OLD | NEW |
---|---|
1 /* | 1 /* |
2 * libjingle | 2 * libjingle |
3 * Copyright 2015 Google Inc. | 3 * Copyright 2015 Google Inc. |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions are met: | 6 * modification, are permitted provided that the following conditions are met: |
7 * | 7 * |
8 * 1. Redistributions of source code must retain the above copyright notice, | 8 * 1. Redistributions of source code must retain the above copyright notice, |
9 * this list of conditions and the following disclaimer. | 9 * this list of conditions and the following disclaimer. |
10 * 2. Redistributions in binary form must reproduce the above copyright notice, | 10 * 2. Redistributions in binary form must reproduce the above copyright notice, |
(...skipping 10 matching lines...) Expand all Loading... | |
21 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; | 21 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; |
22 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, | 22 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, |
23 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR | 23 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR |
24 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF | 24 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF |
25 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 25 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
26 */ | 26 */ |
27 | 27 |
28 #ifndef TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ | 28 #ifndef TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ |
29 #define TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ | 29 #define TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ |
30 | 30 |
31 #include <queue> | 31 #include <list> |
32 #include <string> | 32 #include <string> |
33 | 33 |
34 #include "talk/app/webrtc/peerconnectioninterface.h" | 34 #include "talk/app/webrtc/peerconnectioninterface.h" |
35 #include "webrtc/base/messagehandler.h" | 35 #include "webrtc/base/messagehandler.h" |
36 #include "webrtc/base/messagequeue.h" | 36 #include "webrtc/base/messagequeue.h" |
37 #include "webrtc/base/scoped_ptr.h" | 37 #include "webrtc/base/scoped_ptr.h" |
38 #include "webrtc/base/scoped_ref_ptr.h" | 38 #include "webrtc/base/scoped_ref_ptr.h" |
39 #include "webrtc/base/sslidentity.h" | |
39 | 40 |
40 namespace webrtc { | 41 namespace webrtc { |
41 class DTLSIdentityRequestObserver; | 42 |
42 class SSLIdentity; | 43 class SSLIdentity; |
43 class Thread; | 44 class Thread; |
44 | 45 |
45 // This class implements an in-memory DTLS identity store, which generates the | 46 // Used to receive callbacks of DTLS identity requests. |
46 // DTLS identity on the worker thread. | 47 class DtlsIdentityRequestObserver : public rtc::RefCountInterface { |
hbos
2015/06/12 12:46:55
Moved from peerconnetctionfactory.h (and renamed D
| |
48 public: | |
49 virtual void OnFailure(int error) = 0; | |
50 // TODO(jiayl): Unify the OnSuccess method once Chrome code is updated. | |
51 virtual void OnSuccess(const std::string& der_cert, | |
52 const std::string& der_private_key) = 0; | |
53 // |identity| is a scoped_ptr because rtc::SSLIdentity is not copyable and the | |
54 // client has to get the ownership of the object to make use of it. | |
55 virtual void OnSuccessWithIdentityObj( | |
56 rtc::scoped_ptr<rtc::SSLIdentity> identity) = 0; | |
57 | |
58 protected: | |
59 virtual ~DtlsIdentityRequestObserver() {} | |
60 }; | |
61 | |
62 // This interface defines an in-memory DTLS identity store, which generates DTLS | |
63 // identities. | |
47 // APIs calls must be made on the signaling thread and the callbacks are also | 64 // APIs calls must be made on the signaling thread and the callbacks are also |
48 // called on the signaling thread. | 65 // called on the signaling thread. |
49 class DtlsIdentityStore : public rtc::MessageHandler { | 66 class DtlsIdentityStoreInterface { |
50 public: | 67 public: |
51 static const char kIdentityName[]; | 68 virtual ~DtlsIdentityStoreInterface() { } |
52 | 69 |
53 DtlsIdentityStore(rtc::Thread* signaling_thread, | 70 // Initializes the store. |
54 rtc::Thread* worker_thread); | 71 virtual void Initialize() = 0; |
55 virtual ~DtlsIdentityStore(); | |
56 | |
57 // Initialize will start generating the free identity in the background. | |
58 void Initialize(); | |
59 | 72 |
60 // The |observer| will be called when the requested identity is ready, or when | 73 // The |observer| will be called when the requested identity is ready, or when |
61 // identity generation fails. | 74 // identity generation fails. |
62 void RequestIdentity(webrtc::DTLSIdentityRequestObserver* observer); | 75 virtual void RequestIdentity( |
76 rtc::KeyType key_type, webrtc::DtlsIdentityRequestObserver* observer) = 0; | |
77 | |
78 // Returns true if there is a free RSA identity, used for unit tests. | |
79 virtual bool HasFreeIdentityForTesting() const = 0; | |
80 }; | |
81 | |
82 // The standard implementation of DtlsIdentityStoreInterface. | |
83 // Identity generation is performed on the worker thread. | |
84 class DtlsIdentityStoreImpl : public DtlsIdentityStoreInterface, | |
85 public rtc::MessageHandler { | |
86 public: | |
87 // Passed to SSLIdentity::Generate, "WebRTC". Used for the certificates' | |
88 // subject and issuer name. | |
89 static const std::string common_name_; | |
90 | |
91 DtlsIdentityStoreImpl(rtc::Thread* signaling_thread, | |
92 rtc::Thread* worker_thread); | |
93 ~DtlsIdentityStoreImpl() override; | |
94 | |
95 // webrtc::DtlsIdentityStoreInterface override; | |
96 // Initialize will start to preemptively generating an RSA identity in the | |
97 // background, if the worker thread is not the same as the signaling thread. | |
98 void Initialize() override; | |
99 // webrtc::DtlsIdentityStoreInterface override; | |
100 void RequestIdentity(rtc::KeyType key_type, | |
101 webrtc::DtlsIdentityRequestObserver* observer) override; | |
63 | 102 |
64 // rtc::MessageHandler override; | 103 // rtc::MessageHandler override; |
65 void OnMessage(rtc::Message* msg) override; | 104 void OnMessage(rtc::Message* msg) override; |
66 | 105 |
67 // Returns true if there is a free identity, used for unit tests. | 106 // webrtc::DtlsIdentityStoreInterface override; |
68 bool HasFreeIdentityForTesting() const; | 107 bool HasFreeIdentityForTesting() const override; |
69 | 108 |
70 private: | 109 private: |
71 sigslot::signal0<> SignalDestroyed; | 110 sigslot::signal0<> SignalDestroyed; |
72 class WorkerTask; | 111 class WorkerTask; |
73 typedef rtc::ScopedMessageData<DtlsIdentityStore::WorkerTask> | 112 typedef rtc::ScopedMessageData<DtlsIdentityStoreImpl::WorkerTask> |
74 IdentityTaskMessageData; | 113 IdentityTaskMessageData; |
75 | 114 |
76 void GenerateIdentity(); | 115 void GenerateIdentity(rtc::KeyType key_type, |
116 webrtc::DtlsIdentityRequestObserver* observer); | |
77 void OnIdentityGenerated(rtc::scoped_ptr<rtc::SSLIdentity> identity); | 117 void OnIdentityGenerated(rtc::scoped_ptr<rtc::SSLIdentity> identity); |
78 void ReturnIdentity(rtc::scoped_ptr<rtc::SSLIdentity> identity); | |
79 | 118 |
80 void PostGenerateIdentityResult_w(rtc::scoped_ptr<rtc::SSLIdentity> identity); | 119 void PostGenerateIdentityResult_w(rtc::scoped_ptr<rtc::SSLIdentity> identity); |
81 | 120 |
121 bool HasPendingRSARequest(); | |
122 rtc::SSLIdentity* ReleaseFreeRSAIdentity(); | |
123 | |
82 rtc::Thread* const signaling_thread_; | 124 rtc::Thread* const signaling_thread_; |
125 // TODO(hbos): RSA generation can be VERY slow, DtlsIdentityStore should use a | |
126 // new thread and not the "general purpose" worker thread. | |
83 rtc::Thread* const worker_thread_; | 127 rtc::Thread* const worker_thread_; |
84 | 128 |
85 // These members should be accessed on the signaling thread only. | 129 // A request to generate an identity for the specified |key_type_|, the result |
86 int pending_jobs_; | 130 // will be reported back to |observer_|. If |observer_| is null then this is |
87 rtc::scoped_ptr<rtc::SSLIdentity> free_identity_; | 131 // a preemptive RSA request and the result is stored in |free_rsa_identity_|. |
88 typedef std::queue<rtc::scoped_refptr<webrtc::DTLSIdentityRequestObserver>> | 132 struct IdentityRequest { |
89 ObserverList; | 133 IdentityRequest(rtc::KeyType key_type, |
90 ObserverList pending_observers_; | 134 rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver> observer) |
135 : key_type_(key_type), | |
136 observer_(observer) { } | |
137 | |
138 rtc::KeyType key_type_; | |
139 rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver> observer_; | |
140 }; | |
141 // Requests under processing. Only to be accessed on the signaling thread. | |
142 std::list<IdentityRequest> pending_requests_; | |
hbos
2015/06/12 12:46:55
(Used like a queue, list instead of queue to be ab
| |
143 // Generating an RSA identity can take a long time. When generating it | |
144 // preemptively it is stored in |free_rsa_identity_| until the next request. | |
145 rtc::scoped_ptr<rtc::SSLIdentity> free_rsa_identity_; | |
146 mutable rtc::CriticalSection free_rsa_identity_cs_; | |
91 }; | 147 }; |
92 | 148 |
93 } // namespace webrtc | 149 } // namespace webrtc |
94 | 150 |
95 #endif // TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ | 151 #endif // TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ |
OLD | NEW |