Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2018 The WebRTC Project Authors. All rights reserved. |
| 3 | * |
| 4 | * Use of this source code is governed by a BSD-style license |
| 5 | * that can be found in the LICENSE file in the root of the source |
| 6 | * tree. An additional intellectual property rights grant can be found |
| 7 | * in the file PATENTS. All contributing project authors may |
| 8 | * be found in the AUTHORS file in the root of the source tree. |
| 9 | */ |
| 10 | |
Steve Anton | 10542f2 | 2019-01-11 09:11:00 -0800 | [diff] [blame] | 11 | #include "pc/jsep_transport.h" |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 12 | |
Yves Gerey | 3e70781 | 2018-11-28 16:47:49 +0100 | [diff] [blame] | 13 | #include <stddef.h> |
| 14 | #include <stdint.h> |
Jonas Olsson | a4d8737 | 2019-07-05 19:08:33 +0200 | [diff] [blame] | 15 | |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 16 | #include <memory> |
Yves Gerey | 3e70781 | 2018-11-28 16:47:49 +0100 | [diff] [blame] | 17 | #include <type_traits> |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 18 | #include <utility> // for std::pair |
| 19 | |
Yves Gerey | 3e70781 | 2018-11-28 16:47:49 +0100 | [diff] [blame] | 20 | #include "api/array_view.h" |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 21 | #include "api/candidate.h" |
Steve Anton | 10542f2 | 2019-01-11 09:11:00 -0800 | [diff] [blame] | 22 | #include "p2p/base/p2p_constants.h" |
| 23 | #include "p2p/base/p2p_transport_channel.h" |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 24 | #include "pc/sctp_data_channel_transport.h" |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 25 | #include "rtc_base/checks.h" |
Steve Anton | 10542f2 | 2019-01-11 09:11:00 -0800 | [diff] [blame] | 26 | #include "rtc_base/copy_on_write_buffer.h" |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 27 | #include "rtc_base/logging.h" |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 28 | #include "rtc_base/strings/string_builder.h" |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 29 | |
| 30 | using webrtc::SdpType; |
| 31 | |
| 32 | namespace cricket { |
| 33 | |
| 34 | static bool VerifyIceParams(const JsepTransportDescription& jsep_description) { |
| 35 | // For legacy protocols. |
| 36 | // TODO(zhihuang): Remove this once the legacy protocol is no longer |
| 37 | // supported. |
| 38 | if (jsep_description.transport_desc.ice_ufrag.empty() && |
| 39 | jsep_description.transport_desc.ice_pwd.empty()) { |
| 40 | return true; |
| 41 | } |
| 42 | |
| 43 | if (jsep_description.transport_desc.ice_ufrag.length() < |
| 44 | ICE_UFRAG_MIN_LENGTH || |
| 45 | jsep_description.transport_desc.ice_ufrag.length() > |
| 46 | ICE_UFRAG_MAX_LENGTH) { |
| 47 | return false; |
| 48 | } |
| 49 | if (jsep_description.transport_desc.ice_pwd.length() < ICE_PWD_MIN_LENGTH || |
| 50 | jsep_description.transport_desc.ice_pwd.length() > ICE_PWD_MAX_LENGTH) { |
| 51 | return false; |
| 52 | } |
| 53 | return true; |
| 54 | } |
| 55 | |
| 56 | JsepTransportDescription::JsepTransportDescription() {} |
| 57 | |
| 58 | JsepTransportDescription::JsepTransportDescription( |
| 59 | bool rtcp_mux_enabled, |
| 60 | const std::vector<CryptoParams>& cryptos, |
| 61 | const std::vector<int>& encrypted_header_extension_ids, |
Zhi Huang | e830e68 | 2018-03-30 10:48:35 -0700 | [diff] [blame] | 62 | int rtp_abs_sendtime_extn_id, |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 63 | const TransportDescription& transport_desc, |
| 64 | absl::optional<std::string> media_alt_protocol, |
| 65 | absl::optional<std::string> data_alt_protocol) |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 66 | : rtcp_mux_enabled(rtcp_mux_enabled), |
| 67 | cryptos(cryptos), |
| 68 | encrypted_header_extension_ids(encrypted_header_extension_ids), |
Zhi Huang | e830e68 | 2018-03-30 10:48:35 -0700 | [diff] [blame] | 69 | rtp_abs_sendtime_extn_id(rtp_abs_sendtime_extn_id), |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 70 | transport_desc(transport_desc), |
| 71 | media_alt_protocol(media_alt_protocol), |
| 72 | data_alt_protocol(data_alt_protocol) {} |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 73 | |
| 74 | JsepTransportDescription::JsepTransportDescription( |
| 75 | const JsepTransportDescription& from) |
| 76 | : rtcp_mux_enabled(from.rtcp_mux_enabled), |
| 77 | cryptos(from.cryptos), |
| 78 | encrypted_header_extension_ids(from.encrypted_header_extension_ids), |
Zhi Huang | e830e68 | 2018-03-30 10:48:35 -0700 | [diff] [blame] | 79 | rtp_abs_sendtime_extn_id(from.rtp_abs_sendtime_extn_id), |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 80 | transport_desc(from.transport_desc), |
| 81 | media_alt_protocol(from.media_alt_protocol), |
| 82 | data_alt_protocol(from.data_alt_protocol) {} |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 83 | |
| 84 | JsepTransportDescription::~JsepTransportDescription() = default; |
| 85 | |
| 86 | JsepTransportDescription& JsepTransportDescription::operator=( |
| 87 | const JsepTransportDescription& from) { |
| 88 | if (this == &from) { |
| 89 | return *this; |
| 90 | } |
| 91 | rtcp_mux_enabled = from.rtcp_mux_enabled; |
| 92 | cryptos = from.cryptos; |
| 93 | encrypted_header_extension_ids = from.encrypted_header_extension_ids; |
Zhi Huang | e830e68 | 2018-03-30 10:48:35 -0700 | [diff] [blame] | 94 | rtp_abs_sendtime_extn_id = from.rtp_abs_sendtime_extn_id; |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 95 | transport_desc = from.transport_desc; |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 96 | media_alt_protocol = from.media_alt_protocol; |
| 97 | data_alt_protocol = from.data_alt_protocol; |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 98 | |
| 99 | return *this; |
| 100 | } |
| 101 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 102 | JsepTransport::JsepTransport( |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 103 | const std::string& mid, |
| 104 | const rtc::scoped_refptr<rtc::RTCCertificate>& local_certificate, |
Qingsi Wang | 25ec888 | 2019-11-15 12:33:05 -0800 | [diff] [blame] | 105 | rtc::scoped_refptr<webrtc::IceTransportInterface> ice_transport, |
| 106 | rtc::scoped_refptr<webrtc::IceTransportInterface> rtcp_ice_transport, |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 107 | std::unique_ptr<webrtc::RtpTransport> unencrypted_rtp_transport, |
| 108 | std::unique_ptr<webrtc::SrtpTransport> sdes_transport, |
| 109 | std::unique_ptr<webrtc::DtlsSrtpTransport> dtls_srtp_transport, |
Bjorn A Mellem | 364b267 | 2019-08-20 16:58:03 -0700 | [diff] [blame] | 110 | std::unique_ptr<webrtc::RtpTransportInternal> datagram_rtp_transport, |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 111 | std::unique_ptr<DtlsTransportInternal> rtp_dtls_transport, |
Anton Sukhanov | 7940da0 | 2018-10-10 10:34:49 -0700 | [diff] [blame] | 112 | std::unique_ptr<DtlsTransportInternal> rtcp_dtls_transport, |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 113 | std::unique_ptr<SctpTransportInternal> sctp_transport, |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 114 | std::unique_ptr<webrtc::DatagramTransportInterface> datagram_transport, |
| 115 | webrtc::DataChannelTransportInterface* data_channel_transport) |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 116 | : network_thread_(rtc::Thread::Current()), |
| 117 | mid_(mid), |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 118 | local_certificate_(local_certificate), |
Bjorn A Mellem | 0c1c1b4 | 2019-05-29 17:34:13 -0700 | [diff] [blame] | 119 | ice_transport_(std::move(ice_transport)), |
| 120 | rtcp_ice_transport_(std::move(rtcp_ice_transport)), |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 121 | unencrypted_rtp_transport_(std::move(unencrypted_rtp_transport)), |
| 122 | sdes_transport_(std::move(sdes_transport)), |
| 123 | dtls_srtp_transport_(std::move(dtls_srtp_transport)), |
Harald Alvestrand | ad88c88 | 2018-11-28 16:47:46 +0100 | [diff] [blame] | 124 | rtp_dtls_transport_( |
| 125 | rtp_dtls_transport ? new rtc::RefCountedObject<webrtc::DtlsTransport>( |
| 126 | std::move(rtp_dtls_transport)) |
| 127 | : nullptr), |
| 128 | rtcp_dtls_transport_( |
| 129 | rtcp_dtls_transport |
| 130 | ? new rtc::RefCountedObject<webrtc::DtlsTransport>( |
| 131 | std::move(rtcp_dtls_transport)) |
| 132 | : nullptr), |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 133 | sctp_data_channel_transport_( |
| 134 | sctp_transport ? std::make_unique<webrtc::SctpDataChannelTransport>( |
| 135 | sctp_transport.get()) |
| 136 | : nullptr), |
| 137 | sctp_transport_(sctp_transport |
| 138 | ? new rtc::RefCountedObject<webrtc::SctpTransport>( |
| 139 | std::move(sctp_transport)) |
| 140 | : nullptr), |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 141 | datagram_transport_(std::move(datagram_transport)), |
Bjorn A Mellem | fc604aa | 2019-09-24 14:59:21 -0700 | [diff] [blame] | 142 | datagram_rtp_transport_(std::move(datagram_rtp_transport)), |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 143 | data_channel_transport_(data_channel_transport) { |
Bjorn A Mellem | 0c1c1b4 | 2019-05-29 17:34:13 -0700 | [diff] [blame] | 144 | RTC_DCHECK(ice_transport_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 145 | RTC_DCHECK(rtp_dtls_transport_); |
Bjorn A Mellem | 0c1c1b4 | 2019-05-29 17:34:13 -0700 | [diff] [blame] | 146 | // |rtcp_ice_transport_| must be present iff |rtcp_dtls_transport_| is |
| 147 | // present. |
| 148 | RTC_DCHECK_EQ((rtcp_ice_transport_ != nullptr), |
| 149 | (rtcp_dtls_transport_ != nullptr)); |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 150 | // Verify the "only one out of these three can be set" invariant. |
| 151 | if (unencrypted_rtp_transport_) { |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 152 | RTC_DCHECK(!sdes_transport); |
| 153 | RTC_DCHECK(!dtls_srtp_transport); |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 154 | } else if (sdes_transport_) { |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 155 | RTC_DCHECK(!unencrypted_rtp_transport); |
| 156 | RTC_DCHECK(!dtls_srtp_transport); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 157 | } else { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 158 | RTC_DCHECK(dtls_srtp_transport_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 159 | RTC_DCHECK(!unencrypted_rtp_transport); |
| 160 | RTC_DCHECK(!sdes_transport); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 161 | } |
Piotr (Peter) Slatala | 4eb4112 | 2018-11-01 07:26:03 -0700 | [diff] [blame] | 162 | |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 163 | if (sctp_transport_) { |
| 164 | sctp_transport_->SetDtlsTransport(rtp_dtls_transport_); |
| 165 | } |
| 166 | |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 167 | if (datagram_rtp_transport_ && default_rtp_transport()) { |
Mirko Bonadei | 317a1f0 | 2019-09-17 17:06:18 +0200 | [diff] [blame] | 168 | composite_rtp_transport_ = std::make_unique<webrtc::CompositeRtpTransport>( |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 169 | std::vector<webrtc::RtpTransportInternal*>{ |
| 170 | datagram_rtp_transport_.get(), default_rtp_transport()}); |
| 171 | } |
| 172 | |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 173 | if (data_channel_transport_ && sctp_data_channel_transport_) { |
| 174 | composite_data_channel_transport_ = |
| 175 | std::make_unique<webrtc::CompositeDataChannelTransport>( |
| 176 | std::vector<webrtc::DataChannelTransportInterface*>{ |
| 177 | data_channel_transport_, sctp_data_channel_transport_.get()}); |
| 178 | } |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 179 | } |
| 180 | |
Piotr (Peter) Slatala | 4eb4112 | 2018-11-01 07:26:03 -0700 | [diff] [blame] | 181 | JsepTransport::~JsepTransport() { |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 182 | if (sctp_transport_) { |
| 183 | sctp_transport_->Clear(); |
| 184 | } |
| 185 | |
Harald Alvestrand | 628f37a | 2018-12-06 10:55:20 +0100 | [diff] [blame] | 186 | // Clear all DtlsTransports. There may be pointers to these from |
| 187 | // other places, so we can't assume they'll be deleted by the destructor. |
Harald Alvestrand | d02541e | 2019-01-03 12:43:28 +0100 | [diff] [blame] | 188 | rtp_dtls_transport_->Clear(); |
Harald Alvestrand | 628f37a | 2018-12-06 10:55:20 +0100 | [diff] [blame] | 189 | if (rtcp_dtls_transport_) { |
Harald Alvestrand | d02541e | 2019-01-03 12:43:28 +0100 | [diff] [blame] | 190 | rtcp_dtls_transport_->Clear(); |
Harald Alvestrand | 628f37a | 2018-12-06 10:55:20 +0100 | [diff] [blame] | 191 | } |
Anton Sukhanov | 292ce4e | 2019-06-03 13:00:24 -0700 | [diff] [blame] | 192 | |
Anton Sukhanov | 292ce4e | 2019-06-03 13:00:24 -0700 | [diff] [blame] | 193 | // ICE will be the last transport to be deleted. |
Piotr (Peter) Slatala | 4eb4112 | 2018-11-01 07:26:03 -0700 | [diff] [blame] | 194 | } |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 195 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 196 | webrtc::RTCError JsepTransport::SetLocalJsepTransportDescription( |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 197 | const JsepTransportDescription& jsep_description, |
| 198 | SdpType type) { |
| 199 | webrtc::RTCError error; |
| 200 | |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 201 | RTC_DCHECK_RUN_ON(network_thread_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 202 | if (!VerifyIceParams(jsep_description)) { |
| 203 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 204 | "Invalid ice-ufrag or ice-pwd length."); |
| 205 | } |
| 206 | |
| 207 | if (!SetRtcpMux(jsep_description.rtcp_mux_enabled, type, |
| 208 | ContentSource::CS_LOCAL)) { |
| 209 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 210 | "Failed to setup RTCP mux."); |
| 211 | } |
| 212 | |
| 213 | // If doing SDES, setup the SDES crypto parameters. |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 214 | { |
| 215 | rtc::CritScope scope(&accessor_lock_); |
| 216 | if (sdes_transport_) { |
| 217 | RTC_DCHECK(!unencrypted_rtp_transport_); |
| 218 | RTC_DCHECK(!dtls_srtp_transport_); |
| 219 | if (!SetSdes(jsep_description.cryptos, |
| 220 | jsep_description.encrypted_header_extension_ids, type, |
| 221 | ContentSource::CS_LOCAL)) { |
| 222 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 223 | "Failed to setup SDES crypto parameters."); |
| 224 | } |
| 225 | } else if (dtls_srtp_transport_) { |
| 226 | RTC_DCHECK(!unencrypted_rtp_transport_); |
| 227 | RTC_DCHECK(!sdes_transport_); |
| 228 | dtls_srtp_transport_->UpdateRecvEncryptedHeaderExtensionIds( |
| 229 | jsep_description.encrypted_header_extension_ids); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 230 | } |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 231 | } |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 232 | bool ice_restarting = |
| 233 | local_description_ != nullptr && |
| 234 | IceCredentialsChanged(local_description_->transport_desc.ice_ufrag, |
| 235 | local_description_->transport_desc.ice_pwd, |
| 236 | jsep_description.transport_desc.ice_ufrag, |
| 237 | jsep_description.transport_desc.ice_pwd); |
| 238 | local_description_.reset(new JsepTransportDescription(jsep_description)); |
| 239 | |
| 240 | rtc::SSLFingerprint* local_fp = |
| 241 | local_description_->transport_desc.identity_fingerprint.get(); |
| 242 | |
| 243 | if (!local_fp) { |
| 244 | local_certificate_ = nullptr; |
| 245 | } else { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 246 | error = VerifyCertificateFingerprint(local_certificate_, local_fp); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 247 | if (!error.ok()) { |
| 248 | local_description_.reset(); |
| 249 | return error; |
| 250 | } |
| 251 | } |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 252 | { |
| 253 | rtc::CritScope scope(&accessor_lock_); |
| 254 | RTC_DCHECK(rtp_dtls_transport_->internal()); |
| 255 | SetLocalIceParameters(rtp_dtls_transport_->internal()->ice_transport()); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 256 | |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 257 | if (rtcp_dtls_transport_) { |
| 258 | RTC_DCHECK(rtcp_dtls_transport_->internal()); |
| 259 | SetLocalIceParameters(rtcp_dtls_transport_->internal()->ice_transport()); |
| 260 | } |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 261 | } |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 262 | // If PRANSWER/ANSWER is set, we should decide transport protocol type. |
| 263 | if (type == SdpType::kPrAnswer || type == SdpType::kAnswer) { |
| 264 | error = NegotiateAndSetDtlsParameters(type); |
Bjorn A Mellem | b689af4 | 2019-08-21 10:44:59 -0700 | [diff] [blame] | 265 | NegotiateDatagramTransport(type); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 266 | } |
| 267 | if (!error.ok()) { |
| 268 | local_description_.reset(); |
| 269 | return error; |
| 270 | } |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 271 | { |
| 272 | rtc::CritScope scope(&accessor_lock_); |
| 273 | if (needs_ice_restart_ && ice_restarting) { |
| 274 | needs_ice_restart_ = false; |
| 275 | RTC_LOG(LS_VERBOSE) << "needs-ice-restart flag cleared for transport " |
| 276 | << mid(); |
| 277 | } |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 278 | } |
| 279 | |
| 280 | return webrtc::RTCError::OK(); |
| 281 | } |
| 282 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 283 | webrtc::RTCError JsepTransport::SetRemoteJsepTransportDescription( |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 284 | const JsepTransportDescription& jsep_description, |
| 285 | webrtc::SdpType type) { |
| 286 | webrtc::RTCError error; |
| 287 | |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 288 | RTC_DCHECK_RUN_ON(network_thread_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 289 | if (!VerifyIceParams(jsep_description)) { |
| 290 | remote_description_.reset(); |
| 291 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 292 | "Invalid ice-ufrag or ice-pwd length."); |
| 293 | } |
| 294 | |
| 295 | if (!SetRtcpMux(jsep_description.rtcp_mux_enabled, type, |
| 296 | ContentSource::CS_REMOTE)) { |
| 297 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 298 | "Failed to setup RTCP mux."); |
| 299 | } |
| 300 | |
| 301 | // If doing SDES, setup the SDES crypto parameters. |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 302 | { |
| 303 | rtc::CritScope lock(&accessor_lock_); |
| 304 | if (sdes_transport_) { |
| 305 | RTC_DCHECK(!unencrypted_rtp_transport_); |
| 306 | RTC_DCHECK(!dtls_srtp_transport_); |
| 307 | if (!SetSdes(jsep_description.cryptos, |
| 308 | jsep_description.encrypted_header_extension_ids, type, |
| 309 | ContentSource::CS_REMOTE)) { |
| 310 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 311 | "Failed to setup SDES crypto parameters."); |
| 312 | } |
| 313 | sdes_transport_->CacheRtpAbsSendTimeHeaderExtension( |
| 314 | jsep_description.rtp_abs_sendtime_extn_id); |
| 315 | } else if (dtls_srtp_transport_) { |
| 316 | RTC_DCHECK(!unencrypted_rtp_transport_); |
| 317 | RTC_DCHECK(!sdes_transport_); |
| 318 | dtls_srtp_transport_->UpdateSendEncryptedHeaderExtensionIds( |
| 319 | jsep_description.encrypted_header_extension_ids); |
| 320 | dtls_srtp_transport_->CacheRtpAbsSendTimeHeaderExtension( |
| 321 | jsep_description.rtp_abs_sendtime_extn_id); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 322 | } |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 323 | } |
| 324 | |
| 325 | remote_description_.reset(new JsepTransportDescription(jsep_description)); |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 326 | RTC_DCHECK(rtp_dtls_transport()); |
| 327 | SetRemoteIceParameters(rtp_dtls_transport()->ice_transport()); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 328 | |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 329 | if (rtcp_dtls_transport()) { |
| 330 | SetRemoteIceParameters(rtcp_dtls_transport()->ice_transport()); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 331 | } |
| 332 | |
| 333 | // If PRANSWER/ANSWER is set, we should decide transport protocol type. |
| 334 | if (type == SdpType::kPrAnswer || type == SdpType::kAnswer) { |
| 335 | error = NegotiateAndSetDtlsParameters(SdpType::kOffer); |
Bjorn A Mellem | b689af4 | 2019-08-21 10:44:59 -0700 | [diff] [blame] | 336 | NegotiateDatagramTransport(type); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 337 | } |
| 338 | if (!error.ok()) { |
| 339 | remote_description_.reset(); |
| 340 | return error; |
| 341 | } |
| 342 | return webrtc::RTCError::OK(); |
| 343 | } |
| 344 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 345 | webrtc::RTCError JsepTransport::AddRemoteCandidates( |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 346 | const Candidates& candidates) { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 347 | RTC_DCHECK_RUN_ON(network_thread_); |
Henrik Boström | 5d8f8fa | 2018-04-13 15:22:50 +0000 | [diff] [blame] | 348 | if (!local_description_ || !remote_description_) { |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 349 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_STATE, |
| 350 | mid() + |
| 351 | " is not ready to use the remote candidate " |
Henrik Boström | 5d8f8fa | 2018-04-13 15:22:50 +0000 | [diff] [blame] | 352 | "because the local or remote description is " |
| 353 | "not set."); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 354 | } |
| 355 | |
| 356 | for (const cricket::Candidate& candidate : candidates) { |
| 357 | auto transport = |
| 358 | candidate.component() == cricket::ICE_CANDIDATE_COMPONENT_RTP |
Harald Alvestrand | ad88c88 | 2018-11-28 16:47:46 +0100 | [diff] [blame] | 359 | ? rtp_dtls_transport_ |
| 360 | : rtcp_dtls_transport_; |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 361 | if (!transport) { |
| 362 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 363 | "Candidate has an unknown component: " + |
Qingsi Wang | 20232a9 | 2019-09-06 12:51:17 -0700 | [diff] [blame] | 364 | candidate.ToSensitiveString() + " for mid " + |
| 365 | mid()); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 366 | } |
Harald Alvestrand | 628f37a | 2018-12-06 10:55:20 +0100 | [diff] [blame] | 367 | RTC_DCHECK(transport->internal() && transport->internal()->ice_transport()); |
Harald Alvestrand | ad88c88 | 2018-11-28 16:47:46 +0100 | [diff] [blame] | 368 | transport->internal()->ice_transport()->AddRemoteCandidate(candidate); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 369 | } |
| 370 | return webrtc::RTCError::OK(); |
| 371 | } |
| 372 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 373 | void JsepTransport::SetNeedsIceRestartFlag() { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 374 | rtc::CritScope scope(&accessor_lock_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 375 | if (!needs_ice_restart_) { |
| 376 | needs_ice_restart_ = true; |
| 377 | RTC_LOG(LS_VERBOSE) << "needs-ice-restart flag set for transport " << mid(); |
| 378 | } |
| 379 | } |
| 380 | |
Danil Chapovalov | 66cadcc | 2018-06-19 16:47:43 +0200 | [diff] [blame] | 381 | absl::optional<rtc::SSLRole> JsepTransport::GetDtlsRole() const { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 382 | RTC_DCHECK_RUN_ON(network_thread_); |
| 383 | rtc::CritScope scope(&accessor_lock_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 384 | RTC_DCHECK(rtp_dtls_transport_); |
Harald Alvestrand | 628f37a | 2018-12-06 10:55:20 +0100 | [diff] [blame] | 385 | RTC_DCHECK(rtp_dtls_transport_->internal()); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 386 | rtc::SSLRole dtls_role; |
Harald Alvestrand | ad88c88 | 2018-11-28 16:47:46 +0100 | [diff] [blame] | 387 | if (!rtp_dtls_transport_->internal()->GetDtlsRole(&dtls_role)) { |
Danil Chapovalov | 66cadcc | 2018-06-19 16:47:43 +0200 | [diff] [blame] | 388 | return absl::optional<rtc::SSLRole>(); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 389 | } |
| 390 | |
Danil Chapovalov | 66cadcc | 2018-06-19 16:47:43 +0200 | [diff] [blame] | 391 | return absl::optional<rtc::SSLRole>(dtls_role); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 392 | } |
| 393 | |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 394 | absl::optional<OpaqueTransportParameters> |
| 395 | JsepTransport::GetTransportParameters() const { |
| 396 | rtc::CritScope scope(&accessor_lock_); |
| 397 | if (!datagram_transport()) { |
| 398 | return absl::nullopt; |
| 399 | } |
| 400 | |
| 401 | OpaqueTransportParameters params; |
| 402 | params.parameters = datagram_transport()->GetTransportParameters(); |
| 403 | return params; |
| 404 | } |
| 405 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 406 | bool JsepTransport::GetStats(TransportStats* stats) { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 407 | RTC_DCHECK_RUN_ON(network_thread_); |
| 408 | rtc::CritScope scope(&accessor_lock_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 409 | stats->transport_name = mid(); |
| 410 | stats->channel_stats.clear(); |
Harald Alvestrand | 628f37a | 2018-12-06 10:55:20 +0100 | [diff] [blame] | 411 | RTC_DCHECK(rtp_dtls_transport_->internal()); |
Harald Alvestrand | ad88c88 | 2018-11-28 16:47:46 +0100 | [diff] [blame] | 412 | bool ret = GetTransportStats(rtp_dtls_transport_->internal(), stats); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 413 | if (rtcp_dtls_transport_) { |
Harald Alvestrand | 628f37a | 2018-12-06 10:55:20 +0100 | [diff] [blame] | 414 | RTC_DCHECK(rtcp_dtls_transport_->internal()); |
Harald Alvestrand | ad88c88 | 2018-11-28 16:47:46 +0100 | [diff] [blame] | 415 | ret &= GetTransportStats(rtcp_dtls_transport_->internal(), stats); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 416 | } |
| 417 | return ret; |
| 418 | } |
| 419 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 420 | webrtc::RTCError JsepTransport::VerifyCertificateFingerprint( |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 421 | const rtc::RTCCertificate* certificate, |
| 422 | const rtc::SSLFingerprint* fingerprint) const { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 423 | RTC_DCHECK_RUN_ON(network_thread_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 424 | if (!fingerprint) { |
| 425 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 426 | "No fingerprint"); |
| 427 | } |
| 428 | if (!certificate) { |
| 429 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 430 | "Fingerprint provided but no identity available."); |
| 431 | } |
Steve Anton | 4905edb | 2018-10-15 19:27:44 -0700 | [diff] [blame] | 432 | std::unique_ptr<rtc::SSLFingerprint> fp_tmp = |
| 433 | rtc::SSLFingerprint::CreateUnique(fingerprint->algorithm, |
| 434 | *certificate->identity()); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 435 | RTC_DCHECK(fp_tmp.get() != NULL); |
| 436 | if (*fp_tmp == *fingerprint) { |
| 437 | return webrtc::RTCError::OK(); |
| 438 | } |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 439 | char ss_buf[1024]; |
| 440 | rtc::SimpleStringBuilder desc(ss_buf); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 441 | desc << "Local fingerprint does not match identity. Expected: "; |
| 442 | desc << fp_tmp->ToString(); |
| 443 | desc << " Got: " << fingerprint->ToString(); |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 444 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 445 | std::string(desc.str())); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 446 | } |
| 447 | |
Zhi Huang | b57e169 | 2018-06-12 11:41:11 -0700 | [diff] [blame] | 448 | void JsepTransport::SetActiveResetSrtpParams(bool active_reset_srtp_params) { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 449 | RTC_DCHECK_RUN_ON(network_thread_); |
| 450 | rtc::CritScope scope(&accessor_lock_); |
Zhi Huang | b57e169 | 2018-06-12 11:41:11 -0700 | [diff] [blame] | 451 | if (dtls_srtp_transport_) { |
| 452 | RTC_LOG(INFO) |
| 453 | << "Setting active_reset_srtp_params of DtlsSrtpTransport to: " |
| 454 | << active_reset_srtp_params; |
| 455 | dtls_srtp_transport_->SetActiveResetSrtpParams(active_reset_srtp_params); |
| 456 | } |
| 457 | } |
| 458 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 459 | void JsepTransport::SetLocalIceParameters(IceTransportInternal* ice_transport) { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 460 | RTC_DCHECK_RUN_ON(network_thread_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 461 | RTC_DCHECK(ice_transport); |
| 462 | RTC_DCHECK(local_description_); |
| 463 | ice_transport->SetIceParameters( |
| 464 | local_description_->transport_desc.GetIceParameters()); |
| 465 | } |
| 466 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 467 | void JsepTransport::SetRemoteIceParameters( |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 468 | IceTransportInternal* ice_transport) { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 469 | RTC_DCHECK_RUN_ON(network_thread_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 470 | RTC_DCHECK(ice_transport); |
| 471 | RTC_DCHECK(remote_description_); |
| 472 | ice_transport->SetRemoteIceParameters( |
| 473 | remote_description_->transport_desc.GetIceParameters()); |
| 474 | ice_transport->SetRemoteIceMode(remote_description_->transport_desc.ice_mode); |
| 475 | } |
| 476 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 477 | webrtc::RTCError JsepTransport::SetNegotiatedDtlsParameters( |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 478 | DtlsTransportInternal* dtls_transport, |
Danil Chapovalov | 66cadcc | 2018-06-19 16:47:43 +0200 | [diff] [blame] | 479 | absl::optional<rtc::SSLRole> dtls_role, |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 480 | rtc::SSLFingerprint* remote_fingerprint) { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 481 | RTC_DCHECK_RUN_ON(network_thread_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 482 | RTC_DCHECK(dtls_transport); |
| 483 | // Set SSL role. Role must be set before fingerprint is applied, which |
| 484 | // initiates DTLS setup. |
| 485 | if (dtls_role && !dtls_transport->SetDtlsRole(*dtls_role)) { |
| 486 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 487 | "Failed to set SSL role for the transport."); |
| 488 | } |
| 489 | // Apply remote fingerprint. |
| 490 | if (!remote_fingerprint || |
| 491 | !dtls_transport->SetRemoteFingerprint( |
Amit Hilbuch | e7a5f7b | 2019-03-12 11:10:27 -0700 | [diff] [blame] | 492 | remote_fingerprint->algorithm, remote_fingerprint->digest.cdata(), |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 493 | remote_fingerprint->digest.size())) { |
| 494 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_PARAMETER, |
| 495 | "Failed to apply remote fingerprint."); |
| 496 | } |
| 497 | return webrtc::RTCError::OK(); |
| 498 | } |
| 499 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 500 | bool JsepTransport::SetRtcpMux(bool enable, |
| 501 | webrtc::SdpType type, |
| 502 | ContentSource source) { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 503 | RTC_DCHECK_RUN_ON(network_thread_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 504 | bool ret = false; |
| 505 | switch (type) { |
| 506 | case SdpType::kOffer: |
| 507 | ret = rtcp_mux_negotiator_.SetOffer(enable, source); |
| 508 | break; |
| 509 | case SdpType::kPrAnswer: |
| 510 | // This may activate RTCP muxing, but we don't yet destroy the transport |
| 511 | // because the final answer may deactivate it. |
| 512 | ret = rtcp_mux_negotiator_.SetProvisionalAnswer(enable, source); |
| 513 | break; |
| 514 | case SdpType::kAnswer: |
| 515 | ret = rtcp_mux_negotiator_.SetAnswer(enable, source); |
| 516 | if (ret && rtcp_mux_negotiator_.IsActive()) { |
| 517 | ActivateRtcpMux(); |
| 518 | } |
| 519 | break; |
| 520 | default: |
| 521 | RTC_NOTREACHED(); |
| 522 | } |
| 523 | |
| 524 | if (!ret) { |
| 525 | return false; |
| 526 | } |
| 527 | |
| 528 | auto transport = rtp_transport(); |
| 529 | transport->SetRtcpMuxEnabled(rtcp_mux_negotiator_.IsActive()); |
| 530 | return ret; |
| 531 | } |
| 532 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 533 | void JsepTransport::ActivateRtcpMux() { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 534 | { |
| 535 | // Don't hold the network_thread_ lock while calling other functions, |
| 536 | // since they might call other functions that call RTC_DCHECK_RUN_ON. |
| 537 | // TODO(https://crbug.com/webrtc/10318): Simplify when possible. |
| 538 | RTC_DCHECK_RUN_ON(network_thread_); |
| 539 | } |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 540 | { |
| 541 | rtc::CritScope scope(&accessor_lock_); |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 542 | if (unencrypted_rtp_transport_) { |
| 543 | RTC_DCHECK(!sdes_transport_); |
| 544 | RTC_DCHECK(!dtls_srtp_transport_); |
| 545 | unencrypted_rtp_transport_->SetRtcpPacketTransport(nullptr); |
| 546 | } else if (sdes_transport_) { |
| 547 | RTC_DCHECK(!unencrypted_rtp_transport_); |
| 548 | RTC_DCHECK(!dtls_srtp_transport_); |
| 549 | sdes_transport_->SetRtcpPacketTransport(nullptr); |
| 550 | } else if (dtls_srtp_transport_) { |
| 551 | RTC_DCHECK(dtls_srtp_transport_); |
| 552 | RTC_DCHECK(!unencrypted_rtp_transport_); |
| 553 | RTC_DCHECK(!sdes_transport_); |
| 554 | dtls_srtp_transport_->SetDtlsTransports(rtp_dtls_transport(), |
| 555 | /*rtcp_dtls_transport=*/nullptr); |
| 556 | } |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 557 | rtcp_dtls_transport_ = nullptr; // Destroy this reference. |
| 558 | } |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 559 | // Notify the JsepTransportController to update the aggregate states. |
| 560 | SignalRtcpMuxActive(); |
| 561 | } |
| 562 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 563 | bool JsepTransport::SetSdes(const std::vector<CryptoParams>& cryptos, |
| 564 | const std::vector<int>& encrypted_extension_ids, |
| 565 | webrtc::SdpType type, |
| 566 | ContentSource source) { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 567 | RTC_DCHECK_RUN_ON(network_thread_); |
| 568 | rtc::CritScope scope(&accessor_lock_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 569 | bool ret = false; |
| 570 | ret = sdes_negotiator_.Process(cryptos, type, source); |
| 571 | if (!ret) { |
| 572 | return ret; |
| 573 | } |
| 574 | |
| 575 | if (source == ContentSource::CS_LOCAL) { |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 576 | recv_extension_ids_ = encrypted_extension_ids; |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 577 | } else { |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 578 | send_extension_ids_ = encrypted_extension_ids; |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 579 | } |
| 580 | |
| 581 | // If setting an SDES answer succeeded, apply the negotiated parameters |
| 582 | // to the SRTP transport. |
| 583 | if ((type == SdpType::kPrAnswer || type == SdpType::kAnswer) && ret) { |
| 584 | if (sdes_negotiator_.send_cipher_suite() && |
| 585 | sdes_negotiator_.recv_cipher_suite()) { |
| 586 | RTC_DCHECK(send_extension_ids_); |
| 587 | RTC_DCHECK(recv_extension_ids_); |
| 588 | ret = sdes_transport_->SetRtpParams( |
| 589 | *(sdes_negotiator_.send_cipher_suite()), |
| 590 | sdes_negotiator_.send_key().data(), |
| 591 | static_cast<int>(sdes_negotiator_.send_key().size()), |
| 592 | *(send_extension_ids_), *(sdes_negotiator_.recv_cipher_suite()), |
| 593 | sdes_negotiator_.recv_key().data(), |
| 594 | static_cast<int>(sdes_negotiator_.recv_key().size()), |
| 595 | *(recv_extension_ids_)); |
| 596 | } else { |
| 597 | RTC_LOG(LS_INFO) << "No crypto keys are provided for SDES."; |
| 598 | if (type == SdpType::kAnswer) { |
| 599 | // Explicitly reset the |sdes_transport_| if no crypto param is |
| 600 | // provided in the answer. No need to call |ResetParams()| for |
| 601 | // |sdes_negotiator_| because it resets the params inside |SetAnswer|. |
| 602 | sdes_transport_->ResetParams(); |
| 603 | } |
| 604 | } |
| 605 | } |
| 606 | return ret; |
| 607 | } |
| 608 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 609 | webrtc::RTCError JsepTransport::NegotiateAndSetDtlsParameters( |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 610 | SdpType local_description_type) { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 611 | RTC_DCHECK_RUN_ON(network_thread_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 612 | if (!local_description_ || !remote_description_) { |
| 613 | return webrtc::RTCError(webrtc::RTCErrorType::INVALID_STATE, |
| 614 | "Applying an answer transport description " |
| 615 | "without applying any offer."); |
| 616 | } |
| 617 | std::unique_ptr<rtc::SSLFingerprint> remote_fingerprint; |
Danil Chapovalov | 66cadcc | 2018-06-19 16:47:43 +0200 | [diff] [blame] | 618 | absl::optional<rtc::SSLRole> negotiated_dtls_role; |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 619 | |
| 620 | rtc::SSLFingerprint* local_fp = |
| 621 | local_description_->transport_desc.identity_fingerprint.get(); |
| 622 | rtc::SSLFingerprint* remote_fp = |
| 623 | remote_description_->transport_desc.identity_fingerprint.get(); |
| 624 | if (remote_fp && local_fp) { |
Mirko Bonadei | 317a1f0 | 2019-09-17 17:06:18 +0200 | [diff] [blame] | 625 | remote_fingerprint = std::make_unique<rtc::SSLFingerprint>(*remote_fp); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 626 | webrtc::RTCError error = |
| 627 | NegotiateDtlsRole(local_description_type, |
| 628 | local_description_->transport_desc.connection_role, |
| 629 | remote_description_->transport_desc.connection_role, |
| 630 | &negotiated_dtls_role); |
| 631 | if (!error.ok()) { |
| 632 | return error; |
| 633 | } |
| 634 | } else if (local_fp && (local_description_type == SdpType::kAnswer)) { |
| 635 | return webrtc::RTCError( |
| 636 | webrtc::RTCErrorType::INVALID_PARAMETER, |
| 637 | "Local fingerprint supplied when caller didn't offer DTLS."); |
| 638 | } else { |
| 639 | // We are not doing DTLS |
Mirko Bonadei | 317a1f0 | 2019-09-17 17:06:18 +0200 | [diff] [blame] | 640 | remote_fingerprint = std::make_unique<rtc::SSLFingerprint>( |
Steve Anton | 4905edb | 2018-10-15 19:27:44 -0700 | [diff] [blame] | 641 | "", rtc::ArrayView<const uint8_t>()); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 642 | } |
| 643 | // Now that we have negotiated everything, push it downward. |
| 644 | // Note that we cache the result so that if we have race conditions |
| 645 | // between future SetRemote/SetLocal invocations and new transport |
| 646 | // creation, we have the negotiation state saved until a new |
| 647 | // negotiation happens. |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 648 | RTC_DCHECK(rtp_dtls_transport()); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 649 | webrtc::RTCError error = SetNegotiatedDtlsParameters( |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 650 | rtp_dtls_transport(), negotiated_dtls_role, remote_fingerprint.get()); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 651 | if (!error.ok()) { |
| 652 | return error; |
| 653 | } |
| 654 | |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 655 | if (rtcp_dtls_transport()) { |
| 656 | error = SetNegotiatedDtlsParameters( |
| 657 | rtcp_dtls_transport(), negotiated_dtls_role, remote_fingerprint.get()); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 658 | } |
| 659 | return error; |
| 660 | } |
| 661 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 662 | webrtc::RTCError JsepTransport::NegotiateDtlsRole( |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 663 | SdpType local_description_type, |
| 664 | ConnectionRole local_connection_role, |
| 665 | ConnectionRole remote_connection_role, |
Danil Chapovalov | 66cadcc | 2018-06-19 16:47:43 +0200 | [diff] [blame] | 666 | absl::optional<rtc::SSLRole>* negotiated_dtls_role) { |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 667 | // From RFC 4145, section-4.1, The following are the values that the |
| 668 | // 'setup' attribute can take in an offer/answer exchange: |
| 669 | // Offer Answer |
| 670 | // ________________ |
| 671 | // active passive / holdconn |
| 672 | // passive active / holdconn |
| 673 | // actpass active / passive / holdconn |
| 674 | // holdconn holdconn |
| 675 | // |
| 676 | // Set the role that is most conformant with RFC 5763, Section 5, bullet 1 |
| 677 | // The endpoint MUST use the setup attribute defined in [RFC4145]. |
| 678 | // The endpoint that is the offerer MUST use the setup attribute |
| 679 | // value of setup:actpass and be prepared to receive a client_hello |
| 680 | // before it receives the answer. The answerer MUST use either a |
| 681 | // setup attribute value of setup:active or setup:passive. Note that |
| 682 | // if the answerer uses setup:passive, then the DTLS handshake will |
| 683 | // not begin until the answerer is received, which adds additional |
| 684 | // latency. setup:active allows the answer and the DTLS handshake to |
| 685 | // occur in parallel. Thus, setup:active is RECOMMENDED. Whichever |
| 686 | // party is active MUST initiate a DTLS handshake by sending a |
| 687 | // ClientHello over each flow (host/port quartet). |
| 688 | // IOW - actpass and passive modes should be treated as server and |
| 689 | // active as client. |
| 690 | bool is_remote_server = false; |
| 691 | if (local_description_type == SdpType::kOffer) { |
| 692 | if (local_connection_role != CONNECTIONROLE_ACTPASS) { |
| 693 | return webrtc::RTCError( |
| 694 | webrtc::RTCErrorType::INVALID_PARAMETER, |
| 695 | "Offerer must use actpass value for setup attribute."); |
| 696 | } |
| 697 | |
| 698 | if (remote_connection_role == CONNECTIONROLE_ACTIVE || |
| 699 | remote_connection_role == CONNECTIONROLE_PASSIVE || |
| 700 | remote_connection_role == CONNECTIONROLE_NONE) { |
| 701 | is_remote_server = (remote_connection_role == CONNECTIONROLE_PASSIVE); |
| 702 | } else { |
| 703 | return webrtc::RTCError( |
| 704 | webrtc::RTCErrorType::INVALID_PARAMETER, |
| 705 | "Answerer must use either active or passive value " |
| 706 | "for setup attribute."); |
| 707 | } |
| 708 | // If remote is NONE or ACTIVE it will act as client. |
| 709 | } else { |
| 710 | if (remote_connection_role != CONNECTIONROLE_ACTPASS && |
| 711 | remote_connection_role != CONNECTIONROLE_NONE) { |
| 712 | // Accept a remote role attribute that's not "actpass", but matches the |
| 713 | // current negotiated role. This is allowed by dtls-sdp, though our |
| 714 | // implementation will never generate such an offer as it's not |
| 715 | // recommended. |
| 716 | // |
| 717 | // See https://datatracker.ietf.org/doc/html/draft-ietf-mmusic-dtls-sdp, |
| 718 | // section 5.5. |
| 719 | auto current_dtls_role = GetDtlsRole(); |
| 720 | if (!current_dtls_role || |
| 721 | (*current_dtls_role == rtc::SSL_CLIENT && |
| 722 | remote_connection_role == CONNECTIONROLE_ACTIVE) || |
| 723 | (*current_dtls_role == rtc::SSL_SERVER && |
| 724 | remote_connection_role == CONNECTIONROLE_PASSIVE)) { |
| 725 | return webrtc::RTCError( |
| 726 | webrtc::RTCErrorType::INVALID_PARAMETER, |
| 727 | "Offerer must use actpass value or current negotiated role for " |
| 728 | "setup attribute."); |
| 729 | } |
| 730 | } |
| 731 | |
| 732 | if (local_connection_role == CONNECTIONROLE_ACTIVE || |
| 733 | local_connection_role == CONNECTIONROLE_PASSIVE) { |
| 734 | is_remote_server = (local_connection_role == CONNECTIONROLE_ACTIVE); |
| 735 | } else { |
| 736 | return webrtc::RTCError( |
| 737 | webrtc::RTCErrorType::INVALID_PARAMETER, |
| 738 | "Answerer must use either active or passive value " |
| 739 | "for setup attribute."); |
| 740 | } |
| 741 | |
| 742 | // If local is passive, local will act as server. |
| 743 | } |
| 744 | |
Mirko Bonadei | 05cf6be | 2019-01-31 21:38:12 +0100 | [diff] [blame] | 745 | *negotiated_dtls_role = |
| 746 | (is_remote_server ? rtc::SSL_CLIENT : rtc::SSL_SERVER); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 747 | return webrtc::RTCError::OK(); |
| 748 | } |
| 749 | |
Zhi Huang | 365381f | 2018-04-13 16:44:34 -0700 | [diff] [blame] | 750 | bool JsepTransport::GetTransportStats(DtlsTransportInternal* dtls_transport, |
| 751 | TransportStats* stats) { |
Harald Alvestrand | 78a5e96 | 2019-04-03 10:42:39 +0200 | [diff] [blame] | 752 | RTC_DCHECK_RUN_ON(network_thread_); |
| 753 | rtc::CritScope scope(&accessor_lock_); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 754 | RTC_DCHECK(dtls_transport); |
| 755 | TransportChannelStats substats; |
Harald Alvestrand | ad88c88 | 2018-11-28 16:47:46 +0100 | [diff] [blame] | 756 | if (rtcp_dtls_transport_) { |
| 757 | substats.component = dtls_transport == rtcp_dtls_transport_->internal() |
| 758 | ? ICE_CANDIDATE_COMPONENT_RTCP |
| 759 | : ICE_CANDIDATE_COMPONENT_RTP; |
| 760 | } else { |
| 761 | substats.component = ICE_CANDIDATE_COMPONENT_RTP; |
| 762 | } |
Harald Alvestrand | 5cb7807 | 2019-10-28 09:51:17 +0100 | [diff] [blame] | 763 | dtls_transport->GetSslVersionBytes(&substats.ssl_version_bytes); |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 764 | dtls_transport->GetSrtpCryptoSuite(&substats.srtp_crypto_suite); |
| 765 | dtls_transport->GetSslCipherSuite(&substats.ssl_cipher_suite); |
| 766 | substats.dtls_state = dtls_transport->dtls_state(); |
| 767 | if (!dtls_transport->ice_transport()->GetStats( |
Jonas Oreland | 149dc72 | 2019-08-28 08:10:27 +0200 | [diff] [blame] | 768 | &substats.ice_transport_stats)) { |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 769 | return false; |
| 770 | } |
| 771 | stats->channel_stats.push_back(substats); |
| 772 | return true; |
| 773 | } |
| 774 | |
Bjorn A Mellem | b689af4 | 2019-08-21 10:44:59 -0700 | [diff] [blame] | 775 | void JsepTransport::NegotiateDatagramTransport(SdpType type) { |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 776 | RTC_DCHECK(type == SdpType::kAnswer || type == SdpType::kPrAnswer); |
| 777 | rtc::CritScope lock(&accessor_lock_); |
Bjorn A Mellem | 703ea95 | 2019-08-23 10:31:11 -0700 | [diff] [blame] | 778 | if (!datagram_transport_) { |
| 779 | return; // No need to negotiate the use of datagram transport. |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 780 | } |
| 781 | |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 782 | bool compatible_datagram_transport = |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 783 | remote_description_->transport_desc.opaque_parameters && |
| 784 | remote_description_->transport_desc.opaque_parameters == |
| 785 | local_description_->transport_desc.opaque_parameters; |
| 786 | |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 787 | bool use_datagram_transport_for_media = |
| 788 | compatible_datagram_transport && |
| 789 | remote_description_->media_alt_protocol == |
| 790 | remote_description_->transport_desc.opaque_parameters->protocol && |
| 791 | remote_description_->media_alt_protocol == |
| 792 | local_description_->media_alt_protocol; |
| 793 | |
| 794 | bool use_datagram_transport_for_data = |
| 795 | compatible_datagram_transport && |
| 796 | remote_description_->data_alt_protocol == |
| 797 | remote_description_->transport_desc.opaque_parameters->protocol && |
| 798 | remote_description_->data_alt_protocol == |
| 799 | local_description_->data_alt_protocol; |
| 800 | |
| 801 | RTC_LOG(LS_INFO) |
| 802 | << "Negotiating datagram transport, use_datagram_transport_for_media=" |
| 803 | << use_datagram_transport_for_media |
| 804 | << ", use_datagram_transport_for_data=" << use_datagram_transport_for_data |
| 805 | << " answer type=" << (type == SdpType::kAnswer ? "answer" : "pr_answer"); |
Bjorn A Mellem | 703ea95 | 2019-08-23 10:31:11 -0700 | [diff] [blame] | 806 | |
Bjorn A Mellem | b689af4 | 2019-08-21 10:44:59 -0700 | [diff] [blame] | 807 | // A provisional or full or answer lets the peer start sending on one of the |
| 808 | // transports. |
Bjorn A Mellem | 703ea95 | 2019-08-23 10:31:11 -0700 | [diff] [blame] | 809 | if (composite_rtp_transport_) { |
| 810 | composite_rtp_transport_->SetSendTransport( |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 811 | use_datagram_transport_for_media ? datagram_rtp_transport_.get() |
| 812 | : default_rtp_transport()); |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 813 | } |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 814 | if (composite_data_channel_transport_) { |
| 815 | composite_data_channel_transport_->SetSendTransport( |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 816 | use_datagram_transport_for_data ? data_channel_transport_ |
| 817 | : sctp_data_channel_transport_.get()); |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 818 | } |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 819 | |
| 820 | if (type != SdpType::kAnswer) { |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 821 | return; |
| 822 | } |
| 823 | |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 824 | if (composite_rtp_transport_) { |
| 825 | if (use_datagram_transport_for_media) { |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 826 | // Negotiated use of datagram transport for RTP, so remove the |
| 827 | // non-datagram RTP transport. |
Bjorn A Mellem | 703ea95 | 2019-08-23 10:31:11 -0700 | [diff] [blame] | 828 | composite_rtp_transport_->RemoveTransport(default_rtp_transport()); |
| 829 | if (unencrypted_rtp_transport_) { |
| 830 | unencrypted_rtp_transport_ = nullptr; |
| 831 | } else if (sdes_transport_) { |
| 832 | sdes_transport_ = nullptr; |
| 833 | } else { |
| 834 | dtls_srtp_transport_ = nullptr; |
| 835 | } |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 836 | } else { |
| 837 | composite_rtp_transport_->RemoveTransport(datagram_rtp_transport_.get()); |
| 838 | datagram_rtp_transport_ = nullptr; |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 839 | } |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 840 | } |
| 841 | |
| 842 | if (composite_data_channel_transport_) { |
| 843 | if (use_datagram_transport_for_data) { |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 844 | // Negotiated use of datagram transport for data channels, so remove the |
| 845 | // non-datagram data channel transport. |
| 846 | composite_data_channel_transport_->RemoveTransport( |
| 847 | sctp_data_channel_transport_.get()); |
| 848 | sctp_data_channel_transport_ = nullptr; |
| 849 | sctp_transport_ = nullptr; |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 850 | } else { |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 851 | composite_data_channel_transport_->RemoveTransport( |
| 852 | data_channel_transport_); |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 853 | data_channel_transport_ = nullptr; |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 854 | } |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 855 | } else if (data_channel_transport_ && !use_datagram_transport_for_data) { |
| 856 | // The datagram transport has been rejected without a fallback. We still |
| 857 | // need to inform the application and delete it. |
| 858 | SignalDataChannelTransportNegotiated(this, nullptr); |
Bjorn A Mellem | bc3eebc | 2019-09-23 14:53:54 -0700 | [diff] [blame] | 859 | data_channel_transport_ = nullptr; |
Bjorn A Mellem | 8e1343a | 2019-09-30 15:12:47 -0700 | [diff] [blame] | 860 | } |
| 861 | |
| 862 | if (!use_datagram_transport_for_media && !use_datagram_transport_for_data) { |
| 863 | // Datagram transport is not being used for anything, so clean it up. |
Bjorn A Mellem | c85ebbe | 2019-06-07 10:28:06 -0700 | [diff] [blame] | 864 | datagram_transport_ = nullptr; |
| 865 | } |
| 866 | } |
| 867 | |
Zhi Huang | e818b6e | 2018-02-22 15:26:27 -0800 | [diff] [blame] | 868 | } // namespace cricket |