OLD | NEW |
---|---|
1 /* | 1 /* |
2 * libjingle | 2 * libjingle |
3 * Copyright 2015 Google Inc. | 3 * Copyright 2015 Google Inc. |
4 * | 4 * |
5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
6 * modification, are permitted provided that the following conditions are met: | 6 * modification, are permitted provided that the following conditions are met: |
7 * | 7 * |
8 * 1. Redistributions of source code must retain the above copyright notice, | 8 * 1. Redistributions of source code must retain the above copyright notice, |
9 * this list of conditions and the following disclaimer. | 9 * this list of conditions and the following disclaimer. |
10 * 2. Redistributions in binary form must reproduce the above copyright notice, | 10 * 2. Redistributions in binary form must reproduce the above copyright notice, |
(...skipping 10 matching lines...) Expand all Loading... | |
21 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; | 21 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; |
22 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, | 22 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, |
23 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR | 23 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR |
24 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF | 24 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF |
25 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 25 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
26 */ | 26 */ |
27 | 27 |
28 #ifndef TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ | 28 #ifndef TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ |
29 #define TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ | 29 #define TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ |
30 | 30 |
31 #include <queue> | 31 #include <list> |
32 #include <string> | 32 #include <string> |
33 | 33 |
34 #include "talk/app/webrtc/peerconnectioninterface.h" | |
35 #include "webrtc/base/messagehandler.h" | 34 #include "webrtc/base/messagehandler.h" |
36 #include "webrtc/base/messagequeue.h" | 35 #include "webrtc/base/messagequeue.h" |
36 #include "webrtc/base/refcount.h" | |
37 #include "webrtc/base/scoped_ptr.h" | 37 #include "webrtc/base/scoped_ptr.h" |
38 #include "webrtc/base/scoped_ref_ptr.h" | 38 #include "webrtc/base/scoped_ref_ptr.h" |
39 #include "webrtc/base/sslidentity.h" | |
40 #include "webrtc/base/thread.h" | |
39 | 41 |
40 namespace webrtc { | 42 namespace webrtc { |
41 class DTLSIdentityRequestObserver; | 43 |
42 class SSLIdentity; | 44 class SSLIdentity; |
43 class Thread; | 45 class Thread; |
44 | 46 |
45 // This class implements an in-memory DTLS identity store, which generates the | 47 // Used to receive callbacks of DTLS identity requests. |
46 // DTLS identity on the worker thread. | 48 class DtlsIdentityRequestObserver : public rtc::RefCountInterface { |
49 public: | |
50 virtual void OnFailure(int error) = 0; | |
51 // TODO(jiayl): Unify the OnSuccess method once Chrome code is updated. | |
tommi
2015/07/02 11:22:59
can you assign this todo to you?
hbos
2015/07/02 12:28:27
Sure
| |
52 virtual void OnSuccess(const std::string& der_cert, | |
53 const std::string& der_private_key) = 0; | |
54 // |identity| is a scoped_ptr because rtc::SSLIdentity is not copyable and the | |
55 // client has to get the ownership of the object to make use of it. | |
56 virtual void OnSuccess(rtc::scoped_ptr<rtc::SSLIdentity> identity) = 0; | |
57 | |
58 protected: | |
59 virtual ~DtlsIdentityRequestObserver() {} | |
60 }; | |
61 | |
62 // This interface defines an in-memory DTLS identity store, which generates DTLS | |
63 // identities. | |
47 // APIs calls must be made on the signaling thread and the callbacks are also | 64 // APIs calls must be made on the signaling thread and the callbacks are also |
48 // called on the signaling thread. | 65 // called on the signaling thread. |
49 class DtlsIdentityStore : public rtc::MessageHandler { | 66 class DtlsIdentityStoreInterface { |
50 public: | 67 public: |
51 static const char kIdentityName[]; | 68 virtual ~DtlsIdentityStoreInterface() { } |
52 | 69 |
53 DtlsIdentityStore(rtc::Thread* signaling_thread, | 70 // Initializes the store. |
54 rtc::Thread* worker_thread); | 71 virtual void Initialize() = 0; |
tommi
2015/07/02 11:23:00
can we initialize in the ctor or is there a reason
hbos
2015/07/02 12:28:28
No reason that I can tell, removing.
| |
55 virtual ~DtlsIdentityStore(); | |
56 | |
57 // Initialize will start generating the free identity in the background. | |
58 void Initialize(); | |
59 | 72 |
60 // The |observer| will be called when the requested identity is ready, or when | 73 // The |observer| will be called when the requested identity is ready, or when |
61 // identity generation fails. | 74 // identity generation fails. |
62 void RequestIdentity(webrtc::DTLSIdentityRequestObserver* observer); | 75 virtual void RequestIdentity( |
76 rtc::KeyType key_type, | |
77 const rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>& | |
tommi
2015/07/02 11:22:59
we're already in the webrtc namespace, right?
hbos
2015/07/02 12:28:28
Acknowledged.
| |
78 observer) = 0; | |
tommi
2015/07/02 11:23:00
4 space indent?
hbos
2015/07/02 12:28:27
Acknowledged.
| |
79 }; | |
80 | |
81 // The standard implementation of DtlsIdentityStoreInterface. | |
82 // Identity generation is performed on the worker thread. | |
83 class DtlsIdentityStoreImpl : public DtlsIdentityStoreInterface, | |
84 public rtc::MessageHandler { | |
85 public: | |
86 DtlsIdentityStoreImpl(rtc::Thread* signaling_thread, | |
87 rtc::Thread* worker_thread); | |
88 ~DtlsIdentityStoreImpl() override; | |
89 | |
90 // webrtc::DtlsIdentityStoreInterface override; | |
91 // Initialize will start to preemptively generating an RSA identity in the | |
92 // background, if the worker thread is not the same as the signaling thread. | |
93 void Initialize() override; | |
94 // webrtc::DtlsIdentityStoreInterface override; | |
95 void RequestIdentity( | |
96 rtc::KeyType key_type, | |
97 const rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>& | |
tommi
2015/07/02 11:23:00
already in webrtc
hbos
2015/07/02 12:28:28
Acknowledged.
| |
98 observer) override; | |
63 | 99 |
64 // rtc::MessageHandler override; | 100 // rtc::MessageHandler override; |
65 void OnMessage(rtc::Message* msg) override; | 101 void OnMessage(rtc::Message* msg) override; |
66 | 102 |
67 // Returns true if there is a free identity, used for unit tests. | 103 // Returns true if there is a free RSA identity, used for unit tests. |
68 bool HasFreeIdentityForTesting() const; | 104 bool HasFreeIdentityForTesting(rtc::KeyType key_type) const; |
69 | 105 |
70 private: | 106 private: |
107 void GenerateIdentity( | |
108 rtc::KeyType key_type, | |
109 const rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>& observer); | |
110 void OnIdentityGenerated(rtc::KeyType key_type, | |
111 rtc::scoped_ptr<rtc::SSLIdentity> identity); | |
112 | |
113 class WorkerTask; | |
114 typedef rtc::ScopedMessageData<DtlsIdentityStoreImpl::WorkerTask> | |
115 WorkerTaskMessageData; | |
116 | |
117 // A key type-identity pair. | |
118 struct IdentityResult { | |
119 IdentityResult(rtc::KeyType key_type, | |
120 rtc::scoped_ptr<rtc::SSLIdentity> identity) | |
121 : key_type_(key_type), identity_(identity.Pass()) {} | |
122 | |
123 rtc::KeyType key_type_; | |
124 rtc::scoped_ptr<rtc::SSLIdentity> identity_; | |
125 }; | |
126 | |
127 typedef rtc::ScopedMessageData<IdentityResult> IdentityResultMessageData; | |
128 | |
71 sigslot::signal0<> SignalDestroyed; | 129 sigslot::signal0<> SignalDestroyed; |
72 class WorkerTask; | |
73 typedef rtc::ScopedMessageData<DtlsIdentityStore::WorkerTask> | |
74 IdentityTaskMessageData; | |
75 | |
76 void GenerateIdentity(); | |
77 void OnIdentityGenerated(rtc::scoped_ptr<rtc::SSLIdentity> identity); | |
78 void ReturnIdentity(rtc::scoped_ptr<rtc::SSLIdentity> identity); | |
79 | |
80 void PostGenerateIdentityResult_w(rtc::scoped_ptr<rtc::SSLIdentity> identity); | |
81 | 130 |
82 rtc::Thread* const signaling_thread_; | 131 rtc::Thread* const signaling_thread_; |
132 // TODO(hbos): RSA generation is slow and would be VERY slow if we switch over | |
133 // to 2048, DtlsIdentityStore should use a new thread and not the "general | |
134 // purpose" worker thread. | |
83 rtc::Thread* const worker_thread_; | 135 rtc::Thread* const worker_thread_; |
84 | 136 |
85 // These members should be accessed on the signaling thread only. | 137 struct RequestInfo { |
86 int pending_jobs_; | 138 RequestInfo() : request_observers_(), |
tommi
2015/07/02 11:23:00
nit: could probably do this in two lines
RequestI
hbos
2015/07/02 12:28:27
Acknowledged.
| |
87 rtc::scoped_ptr<rtc::SSLIdentity> free_identity_; | 139 gen_in_progress_counts_(0), |
88 typedef std::queue<rtc::scoped_refptr<webrtc::DTLSIdentityRequestObserver>> | 140 free_identity_() { } |
89 ObserverList; | 141 |
90 ObserverList pending_observers_; | 142 std::list<rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>> |
143 request_observers_; | |
144 size_t gen_in_progress_counts_; | |
145 rtc::scoped_ptr<rtc::SSLIdentity> free_identity_; | |
146 }; | |
147 | |
148 // One RequestInfo per KeyType. Only touch on the |signaling_thread_|. | |
149 RequestInfo request_info_[rtc::KT_LAST]; | |
91 }; | 150 }; |
92 | 151 |
93 } // namespace webrtc | 152 } // namespace webrtc |
94 | 153 |
95 #endif // TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ | 154 #endif // TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ |
OLD | NEW |