Test that NULL Protection Profile is disabled

Resolves pion/srtp#297
2025-09-26 19:21:12 +08:00 · 2024-10-27 23:06:13 -04:00
parent 271ab556c8
commit ae89317088
1 changed files with 25 additions and 0 deletions
--- a/peerconnection_go_test.go
+++ b/peerconnection_go_test.go
@@ -22,6 +22,7 @@ import (
 	"testing"
 	"time"

+	"github.com/pion/dtls/v3"
 	"github.com/pion/ice/v4"
 	"github.com/pion/rtp"
 	"github.com/pion/transport/v3/test"
@@ -1638,3 +1639,27 @@ func TestPeerConnectionDeadlock(t *testing.T) {

 	closePairNow(t, pcOffer, pcAnswer)
 }
+
+// Assert that by default NULL Ciphers aren't enabled. Even if
+// the remote Peer Requests a NULL Cipher we should fail
+func TestPeerConnectionNoNULLCipherDefault(t *testing.T) {
+	settingEngine := SettingEngine{}
+	settingEngine.SetSRTPProtectionProfiles(dtls.SRTP_NULL_HMAC_SHA1_80, dtls.SRTP_NULL_HMAC_SHA1_32)
+	offerPC, err := NewAPI(WithSettingEngine(settingEngine)).NewPeerConnection(Configuration{})
+	assert.NoError(t, err)
+
+	answerPC, err := NewPeerConnection(Configuration{})
+	assert.NoError(t, err)
+
+	assert.NoError(t, signalPair(offerPC, answerPC))
+
+	peerConnectionClosed := make(chan struct{})
+	answerPC.OnConnectionStateChange(func(s PeerConnectionState) {
+		if s == PeerConnectionStateClosed {
+			close(peerConnectionClosed)
+		}
+	})
+
+	<-peerConnectionClosed
+	closePairNow(t, offerPC, answerPC)
+}