Make requesting SDES available only on Fuchsia builds
Bug: webrtc:11066
Change-Id: I0707cf63064830a55db31e883dc7b15aa675950b
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/257900
Reviewed-by: Henrik Boström <hbos@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#36438}
diff --git a/api/peer_connection_interface.h b/api/peer_connection_interface.h
index 2f8e401..a9026d9 100644
--- a/api/peer_connection_interface.h
+++ b/api/peer_connection_interface.h
@@ -457,11 +457,14 @@
// Use new combined audio/video bandwidth estimation?
absl::optional<bool> combined_audio_video_bwe;
+#if defined(WEBRTC_FUCHSIA)
+ // TODO(bugs.webrtc.org/11066): Remove entirely once Fuchsia does not use.
// TODO(bugs.webrtc.org/9891) - Move to crypto_options
// Can be used to disable DTLS-SRTP. This should never be done, but can be
// useful for testing purposes, for example in setting up a loopback call
// with a single PeerConnection.
absl::optional<bool> enable_dtls_srtp;
+#endif
/////////////////////////////////////////////////
// The below fields are not part of the standard.
diff --git a/pc/peer_connection.cc b/pc/peer_connection.cc
index e5a83b0..1a17fd4 100644
--- a/pc/peer_connection.cc
+++ b/pc/peer_connection.cc
@@ -280,8 +280,12 @@
bool default_enabled =
(dependencies.cert_generator || !configuration.certificates.empty());
+#if defined(WEBRTC_FUCHSIA)
// The `configuration` can override the default value.
return configuration.enable_dtls_srtp.value_or(default_enabled);
+#else
+ return default_enabled;
+#endif
}
} // namespace
@@ -303,7 +307,9 @@
bool disable_link_local_networks;
absl::optional<int> screencast_min_bitrate;
absl::optional<bool> combined_audio_video_bwe;
+#if defined(WEBRTC_FUCHSIA)
absl::optional<bool> enable_dtls_srtp;
+#endif
TcpCandidatePolicy tcp_candidate_policy;
CandidateNetworkPolicy candidate_network_policy;
int audio_jitter_buffer_max_packets;
@@ -372,7 +378,9 @@
disable_link_local_networks == o.disable_link_local_networks &&
screencast_min_bitrate == o.screencast_min_bitrate &&
combined_audio_video_bwe == o.combined_audio_video_bwe &&
+#if defined(WEBRTC_FUCHSIA)
enable_dtls_srtp == o.enable_dtls_srtp &&
+#endif
ice_candidate_pool_size == o.ice_candidate_pool_size &&
prune_turn_ports == o.prune_turn_ports &&
turn_port_prune_policy == o.turn_port_prune_policy &&
diff --git a/pc/peer_connection_crypto_unittest.cc b/pc/peer_connection_crypto_unittest.cc
index 1741b99..9c9e9b6 100644
--- a/pc/peer_connection_crypto_unittest.cc
+++ b/pc/peer_connection_crypto_unittest.cc
@@ -211,7 +211,6 @@
// no SDES cryptos.
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsEnabled) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto offer = caller->CreateOffer();
@@ -225,7 +224,6 @@
}
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsEnabled) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -240,6 +238,7 @@
answer->description()));
}
+#if defined(WEBRTC_FUCHSIA)
// When DTLS is disabled, the SDP offer/answer should include SDES cryptos and
// should not have a DTLS fingerprint.
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInOfferWhenDtlsDisabled) {
@@ -256,6 +255,7 @@
EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolSavpf),
offer->description()));
}
+
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenDtlsDisabled) {
RTCConfiguration config;
config.enable_dtls_srtp.emplace(false);
@@ -293,6 +293,7 @@
EXPECT_TRUE(SdpContentsAll(HaveProtocol(cricket::kMediaProtocolAvpf),
offer->description()));
}
+
TEST_P(PeerConnectionCryptoTest, CorrectCryptoInAnswerWhenEncryptionDisabled) {
PeerConnectionFactoryInterface::Options options;
options.disable_encryption = true;
@@ -462,13 +463,13 @@
EXPECT_FALSE(caller->SetRemoteDescription(std::move(answer)));
}
+#endif
// The following group tests that two PeerConnections can successfully exchange
// an offer/answer when DTLS is on and that they will refuse any offer/answer
// applied locally/remotely if it does not include a DTLS fingerprint.
TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenDtlsOn) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -483,7 +484,6 @@
TEST_P(PeerConnectionCryptoTest,
FailToSetLocalOfferWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto offer = caller->CreateOffer();
@@ -494,7 +494,6 @@
TEST_P(PeerConnectionCryptoTest,
FailToSetRemoteOfferWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -506,7 +505,6 @@
TEST_P(PeerConnectionCryptoTest,
FailToSetLocalAnswerWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -517,7 +515,6 @@
TEST_P(PeerConnectionCryptoTest,
FailToSetRemoteAnswerWithNoFingerprintWhenDtlsOn) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto caller = CreatePeerConnectionWithAudioVideo(config);
auto callee = CreatePeerConnectionWithAudioVideo(config);
@@ -528,6 +525,7 @@
EXPECT_FALSE(caller->SetRemoteDescription(std::move(answer)));
}
+#if defined(WEBRTC_FUCHSIA)
// Test that an offer/answer can be exchanged when encryption is disabled.
TEST_P(PeerConnectionCryptoTest, ExchangeOfferAnswerWhenNoEncryption) {
PeerConnectionFactoryInterface::Options options;
@@ -547,19 +545,18 @@
ASSERT_TRUE(answer);
ASSERT_TRUE(caller->SetRemoteDescription(std::move(answer)));
}
+#endif
// Tests that a DTLS call can be established when the certificate is specified
// in the PeerConnection config and no certificate generator is specified.
TEST_P(PeerConnectionCryptoTest,
ExchangeOfferAnswerWhenDtlsCertificateInConfig) {
RTCConfiguration caller_config;
- caller_config.enable_dtls_srtp.emplace(true);
caller_config.certificates.push_back(
FakeRTCCertificateGenerator::GenerateCertificate());
auto caller = CreatePeerConnectionWithAudioVideo(caller_config);
RTCConfiguration callee_config;
- callee_config.enable_dtls_srtp.emplace(true);
callee_config.certificates.push_back(
FakeRTCCertificateGenerator::GenerateCertificate());
auto callee = CreatePeerConnectionWithAudioVideo(callee_config);
@@ -630,7 +627,6 @@
TEST_P(PeerConnectionCryptoDtlsCertGenTest, TestCertificateGeneration) {
RTCConfiguration config;
- config.enable_dtls_srtp.emplace(true);
auto owned_fake_certificate_generator =
std::make_unique<FakeRTCCertificateGenerator>();
auto* fake_certificate_generator = owned_fake_certificate_generator.get();
@@ -754,7 +750,6 @@
auto caller = CreatePeerConnectionWithAudioVideo();
RTCConfiguration callee_config;
- callee_config.enable_dtls_srtp.emplace(true);
callee_config.certificates.push_back(callee_certificate);
auto callee = CreatePeerConnectionWithAudioVideo(callee_config);
diff --git a/pc/peer_connection_end_to_end_unittest.cc b/pc/peer_connection_end_to_end_unittest.cc
index 78dcda3..6498be5 100644
--- a/pc/peer_connection_end_to_end_unittest.cc
+++ b/pc/peer_connection_end_to_end_unittest.cc
@@ -396,6 +396,7 @@
WaitForCallEstablished();
}
+#if defined(IS_FUCHSIA)
TEST_P(PeerConnectionEndToEndTest, CallWithSdesKeyNegotiation) {
config_.enable_dtls_srtp = false;
CreatePcs(webrtc::CreateOpusAudioEncoderFactory(),
@@ -404,6 +405,7 @@
Negotiate();
WaitForCallEstablished();
}
+#endif
TEST_P(PeerConnectionEndToEndTest, CallWithCustomCodec) {
class IdLoggingAudioEncoderFactory : public webrtc::AudioEncoderFactory {
diff --git a/pc/peer_connection_integrationtest.cc b/pc/peer_connection_integrationtest.cc
index 1e17fa1..f2e4b1d 100644
--- a/pc/peer_connection_integrationtest.cc
+++ b/pc/peer_connection_integrationtest.cc
@@ -269,6 +269,7 @@
webrtc::kEnumCounterKeyProtocolSdes));
}
+#if defined(WEBRTC_FUCHSIA)
// Uses SDES instead of DTLS for key agreement.
TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithSdes) {
PeerConnectionInterface::RTCConfiguration sdes_config;
@@ -292,6 +293,7 @@
0, webrtc::metrics::NumEvents("WebRTC.PeerConnection.KeyProtocol",
webrtc::kEnumCounterKeyProtocolDtls));
}
+#endif
// Basic end-to-end test specifying the `enable_encrypted_rtp_header_extensions`
// option to offer encrypted versions of all header extensions alongside the
diff --git a/rtc_tools/data_channel_benchmark/peer_connection_client.cc b/rtc_tools/data_channel_benchmark/peer_connection_client.cc
index 6d2ee81..cd02e71 100644
--- a/rtc_tools/data_channel_benchmark/peer_connection_client.cc
+++ b/rtc_tools/data_channel_benchmark/peer_connection_client.cc
@@ -159,7 +159,6 @@
server.urls.push_back(kStunServer);
config.servers.push_back(server);
config.sdp_semantics = webrtc::SdpSemantics::kUnifiedPlan;
- config.enable_dtls_srtp = true;
webrtc::PeerConnectionDependencies dependencies(this);
auto result =
