OLD | NEW |
---|---|
1 /* | 1 /* |
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 29 matching lines...) Expand all Loading... | |
40 SSL_PROTOCOL_TLS_10, | 40 SSL_PROTOCOL_TLS_10, |
41 SSL_PROTOCOL_TLS_11, | 41 SSL_PROTOCOL_TLS_11, |
42 SSL_PROTOCOL_TLS_12, | 42 SSL_PROTOCOL_TLS_12, |
43 SSL_PROTOCOL_DTLS_10 = SSL_PROTOCOL_TLS_11, | 43 SSL_PROTOCOL_DTLS_10 = SSL_PROTOCOL_TLS_11, |
44 SSL_PROTOCOL_DTLS_12 = SSL_PROTOCOL_TLS_12, | 44 SSL_PROTOCOL_DTLS_12 = SSL_PROTOCOL_TLS_12, |
45 }; | 45 }; |
46 | 46 |
47 // Errors for Read -- in the high range so no conflict with OpenSSL. | 47 // Errors for Read -- in the high range so no conflict with OpenSSL. |
48 enum { SSE_MSG_TRUNC = 0xff0001 }; | 48 enum { SSE_MSG_TRUNC = 0xff0001 }; |
49 | 49 |
50 // Helper struct to retrieve both IANA number and the RFC name. | |
51 struct SslCipher { | |
52 int ssl_id; | |
53 std::string name; | |
54 SslCipher() : ssl_id(0) {} | |
55 SslCipher(int ssl_id, const std::string& name) : ssl_id(ssl_id), name(name) {} | |
56 }; | |
57 | |
50 class SSLStreamAdapter : public StreamAdapterInterface { | 58 class SSLStreamAdapter : public StreamAdapterInterface { |
51 public: | 59 public: |
52 // Instantiate an SSLStreamAdapter wrapping the given stream, | 60 // Instantiate an SSLStreamAdapter wrapping the given stream, |
53 // (using the selected implementation for the platform). | 61 // (using the selected implementation for the platform). |
54 // Caller is responsible for freeing the returned object. | 62 // Caller is responsible for freeing the returned object. |
55 static SSLStreamAdapter* Create(StreamInterface* stream); | 63 static SSLStreamAdapter* Create(StreamInterface* stream); |
56 | 64 |
57 explicit SSLStreamAdapter(StreamInterface* stream) | 65 explicit SSLStreamAdapter(StreamInterface* stream) |
58 : StreamAdapterInterface(stream), ignore_bad_cert_(false), | 66 : StreamAdapterInterface(stream), ignore_bad_cert_(false), |
59 client_auth_enabled_(true) { } | 67 client_auth_enabled_(true) { } |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
128 const unsigned char* digest_val, | 136 const unsigned char* digest_val, |
129 size_t digest_len) = 0; | 137 size_t digest_len) = 0; |
130 | 138 |
131 // Retrieves the peer's X.509 certificate, if a connection has been | 139 // Retrieves the peer's X.509 certificate, if a connection has been |
132 // established. It returns the transmitted over SSL, including the entire | 140 // established. It returns the transmitted over SSL, including the entire |
133 // chain. The returned certificate is owned by the caller. | 141 // chain. The returned certificate is owned by the caller. |
134 virtual bool GetPeerCertificate(SSLCertificate** cert) const = 0; | 142 virtual bool GetPeerCertificate(SSLCertificate** cert) const = 0; |
135 | 143 |
136 // Retrieves the name of the cipher suite used for the connection | 144 // Retrieves the name of the cipher suite used for the connection |
137 // (e.g. "TLS_RSA_WITH_AES_128_CBC_SHA"). | 145 // (e.g. "TLS_RSA_WITH_AES_128_CBC_SHA"). |
138 virtual bool GetSslCipher(std::string* cipher); | 146 virtual bool GetSslCipher(SslCipher* cipher); |
139 | 147 |
140 // Key Exporter interface from RFC 5705 | 148 // Key Exporter interface from RFC 5705 |
141 // Arguments are: | 149 // Arguments are: |
142 // label -- the exporter label. | 150 // label -- the exporter label. |
143 // part of the RFC defining each exporter | 151 // part of the RFC defining each exporter |
144 // usage (IN) | 152 // usage (IN) |
145 // context/context_len -- a context to bind to for this connection; | 153 // context/context_len -- a context to bind to for this connection; |
146 // optional, can be NULL, 0 (IN) | 154 // optional, can be NULL, 0 (IN) |
147 // use_context -- whether to use the context value | 155 // use_context -- whether to use the context value |
148 // (needed to distinguish no context from | 156 // (needed to distinguish no context from |
(...skipping 12 matching lines...) Expand all Loading... | |
161 virtual bool GetDtlsSrtpCipher(std::string* cipher); | 169 virtual bool GetDtlsSrtpCipher(std::string* cipher); |
162 | 170 |
163 // Capabilities testing | 171 // Capabilities testing |
164 static bool HaveDtls(); | 172 static bool HaveDtls(); |
165 static bool HaveDtlsSrtp(); | 173 static bool HaveDtlsSrtp(); |
166 static bool HaveExporter(); | 174 static bool HaveExporter(); |
167 | 175 |
168 // Returns the default Ssl cipher used between streams of this class | 176 // Returns the default Ssl cipher used between streams of this class |
169 // for the given protocol version. This is used by the unit tests. | 177 // for the given protocol version. This is used by the unit tests. |
170 // TODO(torbjorng@webrtc.org): Fix callers to avoid default parameter. | 178 // TODO(torbjorng@webrtc.org): Fix callers to avoid default parameter. |
171 static std::string GetDefaultSslCipher(SSLProtocolVersion version, | 179 static const SslCipher& GetDefaultSslCipherForTest( |
172 KeyType key_type = KT_DEFAULT); | 180 SSLProtocolVersion version, |
181 KeyType key_type = KT_DEFAULT); | |
Ryan Sleevi
2015/09/24 21:09:58
http://google-styleguide.googlecode.com/svn/trunk/
guoweis_webrtc
2015/09/25 18:30:32
Done.
| |
173 | 182 |
174 private: | 183 private: |
175 // If true, the server certificate need not match the configured | 184 // If true, the server certificate need not match the configured |
176 // server_name, and in fact missing certificate authority and other | 185 // server_name, and in fact missing certificate authority and other |
177 // verification errors are ignored. | 186 // verification errors are ignored. |
178 bool ignore_bad_cert_; | 187 bool ignore_bad_cert_; |
179 | 188 |
180 // If true (default), the client is required to provide a certificate during | 189 // If true (default), the client is required to provide a certificate during |
181 // handshake. If no certificate is given, handshake fails. This applies to | 190 // handshake. If no certificate is given, handshake fails. This applies to |
182 // server mode only. | 191 // server mode only. |
183 bool client_auth_enabled_; | 192 bool client_auth_enabled_; |
184 }; | 193 }; |
185 | 194 |
186 } // namespace rtc | 195 } // namespace rtc |
187 | 196 |
188 #endif // WEBRTC_BASE_SSLSTREAMADAPTER_H_ | 197 #endif // WEBRTC_BASE_SSLSTREAMADAPTER_H_ |
OLD | NEW |