OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
11 #ifndef WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ | 11 #ifndef WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ |
12 #define WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ | 12 #define WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ |
13 | 13 |
14 #include "webrtc/p2p/base/dtlstransportchannel.h" | 14 #include "webrtc/p2p/base/dtlstransportchannel.h" |
15 #include "webrtc/p2p/base/transport.h" | 15 #include "webrtc/p2p/base/transport.h" |
16 | 16 |
17 namespace rtc { | 17 namespace rtc { |
18 class SSLIdentity; | 18 class SSLIdentity; |
19 } | 19 } |
20 | 20 |
21 namespace cricket { | 21 namespace cricket { |
22 | 22 |
23 class PortAllocator; | 23 class PortAllocator; |
24 | 24 |
25 // Base should be a descendant of cricket::Transport | 25 // Base should be a descendant of cricket::Transport |
| 26 // |
| 27 // Everything in this class should be called on the worker thread. |
26 template<class Base> | 28 template<class Base> |
27 class DtlsTransport : public Base { | 29 class DtlsTransport : public Base { |
28 public: | 30 public: |
29 DtlsTransport(rtc::Thread* signaling_thread, | 31 DtlsTransport(const std::string& content_name, |
30 rtc::Thread* worker_thread, | |
31 const std::string& content_name, | |
32 PortAllocator* allocator, | 32 PortAllocator* allocator, |
33 rtc::SSLIdentity* identity) | 33 rtc::SSLIdentity* identity) |
34 : Base(signaling_thread, worker_thread, content_name, allocator), | 34 : Base(content_name, allocator), |
35 identity_(identity), | 35 identity_(identity), |
36 secure_role_(rtc::SSL_CLIENT), | 36 secure_role_(rtc::SSL_CLIENT), |
37 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10) { | 37 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10) {} |
38 } | |
39 | 38 |
40 ~DtlsTransport() { | 39 ~DtlsTransport() { |
41 Base::DestroyAllChannels(); | 40 Base::DestroyAllChannels(); |
42 } | 41 } |
43 virtual void SetIdentity_w(rtc::SSLIdentity* identity) { | 42 |
44 identity_ = identity; | 43 virtual void SetIdentity(rtc::SSLIdentity* identity) { identity_ = identity; } |
45 } | 44 virtual bool GetIdentity(rtc::SSLIdentity** identity) { |
46 virtual bool GetIdentity_w(rtc::SSLIdentity** identity) { | |
47 if (!identity_) | 45 if (!identity_) |
48 return false; | 46 return false; |
49 | 47 |
50 *identity = identity_->GetReference(); | 48 *identity = identity_->GetReference(); |
51 return true; | 49 return true; |
52 } | 50 } |
53 | 51 |
54 virtual bool SetSslMaxProtocolVersion_w(rtc::SSLProtocolVersion version) { | 52 virtual bool SetSslMaxProtocolVersion(rtc::SSLProtocolVersion version) { |
55 ssl_max_version_ = version; | 53 ssl_max_version_ = version; |
56 return true; | 54 return true; |
57 } | 55 } |
58 | 56 |
59 virtual bool ApplyLocalTransportDescription_w(TransportChannelImpl* channel, | 57 virtual bool ApplyLocalTransportDescription(TransportChannelImpl* channel, |
60 std::string* error_desc) { | 58 std::string* error_desc) { |
61 rtc::SSLFingerprint* local_fp = | 59 rtc::SSLFingerprint* local_fp = |
62 Base::local_description()->identity_fingerprint.get(); | 60 Base::local_description()->identity_fingerprint.get(); |
63 | 61 |
64 if (local_fp) { | 62 if (local_fp) { |
65 // Sanity check local fingerprint. | 63 // Sanity check local fingerprint. |
66 if (identity_) { | 64 if (identity_) { |
67 rtc::scoped_ptr<rtc::SSLFingerprint> local_fp_tmp( | 65 rtc::scoped_ptr<rtc::SSLFingerprint> local_fp_tmp( |
68 rtc::SSLFingerprint::Create(local_fp->algorithm, | 66 rtc::SSLFingerprint::Create(local_fp->algorithm, |
69 identity_)); | 67 identity_)); |
70 ASSERT(local_fp_tmp.get() != NULL); | 68 ASSERT(local_fp_tmp.get() != NULL); |
(...skipping 12 matching lines...) Expand all Loading... |
83 } else { | 81 } else { |
84 identity_ = NULL; | 82 identity_ = NULL; |
85 } | 83 } |
86 | 84 |
87 if (!channel->SetLocalIdentity(identity_)) { | 85 if (!channel->SetLocalIdentity(identity_)) { |
88 return BadTransportDescription("Failed to set local identity.", | 86 return BadTransportDescription("Failed to set local identity.", |
89 error_desc); | 87 error_desc); |
90 } | 88 } |
91 | 89 |
92 // Apply the description in the base class. | 90 // Apply the description in the base class. |
93 return Base::ApplyLocalTransportDescription_w(channel, error_desc); | 91 return Base::ApplyLocalTransportDescription(channel, error_desc); |
94 } | 92 } |
95 | 93 |
96 virtual bool NegotiateTransportDescription_w(ContentAction local_role, | 94 virtual bool NegotiateTransportDescription(ContentAction local_role, |
97 std::string* error_desc) { | 95 std::string* error_desc) { |
98 if (!Base::local_description() || !Base::remote_description()) { | 96 if (!Base::local_description() || !Base::remote_description()) { |
99 const std::string msg = "Local and Remote description must be set before " | 97 const std::string msg = "Local and Remote description must be set before " |
100 "transport descriptions are negotiated"; | 98 "transport descriptions are negotiated"; |
101 return BadTransportDescription(msg, error_desc); | 99 return BadTransportDescription(msg, error_desc); |
102 } | 100 } |
103 | 101 |
104 rtc::SSLFingerprint* local_fp = | 102 rtc::SSLFingerprint* local_fp = |
105 Base::local_description()->identity_fingerprint.get(); | 103 Base::local_description()->identity_fingerprint.get(); |
106 rtc::SSLFingerprint* remote_fp = | 104 rtc::SSLFingerprint* remote_fp = |
107 Base::remote_description()->identity_fingerprint.get(); | 105 Base::remote_description()->identity_fingerprint.get(); |
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
184 return BadTransportDescription( | 182 return BadTransportDescription( |
185 "Local fingerprint supplied when caller didn't offer DTLS.", | 183 "Local fingerprint supplied when caller didn't offer DTLS.", |
186 error_desc); | 184 error_desc); |
187 } else { | 185 } else { |
188 // We are not doing DTLS | 186 // We are not doing DTLS |
189 remote_fingerprint_.reset(new rtc::SSLFingerprint( | 187 remote_fingerprint_.reset(new rtc::SSLFingerprint( |
190 "", NULL, 0)); | 188 "", NULL, 0)); |
191 } | 189 } |
192 | 190 |
193 // Now run the negotiation for the base class. | 191 // Now run the negotiation for the base class. |
194 return Base::NegotiateTransportDescription_w(local_role, error_desc); | 192 return Base::NegotiateTransportDescription(local_role, error_desc); |
195 } | 193 } |
196 | 194 |
197 virtual DtlsTransportChannelWrapper* CreateTransportChannel(int component) { | 195 virtual DtlsTransportChannelWrapper* CreateTransportChannel(int component) { |
198 DtlsTransportChannelWrapper* channel = new DtlsTransportChannelWrapper( | 196 DtlsTransportChannelWrapper* channel = new DtlsTransportChannelWrapper( |
199 this, Base::CreateTransportChannel(component)); | 197 this, Base::CreateTransportChannel(component)); |
200 channel->SetSslMaxProtocolVersion(ssl_max_version_); | 198 channel->SetSslMaxProtocolVersion(ssl_max_version_); |
201 return channel; | 199 return channel; |
202 } | 200 } |
203 | 201 |
204 virtual void DestroyTransportChannel(TransportChannelImpl* channel) { | 202 virtual void DestroyTransportChannel(TransportChannelImpl* channel) { |
205 // Kind of ugly, but this lets us do the exact inverse of the create. | 203 // Kind of ugly, but this lets us do the exact inverse of the create. |
206 DtlsTransportChannelWrapper* dtls_channel = | 204 DtlsTransportChannelWrapper* dtls_channel = |
207 static_cast<DtlsTransportChannelWrapper*>(channel); | 205 static_cast<DtlsTransportChannelWrapper*>(channel); |
208 TransportChannelImpl* base_channel = dtls_channel->channel(); | 206 TransportChannelImpl* base_channel = dtls_channel->channel(); |
209 delete dtls_channel; | 207 delete dtls_channel; |
210 Base::DestroyTransportChannel(base_channel); | 208 Base::DestroyTransportChannel(base_channel); |
211 } | 209 } |
212 | 210 |
213 virtual bool GetSslRole_w(rtc::SSLRole* ssl_role) const { | 211 virtual bool GetSslRole(rtc::SSLRole* ssl_role) const { |
214 ASSERT(ssl_role != NULL); | 212 ASSERT(ssl_role != NULL); |
215 *ssl_role = secure_role_; | 213 *ssl_role = secure_role_; |
216 return true; | 214 return true; |
217 } | 215 } |
218 | 216 |
219 private: | 217 bool ApplyNegotiatedTransportDescription(TransportChannelImpl* channel, |
220 virtual bool ApplyNegotiatedTransportDescription_w( | 218 std::string* error_desc) override { |
221 TransportChannelImpl* channel, | |
222 std::string* error_desc) { | |
223 // Set ssl role. Role must be set before fingerprint is applied, which | 219 // Set ssl role. Role must be set before fingerprint is applied, which |
224 // initiates DTLS setup. | 220 // initiates DTLS setup. |
225 if (!channel->SetSslRole(secure_role_)) { | 221 if (!channel->SetSslRole(secure_role_)) { |
226 return BadTransportDescription("Failed to set ssl role for the channel.", | 222 return BadTransportDescription("Failed to set ssl role for the channel.", |
227 error_desc); | 223 error_desc); |
228 } | 224 } |
229 // Apply remote fingerprint. | 225 // Apply remote fingerprint. |
230 if (!channel->SetRemoteFingerprint( | 226 if (!channel->SetRemoteFingerprint( |
231 remote_fingerprint_->algorithm, | 227 remote_fingerprint_->algorithm, |
232 reinterpret_cast<const uint8*>(remote_fingerprint_->digest.data()), | 228 reinterpret_cast<const uint8*>(remote_fingerprint_->digest.data()), |
233 remote_fingerprint_->digest.size())) { | 229 remote_fingerprint_->digest.size())) { |
234 return BadTransportDescription("Failed to apply remote fingerprint.", | 230 return BadTransportDescription("Failed to apply remote fingerprint.", |
235 error_desc); | 231 error_desc); |
236 } | 232 } |
237 return Base::ApplyNegotiatedTransportDescription_w(channel, error_desc); | 233 return Base::ApplyNegotiatedTransportDescription(channel, error_desc); |
238 } | 234 } |
239 | 235 |
| 236 private: |
240 rtc::SSLIdentity* identity_; | 237 rtc::SSLIdentity* identity_; |
241 rtc::SSLRole secure_role_; | 238 rtc::SSLRole secure_role_; |
242 rtc::SSLProtocolVersion ssl_max_version_; | 239 rtc::SSLProtocolVersion ssl_max_version_; |
243 rtc::scoped_ptr<rtc::SSLFingerprint> remote_fingerprint_; | 240 rtc::scoped_ptr<rtc::SSLFingerprint> remote_fingerprint_; |
244 }; | 241 }; |
245 | 242 |
246 } // namespace cricket | 243 } // namespace cricket |
247 | 244 |
248 #endif // WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ | 245 #endif // WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ |
OLD | NEW |