| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| 11 #ifndef WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ | 11 #ifndef WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ |
| 12 #define WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ | 12 #define WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ |
| 13 | 13 |
| 14 #include "webrtc/base/checks.h" | 14 #include "webrtc/base/checks.h" |
| 15 #include "webrtc/p2p/base/dtlstransportchannel.h" | 15 #include "webrtc/p2p/base/dtlstransportchannel.h" |
| 16 #include "webrtc/p2p/base/transport.h" | 16 #include "webrtc/p2p/base/transport.h" |
| 17 | 17 |
| 18 namespace rtc { | 18 namespace rtc { |
| 19 class SSLIdentity; | 19 class SSLIdentity; |
| 20 } | 20 } |
| 21 | 21 |
| 22 namespace cricket { | 22 namespace cricket { |
| 23 | 23 |
| 24 class PortAllocator; | 24 class PortAllocator; |
| 25 | 25 |
| 26 // Base should be a descendant of cricket::Transport | 26 // Base should be a descendant of cricket::Transport and have a constructor |
| 27 // TODO(hbos): Add appropriate DCHECK thread checks to all methods. | 27 // that takes a transport name and PortAllocator. |
| 28 // |
| 29 // Everything in this class should be called on the worker thread. |
| 28 template<class Base> | 30 template<class Base> |
| 29 class DtlsTransport : public Base { | 31 class DtlsTransport : public Base { |
| 30 public: | 32 public: |
| 31 DtlsTransport(rtc::Thread* signaling_thread, | 33 DtlsTransport(const std::string& name, |
| 32 rtc::Thread* worker_thread, | |
| 33 const std::string& content_name, | |
| 34 PortAllocator* allocator, | 34 PortAllocator* allocator, |
| 35 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) | 35 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) |
| 36 : Base(signaling_thread, worker_thread, content_name, allocator), | 36 : Base(name, allocator), |
| 37 certificate_(certificate), | 37 certificate_(certificate), |
| 38 secure_role_(rtc::SSL_CLIENT), | 38 secure_role_(rtc::SSL_CLIENT), |
| 39 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10) { | 39 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10) {} |
| 40 } | |
| 41 | 40 |
| 42 ~DtlsTransport() { | 41 ~DtlsTransport() { |
| 43 Base::DestroyAllChannels(); | 42 Base::DestroyAllChannels(); |
| 44 } | 43 } |
| 45 void SetCertificate_w( | 44 |
| 45 void SetLocalCertificate( |
| 46 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) override { | 46 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) override { |
| 47 DCHECK(Base::worker_thread()->IsCurrent()); | |
| 48 certificate_ = certificate; | 47 certificate_ = certificate; |
| 49 } | 48 } |
| 50 bool GetCertificate_w( | 49 bool GetLocalCertificate( |
| 51 rtc::scoped_refptr<rtc::RTCCertificate>* certificate) override { | 50 rtc::scoped_refptr<rtc::RTCCertificate>* certificate) override { |
| 52 DCHECK(Base::worker_thread()->IsCurrent()); | |
| 53 if (!certificate_) | 51 if (!certificate_) |
| 54 return false; | 52 return false; |
| 55 | 53 |
| 56 *certificate = certificate_; | 54 *certificate = certificate_; |
| 57 return true; | 55 return true; |
| 58 } | 56 } |
| 59 | 57 |
| 60 bool SetSslMaxProtocolVersion_w(rtc::SSLProtocolVersion version) override { | 58 bool SetSslMaxProtocolVersion(rtc::SSLProtocolVersion version) override { |
| 61 DCHECK(Base::worker_thread()->IsCurrent()); | |
| 62 ssl_max_version_ = version; | 59 ssl_max_version_ = version; |
| 63 return true; | 60 return true; |
| 64 } | 61 } |
| 65 | 62 |
| 66 bool ApplyLocalTransportDescription_w(TransportChannelImpl* channel, | 63 bool ApplyLocalTransportDescription(TransportChannelImpl* channel, |
| 67 std::string* error_desc) override { | 64 std::string* error_desc) override { |
| 68 DCHECK(Base::worker_thread()->IsCurrent()); | |
| 69 rtc::SSLFingerprint* local_fp = | 65 rtc::SSLFingerprint* local_fp = |
| 70 Base::local_description()->identity_fingerprint.get(); | 66 Base::local_description()->identity_fingerprint.get(); |
| 71 | 67 |
| 72 if (local_fp) { | 68 if (local_fp) { |
| 73 // Sanity check local fingerprint. | 69 // Sanity check local fingerprint. |
| 74 if (certificate_) { | 70 if (certificate_) { |
| 75 rtc::scoped_ptr<rtc::SSLFingerprint> local_fp_tmp( | 71 rtc::scoped_ptr<rtc::SSLFingerprint> local_fp_tmp( |
| 76 rtc::SSLFingerprint::Create(local_fp->algorithm, | 72 rtc::SSLFingerprint::Create(local_fp->algorithm, |
| 77 certificate_->identity())); | 73 certificate_->identity())); |
| 78 ASSERT(local_fp_tmp.get() != NULL); | 74 ASSERT(local_fp_tmp.get() != NULL); |
| 79 if (!(*local_fp_tmp == *local_fp)) { | 75 if (!(*local_fp_tmp == *local_fp)) { |
| 80 std::ostringstream desc; | 76 std::ostringstream desc; |
| 81 desc << "Local fingerprint does not match identity. Expected: "; | 77 desc << "Local fingerprint does not match identity. Expected: "; |
| 82 desc << local_fp_tmp->ToString(); | 78 desc << local_fp_tmp->ToString(); |
| 83 desc << " Got: " << local_fp->ToString(); | 79 desc << " Got: " << local_fp->ToString(); |
| 84 return BadTransportDescription(desc.str(), error_desc); | 80 return BadTransportDescription(desc.str(), error_desc); |
| 85 } | 81 } |
| 86 } else { | 82 } else { |
| 87 return BadTransportDescription( | 83 return BadTransportDescription( |
| 88 "Local fingerprint provided but no identity available.", | 84 "Local fingerprint provided but no identity available.", |
| 89 error_desc); | 85 error_desc); |
| 90 } | 86 } |
| 91 } else { | 87 } else { |
| 92 certificate_ = nullptr; | 88 certificate_ = nullptr; |
| 93 } | 89 } |
| 94 | 90 |
| 95 // TODO(hbos): SetLocalCertificate | 91 // TODO(hbos): SetLocalCertificate |
| 96 if (!channel->SetLocalIdentity( | 92 if (!channel->SetLocalIdentity(certificate_ ? certificate_->identity() |
| 97 certificate_ ? certificate_->identity() : nullptr)) { | 93 : nullptr)) { |
| 98 return BadTransportDescription("Failed to set local identity.", | 94 return BadTransportDescription("Failed to set local identity.", |
| 99 error_desc); | 95 error_desc); |
| 100 } | 96 } |
| 101 | 97 |
| 102 // Apply the description in the base class. | 98 // Apply the description in the base class. |
| 103 return Base::ApplyLocalTransportDescription_w(channel, error_desc); | 99 return Base::ApplyLocalTransportDescription(channel, error_desc); |
| 104 } | 100 } |
| 105 | 101 |
| 106 bool NegotiateTransportDescription_w(ContentAction local_role, | 102 bool NegotiateTransportDescription(ContentAction local_role, |
| 107 std::string* error_desc) override { | 103 std::string* error_desc) override { |
| 108 DCHECK(Base::worker_thread()->IsCurrent()); | |
| 109 if (!Base::local_description() || !Base::remote_description()) { | 104 if (!Base::local_description() || !Base::remote_description()) { |
| 110 const std::string msg = "Local and Remote description must be set before " | 105 const std::string msg = "Local and Remote description must be set before " |
| 111 "transport descriptions are negotiated"; | 106 "transport descriptions are negotiated"; |
| 112 return BadTransportDescription(msg, error_desc); | 107 return BadTransportDescription(msg, error_desc); |
| 113 } | 108 } |
| 114 | 109 |
| 115 rtc::SSLFingerprint* local_fp = | 110 rtc::SSLFingerprint* local_fp = |
| 116 Base::local_description()->identity_fingerprint.get(); | 111 Base::local_description()->identity_fingerprint.get(); |
| 117 rtc::SSLFingerprint* remote_fp = | 112 rtc::SSLFingerprint* remote_fp = |
| 118 Base::remote_description()->identity_fingerprint.get(); | 113 Base::remote_description()->identity_fingerprint.get(); |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 195 return BadTransportDescription( | 190 return BadTransportDescription( |
| 196 "Local fingerprint supplied when caller didn't offer DTLS.", | 191 "Local fingerprint supplied when caller didn't offer DTLS.", |
| 197 error_desc); | 192 error_desc); |
| 198 } else { | 193 } else { |
| 199 // We are not doing DTLS | 194 // We are not doing DTLS |
| 200 remote_fingerprint_.reset(new rtc::SSLFingerprint( | 195 remote_fingerprint_.reset(new rtc::SSLFingerprint( |
| 201 "", NULL, 0)); | 196 "", NULL, 0)); |
| 202 } | 197 } |
| 203 | 198 |
| 204 // Now run the negotiation for the base class. | 199 // Now run the negotiation for the base class. |
| 205 return Base::NegotiateTransportDescription_w(local_role, error_desc); | 200 return Base::NegotiateTransportDescription(local_role, error_desc); |
| 206 } | 201 } |
| 207 | 202 |
| 208 DtlsTransportChannelWrapper* CreateTransportChannel(int component) override { | 203 DtlsTransportChannelWrapper* CreateTransportChannel(int component) override { |
| 209 DtlsTransportChannelWrapper* channel = new DtlsTransportChannelWrapper( | 204 DtlsTransportChannelWrapper* channel = new DtlsTransportChannelWrapper( |
| 210 this, Base::CreateTransportChannel(component)); | 205 this, Base::CreateTransportChannel(component)); |
| 211 channel->SetSslMaxProtocolVersion(ssl_max_version_); | 206 channel->SetSslMaxProtocolVersion(ssl_max_version_); |
| 212 return channel; | 207 return channel; |
| 213 } | 208 } |
| 214 | 209 |
| 215 void DestroyTransportChannel(TransportChannelImpl* channel) override { | 210 void DestroyTransportChannel(TransportChannelImpl* channel) override { |
| 216 // Kind of ugly, but this lets us do the exact inverse of the create. | 211 // Kind of ugly, but this lets us do the exact inverse of the create. |
| 217 DtlsTransportChannelWrapper* dtls_channel = | 212 DtlsTransportChannelWrapper* dtls_channel = |
| 218 static_cast<DtlsTransportChannelWrapper*>(channel); | 213 static_cast<DtlsTransportChannelWrapper*>(channel); |
| 219 TransportChannelImpl* base_channel = dtls_channel->channel(); | 214 TransportChannelImpl* base_channel = dtls_channel->channel(); |
| 220 delete dtls_channel; | 215 delete dtls_channel; |
| 221 Base::DestroyTransportChannel(base_channel); | 216 Base::DestroyTransportChannel(base_channel); |
| 222 } | 217 } |
| 223 | 218 |
| 224 bool GetSslRole_w(rtc::SSLRole* ssl_role) const override { | 219 bool GetSslRole(rtc::SSLRole* ssl_role) const override { |
| 225 DCHECK(Base::worker_thread()->IsCurrent()); | |
| 226 ASSERT(ssl_role != NULL); | 220 ASSERT(ssl_role != NULL); |
| 227 *ssl_role = secure_role_; | 221 *ssl_role = secure_role_; |
| 228 return true; | 222 return true; |
| 229 } | 223 } |
| 230 | 224 |
| 231 private: | 225 private: |
| 232 bool ApplyNegotiatedTransportDescription_w( | 226 bool ApplyNegotiatedTransportDescription(TransportChannelImpl* channel, |
| 233 TransportChannelImpl* channel, | 227 std::string* error_desc) override { |
| 234 std::string* error_desc) override { | |
| 235 DCHECK(Base::worker_thread()->IsCurrent()); | |
| 236 // Set ssl role. Role must be set before fingerprint is applied, which | 228 // Set ssl role. Role must be set before fingerprint is applied, which |
| 237 // initiates DTLS setup. | 229 // initiates DTLS setup. |
| 238 if (!channel->SetSslRole(secure_role_)) { | 230 if (!channel->SetSslRole(secure_role_)) { |
| 239 return BadTransportDescription("Failed to set ssl role for the channel.", | 231 return BadTransportDescription("Failed to set ssl role for the channel.", |
| 240 error_desc); | 232 error_desc); |
| 241 } | 233 } |
| 242 // Apply remote fingerprint. | 234 // Apply remote fingerprint. |
| 243 if (!channel->SetRemoteFingerprint( | 235 if (!channel->SetRemoteFingerprint( |
| 244 remote_fingerprint_->algorithm, | 236 remote_fingerprint_->algorithm, |
| 245 reinterpret_cast<const uint8*>(remote_fingerprint_->digest.data()), | 237 reinterpret_cast<const uint8*>(remote_fingerprint_->digest.data()), |
| 246 remote_fingerprint_->digest.size())) { | 238 remote_fingerprint_->digest.size())) { |
| 247 return BadTransportDescription("Failed to apply remote fingerprint.", | 239 return BadTransportDescription("Failed to apply remote fingerprint.", |
| 248 error_desc); | 240 error_desc); |
| 249 } | 241 } |
| 250 return Base::ApplyNegotiatedTransportDescription_w(channel, error_desc); | 242 return Base::ApplyNegotiatedTransportDescription(channel, error_desc); |
| 251 } | 243 } |
| 252 | 244 |
| 253 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; | 245 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; |
| 254 rtc::SSLRole secure_role_; | 246 rtc::SSLRole secure_role_; |
| 255 rtc::SSLProtocolVersion ssl_max_version_; | 247 rtc::SSLProtocolVersion ssl_max_version_; |
| 256 rtc::scoped_ptr<rtc::SSLFingerprint> remote_fingerprint_; | 248 rtc::scoped_ptr<rtc::SSLFingerprint> remote_fingerprint_; |
| 257 }; | 249 }; |
| 258 | 250 |
| 259 } // namespace cricket | 251 } // namespace cricket |
| 260 | 252 |
| 261 #endif // WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ | 253 #endif // WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1246913005:
TransportController refactoring (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master