Index: webrtc/p2p/base/dtlstransportchannel_unittest.cc |
diff --git a/webrtc/p2p/base/dtlstransportchannel_unittest.cc b/webrtc/p2p/base/dtlstransportchannel_unittest.cc |
index dfae0c88441066ef4f3298b65060a89598c864d2..a244915dfb3b07ad569078db5a9e9fe443b670dd 100644 |
--- a/webrtc/p2p/base/dtlstransportchannel_unittest.cc |
+++ b/webrtc/p2p/base/dtlstransportchannel_unittest.cc |
@@ -62,12 +62,16 @@ class DtlsTestClient : public sigslot::has_slots<> { |
void SetIceProtocol(cricket::TransportProtocol proto) { |
protocol_ = proto; |
} |
- void CreateIdentity(rtc::KeyType key_type) { |
- identity_.reset(rtc::SSLIdentity::Generate(name_, key_type)); |
+ void CreateCertificate(rtc::KeyType key_type) { |
+ certificate_ = webrtc::DtlsCertificate::Create( |
+ rtc::scoped_ptr<rtc::SSLIdentity>( |
+ rtc::SSLIdentity::Generate(name_, key_type)).Pass()); |
+ } |
+ const rtc::scoped_refptr<webrtc::DtlsCertificate>& certificate() { |
+ return certificate_; |
} |
- rtc::SSLIdentity* identity() { return identity_.get(); } |
void SetupSrtp() { |
- ASSERT(identity_.get() != NULL); |
+ ASSERT(certificate_); |
use_dtls_srtp_ = true; |
} |
void SetupMaxProtocolVersion(rtc::SSLProtocolVersion version) { |
@@ -77,7 +81,7 @@ class DtlsTestClient : public sigslot::has_slots<> { |
void SetupChannels(int count, cricket::IceRole role) { |
transport_.reset(new cricket::DtlsTransport<cricket::FakeTransport>( |
signaling_thread_, worker_thread_, "dtls content name", NULL, |
- identity_.get())); |
+ certificate_)); |
transport_->SetAsync(true); |
transport_->SetIceRole(role); |
transport_->SetIceTiebreaker( |
@@ -118,8 +122,14 @@ class DtlsTestClient : public sigslot::has_slots<> { |
void Negotiate(DtlsTestClient* peer, cricket::ContentAction action, |
ConnectionRole local_role, ConnectionRole remote_role, |
int flags) { |
- Negotiate(identity_.get(), (identity_) ? peer->identity_.get() : NULL, |
- action, local_role, remote_role, flags); |
+ if (certificate_) { |
+ Negotiate(certificate_->identity(), |
+ peer->certificate_ ? peer->certificate_->identity() : nullptr, |
+ action, local_role, remote_role, flags); |
+ } else { |
+ Negotiate(nullptr, nullptr, |
+ action, local_role, remote_role, flags); |
+ } |
} |
// Allow any DTLS configuration to be specified (including invalid ones). |
@@ -258,7 +268,7 @@ class DtlsTestClient : public sigslot::has_slots<> { |
static_cast<uint32>(sent)); |
// Only set the bypass flag if we've activated DTLS. |
- int flags = (identity_.get() && srtp) ? cricket::PF_SRTP_BYPASS : 0; |
+ int flags = (certificate_ && srtp) ? cricket::PF_SRTP_BYPASS : 0; |
rtc::PacketOptions packet_options; |
int rv = channels_[channel]->SendPacket( |
packet.get(), size, packet_options, flags); |
@@ -339,7 +349,7 @@ class DtlsTestClient : public sigslot::has_slots<> { |
ASSERT_TRUE(VerifyPacket(data, size, &packet_num)); |
received_.insert(packet_num); |
// Only DTLS-SRTP packets should have the bypass flag set. |
- int expected_flags = (identity_.get() && IsRtpLeadByte(data[0])) ? |
+ int expected_flags = (certificate_ && IsRtpLeadByte(data[0])) ? |
cricket::PF_SRTP_BYPASS : 0; |
ASSERT_EQ(expected_flags, flags); |
} |
@@ -377,7 +387,7 @@ class DtlsTestClient : public sigslot::has_slots<> { |
rtc::Thread* signaling_thread_; |
rtc::Thread* worker_thread_; |
cricket::TransportProtocol protocol_; |
- rtc::scoped_ptr<rtc::SSLIdentity> identity_; |
+ rtc::scoped_refptr<webrtc::DtlsCertificate> certificate_; |
rtc::scoped_ptr<cricket::FakeTransport> transport_; |
std::vector<cricket::DtlsTransportChannelWrapper*> channels_; |
size_t packet_size_; |
@@ -414,10 +424,10 @@ class DtlsTransportChannelTest : public testing::Test { |
} |
void PrepareDtls(bool c1, bool c2, rtc::KeyType key_type) { |
if (c1) { |
- client1_.CreateIdentity(key_type); |
+ client1_.CreateCertificate(key_type); |
} |
if (c2) { |
- client2_.CreateIdentity(key_type); |
+ client2_.CreateCertificate(key_type); |
} |
if (c1 && c2) |
use_dtls_ = true; |
@@ -856,17 +866,17 @@ TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) { |
PrepareDtls(true, true, rtc::KT_DEFAULT); |
Negotiate(); |
- rtc::scoped_ptr<rtc::SSLIdentity> identity1; |
- rtc::scoped_ptr<rtc::SSLIdentity> identity2; |
+ rtc::scoped_refptr<webrtc::DtlsCertificate> dtlscert1; |
+ rtc::scoped_refptr<webrtc::DtlsCertificate> dtlscert2; |
rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; |
rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; |
// After negotiation, each side has a distinct local certificate, but still no |
// remote certificate, because connection has not yet occurred. |
- ASSERT_TRUE(client1_.transport()->GetIdentity(identity1.accept())); |
- ASSERT_TRUE(client2_.transport()->GetIdentity(identity2.accept())); |
- ASSERT_NE(identity1->certificate().ToPEMString(), |
- identity2->certificate().ToPEMString()); |
+ ASSERT_TRUE(client1_.transport()->GetCertificate(&dtlscert1)); |
+ ASSERT_TRUE(client2_.transport()->GetCertificate(&dtlscert2)); |
+ ASSERT_NE(dtlscert1->identity()->certificate().ToPEMString(), |
+ dtlscert2->identity()->certificate().ToPEMString()); |
ASSERT_FALSE( |
client1_.transport()->GetRemoteCertificate(remote_cert1.accept())); |
ASSERT_FALSE(remote_cert1 != NULL); |
@@ -881,24 +891,24 @@ TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { |
PrepareDtls(true, true, rtc::KT_DEFAULT); |
ASSERT_TRUE(Connect()); |
- rtc::scoped_ptr<rtc::SSLIdentity> identity1; |
- rtc::scoped_ptr<rtc::SSLIdentity> identity2; |
+ rtc::scoped_refptr<webrtc::DtlsCertificate> dtlscert1; |
+ rtc::scoped_refptr<webrtc::DtlsCertificate> dtlscert2; |
rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; |
rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; |
// After connection, each side has a distinct local certificate. |
- ASSERT_TRUE(client1_.transport()->GetIdentity(identity1.accept())); |
- ASSERT_TRUE(client2_.transport()->GetIdentity(identity2.accept())); |
- ASSERT_NE(identity1->certificate().ToPEMString(), |
- identity2->certificate().ToPEMString()); |
+ ASSERT_TRUE(client1_.transport()->GetCertificate(&dtlscert1)); |
+ ASSERT_TRUE(client2_.transport()->GetCertificate(&dtlscert2)); |
+ ASSERT_NE(dtlscert1->identity()->certificate().ToPEMString(), |
+ dtlscert2->identity()->certificate().ToPEMString()); |
// Each side's remote certificate is the other side's local certificate. |
ASSERT_TRUE( |
client1_.transport()->GetRemoteCertificate(remote_cert1.accept())); |
ASSERT_EQ(remote_cert1->ToPEMString(), |
- identity2->certificate().ToPEMString()); |
+ dtlscert2->identity()->certificate().ToPEMString()); |
ASSERT_TRUE( |
client2_.transport()->GetRemoteCertificate(remote_cert2.accept())); |
ASSERT_EQ(remote_cert2->ToPEMString(), |
- identity1->certificate().ToPEMString()); |
+ dtlscert1->identity()->certificate().ToPEMString()); |
} |