| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 88 | 88 |
| 89 DtlsTransportChannelWrapper::DtlsTransportChannelWrapper( | 89 DtlsTransportChannelWrapper::DtlsTransportChannelWrapper( |
| 90 Transport* transport, | 90 Transport* transport, |
| 91 TransportChannelImpl* channel) | 91 TransportChannelImpl* channel) |
| 92 : TransportChannelImpl(channel->content_name(), channel->component()), | 92 : TransportChannelImpl(channel->content_name(), channel->component()), |
| 93 transport_(transport), | 93 transport_(transport), |
| 94 worker_thread_(rtc::Thread::Current()), | 94 worker_thread_(rtc::Thread::Current()), |
| 95 channel_(channel), | 95 channel_(channel), |
| 96 downward_(NULL), | 96 downward_(NULL), |
| 97 dtls_state_(STATE_NONE), | 97 dtls_state_(STATE_NONE), |
| 98 local_identity_(NULL), | 98 local_certificate_(nullptr), |
| 99 ssl_role_(rtc::SSL_CLIENT), | 99 ssl_role_(rtc::SSL_CLIENT), |
| 100 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10) { | 100 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10) { |
| 101 channel_->SignalReadableState.connect(this, | 101 channel_->SignalReadableState.connect(this, |
| 102 &DtlsTransportChannelWrapper::OnReadableState); | 102 &DtlsTransportChannelWrapper::OnReadableState); |
| 103 channel_->SignalWritableState.connect(this, | 103 channel_->SignalWritableState.connect(this, |
| 104 &DtlsTransportChannelWrapper::OnWritableState); | 104 &DtlsTransportChannelWrapper::OnWritableState); |
| 105 channel_->SignalReadPacket.connect(this, | 105 channel_->SignalReadPacket.connect(this, |
| 106 &DtlsTransportChannelWrapper::OnReadPacket); | 106 &DtlsTransportChannelWrapper::OnReadPacket); |
| 107 channel_->SignalReadyToSend.connect(this, | 107 channel_->SignalReadyToSend.connect(this, |
| 108 &DtlsTransportChannelWrapper::OnReadyToSend); | 108 &DtlsTransportChannelWrapper::OnReadyToSend); |
| (...skipping 17 matching lines...) Expand all Loading... |
| 126 } | 126 } |
| 127 | 127 |
| 128 void DtlsTransportChannelWrapper::Connect() { | 128 void DtlsTransportChannelWrapper::Connect() { |
| 129 // We should only get a single call to Connect. | 129 // We should only get a single call to Connect. |
| 130 ASSERT(dtls_state_ == STATE_NONE || | 130 ASSERT(dtls_state_ == STATE_NONE || |
| 131 dtls_state_ == STATE_OFFERED || | 131 dtls_state_ == STATE_OFFERED || |
| 132 dtls_state_ == STATE_ACCEPTED); | 132 dtls_state_ == STATE_ACCEPTED); |
| 133 channel_->Connect(); | 133 channel_->Connect(); |
| 134 } | 134 } |
| 135 | 135 |
| 136 bool DtlsTransportChannelWrapper::SetLocalIdentity( | 136 bool DtlsTransportChannelWrapper::SetLocalCertificate( |
| 137 rtc::SSLIdentity* identity) { | 137 const rtc::scoped_refptr<webrtc::DtlsCertificate>& certificate) { |
| 138 if (dtls_state_ != STATE_NONE) { | 138 if (dtls_state_ != STATE_NONE) { |
| 139 if (identity == local_identity_) { | 139 if (certificate == local_certificate_) { |
| 140 // This may happen during renegotiation. | 140 // This may happen during renegotiation. |
| 141 LOG_J(LS_INFO, this) << "Ignoring identical DTLS identity"; | 141 LOG_J(LS_INFO, this) << "Ignoring identical DTLS identity"; |
| 142 return true; | 142 return true; |
| 143 } else { | 143 } else { |
| 144 LOG_J(LS_ERROR, this) << "Can't change DTLS local identity in this state"; | 144 LOG_J(LS_ERROR, this) << "Can't change DTLS local identity in this state"; |
| 145 return false; | 145 return false; |
| 146 } | 146 } |
| 147 } | 147 } |
| 148 | 148 |
| 149 if (identity) { | 149 if (certificate.get()) { |
| 150 local_identity_ = identity; | 150 local_certificate_ = certificate; |
| 151 dtls_state_ = STATE_OFFERED; | 151 dtls_state_ = STATE_OFFERED; |
| 152 } else { | 152 } else { |
| 153 LOG_J(LS_INFO, this) << "NULL DTLS identity supplied. Not doing DTLS"; | 153 LOG_J(LS_INFO, this) << "NULL DTLS identity supplied. Not doing DTLS"; |
| 154 } | 154 } |
| 155 | 155 |
| 156 return true; | 156 return true; |
| 157 } | 157 } |
| 158 | 158 |
| 159 bool DtlsTransportChannelWrapper::GetLocalIdentity( | 159 bool DtlsTransportChannelWrapper::GetLocalCertificate( |
| 160 rtc::SSLIdentity** identity) const { | 160 rtc::scoped_refptr<webrtc::DtlsCertificate>* certificate) const { |
| 161 if (!local_identity_) | 161 if (!local_certificate_) |
| 162 return false; | 162 return false; |
| 163 | 163 |
| 164 *identity = local_identity_->GetReference(); | 164 *certificate = local_certificate_; |
| 165 return true; | 165 return true; |
| 166 } | 166 } |
| 167 | 167 |
| 168 bool DtlsTransportChannelWrapper::SetSslMaxProtocolVersion( | 168 bool DtlsTransportChannelWrapper::SetSslMaxProtocolVersion( |
| 169 rtc::SSLProtocolVersion version) { | 169 rtc::SSLProtocolVersion version) { |
| 170 if (dtls_state_ != STATE_NONE) { | 170 if (dtls_state_ != STATE_NONE) { |
| 171 LOG(LS_ERROR) << "Not changing max. protocol version " | 171 LOG(LS_ERROR) << "Not changing max. protocol version " |
| 172 << "while DTLS is negotiating"; | 172 << "while DTLS is negotiating"; |
| 173 return false; | 173 return false; |
| 174 } | 174 } |
| (...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 258 | 258 |
| 259 dtls_.reset(rtc::SSLStreamAdapter::Create(downward)); | 259 dtls_.reset(rtc::SSLStreamAdapter::Create(downward)); |
| 260 if (!dtls_) { | 260 if (!dtls_) { |
| 261 LOG_J(LS_ERROR, this) << "Failed to create DTLS adapter."; | 261 LOG_J(LS_ERROR, this) << "Failed to create DTLS adapter."; |
| 262 delete downward; | 262 delete downward; |
| 263 return false; | 263 return false; |
| 264 } | 264 } |
| 265 | 265 |
| 266 downward_ = downward; | 266 downward_ = downward; |
| 267 | 267 |
| 268 dtls_->SetIdentity(local_identity_->GetReference()); | 268 dtls_->SetCertificate(local_certificate_); |
| 269 dtls_->SetMode(rtc::SSL_MODE_DTLS); | 269 dtls_->SetMode(rtc::SSL_MODE_DTLS); |
| 270 dtls_->SetMaxProtocolVersion(ssl_max_version_); | 270 dtls_->SetMaxProtocolVersion(ssl_max_version_); |
| 271 dtls_->SetServerRole(ssl_role_); | 271 dtls_->SetServerRole(ssl_role_); |
| 272 dtls_->SignalEvent.connect(this, &DtlsTransportChannelWrapper::OnDtlsEvent); | 272 dtls_->SignalEvent.connect(this, &DtlsTransportChannelWrapper::OnDtlsEvent); |
| 273 if (!dtls_->SetPeerCertificateDigest( | 273 if (!dtls_->SetPeerCertificateDigest( |
| 274 remote_fingerprint_algorithm_, | 274 remote_fingerprint_algorithm_, |
| 275 reinterpret_cast<unsigned char*>(remote_fingerprint_value_.data()), | 275 reinterpret_cast<unsigned char*>(remote_fingerprint_value_.data()), |
| 276 remote_fingerprint_value_.size())) { | 276 remote_fingerprint_value_.size())) { |
| 277 LOG_J(LS_ERROR, this) << "Couldn't set DTLS certificate digest."; | 277 LOG_J(LS_ERROR, this) << "Couldn't set DTLS certificate digest."; |
| 278 return false; | 278 return false; |
| (...skipping 366 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 645 SignalRouteChange(this, candidate); | 645 SignalRouteChange(this, candidate); |
| 646 } | 646 } |
| 647 | 647 |
| 648 void DtlsTransportChannelWrapper::OnConnectionRemoved( | 648 void DtlsTransportChannelWrapper::OnConnectionRemoved( |
| 649 TransportChannelImpl* channel) { | 649 TransportChannelImpl* channel) { |
| 650 ASSERT(channel == channel_); | 650 ASSERT(channel == channel_); |
| 651 SignalConnectionRemoved(this); | 651 SignalConnectionRemoved(this); |
| 652 } | 652 } |
| 653 | 653 |
| 654 } // namespace cricket | 654 } // namespace cricket |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1269843005:
Added DtlsCertificate, a ref counted object owning an SSLIdentity (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master