diff --git a/webrtc/BUILD.gn b/webrtc/BUILD.gn index e88e53c6e5..eb6c3f79b7 100644 --- a/webrtc/BUILD.gn +++ b/webrtc/BUILD.gn @@ -30,6 +30,7 @@ config("common_inherited_config") { defines = [ # TODO(kjellander): Cleanup unused ones and move defines closer to # the source when webrtc:4256 is completed. + "FEATURE_ENABLE_SSL", "FEATURE_ENABLE_VOICEMAIL", "EXPAT_RELATIVE_PATH", "GTEST_RELATIVE_PATH", @@ -131,10 +132,12 @@ config("common_config") { # targets, there's no point including the defines in that config here. # TODO(kjellander): Cleanup unused ones and move defines closer to the # source when webrtc:4256 is completed. + "HAVE_OPENSSL_SSL_H", "HAVE_SRTP", "HAVE_WEBRTC_VIDEO", "HAVE_WEBRTC_VOICE", "LOGGING_INSIDE_WEBRTC", + "SSL_USE_OPENSSL", "USE_WEBRTC_DEV_BRANCH", ] } else { diff --git a/webrtc/api/peerconnection_unittest.cc b/webrtc/api/peerconnection_unittest.cc index c8a1eb6e2a..c27e53ffc4 100644 --- a/webrtc/api/peerconnection_unittest.cc +++ b/webrtc/api/peerconnection_unittest.cc @@ -46,6 +46,12 @@ #include "webrtc/p2p/client/basicportallocator.h" #include "webrtc/pc/mediasession.h" +#define MAYBE_SKIP_TEST(feature) \ + if (!(feature())) { \ + LOG(LS_INFO) << "Feature disabled... skipping"; \ + return; \ + } + using cricket::ContentInfo; using cricket::FakeWebRtcVideoDecoder; using cricket::FakeWebRtcVideoDecoderFactory; @@ -217,7 +223,8 @@ class PeerConnectionTestClient : public webrtc::PeerConnectionObserver, rtc::Thread* network_thread, rtc::Thread* worker_thread) { std::unique_ptr cert_generator( - new FakeRTCCertificateGenerator()); + rtc::SSLStreamAdapter::HaveDtlsSrtp() ? + new FakeRTCCertificateGenerator() : nullptr); return CreateClientWithDtlsIdentityStore(id, constraints, options, config, std::move(cert_generator), true, @@ -230,7 +237,8 @@ class PeerConnectionTestClient : public webrtc::PeerConnectionObserver, rtc::Thread* network_thread, rtc::Thread* worker_thread) { std::unique_ptr cert_generator( - new FakeRTCCertificateGenerator()); + rtc::SSLStreamAdapter::HaveDtlsSrtp() ? + new FakeRTCCertificateGenerator() : nullptr); return CreateClientWithDtlsIdentityStore(id, nullptr, options, nullptr, std::move(cert_generator), false, @@ -1464,6 +1472,7 @@ class P2PTestConductor : public testing::Test { } void SetupAndVerifyDtlsCall() { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); FakeConstraints setup_constraints; setup_constraints.AddMandatory(MediaConstraintsInterface::kEnableDtlsSrtp, true); @@ -1488,7 +1497,8 @@ class P2PTestConductor : public testing::Test { rtc_config.set_cpu_adaptation(false); std::unique_ptr cert_generator( - new FakeRTCCertificateGenerator()); + rtc::SSLStreamAdapter::HaveDtlsSrtp() ? + new FakeRTCCertificateGenerator() : nullptr); cert_generator->use_alternate_key(); // Make sure the new client is using a different certificate. @@ -1684,6 +1694,7 @@ TEST_F(P2PTestConductor, OneWayMediaCallWithoutConstraints) { // This test sets up a audio call initially and then upgrades to audio/video, // using DTLS. TEST_F(P2PTestConductor, LocalP2PTestDtlsRenegotiate) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); FakeConstraints setup_constraints; setup_constraints.AddMandatory(MediaConstraintsInterface::kEnableDtlsSrtp, true); @@ -1697,6 +1708,7 @@ TEST_F(P2PTestConductor, LocalP2PTestDtlsRenegotiate) { // This test sets up a call transfer to a new caller with a different DTLS // fingerprint. TEST_F(P2PTestConductor, LocalP2PTestDtlsTransferCallee) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); SetupAndVerifyDtlsCall(); // Keeping the original peer around which will still send packets to the @@ -1715,6 +1727,7 @@ TEST_F(P2PTestConductor, LocalP2PTestDtlsTransferCallee) { // bundle is in effect in the restart, the channel can successfully reset its // DTLS-SRTP context. TEST_F(P2PTestConductor, LocalP2PTestDtlsBundleInIceRestart) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); FakeConstraints setup_constraints; setup_constraints.AddMandatory(MediaConstraintsInterface::kEnableDtlsSrtp, true); @@ -1733,6 +1746,7 @@ TEST_F(P2PTestConductor, LocalP2PTestDtlsBundleInIceRestart) { // This test sets up a call transfer to a new callee with a different DTLS // fingerprint. TEST_F(P2PTestConductor, LocalP2PTestDtlsTransferCaller) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); SetupAndVerifyDtlsCall(); // Keeping the original peer around which will still send packets to the @@ -1766,6 +1780,7 @@ TEST_F(P2PTestConductor, LocalP2PTestReceiverDoesntSupportCVO) { // DTLS key agreement. The offerer don't support SDES. As a result, DTLS is // negotiated and used for transport. TEST_F(P2PTestConductor, LocalP2PTestOfferDtlsButNotSdes) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); FakeConstraints setup_constraints; setup_constraints.AddMandatory(MediaConstraintsInterface::kEnableDtlsSrtp, true); @@ -2242,6 +2257,7 @@ TEST_F(P2PTestConductor, AddDataChannelAfterRenegotiation) { // negotiation is completed without error. #ifdef HAVE_SCTP TEST_F(P2PTestConductor, CreateOfferWithSctpDataChannel) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); FakeConstraints constraints; constraints.SetMandatory( MediaConstraintsInterface::kEnableDtlsSrtp, true); diff --git a/webrtc/api/peerconnectionendtoend_unittest.cc b/webrtc/api/peerconnectionendtoend_unittest.cc index 436e7bf02b..4110db07c9 100644 --- a/webrtc/api/peerconnectionendtoend_unittest.cc +++ b/webrtc/api/peerconnectionendtoend_unittest.cc @@ -24,6 +24,12 @@ #include "webrtc/base/stringencode.h" #include "webrtc/base/stringutils.h" +#define MAYBE_SKIP_TEST(feature) \ + if (!(feature())) { \ + LOG(LS_INFO) << "Feature disabled... skipping"; \ + return; \ + } + using webrtc::DataChannelInterface; using webrtc::FakeConstraints; using webrtc::MediaConstraintsInterface; @@ -192,6 +198,8 @@ TEST_F(PeerConnectionEndToEndTest, CallWithLegacySdp) { // Verifies that a DataChannel created before the negotiation can transition to // "OPEN" and transfer data. TEST_F(PeerConnectionEndToEndTest, CreateDataChannelBeforeNegotiate) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); + CreatePcs(); webrtc::DataChannelInit init; @@ -216,6 +224,8 @@ TEST_F(PeerConnectionEndToEndTest, CreateDataChannelBeforeNegotiate) { // Verifies that a DataChannel created after the negotiation can transition to // "OPEN" and transfer data. TEST_F(PeerConnectionEndToEndTest, CreateDataChannelAfterNegotiate) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); + CreatePcs(); webrtc::DataChannelInit init; @@ -247,6 +257,8 @@ TEST_F(PeerConnectionEndToEndTest, CreateDataChannelAfterNegotiate) { // Verifies that DataChannel IDs are even/odd based on the DTLS roles. TEST_F(PeerConnectionEndToEndTest, DataChannelIdAssignment) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); + CreatePcs(); webrtc::DataChannelInit init; @@ -274,6 +286,8 @@ TEST_F(PeerConnectionEndToEndTest, DataChannelIdAssignment) { // there are multiple DataChannels. TEST_F(PeerConnectionEndToEndTest, MessageTransferBetweenTwoPairsOfDataChannels) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); + CreatePcs(); webrtc::DataChannelInit init; @@ -395,6 +409,8 @@ TEST_F(PeerConnectionEndToEndTest, MessageTransferBetweenQuicDataChannels) { // See: https://bugs.chromium.org/p/webrtc/issues/detail?id=4453 TEST_F(PeerConnectionEndToEndTest, DISABLED_DataChannelFromOpenWorksAfterClose) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); + CreatePcs(); webrtc::DataChannelInit init; @@ -421,6 +437,8 @@ TEST_F(PeerConnectionEndToEndTest, // reference count), no memory access violation will occur. // See: https://code.google.com/p/chromium/issues/detail?id=565048 TEST_F(PeerConnectionEndToEndTest, CloseDataChannelRemotelyWhileNotReferenced) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); + CreatePcs(); webrtc::DataChannelInit init; diff --git a/webrtc/api/peerconnectioninterface_unittest.cc b/webrtc/api/peerconnectioninterface_unittest.cc index e70cbb64a1..2da3755fcb 100644 --- a/webrtc/api/peerconnectioninterface_unittest.cc +++ b/webrtc/api/peerconnectioninterface_unittest.cc @@ -293,6 +293,12 @@ static const char kSdpStringMs1Video1[] = "a=ssrc:4 cname:stream1\r\n" "a=ssrc:4 msid:stream1 videotrack1\r\n"; +#define MAYBE_SKIP_TEST(feature) \ + if (!(feature())) { \ + LOG(LS_INFO) << "Feature disabled... skipping"; \ + return; \ + } + using ::testing::Exactly; using cricket::StreamParams; using webrtc::AudioSourceInterface; @@ -2036,6 +2042,7 @@ TEST_F(PeerConnectionInterfaceTest, TestRejectDataChannelInAnswer) { // FireFox, use it as a remote session description, generate an answer and use // the answer as a local description. TEST_F(PeerConnectionInterfaceTest, ReceiveFireFoxOffer) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); FakeConstraints constraints; constraints.AddMandatory(webrtc::MediaConstraintsInterface::kEnableDtlsSrtp, true); diff --git a/webrtc/api/test/peerconnectiontestwrapper.cc b/webrtc/api/test/peerconnectiontestwrapper.cc index 3254480a27..b1eb58677d 100644 --- a/webrtc/api/test/peerconnectiontestwrapper.cc +++ b/webrtc/api/test/peerconnectiontestwrapper.cc @@ -76,7 +76,8 @@ bool PeerConnectionTestWrapper::CreatePc( } std::unique_ptr cert_generator( - new FakeRTCCertificateGenerator()); + rtc::SSLStreamAdapter::HaveDtlsSrtp() ? new FakeRTCCertificateGenerator() + : nullptr); peer_connection_ = peer_connection_factory_->CreatePeerConnection( config, constraints, std::move(port_allocator), std::move(cert_generator), this); diff --git a/webrtc/api/webrtcsession_unittest.cc b/webrtc/api/webrtcsession_unittest.cc index c8ae058bac..1a7a02622c 100644 --- a/webrtc/api/webrtcsession_unittest.cc +++ b/webrtc/api/webrtcsession_unittest.cc @@ -50,6 +50,12 @@ #include "webrtc/pc/channelmanager.h" #include "webrtc/pc/mediasession.h" +#define MAYBE_SKIP_TEST(feature) \ + if (!(feature())) { \ + LOG(LS_INFO) << "Feature disabled... skipping"; \ + return; \ + } + using cricket::FakeVoiceMediaChannel; using cricket::TransportInfo; using rtc::SocketAddress; @@ -1844,6 +1850,7 @@ TEST_F(WebRtcSessionTest, TestSetRemoteNonSdesAnswerWhenSdesOn) { // Test that we accept an offer with a DTLS fingerprint when DTLS is on // and that we return an answer with a DTLS fingerprint. TEST_P(WebRtcSessionTest, TestReceiveDtlsOfferCreateDtlsAnswer) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); SendAudioVideoStream1(); InitWithDtls(GetParam()); SetFactoryDtlsSrtp(); @@ -1872,6 +1879,7 @@ TEST_P(WebRtcSessionTest, TestReceiveDtlsOfferCreateDtlsAnswer) { // Test that we set a local offer with a DTLS fingerprint when DTLS is on // and then we accept a remote answer with a DTLS fingerprint successfully. TEST_P(WebRtcSessionTest, TestCreateDtlsOfferReceiveDtlsAnswer) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); SendAudioVideoStream1(); InitWithDtls(GetParam()); SetFactoryDtlsSrtp(); @@ -1901,6 +1909,7 @@ TEST_P(WebRtcSessionTest, TestCreateDtlsOfferReceiveDtlsAnswer) { // Test that if we support DTLS and the other side didn't offer a fingerprint, // we will fail to set the remote description. TEST_P(WebRtcSessionTest, TestReceiveNonDtlsOfferWhenDtlsOn) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); InitWithDtls(GetParam()); cricket::MediaSessionOptions options; options.recv_video = true; @@ -1924,6 +1933,7 @@ TEST_P(WebRtcSessionTest, TestReceiveNonDtlsOfferWhenDtlsOn) { // Test that we return a failure when applying a local answer that doesn't have // a DTLS fingerprint when DTLS is required. TEST_P(WebRtcSessionTest, TestSetLocalNonDtlsAnswerWhenDtlsOn) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); InitWithDtls(GetParam()); SessionDescriptionInterface* offer = NULL; SessionDescriptionInterface* answer = NULL; @@ -1939,6 +1949,7 @@ TEST_P(WebRtcSessionTest, TestSetLocalNonDtlsAnswerWhenDtlsOn) { // Test that we return a failure when applying a remote answer that doesn't have // a DTLS fingerprint when DTLS is required. TEST_P(WebRtcSessionTest, TestSetRemoteNonDtlsAnswerWhenDtlsOn) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); InitWithDtls(GetParam()); SessionDescriptionInterface* offer = CreateOffer(); cricket::MediaSessionOptions options; @@ -3915,6 +3926,8 @@ TEST_F(WebRtcSessionTest, TestRtpDataChannel) { } TEST_P(WebRtcSessionTest, TestRtpDataChannelConstraintTakesPrecedence) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); + configuration_.enable_rtp_data_channel = true; options_.disable_sctp_data_channels = false; @@ -3927,6 +3940,7 @@ TEST_P(WebRtcSessionTest, TestRtpDataChannelConstraintTakesPrecedence) { // Test that sctp_content_name/sctp_transport_name (used for stats) are correct // before and after BUNDLE is negotiated. TEST_P(WebRtcSessionTest, SctpContentAndTransportName) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); SetFactoryDtlsSrtp(); InitWithDtls(GetParam()); @@ -3960,6 +3974,8 @@ TEST_P(WebRtcSessionTest, SctpContentAndTransportName) { } TEST_P(WebRtcSessionTest, TestCreateOfferWithSctpEnabledWithoutStreams) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); + InitWithDtls(GetParam()); std::unique_ptr offer(CreateOffer()); @@ -3968,6 +3984,7 @@ TEST_P(WebRtcSessionTest, TestCreateOfferWithSctpEnabledWithoutStreams) { } TEST_P(WebRtcSessionTest, TestCreateAnswerWithSctpInOfferAndNoStreams) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); SetFactoryDtlsSrtp(); InitWithDtls(GetParam()); @@ -3999,6 +4016,8 @@ TEST_P(WebRtcSessionTest, TestSctpDataChannelWithoutDtls) { // Test that if DTLS is enabled, we end up with an SctpTransport created // (and not an RtpDataChannel). TEST_P(WebRtcSessionTest, TestSctpDataChannelWithDtls) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); + InitWithDtls(GetParam()); SetLocalDescriptionWithDataChannel(); @@ -4009,6 +4028,7 @@ TEST_P(WebRtcSessionTest, TestSctpDataChannelWithDtls) { // Test that if SCTP is disabled, we don't end up with an SctpTransport // created (or an RtpDataChannel). TEST_P(WebRtcSessionTest, TestDisableSctpDataChannels) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); options_.disable_sctp_data_channels = true; InitWithDtls(GetParam()); @@ -4018,6 +4038,7 @@ TEST_P(WebRtcSessionTest, TestDisableSctpDataChannels) { } TEST_P(WebRtcSessionTest, TestSctpDataChannelSendPortParsing) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); const int new_send_port = 9998; const int new_recv_port = 7775; @@ -4059,6 +4080,8 @@ TEST_P(WebRtcSessionTest, TestSctpDataChannelSendPortParsing) { // WebRtcSession signals the SctpTransport creation request with the expected // config. TEST_P(WebRtcSessionTest, TestSctpDataChannelOpenMessage) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); + InitWithDtls(GetParam()); SetLocalDescriptionWithDataChannel(); @@ -4098,6 +4121,7 @@ TEST_P(WebRtcSessionTest, TestUsesProvidedCertificate) { // identity generation is finished (even if a certificate is provided this is // an async op). TEST_P(WebRtcSessionTest, TestCreateOfferBeforeIdentityRequestReturnSuccess) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); InitWithDtls(GetParam()); EXPECT_TRUE(session_->waiting_for_certificate_for_testing()); @@ -4113,6 +4137,7 @@ TEST_P(WebRtcSessionTest, TestCreateOfferBeforeIdentityRequestReturnSuccess) { // identity generation is finished (even if a certificate is provided this is // an async op). TEST_P(WebRtcSessionTest, TestCreateAnswerBeforeIdentityRequestReturnSuccess) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); InitWithDtls(GetParam()); SetFactoryDtlsSrtp(); @@ -4133,6 +4158,7 @@ TEST_P(WebRtcSessionTest, TestCreateAnswerBeforeIdentityRequestReturnSuccess) { // identity generation is finished (even if a certificate is provided this is // an async op). TEST_P(WebRtcSessionTest, TestCreateOfferAfterIdentityRequestReturnSuccess) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); InitWithDtls(GetParam()); EXPECT_TRUE_WAIT(!session_->waiting_for_certificate_for_testing(), 1000); @@ -4144,6 +4170,7 @@ TEST_P(WebRtcSessionTest, TestCreateOfferAfterIdentityRequestReturnSuccess) { // Verifies that CreateOffer fails when CreateOffer is called after async // identity generation fails. TEST_F(WebRtcSessionTest, TestCreateOfferAfterIdentityRequestReturnFailure) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); InitWithDtlsIdentityGenFail(); EXPECT_TRUE_WAIT(!session_->waiting_for_certificate_for_testing(), 1000); @@ -4156,6 +4183,7 @@ TEST_F(WebRtcSessionTest, TestCreateOfferAfterIdentityRequestReturnFailure) { // before async identity generation is finished. TEST_P(WebRtcSessionTest, TestMultipleCreateOfferBeforeIdentityRequestReturnSuccess) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); VerifyMultipleAsyncCreateDescription(GetParam(), CreateSessionDescriptionRequest::kOffer); } @@ -4164,6 +4192,7 @@ TEST_P(WebRtcSessionTest, // before async identity generation fails. TEST_F(WebRtcSessionTest, TestMultipleCreateOfferBeforeIdentityRequestReturnFailure) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); VerifyMultipleAsyncCreateDescriptionIdentityGenFailure( CreateSessionDescriptionRequest::kOffer); } @@ -4172,6 +4201,7 @@ TEST_F(WebRtcSessionTest, // before async identity generation is finished. TEST_P(WebRtcSessionTest, TestMultipleCreateAnswerBeforeIdentityRequestReturnSuccess) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); VerifyMultipleAsyncCreateDescription( GetParam(), CreateSessionDescriptionRequest::kAnswer); } @@ -4180,6 +4210,7 @@ TEST_P(WebRtcSessionTest, // before async identity generation fails. TEST_F(WebRtcSessionTest, TestMultipleCreateAnswerBeforeIdentityRequestReturnFailure) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); VerifyMultipleAsyncCreateDescriptionIdentityGenFailure( CreateSessionDescriptionRequest::kAnswer); } @@ -4223,6 +4254,7 @@ TEST_F(WebRtcSessionTest, TestCombinedAudioVideoBweConstraint) { // Tests that we can renegotiate new media content with ICE candidates in the // new remote SDP. TEST_P(WebRtcSessionTest, TestRenegotiateNewMediaWithCandidatesInSdp) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); InitWithDtls(GetParam()); SetFactoryDtlsSrtp(); @@ -4252,6 +4284,7 @@ TEST_P(WebRtcSessionTest, TestRenegotiateNewMediaWithCandidatesInSdp) { // Tests that we can renegotiate new media content with ICE candidates separated // from the remote SDP. TEST_P(WebRtcSessionTest, TestRenegotiateNewMediaWithCandidatesSeparated) { + MAYBE_SKIP_TEST(rtc::SSLStreamAdapter::HaveDtlsSrtp); InitWithDtls(GetParam()); SetFactoryDtlsSrtp(); diff --git a/webrtc/base/BUILD.gn b/webrtc/base/BUILD.gn index 1a68b3abac..51882da0f9 100644 --- a/webrtc/base/BUILD.gn +++ b/webrtc/base/BUILD.gn @@ -35,10 +35,21 @@ config("rtc_base_approved_all_dependent_config") { } } +config("rtc_base_config") { + defines = [ "FEATURE_ENABLE_SSL" ] +} + config("rtc_base_chromium_config") { defines = [ "NO_MAIN_THREAD_WRAPPING" ] } +config("openssl_config") { + defines = [ + "SSL_USE_OPENSSL", + "HAVE_OPENSSL_SSL_H", + ] +} + config("rtc_base_all_dependent_config") { if (is_ios) { libs = [ @@ -360,6 +371,16 @@ rtc_static_library("rtc_base") { ":rtc_base_approved", ] + configs += [ + ":openssl_config", + ":rtc_base_config", + ] + + public_configs = [ + ":openssl_config", + ":rtc_base_config", + ] + all_dependent_configs = [ ":rtc_base_all_dependent_config" ] sources = [ @@ -516,6 +537,7 @@ rtc_static_library("rtc_base") { "proxyserver.h", "rollingaccumulator.h", "scopedptrcollection.h", + "sslconfig.h", "sslroots.h", "testbase64.h", "testclient.cc", diff --git a/webrtc/base/helpers.cc b/webrtc/base/helpers.cc index aa6a6aea18..a8389d462e 100644 --- a/webrtc/base/helpers.cc +++ b/webrtc/base/helpers.cc @@ -13,7 +13,18 @@ #include #include +#if defined(FEATURE_ENABLE_SSL) +#include "webrtc/base/sslconfig.h" +#if defined(SSL_USE_OPENSSL) #include +#else +#if defined(WEBRTC_WIN) +#define WIN32_LEAN_AND_MEAN +#include +#include +#endif // WEBRTC_WIN +#endif // else +#endif // FEATURE_ENABLED_SSL #include "webrtc/base/base64.h" #include "webrtc/base/basictypes.h" @@ -34,6 +45,7 @@ class RandomGenerator { virtual bool Generate(void* buf, size_t len) = 0; }; +#if defined(SSL_USE_OPENSSL) // The OpenSSL RNG. class SecureRandomGenerator : public RandomGenerator { public: @@ -45,6 +57,79 @@ class SecureRandomGenerator : public RandomGenerator { } }; +#else +#if defined(WEBRTC_WIN) +class SecureRandomGenerator : public RandomGenerator { + public: + SecureRandomGenerator() : advapi32_(NULL), rtl_gen_random_(NULL) {} + ~SecureRandomGenerator() { + FreeLibrary(advapi32_); + } + + virtual bool Init(const void* seed, size_t seed_len) { + // We don't do any additional seeding on Win32, we just use the CryptoAPI + // RNG (which is exposed as a hidden function off of ADVAPI32 so that we + // don't need to drag in all of CryptoAPI) + if (rtl_gen_random_) { + return true; + } + + advapi32_ = LoadLibrary(L"advapi32.dll"); + if (!advapi32_) { + return false; + } + + rtl_gen_random_ = reinterpret_cast( + GetProcAddress(advapi32_, "SystemFunction036")); + if (!rtl_gen_random_) { + FreeLibrary(advapi32_); + return false; + } + + return true; + } + virtual bool Generate(void* buf, size_t len) { + if (!rtl_gen_random_ && !Init(NULL, 0)) { + return false; + } + return (rtl_gen_random_(buf, static_cast(len)) != FALSE); + } + + private: + typedef BOOL (WINAPI *RtlGenRandomProc)(PVOID, ULONG); + HINSTANCE advapi32_; + RtlGenRandomProc rtl_gen_random_; +}; + +#elif !defined(FEATURE_ENABLE_SSL) + +// No SSL implementation -- use rand() +class SecureRandomGenerator : public RandomGenerator { + public: + virtual bool Init(const void* seed, size_t len) { + if (len >= 4) { + srand(*reinterpret_cast(seed)); + } else { + srand(*reinterpret_cast(seed)); + } + return true; + } + virtual bool Generate(void* buf, size_t len) { + char* bytes = reinterpret_cast(buf); + for (size_t i = 0; i < len; ++i) { + bytes[i] = static_cast(rand()); + } + return true; + } +}; + +#else + +#error No SSL implementation has been selected! + +#endif // WEBRTC_WIN +#endif + // A test random generator, for predictable output. class TestRandomGenerator : public RandomGenerator { public: diff --git a/webrtc/base/messagedigest.cc b/webrtc/base/messagedigest.cc index 5e8621c770..c08cab4ea9 100644 --- a/webrtc/base/messagedigest.cc +++ b/webrtc/base/messagedigest.cc @@ -15,7 +15,13 @@ #include #include "webrtc/base/basictypes.h" +#include "webrtc/base/sslconfig.h" +#if SSL_USE_OPENSSL #include "webrtc/base/openssldigest.h" +#else +#include "webrtc/base/md5digest.h" +#include "webrtc/base/sha1digest.h" +#endif #include "webrtc/base/stringencode.h" namespace rtc { @@ -31,12 +37,22 @@ const char DIGEST_SHA_512[] = "sha-512"; static const size_t kBlockSize = 64; // valid for SHA-256 and down MessageDigest* MessageDigestFactory::Create(const std::string& alg) { +#if SSL_USE_OPENSSL MessageDigest* digest = new OpenSSLDigest(alg); if (digest->Size() == 0) { // invalid algorithm delete digest; digest = NULL; } return digest; +#else + MessageDigest* digest = NULL; + if (alg == DIGEST_MD5) { + digest = new Md5Digest(); + } else if (alg == DIGEST_SHA_1) { + digest = new Sha1Digest(); + } + return digest; +#endif } bool IsFips180DigestAlgorithm(const std::string& alg) { diff --git a/webrtc/base/openssladapter.cc b/webrtc/base/openssladapter.cc index d368186186..430191641a 100644 --- a/webrtc/base/openssladapter.cc +++ b/webrtc/base/openssladapter.cc @@ -8,6 +8,8 @@ * be found in the AUTHORS file in the root of the source tree. */ +#if HAVE_OPENSSL_SSL_H + #include "webrtc/base/openssladapter.h" #if defined(WEBRTC_POSIX) @@ -963,3 +965,5 @@ OpenSSLAdapter::SetupSSLContext() { } } // namespace rtc + +#endif // HAVE_OPENSSL_SSL_H diff --git a/webrtc/base/openssldigest.cc b/webrtc/base/openssldigest.cc index 0413f8f410..2618b7f9fd 100644 --- a/webrtc/base/openssldigest.cc +++ b/webrtc/base/openssldigest.cc @@ -8,6 +8,8 @@ * be found in the AUTHORS file in the root of the source tree. */ +#if HAVE_OPENSSL_SSL_H + #include "webrtc/base/openssldigest.h" #include "webrtc/base/checks.h" @@ -116,3 +118,5 @@ bool OpenSSLDigest::GetDigestSize(const std::string& algorithm, } } // namespace rtc + +#endif // HAVE_OPENSSL_SSL_H diff --git a/webrtc/base/opensslidentity.cc b/webrtc/base/opensslidentity.cc index 7b96f6a206..2f1c565938 100644 --- a/webrtc/base/opensslidentity.cc +++ b/webrtc/base/opensslidentity.cc @@ -8,6 +8,8 @@ * be found in the AUTHORS file in the root of the source tree. */ +#if HAVE_OPENSSL_SSL_H + #include "webrtc/base/opensslidentity.h" #include @@ -574,3 +576,5 @@ bool OpenSSLIdentity::operator!=(const OpenSSLIdentity& other) const { } } // namespace rtc + +#endif // HAVE_OPENSSL_SSL_H diff --git a/webrtc/base/opensslstreamadapter.cc b/webrtc/base/opensslstreamadapter.cc index 158315f150..3b3aa5d219 100644 --- a/webrtc/base/opensslstreamadapter.cc +++ b/webrtc/base/opensslstreamadapter.cc @@ -8,6 +8,8 @@ * be found in the AUTHORS file in the root of the source tree. */ +#if HAVE_OPENSSL_SSL_H + #include "webrtc/base/opensslstreamadapter.h" #include @@ -43,10 +45,11 @@ namespace { namespace rtc { -#if (OPENSSL_VERSION_NUMBER < 0x10001000L) -#error "webrtc requires at least OpenSSL version 1.0.1, to support DTLS-SRTP" +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L) +#define HAVE_DTLS_SRTP #endif +#ifdef HAVE_DTLS_SRTP // SRTP cipher suite table. |internal_name| is used to construct a // colon-separated profile strings which is needed by // SSL_CTX_set_tlsext_use_srtp(). @@ -62,6 +65,7 @@ static SrtpCipherMapEntry SrtpCipherMap[] = { {"SRTP_AEAD_AES_128_GCM", SRTP_AEAD_AES_128_GCM}, {"SRTP_AEAD_AES_256_GCM", SRTP_AEAD_AES_256_GCM}, {nullptr, 0}}; +#endif #ifdef OPENSSL_IS_BORINGSSL // Not used in production code. Actual time should be relative to Jan 1, 1970. @@ -428,6 +432,7 @@ bool OpenSSLStreamAdapter::ExportKeyingMaterial(const std::string& label, bool use_context, uint8_t* result, size_t result_len) { +#ifdef HAVE_DTLS_SRTP int i; i = SSL_export_keying_material(ssl_, result, result_len, label.c_str(), @@ -438,10 +443,14 @@ bool OpenSSLStreamAdapter::ExportKeyingMaterial(const std::string& label, return false; return true; +#else + return false; +#endif } bool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites( const std::vector& ciphers) { +#ifdef HAVE_DTLS_SRTP std::string internal_ciphers; if (state_ != SSL_NONE) @@ -472,9 +481,13 @@ bool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites( srtp_ciphers_ = internal_ciphers; return true; +#else + return false; +#endif } bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) { +#ifdef HAVE_DTLS_SRTP RTC_DCHECK(state_ == SSL_CONNECTED); if (state_ != SSL_CONNECTED) return false; @@ -488,6 +501,9 @@ bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) { *crypto_suite = srtp_profile->id; RTC_DCHECK(!SrtpCryptoSuiteToName(*crypto_suite).empty()); return true; +#else + return false; +#endif } bool OpenSSLStreamAdapter::IsTlsConnected() { @@ -1080,12 +1096,14 @@ SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() { SSL_CTX_set_cipher_list(ctx, "DEFAULT:!NULL:!aNULL:!SHA256:!SHA384:!aECDH:!AESGCM+AES256:!aPSK"); +#ifdef HAVE_DTLS_SRTP if (!srtp_ciphers_.empty()) { if (SSL_CTX_set_tlsext_use_srtp(ctx, srtp_ciphers_.c_str())) { SSL_CTX_free(ctx); return NULL; } } +#endif return ctx; } @@ -1151,6 +1169,26 @@ int OpenSSLStreamAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) { return stream->VerifyPeerCertificate(); } +bool OpenSSLStreamAdapter::HaveDtls() { + return true; +} + +bool OpenSSLStreamAdapter::HaveDtlsSrtp() { +#ifdef HAVE_DTLS_SRTP + return true; +#else + return false; +#endif +} + +bool OpenSSLStreamAdapter::HaveExporter() { +#ifdef HAVE_DTLS_SRTP + return true; +#else + return false; +#endif +} + bool OpenSSLStreamAdapter::IsBoringSsl() { #ifdef OPENSSL_IS_BORINGSSL return true; @@ -1235,3 +1273,5 @@ void OpenSSLStreamAdapter::enable_time_callback_for_testing() { } } // namespace rtc + +#endif // HAVE_OPENSSL_SSL_H diff --git a/webrtc/base/opensslstreamadapter.h b/webrtc/base/opensslstreamadapter.h index d3edf3a670..e7d2174be8 100644 --- a/webrtc/base/opensslstreamadapter.h +++ b/webrtc/base/opensslstreamadapter.h @@ -109,7 +109,10 @@ class OpenSSLStreamAdapter : public SSLStreamAdapter { bool IsTlsConnected() override; - // Capabilities interfaces. + // Capabilities interfaces + static bool HaveDtls(); + static bool HaveDtlsSrtp(); + static bool HaveExporter(); static bool IsBoringSsl(); static bool IsAcceptableCipher(int cipher, KeyType key_type); diff --git a/webrtc/base/ssladapter.cc b/webrtc/base/ssladapter.cc index 06fce54902..ba24e618ec 100644 --- a/webrtc/base/ssladapter.cc +++ b/webrtc/base/ssladapter.cc @@ -10,7 +10,13 @@ #include "webrtc/base/ssladapter.h" -#include "webrtc/base/openssladapter.h" +#include "webrtc/base/sslconfig.h" + +#if SSL_USE_OPENSSL + +#include "openssladapter.h" + +#endif /////////////////////////////////////////////////////////////////////////////// @@ -18,11 +24,18 @@ namespace rtc { SSLAdapter* SSLAdapter::Create(AsyncSocket* socket) { +#if SSL_USE_OPENSSL return new OpenSSLAdapter(socket); +#else // !SSL_USE_OPENSSL + delete socket; + return NULL; +#endif // SSL_USE_OPENSSL } /////////////////////////////////////////////////////////////////////////////// +#if SSL_USE_OPENSSL + bool InitializeSSL(VerificationCallback callback) { return OpenSSLAdapter::InitializeSSL(callback); } @@ -35,6 +48,22 @@ bool CleanupSSL() { return OpenSSLAdapter::CleanupSSL(); } +#else // !SSL_USE_OPENSSL + +bool InitializeSSL(VerificationCallback callback) { + return true; +} + +bool InitializeSSLThread() { + return true; +} + +bool CleanupSSL() { + return true; +} + +#endif // SSL_USE_OPENSSL + /////////////////////////////////////////////////////////////////////////////// } // namespace rtc diff --git a/webrtc/base/ssladapter_unittest.cc b/webrtc/base/ssladapter_unittest.cc index c591f19658..a6ec56ebc0 100644 --- a/webrtc/base/ssladapter_unittest.cc +++ b/webrtc/base/ssladapter_unittest.cc @@ -370,6 +370,8 @@ class SSLAdapterTestDTLS_ECDSA : public SSLAdapterTestBase { : SSLAdapterTestBase(rtc::SSL_MODE_DTLS, rtc::KeyParams::ECDSA()) {} }; +#if SSL_USE_OPENSSL + // Basic tests: TLS // Test that handshake works, using RSA @@ -417,3 +419,5 @@ TEST_F(SSLAdapterTestDTLS_ECDSA, TestDTLSTransfer) { TestHandshake(true); TestTransfer("Hello, world!"); } + +#endif // SSL_USE_OPENSSL diff --git a/webrtc/base/sslconfig.h b/webrtc/base/sslconfig.h new file mode 100644 index 0000000000..6aabad07a8 --- /dev/null +++ b/webrtc/base/sslconfig.h @@ -0,0 +1,30 @@ +/* + * Copyright 2012 The WebRTC Project Authors. All rights reserved. + * + * Use of this source code is governed by a BSD-style license + * that can be found in the LICENSE file in the root of the source + * tree. An additional intellectual property rights grant can be found + * in the file PATENTS. All contributing project authors may + * be found in the AUTHORS file in the root of the source tree. + */ + +#ifndef WEBRTC_BASE_SSLCONFIG_H_ +#define WEBRTC_BASE_SSLCONFIG_H_ + +// If no preference has been indicated, default to SChannel on Windows and +// OpenSSL everywhere else, if it is available. +#if !defined(SSL_USE_SCHANNEL) && !defined(SSL_USE_OPENSSL) +#if defined(WEBRTC_WIN) + +#define SSL_USE_SCHANNEL 1 + +#else // defined(WEBRTC_WIN) + +#if defined(HAVE_OPENSSL_SSL_H) +#define SSL_USE_OPENSSL 1 +#endif + +#endif // !defined(WEBRTC_WIN) +#endif + +#endif // WEBRTC_BASE_SSLCONFIG_H_ diff --git a/webrtc/base/sslidentity.cc b/webrtc/base/sslidentity.cc index a5dd7b9ce6..645050a7e4 100644 --- a/webrtc/base/sslidentity.cc +++ b/webrtc/base/sslidentity.cc @@ -17,9 +17,15 @@ #include "webrtc/base/base64.h" #include "webrtc/base/checks.h" #include "webrtc/base/logging.h" -#include "webrtc/base/opensslidentity.h" +#include "webrtc/base/sslconfig.h" #include "webrtc/base/sslfingerprint.h" +#if SSL_USE_OPENSSL + +#include "webrtc/base/opensslidentity.h" + +#endif // SSL_USE_OPENSSL + namespace rtc { const char kPemTypeCertificate[] = "CERTIFICATE"; @@ -207,6 +213,8 @@ SSLCertChain::~SSLCertChain() { std::for_each(certs_.begin(), certs_.end(), DeleteCert); } +#if SSL_USE_OPENSSL + // static SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) { return OpenSSLCertificate::FromPEMString(pem_string); @@ -252,6 +260,12 @@ bool operator!=(const SSLIdentity& a, const SSLIdentity& b) { return !(a == b); } +#else // !SSL_USE_OPENSSL + +#error "No SSL implementation" + +#endif // SSL_USE_OPENSSL + // Read |n| bytes from ASN1 number string at *|pp| and return the numeric value. // Update *|pp| and *|np| to reflect number of read bytes. static inline int ASN1ReadInt(const unsigned char** pp, size_t* np, size_t n) { diff --git a/webrtc/base/sslstreamadapter.cc b/webrtc/base/sslstreamadapter.cc index 2f601c6257..c3ef3bc3ae 100644 --- a/webrtc/base/sslstreamadapter.cc +++ b/webrtc/base/sslstreamadapter.cc @@ -9,9 +9,14 @@ */ #include "webrtc/base/sslstreamadapter.h" +#include "webrtc/base/sslconfig.h" + +#if SSL_USE_OPENSSL #include "webrtc/base/opensslstreamadapter.h" +#endif // SSL_USE_OPENSSL + /////////////////////////////////////////////////////////////////////////////// namespace rtc { @@ -96,7 +101,11 @@ CryptoOptions CryptoOptions::NoGcm() { } SSLStreamAdapter* SSLStreamAdapter::Create(StreamInterface* stream) { +#if SSL_USE_OPENSSL return new OpenSSLStreamAdapter(stream); +#else // !SSL_USE_OPENSSL + return NULL; +#endif // SSL_USE_OPENSSL } SSLStreamAdapter::SSLStreamAdapter(StreamInterface* stream) @@ -128,6 +137,16 @@ bool SSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) { return false; } +#if SSL_USE_OPENSSL +bool SSLStreamAdapter::HaveDtls() { + return OpenSSLStreamAdapter::HaveDtls(); +} +bool SSLStreamAdapter::HaveDtlsSrtp() { + return OpenSSLStreamAdapter::HaveDtlsSrtp(); +} +bool SSLStreamAdapter::HaveExporter() { + return OpenSSLStreamAdapter::HaveExporter(); +} bool SSLStreamAdapter::IsBoringSsl() { return OpenSSLStreamAdapter::IsBoringSsl(); } @@ -144,6 +163,7 @@ std::string SSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) { void SSLStreamAdapter::enable_time_callback_for_testing() { OpenSSLStreamAdapter::enable_time_callback_for_testing(); } +#endif // SSL_USE_OPENSSL /////////////////////////////////////////////////////////////////////////////// diff --git a/webrtc/base/sslstreamadapter.h b/webrtc/base/sslstreamadapter.h index 4f5ee02fe4..391019165f 100644 --- a/webrtc/base/sslstreamadapter.h +++ b/webrtc/base/sslstreamadapter.h @@ -228,9 +228,10 @@ class SSLStreamAdapter : public StreamAdapterInterface { // SS_OPENING but IsTlsConnected should return true. virtual bool IsTlsConnected() = 0; - // Capabilities testing. - // Used to have "DTLS supported", "DTLS-SRTP supported" etc. methods, but now - // that's assumed. + // Capabilities testing + static bool HaveDtls(); + static bool HaveDtlsSrtp(); + static bool HaveExporter(); static bool IsBoringSsl(); // Returns true iff the supplied cipher is deemed to be strong. diff --git a/webrtc/base/sslstreamadapter_unittest.cc b/webrtc/base/sslstreamadapter_unittest.cc index 82036913e0..9d73abc304 100644 --- a/webrtc/base/sslstreamadapter_unittest.cc +++ b/webrtc/base/sslstreamadapter_unittest.cc @@ -19,6 +19,7 @@ #include "webrtc/base/gunit.h" #include "webrtc/base/helpers.h" #include "webrtc/base/ssladapter.h" +#include "webrtc/base/sslconfig.h" #include "webrtc/base/sslidentity.h" #include "webrtc/base/sslstreamadapter.h" #include "webrtc/base/stream.h" @@ -64,6 +65,12 @@ static const char kCERT_PEM[] = "UD0A8qfhfDM+LK6rPAnCsVN0NRDY3jvd6rzix9M=\n" "-----END CERTIFICATE-----\n"; +#define MAYBE_SKIP_TEST(feature) \ + if (!(rtc::SSLStreamAdapter::feature())) { \ + LOG(LS_INFO) << "Feature disabled... skipping"; \ + return; \ + } + class SSLStreamAdapterTestBase; class SSLDummyStreamBase : public rtc::StreamInterface, @@ -956,6 +963,7 @@ TEST_P(SSLStreamAdapterTestTLS, TestSetPeerCertificateDigestWithInvalidLength) { // Basic tests: DTLS // Test that we can make a handshake work TEST_P(SSLStreamAdapterTestDTLS, TestDTLSConnect) { + MAYBE_SKIP_TEST(HaveDtls); TestHandshake(); }; @@ -963,12 +971,14 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSConnect) { // each direction is lost. This gives us predictable loss // rather than having to tune random TEST_P(SSLStreamAdapterTestDTLS, TestDTLSConnectWithLostFirstPacket) { + MAYBE_SKIP_TEST(HaveDtls); SetLoseFirstPacket(true); TestHandshake(); }; // Test a handshake with loss and delay TEST_P(SSLStreamAdapterTestDTLS, TestDTLSConnectWithLostFirstPacketDelay2s) { + MAYBE_SKIP_TEST(HaveDtls); SetLoseFirstPacket(true); SetDelay(2000); SetHandshakeWait(20000); @@ -978,6 +988,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSConnectWithLostFirstPacketDelay2s) { // Test a handshake with small MTU // Disabled due to https://code.google.com/p/webrtc/issues/detail?id=3910 TEST_P(SSLStreamAdapterTestDTLS, DISABLED_TestDTLSConnectWithSmallMtu) { + MAYBE_SKIP_TEST(HaveDtls); SetMtu(700); SetHandshakeWait(20000); TestHandshake(); @@ -985,17 +996,20 @@ TEST_P(SSLStreamAdapterTestDTLS, DISABLED_TestDTLSConnectWithSmallMtu) { // Test transfer -- trivial TEST_P(SSLStreamAdapterTestDTLS, TestDTLSTransfer) { + MAYBE_SKIP_TEST(HaveDtls); TestHandshake(); TestTransfer(100); }; TEST_P(SSLStreamAdapterTestDTLS, TestDTLSTransferWithLoss) { + MAYBE_SKIP_TEST(HaveDtls); TestHandshake(); SetLoss(10); TestTransfer(100); }; TEST_P(SSLStreamAdapterTestDTLS, TestDTLSTransferWithDamage) { + MAYBE_SKIP_TEST(HaveDtls); SetDamage(); // Must be called first because first packet // write happens at end of handshake. TestHandshake(); @@ -1012,6 +1026,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSDelayedIdentityWithBogusDigest) { // Test DTLS-SRTP with all high ciphers TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHigh) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); std::vector high; high.push_back(rtc::SRTP_AES128_CM_SHA1_80); SetDtlsSrtpCryptoSuites(high, true); @@ -1029,6 +1044,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHigh) { // Test DTLS-SRTP with all low ciphers TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpLow) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); std::vector low; low.push_back(rtc::SRTP_AES128_CM_SHA1_32); SetDtlsSrtpCryptoSuites(low, true); @@ -1046,6 +1062,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpLow) { // Test DTLS-SRTP with a mismatch -- should not converge TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHighLow) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); std::vector high; high.push_back(rtc::SRTP_AES128_CM_SHA1_80); std::vector low; @@ -1062,6 +1079,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpHighLow) { // Test DTLS-SRTP with each side being mixed -- should select high TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpMixed) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); std::vector mixed; mixed.push_back(rtc::SRTP_AES128_CM_SHA1_80); mixed.push_back(rtc::SRTP_AES128_CM_SHA1_32); @@ -1080,6 +1098,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpMixed) { // Test DTLS-SRTP with all GCM-128 ciphers. TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCM128) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); std::vector gcm128; gcm128.push_back(rtc::SRTP_AEAD_AES_128_GCM); SetDtlsSrtpCryptoSuites(gcm128, true); @@ -1097,6 +1116,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCM128) { // Test DTLS-SRTP with all GCM-256 ciphers. TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCM256) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); std::vector gcm256; gcm256.push_back(rtc::SRTP_AEAD_AES_256_GCM); SetDtlsSrtpCryptoSuites(gcm256, true); @@ -1114,6 +1134,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCM256) { // Test DTLS-SRTP with mixed GCM-128/-256 ciphers -- should not converge. TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCMMismatch) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); std::vector gcm128; gcm128.push_back(rtc::SRTP_AEAD_AES_128_GCM); std::vector gcm256; @@ -1130,6 +1151,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCMMismatch) { // Test DTLS-SRTP with both GCM-128/-256 ciphers -- should select GCM-256. TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCMMixed) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); std::vector gcmBoth; gcmBoth.push_back(rtc::SRTP_AEAD_AES_256_GCM); gcmBoth.push_back(rtc::SRTP_AEAD_AES_128_GCM); @@ -1177,6 +1199,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSSrtpKeyAndSaltLengths) { // Test an exporter TEST_P(SSLStreamAdapterTestDTLS, TestDTLSExporter) { + MAYBE_SKIP_TEST(HaveExporter); TestHandshake(); unsigned char client_out[20]; unsigned char server_out[20]; @@ -1199,6 +1222,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestDTLSExporter) { // Test not yet valid certificates are not rejected. TEST_P(SSLStreamAdapterTestDTLS, TestCertNotYetValid) { + MAYBE_SKIP_TEST(HaveDtls); long one_day = 60 * 60 * 24; // Make the certificates not valid until one day later. ResetIdentitiesWithValidity(one_day, one_day); @@ -1207,6 +1231,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestCertNotYetValid) { // Test expired certificates are not rejected. TEST_P(SSLStreamAdapterTestDTLS, TestCertExpired) { + MAYBE_SKIP_TEST(HaveDtls); long one_day = 60 * 60 * 24; // Make the certificates already expired. ResetIdentitiesWithValidity(-one_day, -one_day); @@ -1215,12 +1240,15 @@ TEST_P(SSLStreamAdapterTestDTLS, TestCertExpired) { // Test data transfer using certs created from strings. TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestTransfer) { + MAYBE_SKIP_TEST(HaveDtls); TestHandshake(); TestTransfer(100); } // Test getting the remote certificate. TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestDTLSGetPeerCertificate) { + MAYBE_SKIP_TEST(HaveDtls); + // Peer certificates haven't been received yet. ASSERT_FALSE(GetPeerCertificate(true)); ASSERT_FALSE(GetPeerCertificate(false)); @@ -1254,6 +1282,7 @@ TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings, TestDTLSGetPeerCertificate) { // Test getting the used DTLS ciphers. // DTLS 1.2 enabled for neither client nor server -> DTLS 1.0 will be used. TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuite) { + MAYBE_SKIP_TEST(HaveDtls); SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10); TestHandshake(); @@ -1273,6 +1302,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuite) { // Test getting the used DTLS 1.2 ciphers. // DTLS 1.2 enabled for client and server -> DTLS 1.2 will be used. TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Both) { + MAYBE_SKIP_TEST(HaveDtls); SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); TestHandshake(); @@ -1291,6 +1321,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Both) { // DTLS 1.2 enabled for client only -> DTLS 1.0 will be used. TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Client) { + MAYBE_SKIP_TEST(HaveDtls); SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12); TestHandshake(); @@ -1309,6 +1340,7 @@ TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Client) { // DTLS 1.2 enabled for server only -> DTLS 1.0 will be used. TEST_P(SSLStreamAdapterTestDTLS, TestGetSslCipherSuiteDtls12Server) { + MAYBE_SKIP_TEST(HaveDtls); SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10); TestHandshake(); diff --git a/webrtc/p2p/BUILD.gn b/webrtc/p2p/BUILD.gn index e99440cf43..7a25a75b74 100644 --- a/webrtc/p2p/BUILD.gn +++ b/webrtc/p2p/BUILD.gn @@ -79,7 +79,7 @@ rtc_static_library("rtc_p2p") { "client/socketmonitor.h", ] - defines = [] + defines = [ "FEATURE_ENABLE_SSL" ] deps = [ "../base:rtc_base", diff --git a/webrtc/p2p/base/dtlstransportchannel_unittest.cc b/webrtc/p2p/base/dtlstransportchannel_unittest.cc index 7034343174..2fc95d4e3b 100644 --- a/webrtc/p2p/base/dtlstransportchannel_unittest.cc +++ b/webrtc/p2p/base/dtlstransportchannel_unittest.cc @@ -693,6 +693,7 @@ TEST_F(DtlsTransportChannelTest, TestTransferSrtpTwoChannels) { // Connect with DTLS, and transfer some data. TEST_F(DtlsTransportChannelTest, TestTransferDtls) { + MAYBE_SKIP_TEST(HaveDtls); PrepareDtls(true, true, rtc::KT_DEFAULT); ASSERT_TRUE(Connect()); TestTransfer(0, 1000, 100, false); @@ -700,6 +701,7 @@ TEST_F(DtlsTransportChannelTest, TestTransferDtls) { // Create two channels with DTLS, and transfer some data. TEST_F(DtlsTransportChannelTest, TestTransferDtlsTwoChannels) { + MAYBE_SKIP_TEST(HaveDtls); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); ASSERT_TRUE(Connect()); @@ -723,6 +725,7 @@ TEST_F(DtlsTransportChannelTest, TestTransferDtlsNotOffered) { // Create two channels with DTLS 1.0 and check ciphers. TEST_F(DtlsTransportChannelTest, TestDtls12None) { + MAYBE_SKIP_TEST(HaveDtls); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10); @@ -731,6 +734,7 @@ TEST_F(DtlsTransportChannelTest, TestDtls12None) { // Create two channels with DTLS 1.2 and check ciphers. TEST_F(DtlsTransportChannelTest, TestDtls12Both) { + MAYBE_SKIP_TEST(HaveDtls); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); @@ -739,6 +743,7 @@ TEST_F(DtlsTransportChannelTest, TestDtls12Both) { // Create two channels with DTLS 1.0 / DTLS 1.2 and check ciphers. TEST_F(DtlsTransportChannelTest, TestDtls12Client1) { + MAYBE_SKIP_TEST(HaveDtls); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10); @@ -747,6 +752,7 @@ TEST_F(DtlsTransportChannelTest, TestDtls12Client1) { // Create two channels with DTLS 1.2 / DTLS 1.0 and check ciphers. TEST_F(DtlsTransportChannelTest, TestDtls12Client2) { + MAYBE_SKIP_TEST(HaveDtls); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12); @@ -755,6 +761,7 @@ TEST_F(DtlsTransportChannelTest, TestDtls12Client2) { // Connect with DTLS, negotiate DTLS-SRTP, and transfer SRTP using bypass. TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtp) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(true, true); ASSERT_TRUE(Connect()); @@ -764,6 +771,7 @@ TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtp) { // Connect with DTLS-SRTP, transfer an invalid SRTP packet, and expects -1 // returned. TEST_F(DtlsTransportChannelTest, TestTransferDtlsInvalidSrtpPacket) { + MAYBE_SKIP_TEST(HaveDtls); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(true, true); ASSERT_TRUE(Connect()); @@ -773,6 +781,7 @@ TEST_F(DtlsTransportChannelTest, TestTransferDtlsInvalidSrtpPacket) { // Connect with DTLS. A does DTLS-SRTP but B does not. TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpRejected) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(true, false); ASSERT_TRUE(Connect()); @@ -780,6 +789,7 @@ TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpRejected) { // Connect with DTLS. B does DTLS-SRTP but A does not. TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpNotOffered) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(false, true); ASSERT_TRUE(Connect()); @@ -787,6 +797,7 @@ TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpNotOffered) { // Create two channels with DTLS, negotiate DTLS-SRTP, and transfer bypass SRTP. TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpTwoChannels) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(true, true); @@ -797,6 +808,7 @@ TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpTwoChannels) { // Create a single channel with DTLS, and send normal data and SRTP data on it. TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpDemux) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(true, true); ASSERT_TRUE(Connect()); @@ -806,6 +818,7 @@ TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpDemux) { // Testing when the remote is passive. TEST_F(DtlsTransportChannelTest, TestTransferDtlsAnswererIsPassive) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(true, true); @@ -818,6 +831,7 @@ TEST_F(DtlsTransportChannelTest, TestTransferDtlsAnswererIsPassive) { // Testing with the legacy DTLS client which doesn't use setup attribute. // In this case legacy is the answerer. TEST_F(DtlsTransportChannelTest, TestDtlsSetupWithLegacyAsAnswerer) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); PrepareDtls(true, true, rtc::KT_DEFAULT); NegotiateWithLegacy(); rtc::SSLRole channel1_role; @@ -831,6 +845,7 @@ TEST_F(DtlsTransportChannelTest, TestDtlsSetupWithLegacyAsAnswerer) { // Testing re offer/answer after the session is estbalished. Roles will be // kept same as of the previous negotiation. TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromOfferer) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(true, true); @@ -847,6 +862,7 @@ TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromOfferer) { } TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromAnswerer) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(true, true); @@ -864,6 +880,7 @@ TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromAnswerer) { // Test that any change in role after the intial setup will result in failure. TEST_F(DtlsTransportChannelTest, TestDtlsRoleReversal) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(true, true); @@ -879,6 +896,7 @@ TEST_F(DtlsTransportChannelTest, TestDtlsRoleReversal) { // Test that using different setup attributes which results in similar ssl // role as the initial negotiation will result in success. TEST_F(DtlsTransportChannelTest, TestDtlsReOfferWithDifferentSetupAttr) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(true, true); @@ -894,6 +912,7 @@ TEST_F(DtlsTransportChannelTest, TestDtlsReOfferWithDifferentSetupAttr) { // Test that re-negotiation can be started before the clients become connected // in the first negotiation. TEST_F(DtlsTransportChannelTest, TestRenegotiateBeforeConnect) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); SetChannelCount(2); PrepareDtls(true, true, rtc::KT_DEFAULT); PrepareDtlsSrtp(true, true); @@ -913,6 +932,7 @@ TEST_F(DtlsTransportChannelTest, TestRenegotiateBeforeConnect) { // Test Certificates state after negotiation but before connection. TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) { + MAYBE_SKIP_TEST(HaveDtls); PrepareDtls(true, true, rtc::KT_DEFAULT); Negotiate(); @@ -933,6 +953,7 @@ TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) { // Test Certificates state after connection. TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { + MAYBE_SKIP_TEST(HaveDtls); PrepareDtls(true, true, rtc::KT_DEFAULT); ASSERT_TRUE(Connect()); @@ -963,6 +984,7 @@ TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { // 60 seconds. The timer defaults to 1 second, but for WebRTC we should be // initializing it to 50ms. TEST_F(DtlsTransportChannelTest, TestRetransmissionSchedule) { + MAYBE_SKIP_TEST(HaveDtls); // We can only change the retransmission schedule with a recently-added // BoringSSL API. Skip the test if not built with BoringSSL. MAYBE_SKIP_TEST(IsBoringSsl); @@ -1003,6 +1025,7 @@ TEST_F(DtlsTransportChannelTest, TestRetransmissionSchedule) { // Test that a DTLS connection can be made even if the underlying transport // is connected before DTLS fingerprints/roles have been negotiated. TEST_F(DtlsTransportChannelTest, TestConnectBeforeNegotiate) { + MAYBE_SKIP_TEST(HaveDtls); PrepareDtls(true, true, rtc::KT_DEFAULT); ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, cricket::CONNECTIONROLE_ACTIVE, @@ -1135,6 +1158,7 @@ class DtlsEventOrderingTest }; TEST_P(DtlsEventOrderingTest, TestEventOrdering) { + MAYBE_SKIP_TEST(HaveDtls); TestEventOrdering(::testing::get<0>(GetParam()), ::testing::get<1>(GetParam())); } diff --git a/webrtc/pc/channel_unittest.cc b/webrtc/pc/channel_unittest.cc index d6401a5935..00ceb7d9d5 100644 --- a/webrtc/pc/channel_unittest.cc +++ b/webrtc/pc/channel_unittest.cc @@ -25,6 +25,12 @@ #include "webrtc/p2p/base/faketransportcontroller.h" #include "webrtc/pc/channel.h" +#define MAYBE_SKIP_TEST(feature) \ + if (!(rtc::SSLStreamAdapter::feature())) { \ + LOG(LS_INFO) << "Feature disabled... skipping"; \ + return; \ + } + using cricket::CA_OFFER; using cricket::CA_PRANSWER; using cricket::CA_ANSWER; @@ -2237,26 +2243,32 @@ TEST_F(VoiceChannelSingleThreadTest, SendSrtcpMux) { } TEST_F(VoiceChannelSingleThreadTest, SendDtlsSrtpToSrtp) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS, 0); } TEST_F(VoiceChannelSingleThreadTest, SendDtlsSrtpToDtlsSrtp) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS, DTLS); } TEST_F(VoiceChannelSingleThreadTest, SendDtlsSrtpToDtlsSrtpGcmBoth) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS | GCM_CIPHER, DTLS | GCM_CIPHER); } TEST_F(VoiceChannelSingleThreadTest, SendDtlsSrtpToDtlsSrtpGcmOne) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS | GCM_CIPHER, DTLS); } TEST_F(VoiceChannelSingleThreadTest, SendDtlsSrtpToDtlsSrtpGcmTwo) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS, DTLS | GCM_CIPHER); } TEST_F(VoiceChannelSingleThreadTest, SendDtlsSrtpToDtlsSrtpRtcpMux) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS | RTCP_MUX, DTLS | RTCP_MUX); } @@ -2564,26 +2576,32 @@ TEST_F(VoiceChannelDoubleThreadTest, SendSrtcpMux) { } TEST_F(VoiceChannelDoubleThreadTest, SendDtlsSrtpToSrtp) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS, 0); } TEST_F(VoiceChannelDoubleThreadTest, SendDtlsSrtpToDtlsSrtp) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS, DTLS); } TEST_F(VoiceChannelDoubleThreadTest, SendDtlsSrtpToDtlsSrtpGcmBoth) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS | GCM_CIPHER, DTLS | GCM_CIPHER); } TEST_F(VoiceChannelDoubleThreadTest, SendDtlsSrtpToDtlsSrtpGcmOne) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS | GCM_CIPHER, DTLS); } TEST_F(VoiceChannelDoubleThreadTest, SendDtlsSrtpToDtlsSrtpGcmTwo) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS, DTLS | GCM_CIPHER); } TEST_F(VoiceChannelDoubleThreadTest, SendDtlsSrtpToDtlsSrtpRtcpMux) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS | RTCP_MUX, DTLS | RTCP_MUX); } @@ -2883,14 +2901,17 @@ TEST_F(VideoChannelSingleThreadTest, SendSrtpToRtp) { } TEST_F(VideoChannelSingleThreadTest, SendDtlsSrtpToSrtp) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS, 0); } TEST_F(VideoChannelSingleThreadTest, SendDtlsSrtpToDtlsSrtp) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS, DTLS); } TEST_F(VideoChannelSingleThreadTest, SendDtlsSrtpToDtlsSrtpRtcpMux) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS | RTCP_MUX, DTLS | RTCP_MUX); } @@ -3112,14 +3133,17 @@ TEST_F(VideoChannelDoubleThreadTest, SendSrtpToRtp) { } TEST_F(VideoChannelDoubleThreadTest, SendDtlsSrtpToSrtp) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS, 0); } TEST_F(VideoChannelDoubleThreadTest, SendDtlsSrtpToDtlsSrtp) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS, DTLS); } TEST_F(VideoChannelDoubleThreadTest, SendDtlsSrtpToDtlsSrtpRtcpMux) { + MAYBE_SKIP_TEST(HaveDtlsSrtp); Base::SendSrtpToSrtp(DTLS | RTCP_MUX, DTLS | RTCP_MUX); }