| Index: webrtc/p2p/base/dtlstransportchannel_unittest.cc
|
| diff --git a/webrtc/p2p/base/dtlstransportchannel_unittest.cc b/webrtc/p2p/base/dtlstransportchannel_unittest.cc
|
| index dfae0c88441066ef4f3298b65060a89598c864d2..a244915dfb3b07ad569078db5a9e9fe443b670dd 100644
|
| --- a/webrtc/p2p/base/dtlstransportchannel_unittest.cc
|
| +++ b/webrtc/p2p/base/dtlstransportchannel_unittest.cc
|
| @@ -62,12 +62,16 @@ class DtlsTestClient : public sigslot::has_slots<> {
|
| void SetIceProtocol(cricket::TransportProtocol proto) {
|
| protocol_ = proto;
|
| }
|
| - void CreateIdentity(rtc::KeyType key_type) {
|
| - identity_.reset(rtc::SSLIdentity::Generate(name_, key_type));
|
| + void CreateCertificate(rtc::KeyType key_type) {
|
| + certificate_ = webrtc::DtlsCertificate::Create(
|
| + rtc::scoped_ptr<rtc::SSLIdentity>(
|
| + rtc::SSLIdentity::Generate(name_, key_type)).Pass());
|
| + }
|
| + const rtc::scoped_refptr<webrtc::DtlsCertificate>& certificate() {
|
| + return certificate_;
|
| }
|
| - rtc::SSLIdentity* identity() { return identity_.get(); }
|
| void SetupSrtp() {
|
| - ASSERT(identity_.get() != NULL);
|
| + ASSERT(certificate_);
|
| use_dtls_srtp_ = true;
|
| }
|
| void SetupMaxProtocolVersion(rtc::SSLProtocolVersion version) {
|
| @@ -77,7 +81,7 @@ class DtlsTestClient : public sigslot::has_slots<> {
|
| void SetupChannels(int count, cricket::IceRole role) {
|
| transport_.reset(new cricket::DtlsTransport<cricket::FakeTransport>(
|
| signaling_thread_, worker_thread_, "dtls content name", NULL,
|
| - identity_.get()));
|
| + certificate_));
|
| transport_->SetAsync(true);
|
| transport_->SetIceRole(role);
|
| transport_->SetIceTiebreaker(
|
| @@ -118,8 +122,14 @@ class DtlsTestClient : public sigslot::has_slots<> {
|
| void Negotiate(DtlsTestClient* peer, cricket::ContentAction action,
|
| ConnectionRole local_role, ConnectionRole remote_role,
|
| int flags) {
|
| - Negotiate(identity_.get(), (identity_) ? peer->identity_.get() : NULL,
|
| - action, local_role, remote_role, flags);
|
| + if (certificate_) {
|
| + Negotiate(certificate_->identity(),
|
| + peer->certificate_ ? peer->certificate_->identity() : nullptr,
|
| + action, local_role, remote_role, flags);
|
| + } else {
|
| + Negotiate(nullptr, nullptr,
|
| + action, local_role, remote_role, flags);
|
| + }
|
| }
|
|
|
| // Allow any DTLS configuration to be specified (including invalid ones).
|
| @@ -258,7 +268,7 @@ class DtlsTestClient : public sigslot::has_slots<> {
|
| static_cast<uint32>(sent));
|
|
|
| // Only set the bypass flag if we've activated DTLS.
|
| - int flags = (identity_.get() && srtp) ? cricket::PF_SRTP_BYPASS : 0;
|
| + int flags = (certificate_ && srtp) ? cricket::PF_SRTP_BYPASS : 0;
|
| rtc::PacketOptions packet_options;
|
| int rv = channels_[channel]->SendPacket(
|
| packet.get(), size, packet_options, flags);
|
| @@ -339,7 +349,7 @@ class DtlsTestClient : public sigslot::has_slots<> {
|
| ASSERT_TRUE(VerifyPacket(data, size, &packet_num));
|
| received_.insert(packet_num);
|
| // Only DTLS-SRTP packets should have the bypass flag set.
|
| - int expected_flags = (identity_.get() && IsRtpLeadByte(data[0])) ?
|
| + int expected_flags = (certificate_ && IsRtpLeadByte(data[0])) ?
|
| cricket::PF_SRTP_BYPASS : 0;
|
| ASSERT_EQ(expected_flags, flags);
|
| }
|
| @@ -377,7 +387,7 @@ class DtlsTestClient : public sigslot::has_slots<> {
|
| rtc::Thread* signaling_thread_;
|
| rtc::Thread* worker_thread_;
|
| cricket::TransportProtocol protocol_;
|
| - rtc::scoped_ptr<rtc::SSLIdentity> identity_;
|
| + rtc::scoped_refptr<webrtc::DtlsCertificate> certificate_;
|
| rtc::scoped_ptr<cricket::FakeTransport> transport_;
|
| std::vector<cricket::DtlsTransportChannelWrapper*> channels_;
|
| size_t packet_size_;
|
| @@ -414,10 +424,10 @@ class DtlsTransportChannelTest : public testing::Test {
|
| }
|
| void PrepareDtls(bool c1, bool c2, rtc::KeyType key_type) {
|
| if (c1) {
|
| - client1_.CreateIdentity(key_type);
|
| + client1_.CreateCertificate(key_type);
|
| }
|
| if (c2) {
|
| - client2_.CreateIdentity(key_type);
|
| + client2_.CreateCertificate(key_type);
|
| }
|
| if (c1 && c2)
|
| use_dtls_ = true;
|
| @@ -856,17 +866,17 @@ TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) {
|
| PrepareDtls(true, true, rtc::KT_DEFAULT);
|
| Negotiate();
|
|
|
| - rtc::scoped_ptr<rtc::SSLIdentity> identity1;
|
| - rtc::scoped_ptr<rtc::SSLIdentity> identity2;
|
| + rtc::scoped_refptr<webrtc::DtlsCertificate> dtlscert1;
|
| + rtc::scoped_refptr<webrtc::DtlsCertificate> dtlscert2;
|
| rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1;
|
| rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2;
|
|
|
| // After negotiation, each side has a distinct local certificate, but still no
|
| // remote certificate, because connection has not yet occurred.
|
| - ASSERT_TRUE(client1_.transport()->GetIdentity(identity1.accept()));
|
| - ASSERT_TRUE(client2_.transport()->GetIdentity(identity2.accept()));
|
| - ASSERT_NE(identity1->certificate().ToPEMString(),
|
| - identity2->certificate().ToPEMString());
|
| + ASSERT_TRUE(client1_.transport()->GetCertificate(&dtlscert1));
|
| + ASSERT_TRUE(client2_.transport()->GetCertificate(&dtlscert2));
|
| + ASSERT_NE(dtlscert1->identity()->certificate().ToPEMString(),
|
| + dtlscert2->identity()->certificate().ToPEMString());
|
| ASSERT_FALSE(
|
| client1_.transport()->GetRemoteCertificate(remote_cert1.accept()));
|
| ASSERT_FALSE(remote_cert1 != NULL);
|
| @@ -881,24 +891,24 @@ TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) {
|
| PrepareDtls(true, true, rtc::KT_DEFAULT);
|
| ASSERT_TRUE(Connect());
|
|
|
| - rtc::scoped_ptr<rtc::SSLIdentity> identity1;
|
| - rtc::scoped_ptr<rtc::SSLIdentity> identity2;
|
| + rtc::scoped_refptr<webrtc::DtlsCertificate> dtlscert1;
|
| + rtc::scoped_refptr<webrtc::DtlsCertificate> dtlscert2;
|
| rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1;
|
| rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2;
|
|
|
| // After connection, each side has a distinct local certificate.
|
| - ASSERT_TRUE(client1_.transport()->GetIdentity(identity1.accept()));
|
| - ASSERT_TRUE(client2_.transport()->GetIdentity(identity2.accept()));
|
| - ASSERT_NE(identity1->certificate().ToPEMString(),
|
| - identity2->certificate().ToPEMString());
|
| + ASSERT_TRUE(client1_.transport()->GetCertificate(&dtlscert1));
|
| + ASSERT_TRUE(client2_.transport()->GetCertificate(&dtlscert2));
|
| + ASSERT_NE(dtlscert1->identity()->certificate().ToPEMString(),
|
| + dtlscert2->identity()->certificate().ToPEMString());
|
|
|
| // Each side's remote certificate is the other side's local certificate.
|
| ASSERT_TRUE(
|
| client1_.transport()->GetRemoteCertificate(remote_cert1.accept()));
|
| ASSERT_EQ(remote_cert1->ToPEMString(),
|
| - identity2->certificate().ToPEMString());
|
| + dtlscert2->identity()->certificate().ToPEMString());
|
| ASSERT_TRUE(
|
| client2_.transport()->GetRemoteCertificate(remote_cert2.accept()));
|
| ASSERT_EQ(remote_cert2->ToPEMString(),
|
| - identity1->certificate().ToPEMString());
|
| + dtlscert1->identity()->certificate().ToPEMString());
|
| }
|
|
|
Chromium Code Reviews
Issue 1269843005:
Added DtlsCertificate, a ref counted object owning an SSLIdentity (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master