Fix WebRTC transport to normalize SDP messages.

remoting/protocol/webrtc_transport.cc

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "remoting/protocol/webrtc_transport.h"
 
 #include <utility>
 
 #include "base/base64.h"
 #include "base/callback_helpers.h"
 #include "base/command_line.h"
 #include "base/macros.h"
 #include "base/single_thread_task_runner.h"
 #include "base/strings/string_number_conversions.h"
+#include "base/strings/string_split.h"
+#include "base/strings/string_util.h"
 #include "base/task_runner_util.h"
 #include "base/thread_task_runner_handle.h"
 #include "jingle/glue/thread_wrapper.h"
 #include "remoting/protocol/authenticator.h"
 #include "remoting/protocol/port_allocator_factory.h"
 #include "remoting/protocol/stream_message_pipe_adapter.h"
 #include "remoting/protocol/transport_context.h"
 #include "third_party/webrtc/api/test/fakeconstraints.h"
 #include "third_party/webrtc/libjingle/xmllite/xmlelement.h"
 #include "third_party/webrtc/modules/audio_device/include/fake_audio_device.h"
@@ skipping 13 matching lines @@
 
 // XML namespace for the transport elements.
 const char kTransportNamespace[] = "google:remoting:webrtc";
 
 #if !defined(NDEBUG)
 // Command line switch used to disable signature verification.
 // TODO(sergeyu): Remove this flag.
 const char kDisableAuthenticationSwitchName[] = "disable-authentication";
 #endif
 
+// Normalizes the SDP message to make sure the text used for HMAC signatures
+// verifications is the same that was signed on the sending side. This is
+// necessary because WebRTC generates SDP with CRLF line endings which are
+// sometimes converted to LF after passing the signaling channel.
+std::string NormalizeSessionDescription(const std::string& sdp) {
+  // Split SDP lines. The CR symbols is removed by the TRIM_WHITESPACE flag.
+  std::vector<std::string> lines =
+      SplitString(sdp, "\n", base::TRIM_WHITESPACE, base::SPLIT_WANT_NONEMPTY);
+  return base::JoinString(lines, "\n") + "\n";
+}
+
 // A webrtc::CreateSessionDescriptionObserver implementation used to receive the
 // results of creating descriptions for this end of the PeerConnection.
 class CreateSessionDescriptionObserver
     : public webrtc::CreateSessionDescriptionObserver {
  public:
   typedef base::Callback<void(
       scoped_ptr<webrtc::SessionDescriptionInterface> description,
       const std::string& error)> ResultCallback;
 
   static CreateSessionDescriptionObserver* Create(
@@ skipping 141 matching lines @@
     webrtc::PeerConnectionInterface::SignalingState expected_state =
         transport_context_->role() == TransportRole::CLIENT
             ? webrtc::PeerConnectionInterface::kStable
             : webrtc::PeerConnectionInterface::kHaveLocalOffer;
     if (peer_connection_->signaling_state() != expected_state) {
       LOG(ERROR) << "Received unexpected WebRTC session_description.";
       return false;
     }
 
     std::string type = session_description->Attr(QName(std::string(), "type"));
-    std::string sdp = session_description->BodyText();
+    std::string sdp =
+        NormalizeSessionDescription(session_description->BodyText());
     if (type.empty() || sdp.empty()) {
       LOG(ERROR) << "Incorrect session description format.";
       return false;
     }
 
     std::string signature_base64 =
         session_description->Attr(QName(std::string(), "signature"));
     std::string signature;
     if (!base::Base64Decode(signature_base64, &signature) ||
         !handshake_hmac_.Verify(sdp, signature)) {
@@ skipping 80 matching lines @@
     Close(CHANNEL_CONNECTION_ERROR);
     return;
   }
 
   std::string description_sdp;
   if (!description->ToString(&description_sdp)) {
     LOG(ERROR) << "Failed to serialize description.";
     Close(CHANNEL_CONNECTION_ERROR);
     return;
   }
+  description_sdp = NormalizeSessionDescription(description_sdp);
 
   // Format and send the session description to the peer.
   scoped_ptr<XmlElement> transport_info(
       new XmlElement(QName(kTransportNamespace, "transport"), true));
   XmlElement* offer_tag =
       new XmlElement(QName(kTransportNamespace, "session-description"));
   transport_info->AddElement(offer_tag);
   offer_tag->SetAttr(QName(std::string(), "type"), description->type());
   offer_tag->SetBodyText(description_sdp);
 
   std::string digest;
   digest.resize(handshake_hmac_.DigestLength());
   CHECK(handshake_hmac_.Sign(description_sdp,
-                              reinterpret_cast<uint8_t*>(&(digest[0])),
-                              digest.size()));
+                             reinterpret_cast<uint8_t*>(&(digest[0])),
+                             digest.size()));
   std::string digest_base64;
   base::Base64Encode(digest, &digest_base64);
   offer_tag->SetAttr(QName(std::string(), "signature"), digest_base64);
 
   send_transport_info_callback_.Run(std::move(transport_info));
 
   peer_connection_->SetLocalDescription(
       SetSessionDescriptionObserver::Create(base::Bind(
           &WebrtcTransport::OnLocalDescriptionSet, weak_factory_.GetWeakPtr())),
       description.release());
@@ skipping 194 matching lines @@
   peer_connection_->Close();
   peer_connection_ = nullptr;
   peer_connection_factory_ = nullptr;
 
   if (error != OK)
     event_handler_->OnWebrtcTransportError(error);
 }
 
 }  // namespace protocol
 }  // namespace remoting