Index: talk/app/webrtc/dtlsidentitystore.h |
diff --git a/talk/app/webrtc/dtlsidentitystore.h b/talk/app/webrtc/dtlsidentitystore.h |
index b2a797462fbe43b747070db0223fca07775aae05..33fe242aefd795264498192c38e9a9cea58ed10d 100644 |
--- a/talk/app/webrtc/dtlsidentitystore.h |
+++ b/talk/app/webrtc/dtlsidentitystore.h |
@@ -28,7 +28,7 @@ |
#ifndef TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ |
#define TALK_APP_WEBRTC_DTLSIDENTITYSTORE_H_ |
-#include <queue> |
+#include <list> |
#include <string> |
#include "talk/app/webrtc/peerconnectioninterface.h" |
@@ -36,58 +36,115 @@ |
#include "webrtc/base/messagequeue.h" |
#include "webrtc/base/scoped_ptr.h" |
#include "webrtc/base/scoped_ref_ptr.h" |
+#include "webrtc/base/sslidentity.h" |
+#include "webrtc/base/thread.h" |
namespace webrtc { |
-class DTLSIdentityRequestObserver; |
+ |
class SSLIdentity; |
class Thread; |
-// This class implements an in-memory DTLS identity store, which generates the |
-// DTLS identity on the worker thread. |
+// Used to receive callbacks of DTLS identity requests. |
+class DtlsIdentityRequestObserver : public rtc::RefCountInterface { |
hbos
2015/06/15 10:10:34
Previously DTLSIdentityRequestObserver in peerconn
|
+ public: |
+ virtual void OnFailure(int error) = 0; |
+ // TODO(jiayl): Unify the OnSuccess method once Chrome code is updated. |
+ virtual void OnSuccess(const std::string& der_cert, |
+ const std::string& der_private_key) = 0; |
+ // |identity| is a scoped_ptr because rtc::SSLIdentity is not copyable and the |
+ // client has to get the ownership of the object to make use of it. |
+ virtual void OnSuccessWithIdentityObj( |
+ rtc::scoped_ptr<rtc::SSLIdentity> identity) = 0; |
+ |
+ protected: |
+ virtual ~DtlsIdentityRequestObserver() {} |
+}; |
+ |
+// This interface defines an in-memory DTLS identity store, which generates DTLS |
+// identities. |
// APIs calls must be made on the signaling thread and the callbacks are also |
// called on the signaling thread. |
-class DtlsIdentityStore : public rtc::MessageHandler { |
+class DtlsIdentityStoreInterface { |
public: |
- static const char kIdentityName[]; |
- |
- DtlsIdentityStore(rtc::Thread* signaling_thread, |
- rtc::Thread* worker_thread); |
- virtual ~DtlsIdentityStore(); |
+ virtual ~DtlsIdentityStoreInterface() { } |
- // Initialize will start generating the free identity in the background. |
- void Initialize(); |
+ // Initializes the store. |
+ virtual void Initialize() = 0; |
// The |observer| will be called when the requested identity is ready, or when |
// identity generation fails. |
- void RequestIdentity(webrtc::DTLSIdentityRequestObserver* observer); |
+ virtual void RequestIdentity( |
+ rtc::KeyType key_type, webrtc::DtlsIdentityRequestObserver* observer) = 0; |
+ |
+ // Returns true if there is a free RSA identity, used for unit tests. |
+ virtual bool HasFreeIdentityForTesting() const = 0; |
+}; |
+ |
+// The standard implementation of DtlsIdentityStoreInterface. |
+// Identity generation is performed on the worker thread. |
+class DtlsIdentityStoreImpl : public DtlsIdentityStoreInterface, |
+ public rtc::MessageHandler { |
+ public: |
+ // Passed to SSLIdentity::Generate, "WebRTC". Used for the certificates' |
+ // subject and issuer name. |
+ static const char* common_name_; |
+ |
+ DtlsIdentityStoreImpl(rtc::Thread* signaling_thread, |
+ rtc::Thread* worker_thread); |
+ ~DtlsIdentityStoreImpl() override; |
+ |
+ // webrtc::DtlsIdentityStoreInterface override; |
+ // Initialize will start to preemptively generating an RSA identity in the |
+ // background, if the worker thread is not the same as the signaling thread. |
+ void Initialize() override; |
+ // webrtc::DtlsIdentityStoreInterface override; |
+ void RequestIdentity(rtc::KeyType key_type, |
+ webrtc::DtlsIdentityRequestObserver* observer) override; |
// rtc::MessageHandler override; |
void OnMessage(rtc::Message* msg) override; |
- // Returns true if there is a free identity, used for unit tests. |
- bool HasFreeIdentityForTesting() const; |
+ // webrtc::DtlsIdentityStoreInterface override; |
+ bool HasFreeIdentityForTesting() const override; |
private: |
sigslot::signal0<> SignalDestroyed; |
class WorkerTask; |
- typedef rtc::ScopedMessageData<DtlsIdentityStore::WorkerTask> |
+ typedef rtc::ScopedMessageData<DtlsIdentityStoreImpl::WorkerTask> |
IdentityTaskMessageData; |
- void GenerateIdentity(); |
+ void GenerateIdentity(rtc::KeyType key_type, |
+ webrtc::DtlsIdentityRequestObserver* observer); |
void OnIdentityGenerated(rtc::scoped_ptr<rtc::SSLIdentity> identity); |
- void ReturnIdentity(rtc::scoped_ptr<rtc::SSLIdentity> identity); |
void PostGenerateIdentityResult_w(rtc::scoped_ptr<rtc::SSLIdentity> identity); |
+ bool HasPendingRSARequest(); |
+ rtc::SSLIdentity* ReleaseFreeRSAIdentity(); |
+ |
rtc::Thread* const signaling_thread_; |
+ // TODO(hbos): RSA generation can be VERY slow, DtlsIdentityStore should use a |
+ // new thread and not the "general purpose" worker thread. |
rtc::Thread* const worker_thread_; |
- // These members should be accessed on the signaling thread only. |
- int pending_jobs_; |
- rtc::scoped_ptr<rtc::SSLIdentity> free_identity_; |
- typedef std::queue<rtc::scoped_refptr<webrtc::DTLSIdentityRequestObserver>> |
- ObserverList; |
- ObserverList pending_observers_; |
+ // A request to generate an identity for the specified |key_type_|, the result |
+ // will be reported back to |observer_|. If |observer_| is null then this is |
+ // a preemptive RSA request and the result is stored in |free_rsa_identity_|. |
+ struct IdentityRequest { |
+ IdentityRequest(rtc::KeyType key_type, |
+ rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver> observer) |
+ : key_type_(key_type), |
+ observer_(observer) { } |
+ |
+ rtc::KeyType key_type_; |
+ rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver> observer_; |
+ }; |
+ // Requests under processing. Only to be accessed on the signaling thread. |
+ std::list<IdentityRequest> pending_requests_; |
+ // Generating an RSA identity can take a long time. When generating it |
+ // preemptively it is stored in |free_rsa_identity_| until the next request. |
+ rtc::scoped_ptr<rtc::SSLIdentity> free_rsa_identity_; |
+ mutable rtc::CriticalSection free_rsa_identity_cs_; |
}; |
} // namespace webrtc |