Remove enable_dtls_srtp option
This is part of the removal of support for SDES.
Bug: webrtc:11066
Change-Id: I448d0e0032672c04c87b00550ab4b9d792071a0b
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/234864
Reviewed-by: Henrik Boström <hbos@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#35262}
diff --git a/api/peer_connection_interface.h b/api/peer_connection_interface.h
index b1700ce..9dca8f5 100644
--- a/api/peer_connection_interface.h
+++ b/api/peer_connection_interface.h
@@ -427,12 +427,6 @@
// Use new combined audio/video bandwidth estimation?
absl::optional<bool> combined_audio_video_bwe;
- // TODO(bugs.webrtc.org/9891) - Move to crypto_options
- // Can be used to disable DTLS-SRTP. This should never be done, but can be
- // useful for testing purposes, for example in setting up a loopback call
- // with a single PeerConnection.
- absl::optional<bool> enable_dtls_srtp;
-
/////////////////////////////////////////////////
// The below fields are not part of the standard.
/////////////////////////////////////////////////
diff --git a/examples/androidapp/src/org/appspot/apprtc/PeerConnectionClient.java b/examples/androidapp/src/org/appspot/apprtc/PeerConnectionClient.java
index 2872d0b..2bc75ff 100644
--- a/examples/androidapp/src/org/appspot/apprtc/PeerConnectionClient.java
+++ b/examples/androidapp/src/org/appspot/apprtc/PeerConnectionClient.java
@@ -442,6 +442,10 @@
decoderFactory = new SoftwareVideoDecoderFactory();
}
+ // Disable encryption for loopback calls.
+ if (peerConnectionParameters.loopback) {
+ options.disableEncryption = true;
+ }
factory = PeerConnectionFactory.builder()
.setOptions(options)
.setAudioDeviceModule(adm)
@@ -600,8 +604,6 @@
rtcConfig.continualGatheringPolicy = PeerConnection.ContinualGatheringPolicy.GATHER_CONTINUALLY;
// Use ECDSA encryption.
rtcConfig.keyType = PeerConnection.KeyType.ECDSA;
- // Enable DTLS for normal calls and disable for loopback calls.
- rtcConfig.enableDtlsSrtp = !peerConnectionParameters.loopback;
rtcConfig.sdpSemantics = PeerConnection.SdpSemantics.UNIFIED_PLAN;
peerConnection = factory.createPeerConnection(rtcConfig, pcObserver);
diff --git a/examples/androidnativeapi/jni/android_call_client.cc b/examples/androidnativeapi/jni/android_call_client.cc
index f38de24..8178273 100644
--- a/examples/androidnativeapi/jni/android_call_client.cc
+++ b/examples/androidnativeapi/jni/android_call_client.cc
@@ -177,8 +177,10 @@
webrtc::MutexLock lock(&pc_mutex_);
webrtc::PeerConnectionInterface::RTCConfiguration config;
config.sdp_semantics = webrtc::SdpSemantics::kUnifiedPlan;
- // DTLS SRTP has to be disabled for loopback to work.
- config.enable_dtls_srtp = false;
+ // Encryption has to be disabled for loopback to work.
+ webrtc::PeerConnectionFactoryInterface::Options options;
+ options.disable_encryption = true;
+ pcf_->SetOptions(options);
webrtc::PeerConnectionDependencies deps(pc_observer_.get());
pc_ = pcf_->CreatePeerConnectionOrError(config, std::move(deps)).MoveValue();
diff --git a/examples/objcnativeapi/objc/objc_call_client.mm b/examples/objcnativeapi/objc/objc_call_client.mm
index 419203e..09d3d4a 100644
--- a/examples/objcnativeapi/objc/objc_call_client.mm
+++ b/examples/objcnativeapi/objc/objc_call_client.mm
@@ -141,8 +141,10 @@
webrtc::MutexLock lock(&pc_mutex_);
webrtc::PeerConnectionInterface::RTCConfiguration config;
config.sdp_semantics = webrtc::SdpSemantics::kUnifiedPlan;
- // DTLS SRTP has to be disabled for loopback to work.
- config.enable_dtls_srtp = false;
+ // Encryption has to be disabled for loopback to work.
+ webrtc::PeerConnectionFactoryInterface::Options options;
+ options.disable_encryption = true;
+ pcf_->SetOptions(options);
webrtc::PeerConnectionDependencies pc_dependencies(pc_observer_.get());
pc_ = pcf_->CreatePeerConnectionOrError(config, std::move(pc_dependencies)).MoveValue();
RTC_LOG(LS_INFO) << "PeerConnection created: " << pc_;
diff --git a/examples/peerconnection/client/conductor.cc b/examples/peerconnection/client/conductor.cc
index 744c6b1..d3b1d21 100644
--- a/examples/peerconnection/client/conductor.cc
+++ b/examples/peerconnection/client/conductor.cc
@@ -150,7 +150,7 @@
return false;
}
- if (!CreatePeerConnection(/*dtls=*/true)) {
+ if (!CreatePeerConnection()) {
main_wnd_->MessageBox("Error", "CreatePeerConnection failed", true);
DeletePeerConnection();
}
@@ -165,23 +165,28 @@
std::vector<rtc::scoped_refptr<webrtc::RtpSenderInterface>> senders =
peer_connection_->GetSenders();
peer_connection_ = nullptr;
- if (CreatePeerConnection(/*dtls=*/false)) {
+ // Loopback is only possible if encryption is disabled.
+ webrtc::PeerConnectionFactoryInterface::Options options;
+ options.disable_encryption = true;
+ peer_connection_factory_->SetOptions(options);
+ if (CreatePeerConnection()) {
for (const auto& sender : senders) {
peer_connection_->AddTrack(sender->track(), sender->stream_ids());
}
peer_connection_->CreateOffer(
this, webrtc::PeerConnectionInterface::RTCOfferAnswerOptions());
}
+ options.disable_encryption = false;
+ peer_connection_factory_->SetOptions(options);
return peer_connection_ != nullptr;
}
-bool Conductor::CreatePeerConnection(bool dtls) {
+bool Conductor::CreatePeerConnection() {
RTC_DCHECK(peer_connection_factory_);
RTC_DCHECK(!peer_connection_);
webrtc::PeerConnectionInterface::RTCConfiguration config;
config.sdp_semantics = webrtc::SdpSemantics::kUnifiedPlan;
- config.enable_dtls_srtp = dtls;
webrtc::PeerConnectionInterface::IceServer server;
server.uri = GetPeerConnectionString();
config.servers.push_back(server);
diff --git a/examples/peerconnection/client/conductor.h b/examples/peerconnection/client/conductor.h
index 332cd43..80617d3 100644
--- a/examples/peerconnection/client/conductor.h
+++ b/examples/peerconnection/client/conductor.h
@@ -54,7 +54,7 @@
~Conductor();
bool InitializePeerConnection();
bool ReinitializePeerConnectionForLoopback();
- bool CreatePeerConnection(bool dtls);
+ bool CreatePeerConnection();
void DeletePeerConnection();
void EnsureStreamingUI();
void AddTracks();
diff --git a/examples/unityplugin/simple_peer_connection.cc b/examples/unityplugin/simple_peer_connection.cc
index c7e5185..e1c9c40 100644
--- a/examples/unityplugin/simple_peer_connection.cc
+++ b/examples/unityplugin/simple_peer_connection.cc
@@ -190,7 +190,6 @@
webrtc::PeerConnectionInterface::IceServer stun_server;
stun_server.uri = GetPeerConnectionString();
config_.servers.push_back(stun_server);
- config_.enable_dtls_srtp = false;
auto result = g_peer_connection_factory->CreatePeerConnectionOrError(
config_, webrtc::PeerConnectionDependencies(this));
diff --git a/pc/peer_connection.cc b/pc/peer_connection.cc
index 0ca18aa..1cb05a2 100644
--- a/pc/peer_connection.cc
+++ b/pc/peer_connection.cc
@@ -276,8 +276,8 @@
bool default_enabled =
(dependencies.cert_generator || !configuration.certificates.empty());
- // The `configuration` can override the default value.
- return configuration.enable_dtls_srtp.value_or(default_enabled);
+ RTC_DCHECK(default_enabled) << "Configuration error: No certs for DTLS";
+ return default_enabled;
}
} // namespace
@@ -300,7 +300,6 @@
bool enable_rtp_data_channel;
absl::optional<int> screencast_min_bitrate;
absl::optional<bool> combined_audio_video_bwe;
- absl::optional<bool> enable_dtls_srtp;
TcpCandidatePolicy tcp_candidate_policy;
CandidateNetworkPolicy candidate_network_policy;
int audio_jitter_buffer_max_packets;
@@ -368,7 +367,6 @@
disable_link_local_networks == o.disable_link_local_networks &&
screencast_min_bitrate == o.screencast_min_bitrate &&
combined_audio_video_bwe == o.combined_audio_video_bwe &&
- enable_dtls_srtp == o.enable_dtls_srtp &&
ice_candidate_pool_size == o.ice_candidate_pool_size &&
prune_turn_ports == o.prune_turn_ports &&
turn_port_prune_policy == o.turn_port_prune_policy &&
diff --git a/pc/peer_connection_crypto_unittest.cc b/pc/peer_connection_crypto_unittest.cc
index 394203c..c0c3281 100644
--- a/pc/peer_connection_crypto_unittest.cc
+++ b/pc/peer_connection_crypto_unittest.cc
@@ -181,7 +181,6 @@
// no SDES cryptos.
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsEnabled) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto offer = caller->CreateOffer();
@@ -195,7 +194,6 @@
}
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsEnabled) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -210,39 +208,6 @@
answer->description()));
}
-// When DTLS is disabled, the SDP offer/answer should include SDES cryptos and
-// should not have a DTLS fingerprint.
-TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsDisabled) {
- RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
- auto caller = CreatePeerConnectionWithAudioVideo(config);
-
- auto offer = caller->CreateOffer();
- ASSERT_TRUE(offer);
-
- ASSERT_FALSE(offer->description()->contents().empty());
- EXPECT_TRUE(SdpContentsAll(HaveSdesCryptos(), offer->description()));
- EXPECT_TRUE(SdpContentsNone(HaveDtlsFingerprint(), offer->description()));
- EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolSavpf),
- offer->description()));
-}
-TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsDisabled) {
- RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
- auto caller = CreatePeerConnectionWithAudioVideo(config);
- auto callee = CreatePeerConnectionWithAudioVideo(config);
-
- callee->SetRemoteDescription(caller->CreateOffer());
- auto answer = callee->CreateAnswer();
- ASSERT_TRUE(answer);
-
- ASSERT_FALSE(answer->description()->contents().empty());
- EXPECT_TRUE(SdpContentsAll(HaveSdesCryptos(), answer->description()));
- EXPECT_TRUE(SdpContentsNone(HaveDtlsFingerprint(), answer->description()));
- EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolSavpf),
- answer->description()));
-}
-
// When encryption is disabled, the SDP offer/answer should have neither a DTLS
// fingerprint nor any SDES crypto options.
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenEncryptionDisabled) {
@@ -251,7 +216,6 @@
pc_factory_->SetOptions(options);
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto offer = caller->CreateOffer();
@@ -269,7 +233,6 @@
pc_factory_->SetOptions(options);
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -284,80 +247,12 @@
answer->description()));
}
-// CryptoOptions has been promoted to RTCConfiguration. As such if it is ever
-// set in the configuration it should overrite the settings set in the factory.
-TEST_P(PeerConnectionCryptoTest, RTCConfigurationCryptoOptionOverridesFactory) {
- PeerConnectionFactoryInterface::Options options;
- options.crypto_options.srtp.enable_gcm_crypto_suites = true;
- pc_factory_->SetOptions(options);
-
- RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
- CryptoOptions crypto_options;
- crypto_options.srtp.enable_gcm_crypto_suites = false;
- config.crypto_options = crypto_options;
- auto caller = CreatePeerConnectionWithAudioVideo(config);
-
- auto offer = caller->CreateOffer();
- ASSERT_TRUE(offer);
-
- ASSERT_FALSE(offer->description()->contents().empty());
- // This should exist if GCM is enabled see CorrectCryptoInOfferWithSdesAndGcm
- EXPECT_FALSE(SdpContentsAll(HaveSdesGcmCryptos(3), offer->description()));
-}
-
-// When DTLS is disabled and GCM cipher suites are enabled, the SDP offer/answer
-// should have the correct ciphers in the SDES crypto options.
-// With GCM cipher suites enabled, there will be 3 cryptos in the offer and 1
-// in the answer.
-TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWithSdesAndGcm) {
- PeerConnectionFactoryInterface::Options options;
- options.crypto_options.srtp.enable_gcm_crypto_suites = true;
- pc_factory_->SetOptions(options);
-
- RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
- auto caller = CreatePeerConnectionWithAudioVideo(config);
-
- auto offer = caller->CreateOffer();
- ASSERT_TRUE(offer);
-
- ASSERT_FALSE(offer->description()->contents().empty());
- EXPECT_TRUE(SdpContentsAll(HaveSdesGcmCryptos(3), offer->description()));
-}
-
-TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWithSdesAndGcm) {
- PeerConnectionFactoryInterface::Options options;
- options.crypto_options.srtp.enable_gcm_crypto_suites = true;
- pc_factory_->SetOptions(options);
-
- RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
- auto caller = CreatePeerConnectionWithAudioVideo(config);
- auto callee = CreatePeerConnectionWithAudioVideo(config);
-
- auto offer = caller->CreateOffer();
- for (cricket::ContentInfo& content : offer->description()->contents()) {
- auto cryptos = content.media_description()->cryptos();
- cryptos.erase(cryptos.begin()); // Assumes that non-GCM is the default.
- content.media_description()->set_cryptos(cryptos);
- }
-
- callee->SetRemoteDescription(std::move(offer));
- auto answer = callee->CreateAnswer();
- ASSERT_TRUE(answer);
-
- ASSERT_FALSE(answer->description()->contents().empty());
- EXPECT_TRUE(SdpContentsAll(HaveSdesGcmCryptos(1), answer->description()));
-}
-
TEST_P(PeerConnectionCryptoTest, CanSetSdesGcmRemoteOfferAndLocalAnswer) {
PeerConnectionFactoryInterface::Options options;
options.crypto_options.srtp.enable_gcm_crypto_suites = true;
pc_factory_->SetOptions(options);
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -368,69 +263,8 @@
auto answer = callee->CreateAnswer();
ASSERT_TRUE(answer);
ASSERT_TRUE(callee->SetLocalDescription(std::move(answer)));
-}
-
-// The following group tests that two PeerConnections can successfully exchange
-// an offer/answer when DTLS is off and that they will refuse any offer/answer
-// applied locally/remotely if it does not include SDES cryptos.
-TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenSdesOn) {
- RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
- auto caller = CreatePeerConnectionWithAudioVideo(config);
- auto callee = CreatePeerConnectionWithAudioVideo(config);
-
- auto offer = caller->CreateOfferAndSetAsLocal();
- ASSERT_TRUE(offer);
- ASSERT_TRUE(callee->SetRemoteDescription(std::move(offer)));
-
- auto answer = callee->CreateAnswerAndSetAsLocal();
- ASSERT_TRUE(answer);
- ASSERT_TRUE(caller->SetRemoteDescription(std::move(answer)));
-}
-TEST_P(PeerConnectionCryptoTest, FailToSetLocalOfferWithNoCryptosWhenSdesOn) {
- RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
- auto caller = CreatePeerConnectionWithAudioVideo(config);
-
- auto offer = caller->CreateOffer();
- SdpContentsForEach(RemoveSdesCryptos(), offer->description());
-
- EXPECT_FALSE(caller->SetLocalDescription(std::move(offer)));
-}
-TEST_P(PeerConnectionCryptoTest, FailToSetRemoteOfferWithNoCryptosWhenSdesOn) {
- RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
- auto caller = CreatePeerConnectionWithAudioVideo(config);
- auto callee = CreatePeerConnectionWithAudioVideo(config);
-
- auto offer = caller->CreateOffer();
- SdpContentsForEach(RemoveSdesCryptos(), offer->description());
-
- EXPECT_FALSE(callee->SetRemoteDescription(std::move(offer)));
-}
-TEST_P(PeerConnectionCryptoTest, FailToSetLocalAnswerWithNoCryptosWhenSdesOn) {
- RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
- auto caller = CreatePeerConnectionWithAudioVideo(config);
- auto callee = CreatePeerConnectionWithAudioVideo(config);
-
- callee->SetRemoteDescription(caller->CreateOfferAndSetAsLocal());
- auto answer = callee->CreateAnswer();
- SdpContentsForEach(RemoveSdesCryptos(), answer->description());
-
- EXPECT_FALSE(callee->SetLocalDescription(std::move(answer)));
-}
-TEST_P(PeerConnectionCryptoTest, FailToSetRemoteAnswerWithNoCryptosWhenSdesOn) {
- RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
- auto caller = CreatePeerConnectionWithAudioVideo(config);
- auto callee = CreatePeerConnectionWithAudioVideo(config);
-
- callee->SetRemoteDescription(caller->CreateOfferAndSetAsLocal());
- auto answer = callee->CreateAnswerAndSetAsLocal();
- SdpContentsForEach(RemoveSdesCryptos(), answer->description());
-
- EXPECT_FALSE(caller->SetRemoteDescription(std::move(answer)));
+ // Note - this test doesn't verify that Gcm is present, just that it
+ // does not caue a failure.
}
// The following group tests that two PeerConnections can successfully exchange
@@ -438,7 +272,6 @@
// applied locally/remotely if it does not include a DTLS fingerprint.
TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenDtlsOn) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -453,7 +286,6 @@
TEST_P(PeerConnectionCryptoTest,
FailToSetLocalOfferWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto offer = caller->CreateOffer();
@@ -464,7 +296,6 @@
TEST_P(PeerConnectionCryptoTest,
FailToSetRemoteOfferWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -476,7 +307,6 @@
TEST_P(PeerConnectionCryptoTest,
FailToSetLocalAnswerWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -487,7 +317,6 @@
TEST_P(PeerConnectionCryptoTest,
FailToSetRemoteAnswerWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -505,7 +334,6 @@
pc_factory_->SetOptions(options);
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -523,13 +351,11 @@
TEST_P(PeerConnectionCryptoTest,
ExchangeOfferAnswerWhenDtlsCertificateInConfig) {
RTCConfiguration caller_config;
- caller_config.enable_dtls_srtp.emplace(true);
caller_config.certificates.push_back(
FakeRTCCertificateGenerator::GenerateCertificate());
auto caller = CreatePeerConnectionWithAudioVideo(caller_config);
RTCConfiguration callee_config;
- callee_config.enable_dtls_srtp.emplace(true);
callee_config.certificates.push_back(
FakeRTCCertificateGenerator::GenerateCertificate());
auto callee = CreatePeerConnectionWithAudioVideo(callee_config);
@@ -600,7 +426,6 @@
TEST_P(PeerConnectionCryptoDtlsCertGenTest, TestCertificateGeneration) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto owned_fake_certificate_generator =
std::make_unique<FakeRTCCertificateGenerator>();
auto* fake_certificate_generator = owned_fake_certificate_generator.get();
@@ -724,7 +549,6 @@
auto caller = CreatePeerConnectionWithAudioVideo();
RTCConfiguration callee_config;
- callee_config.enable_dtls_srtp.emplace(true);
callee_config.certificates.push_back(callee_certificate);
auto callee = CreatePeerConnectionWithAudioVideo(callee_config);
diff --git a/pc/peer_connection_data_channel_unittest.cc b/pc/peer_connection_data_channel_unittest.cc
index 2544473..5a6377b 100644
--- a/pc/peer_connection_data_channel_unittest.cc
+++ b/pc/peer_connection_data_channel_unittest.cc
@@ -280,15 +280,6 @@
answer->description()->GetTransportInfoByName(data_content->name));
}
-TEST_P(PeerConnectionDataChannelTest,
- CreateDataChannelWithDtlsDisabledSucceeds) {
- RTCConfiguration config;
- config.enable_dtls_srtp.emplace(false);
- auto caller = CreatePeerConnection();
-
- EXPECT_TRUE(caller->pc()->CreateDataChannel("dc", nullptr));
-}
-
TEST_P(PeerConnectionDataChannelTest, SctpPortPropagatedFromSdpToTransport) {
constexpr int kNewSendPort = 9998;
constexpr int kNewRecvPort = 7775;
diff --git a/pc/peer_connection_end_to_end_unittest.cc b/pc/peer_connection_end_to_end_unittest.cc
index 4ef4c83..19e4be3 100644
--- a/pc/peer_connection_end_to_end_unittest.cc
+++ b/pc/peer_connection_end_to_end_unittest.cc
@@ -366,15 +366,6 @@
WaitForCallEstablished();
}
-TEST_P(PeerConnectionEndToEndTest, CallWithSdesKeyNegotiation) {
- config_.enable_dtls_srtp = false;
- CreatePcs(webrtc::CreateOpusAudioEncoderFactory(),
- webrtc::CreateOpusAudioDecoderFactory());
- GetAndAddUserMedia();
- Negotiate();
- WaitForCallEstablished();
-}
-
TEST_P(PeerConnectionEndToEndTest, CallWithCustomCodec) {
class IdLoggingAudioEncoderFactory : public webrtc::AudioEncoderFactory {
public:
diff --git a/pc/peer_connection_integrationtest.cc b/pc/peer_connection_integrationtest.cc
index fc09416..53aa63e 100644
--- a/pc/peer_connection_integrationtest.cc
+++ b/pc/peer_connection_integrationtest.cc
@@ -264,30 +264,6 @@
webrtc::kEnumCounterKeyProtocolSdes));
}
-// Uses SDES instead of DTLS for key agreement.
-TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithSdes) {
- PeerConnectionInterface::RTCConfiguration sdes_config;
- sdes_config.enable_dtls_srtp.emplace(false);
- ASSERT_TRUE(CreatePeerConnectionWrappersWithConfig(sdes_config, sdes_config));
- ConnectFakeSignaling();
-
- // Do normal offer/answer and wait for some frames to be received in each
- // direction.
- caller()->AddAudioVideoTracks();
- callee()->AddAudioVideoTracks();
- caller()->CreateAndSetAndSignalOffer();
- ASSERT_TRUE_WAIT(SignalingStateStable(), kDefaultTimeout);
- MediaExpectations media_expectations;
- media_expectations.ExpectBidirectionalAudioAndVideo();
- ASSERT_TRUE(ExpectNewFrames(media_expectations));
- EXPECT_METRIC_LE(
- 2, webrtc::metrics::NumEvents("WebRTC.PeerConnection.KeyProtocol",
- webrtc::kEnumCounterKeyProtocolSdes));
- EXPECT_METRIC_EQ(
- 0, webrtc::metrics::NumEvents("WebRTC.PeerConnection.KeyProtocol",
- webrtc::kEnumCounterKeyProtocolDtls));
-}
-
// Basic end-to-end test specifying the `enable_encrypted_rtp_header_extensions`
// option to offer encrypted versions of all header extensions alongside the
// unencrypted versions.
diff --git a/pc/peer_connection_interface_unittest.cc b/pc/peer_connection_interface_unittest.cc
index 2105c78..5452238 100644
--- a/pc/peer_connection_interface_unittest.cc
+++ b/pc/peer_connection_interface_unittest.cc
@@ -710,13 +710,16 @@
CreatePeerConnection(PeerConnectionInterface::RTCConfiguration());
}
- // DTLS does not work in a loopback call, so is disabled for most of the
+ // DTLS does not work in a loopback call, so is disabled for many
// tests in this file.
void CreatePeerConnectionWithoutDtls() {
RTCConfiguration config;
- config.enable_dtls_srtp = false;
-
+ PeerConnectionFactoryInterface::Options options;
+ options.disable_encryption = true;
+ pc_factory_->SetOptions(options);
CreatePeerConnection(config);
+ options.disable_encryption = false;
+ pc_factory_->SetOptions(options);
}
void CreatePeerConnectionWithIceTransportsType(
@@ -751,10 +754,10 @@
// false.
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator;
- if (config.enable_dtls_srtp.value_or(true)) {
- fake_certificate_generator_ = new FakeRTCCertificateGenerator();
- cert_generator.reset(fake_certificate_generator_);
- }
+ // These won't be used if encryption is turned off, but that's harmless.
+ fake_certificate_generator_ = new FakeRTCCertificateGenerator();
+ cert_generator.reset(fake_certificate_generator_);
+
RTCConfiguration modified_config = config;
modified_config.sdp_semantics = sdp_semantics_;
pc_ = pc_factory_->CreatePeerConnection(
@@ -1903,7 +1906,6 @@
// DataChannelInit configurations.
TEST_P(PeerConnectionInterfaceTest, CreateSctpDataChannel) {
RTCConfiguration rtc_config;
- rtc_config.enable_dtls_srtp = true;
CreatePeerConnection(rtc_config);
webrtc::DataChannelInit config;
@@ -1939,7 +1941,6 @@
// and maxRetransmitTime by setting them to -1 to get what they want.
TEST_P(PeerConnectionInterfaceTest, CreateSctpDataChannelWithMinusOne) {
RTCConfiguration rtc_config;
- rtc_config.enable_dtls_srtp = true;
CreatePeerConnection(rtc_config);
webrtc::DataChannelInit config;
@@ -1955,7 +1956,6 @@
TEST_P(PeerConnectionInterfaceTest,
CreateSctpDataChannelShouldFailForInvalidConfig) {
RTCConfiguration rtc_config;
- rtc_config.enable_dtls_srtp = true;
CreatePeerConnection(rtc_config);
std::string label = "test";
@@ -1973,7 +1973,6 @@
TEST_P(PeerConnectionInterfaceTest,
CreateSctpDataChannelWithInvalidIdShouldFail) {
RTCConfiguration rtc_config;
- rtc_config.enable_dtls_srtp = true;
CreatePeerConnection(rtc_config);
webrtc::DataChannelInit config;
@@ -2003,7 +2002,6 @@
// Verifies that duplicated label is allowed for SCTP data channel.
TEST_P(PeerConnectionInterfaceTest, SctpDuplicatedLabelAllowed) {
RTCConfiguration rtc_config;
- rtc_config.enable_dtls_srtp = true;
CreatePeerConnection(rtc_config);
std::string label = "test";
@@ -2051,7 +2049,6 @@
// the answer as a local description.
TEST_P(PeerConnectionInterfaceTest, ReceiveFireFoxOffer) {
RTCConfiguration rtc_config;
- rtc_config.enable_dtls_srtp = true;
CreatePeerConnection(rtc_config);
AddAudioTrack("audio_label");
AddVideoTrack("video_label");
@@ -2085,7 +2082,6 @@
// and because it's non-standard.
TEST_P(PeerConnectionInterfaceTest, DtlsSdesFallbackNotSupported) {
RTCConfiguration rtc_config;
- rtc_config.enable_dtls_srtp = true;
CreatePeerConnection(rtc_config);
// Wait for fake certificate to be generated. Previously, this is what caused
// the "a=crypto" lines to be rejected.
@@ -2129,7 +2125,6 @@
// will have m-lines with a=recvonly.
TEST_P(PeerConnectionInterfaceTest, CreateSubsequentRecvOnlyOffer) {
RTCConfiguration rtc_config;
- rtc_config.enable_dtls_srtp = true;
CreatePeerConnection(rtc_config);
CreateAndSetRemoteOffer(GetSdpStringWithStream1());
CreateAnswerAsLocalDescription();
@@ -2155,7 +2150,6 @@
// false, the generated m-lines will be a=inactive.
TEST_P(PeerConnectionInterfaceTest, CreateSubsequentInactiveOffer) {
RTCConfiguration rtc_config;
- rtc_config.enable_dtls_srtp = true;
CreatePeerConnection(rtc_config);
CreateAndSetRemoteOffer(GetSdpStringWithStream1());
CreateAnswerAsLocalDescription();
@@ -2508,7 +2502,6 @@
// signaled.
TEST_P(PeerConnectionInterfaceTest, UpdateRemoteStreams) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
CreateAndSetRemoteOffer(GetSdpStringWithStream1());
@@ -2534,7 +2527,6 @@
TEST_F(PeerConnectionInterfaceTestPlanB,
AddRemoveTrackFromExistingRemoteMediaStream) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
std::unique_ptr<SessionDescriptionInterface> desc_ms1 =
CreateSessionDescriptionAndReference(1, 1);
@@ -2577,7 +2569,6 @@
// that rejects the media content type.
TEST_P(PeerConnectionInterfaceTest, RejectMediaContent) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
// First create and set a remote offer, then reject its video content in our
// answer.
@@ -2626,7 +2617,6 @@
// Don't run under Unified Plan since the stream API is not available.
TEST_F(PeerConnectionInterfaceTestPlanB, RemoveTrackThenRejectMediaContent) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
CreateAndSetRemoteOffer(GetSdpStringWithStream1());
MediaStreamInterface* remote_stream = observer_.remote_streams()->at(0);
@@ -2652,7 +2642,6 @@
// See: https://code.google.com/p/webrtc/issues/detail?id=5054
TEST_P(PeerConnectionInterfaceTest, RecvonlyDescriptionDoesntCreateStream) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
std::string recvonly_offer = GetSdpStringWithStream1();
@@ -2669,7 +2658,6 @@
// Don't run under Unified Plan since this behavior is Plan B specific.
TEST_F(PeerConnectionInterfaceTestPlanB, SdpWithoutMsidCreatesDefaultStream) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
CreateAndSetRemoteOffer(kSdpStringWithoutStreamsAudioOnly);
@@ -2698,7 +2686,6 @@
TEST_F(PeerConnectionInterfaceTestPlanB,
SendOnlySdpWithoutMsidCreatesDefaultStream) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
CreateAndSetRemoteOffer(kSdpStringSendOnlyWithoutStreams);
@@ -2715,7 +2702,6 @@
// Don't run under Unified Plan since this behavior is Plan B specific.
TEST_F(PeerConnectionInterfaceTestPlanB, RemoveAlreadyGoneRemoteStream) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
CreateAndSetRemoteOffer(GetSdpStringWithStream1());
MediaStreamInterface* remote_stream = observer_.remote_streams()->at(0);
@@ -2734,7 +2720,6 @@
TEST_F(PeerConnectionInterfaceTestPlanB,
SdpWithoutMsidAndStreamsCreatesDefaultStream) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
CreateAndSetRemoteOffer(kSdpStringWithoutStreams);
@@ -2749,7 +2734,6 @@
// Don't run under Unified Plan since this behavior is Plan B specific.
TEST_F(PeerConnectionInterfaceTestPlanB, SdpWithMsidDontCreatesDefaultStream) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
CreateAndSetRemoteOffer(kSdpStringWithMsidWithoutStreams);
EXPECT_EQ(0u, observer_.remote_streams()->count());
@@ -2762,7 +2746,6 @@
TEST_F(PeerConnectionInterfaceTestPlanB,
DefaultTracksNotDestroyedAndRecreated) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
CreateAndSetRemoteOffer(kSdpStringWithoutStreamsAudioOnly);
@@ -2783,7 +2766,6 @@
// Don't run under Unified Plan since this behavior is Plan B specific.
TEST_F(PeerConnectionInterfaceTestPlanB, VerifyDefaultStreamIsNotCreated) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
CreateAndSetRemoteOffer(GetSdpStringWithStream1());
rtc::scoped_refptr<StreamCollection> reference(CreateStreamCollection(1, 1));
@@ -2799,7 +2781,6 @@
TEST_F(PeerConnectionInterfaceTestPlanB,
SdpWithMsidWithoutSsrcCreatesDefaultStream) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
std::string sdp_string = kSdpStringWithoutStreamsAudioOnly;
// Add a=msid lines to simulate a Unified Plan endpoint that only
@@ -2822,7 +2803,6 @@
TEST_F(PeerConnectionInterfaceTestPlanB,
SdpWithEmptyMsidAndSsrcCreatesDefaultStreamId) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
// Add a a=msid line to the SDP. This is prioritized when parsing the SDP, so
// the sender's stream ID will be interpreted as no stream IDs.
@@ -2860,7 +2840,6 @@
// Don't run under Unified Plan since this behavior is Plan B specific.
TEST_F(PeerConnectionInterfaceTestPlanB, LocalDescriptionChanged) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
// Create an offer with 1 stream with 2 tracks of each type.
@@ -2899,7 +2878,6 @@
TEST_F(PeerConnectionInterfaceTestPlanB,
AddLocalStreamAfterLocalDescriptionChanged) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
rtc::scoped_refptr<StreamCollection> stream_collection =
@@ -2928,7 +2906,6 @@
TEST_P(PeerConnectionInterfaceTest,
ChangeSsrcOnTrackInLocalSessionDescription) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
AddAudioTrack(kAudioTracks[0]);
@@ -2981,7 +2958,6 @@
TEST_F(PeerConnectionInterfaceTestPlanB,
SignalSameTracksInSeparateMediaStream) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
rtc::scoped_refptr<StreamCollection> stream_collection =
@@ -3018,7 +2994,6 @@
// This tests that PeerConnectionObserver::OnAddTrack is correctly called.
TEST_P(PeerConnectionInterfaceTest, OnAddTrackCallback) {
RTCConfiguration config;
- config.enable_dtls_srtp = true;
CreatePeerConnection(config);
CreateAndSetRemoteOffer(kSdpStringWithStream1AudioTrackOnly);
EXPECT_EQ(observer_.num_added_tracks_, 1);
diff --git a/sdk/android/api/org/webrtc/PeerConnection.java b/sdk/android/api/org/webrtc/PeerConnection.java
index 67b551c..7ad72c4 100644
--- a/sdk/android/api/org/webrtc/PeerConnection.java
+++ b/sdk/android/api/org/webrtc/PeerConnection.java
@@ -527,7 +527,6 @@
public boolean suspendBelowMinBitrate;
@Nullable public Integer screencastMinBitrate;
@Nullable public Boolean combinedAudioVideoBwe;
- @Nullable public Boolean enableDtlsSrtp;
// Use "Unknown" to represent no preference of adapter types, not the
// preference of adapters of unknown types.
public AdapterType networkPreference;
@@ -608,7 +607,6 @@
suspendBelowMinBitrate = false;
screencastMinBitrate = null;
combinedAudioVideoBwe = null;
- enableDtlsSrtp = null;
networkPreference = AdapterType.UNKNOWN;
sdpSemantics = SdpSemantics.PLAN_B;
activeResetSrtpParams = false;
@@ -800,12 +798,6 @@
return combinedAudioVideoBwe;
}
- @Nullable
- @CalledByNative("RTCConfiguration")
- Boolean getEnableDtlsSrtp() {
- return enableDtlsSrtp;
- }
-
@CalledByNative("RTCConfiguration")
AdapterType getNetworkPreference() {
return networkPreference;
diff --git a/sdk/android/instrumentationtests/src/org/webrtc/PeerConnectionEndToEndTest.java b/sdk/android/instrumentationtests/src/org/webrtc/PeerConnectionEndToEndTest.java
index cc09322..1281cbe 100644
--- a/sdk/android/instrumentationtests/src/org/webrtc/PeerConnectionEndToEndTest.java
+++ b/sdk/android/instrumentationtests/src/org/webrtc/PeerConnectionEndToEndTest.java
@@ -677,7 +677,6 @@
.createIceServer());
PeerConnection.RTCConfiguration rtcConfig = new PeerConnection.RTCConfiguration(iceServers);
- rtcConfig.enableDtlsSrtp = true;
ObserverExpectations offeringExpectations = new ObserverExpectations("PCTest:offerer");
PeerConnection offeringPC = factory.createPeerConnection(rtcConfig, offeringExpectations);
@@ -944,7 +943,6 @@
.createIceServer());
PeerConnection.RTCConfiguration rtcConfig = new PeerConnection.RTCConfiguration(iceServers);
- rtcConfig.enableDtlsSrtp = true;
ObserverExpectations offeringExpectations = new ObserverExpectations("PCTest:offerer");
PeerConnection offeringPC = factory.createPeerConnection(rtcConfig, offeringExpectations);
@@ -1172,7 +1170,6 @@
PeerConnection.IceServer.builder("stun:stun.l.google.com:19302").createIceServer());
PeerConnection.RTCConfiguration rtcConfig = new PeerConnection.RTCConfiguration(iceServers);
- rtcConfig.enableDtlsSrtp = true;
ObserverExpectations offeringExpectations = new ObserverExpectations("PCTest:offerer");
PeerConnection offeringPC = factory.createPeerConnection(rtcConfig, offeringExpectations);
diff --git a/sdk/android/src/jni/pc/peer_connection.cc b/sdk/android/src/jni/pc/peer_connection.cc
index 0b0d408..abd7ac7 100644
--- a/sdk/android/src/jni/pc/peer_connection.cc
+++ b/sdk/android/src/jni/pc/peer_connection.cc
@@ -263,8 +263,6 @@
jni, Java_RTCConfiguration_getScreencastMinBitrate(jni, j_rtc_config));
rtc_config->combined_audio_video_bwe = JavaToNativeOptionalBool(
jni, Java_RTCConfiguration_getCombinedAudioVideoBwe(jni, j_rtc_config));
- rtc_config->enable_dtls_srtp = JavaToNativeOptionalBool(
- jni, Java_RTCConfiguration_getEnableDtlsSrtp(jni, j_rtc_config));
rtc_config->network_preference =
JavaToNativeNetworkPreference(jni, j_network_preference);
rtc_config->sdp_semantics = JavaToNativeSdpSemantics(jni, j_sdp_semantics);
diff --git a/sdk/media_constraints.cc b/sdk/media_constraints.cc
index 2236f50..08bd9dc 100644
--- a/sdk/media_constraints.cc
+++ b/sdk/media_constraints.cc
@@ -117,7 +117,6 @@
const char MediaConstraints::kUseRtpMux[] = "googUseRtpMUX";
// Below constraints should be used during PeerConnection construction.
-const char MediaConstraints::kEnableDtlsSrtp[] = "DtlsSrtpKeyAgreement";
// Google-specific constraint keys.
const char MediaConstraints::kEnableDscp[] = "googDscp";
const char MediaConstraints::kEnableIPv6[] = "googIPv6";
@@ -176,8 +175,6 @@
ConstraintToOptional<bool>(constraints,
MediaConstraints::kCombinedAudioVideoBwe,
&configuration->combined_audio_video_bwe);
- ConstraintToOptional<bool>(constraints, MediaConstraints::kEnableDtlsSrtp,
- &configuration->enable_dtls_srtp);
}
void CopyConstraintsIntoAudioOptions(const MediaConstraints* constraints,
diff --git a/sdk/media_constraints.h b/sdk/media_constraints.h
index 15cb363..fd95a60 100644
--- a/sdk/media_constraints.h
+++ b/sdk/media_constraints.h
@@ -83,8 +83,6 @@
static const char kValueFalse[]; // false
// PeerConnection constraint keys.
- // Temporary pseudo-constraints used to enable DTLS-SRTP
- static const char kEnableDtlsSrtp[]; // Enable DTLS-SRTP
// Google-specific constraint keys.
// Temporary pseudo-constraint for enabling DSCP through JS.
static const char kEnableDscp[]; // googDscp
diff --git a/sdk/media_constraints_unittest.cc b/sdk/media_constraints_unittest.cc
index dab85eb..478ba98 100644
--- a/sdk/media_constraints_unittest.cc
+++ b/sdk/media_constraints_unittest.cc
@@ -25,7 +25,6 @@
b.audio_jitter_buffer_max_packets &&
a.screencast_min_bitrate == b.screencast_min_bitrate &&
a.combined_audio_video_bwe == b.combined_audio_video_bwe &&
- a.enable_dtls_srtp == b.enable_dtls_srtp &&
a.media_config == b.media_config;
}
@@ -60,12 +59,9 @@
// An empty set of constraints will not overwrite
// values that are already present.
configuration = old_configuration;
- configuration.enable_dtls_srtp = true;
configuration.audio_jitter_buffer_max_packets = 34;
CopyConstraintsIntoRtcConfiguration(&constraints_empty, &configuration);
EXPECT_EQ(34, configuration.audio_jitter_buffer_max_packets);
- ASSERT_TRUE(configuration.enable_dtls_srtp);
- EXPECT_TRUE(*(configuration.enable_dtls_srtp));
}
} // namespace
