_len)
+            : recv_session_->UpdateRecv(recv_cs, recv_key, recv_key_len);
+  if (!ret) {
     ResetParams();
     return false;
   }
 
-  LOG(LS_INFO) << "SRTP activated with negotiated parameters:"
+  LOG(LS_INFO) << "SRTP " << (new_sessions ? "updated" : "activated")
+               << " with negotiated parameters:"
                << " send cipher_suite " << send_cs << " recv cipher_suite "
                << recv_cs;
   return true;