| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| 11 #include <set> | 11 #include <set> |
| 12 | 12 |
| 13 #include "webrtc/p2p/base/dtlstransport.h" | 13 #include "webrtc/p2p/base/dtlstransport.h" |
| 14 #include "webrtc/p2p/base/fakesession.h" | 14 #include "webrtc/p2p/base/faketransportcontroller.h" |
| 15 #include "webrtc/base/common.h" | 15 #include "webrtc/base/common.h" |
| 16 #include "webrtc/base/dscp.h" | 16 #include "webrtc/base/dscp.h" |
| 17 #include "webrtc/base/gunit.h" | 17 #include "webrtc/base/gunit.h" |
| 18 #include "webrtc/base/helpers.h" | 18 #include "webrtc/base/helpers.h" |
| 19 #include "webrtc/base/scoped_ptr.h" | 19 #include "webrtc/base/scoped_ptr.h" |
| 20 #include "webrtc/base/ssladapter.h" | 20 #include "webrtc/base/ssladapter.h" |
| 21 #include "webrtc/base/sslidentity.h" | 21 #include "webrtc/base/sslidentity.h" |
| 22 #include "webrtc/base/sslstreamadapter.h" | 22 #include "webrtc/base/sslstreamadapter.h" |
| 23 #include "webrtc/base/stringutils.h" | 23 #include "webrtc/base/stringutils.h" |
| 24 #include "webrtc/base/thread.h" | |
| 25 | 24 |
| 26 #define MAYBE_SKIP_TEST(feature) \ | 25 #define MAYBE_SKIP_TEST(feature) \ |
| 27 if (!(rtc::SSLStreamAdapter::feature())) { \ | 26 if (!(rtc::SSLStreamAdapter::feature())) { \ |
| 28 LOG(LS_INFO) << "Feature disabled... skipping"; \ | 27 LOG(LS_INFO) << "Feature disabled... skipping"; \ |
| 29 return; \ | 28 return; \ |
| 30 } | 29 } |
| 31 | 30 |
| 32 static const char AES_CM_128_HMAC_SHA1_80[] = "AES_CM_128_HMAC_SHA1_80"; | 31 static const char AES_CM_128_HMAC_SHA1_80[] = "AES_CM_128_HMAC_SHA1_80"; |
| 33 static const char kIceUfrag1[] = "TESTICEUFRAG0001"; | 32 static const char kIceUfrag1[] = "TESTICEUFRAG0001"; |
| 34 static const char kIcePwd1[] = "TESTICEPWD00000000000001"; | 33 static const char kIcePwd1[] = "TESTICEPWD00000000000001"; |
| 35 static const size_t kPacketNumOffset = 8; | 34 static const size_t kPacketNumOffset = 8; |
| 36 static const size_t kPacketHeaderLen = 12; | 35 static const size_t kPacketHeaderLen = 12; |
| 37 | 36 |
| 38 static bool IsRtpLeadByte(uint8 b) { | 37 static bool IsRtpLeadByte(uint8 b) { |
| 39 return ((b & 0xC0) == 0x80); | 38 return ((b & 0xC0) == 0x80); |
| 40 } | 39 } |
| 41 | 40 |
| 42 using cricket::ConnectionRole; | 41 using cricket::ConnectionRole; |
| 43 | 42 |
| 44 enum Flags { NF_REOFFER = 0x1, NF_EXPECT_FAILURE = 0x2 }; | 43 enum Flags { NF_REOFFER = 0x1, NF_EXPECT_FAILURE = 0x2 }; |
| 45 | 44 |
| 46 class DtlsTestClient : public sigslot::has_slots<> { | 45 class DtlsTestClient : public sigslot::has_slots<> { |
| 47 public: | 46 public: |
| 48 DtlsTestClient(const std::string& name, | 47 DtlsTestClient(const std::string& name) |
| 49 rtc::Thread* signaling_thread, | 48 : name_(name), |
| 50 rtc::Thread* worker_thread) : | 49 packet_size_(0), |
| 51 name_(name), | 50 use_dtls_srtp_(false), |
| 52 signaling_thread_(signaling_thread), | 51 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10), |
| 53 worker_thread_(worker_thread), | 52 negotiated_dtls_(false), |
| 54 packet_size_(0), | 53 received_dtls_client_hello_(false), |
| 55 use_dtls_srtp_(false), | 54 received_dtls_server_hello_(false) {} |
| 56 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10), | |
| 57 negotiated_dtls_(false), | |
| 58 received_dtls_client_hello_(false), | |
| 59 received_dtls_server_hello_(false) { | |
| 60 } | |
| 61 void CreateCertificate(rtc::KeyType key_type) { | 55 void CreateCertificate(rtc::KeyType key_type) { |
| 62 certificate_ = rtc::RTCCertificate::Create( | 56 certificate_ = rtc::RTCCertificate::Create( |
| 63 rtc::scoped_ptr<rtc::SSLIdentity>( | 57 rtc::scoped_ptr<rtc::SSLIdentity>( |
| 64 rtc::SSLIdentity::Generate(name_, key_type)).Pass()); | 58 rtc::SSLIdentity::Generate(name_, key_type)).Pass()); |
| 65 } | 59 } |
| 66 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate() { | 60 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate() { |
| 67 return certificate_; | 61 return certificate_; |
| 68 } | 62 } |
| 69 void SetupSrtp() { | 63 void SetupSrtp() { |
| 70 ASSERT(certificate_); | 64 ASSERT(certificate_); |
| 71 use_dtls_srtp_ = true; | 65 use_dtls_srtp_ = true; |
| 72 } | 66 } |
| 73 void SetupMaxProtocolVersion(rtc::SSLProtocolVersion version) { | 67 void SetupMaxProtocolVersion(rtc::SSLProtocolVersion version) { |
| 74 ASSERT(transport_.get() == NULL); | 68 ASSERT(!transport_); |
| 75 ssl_max_version_ = version; | 69 ssl_max_version_ = version; |
| 76 } | 70 } |
| 77 void SetupChannels(int count, cricket::IceRole role) { | 71 void SetupChannels(int count, cricket::IceRole role) { |
| 78 transport_.reset(new cricket::DtlsTransport<cricket::FakeTransport>( | 72 transport_.reset(new cricket::DtlsTransport<cricket::FakeTransport>( |
| 79 signaling_thread_, worker_thread_, "dtls content name", nullptr, | 73 "dtls content name", nullptr, certificate_)); |
| 80 certificate_)); | |
| 81 transport_->SetAsync(true); | 74 transport_->SetAsync(true); |
| 82 transport_->SetIceRole(role); | 75 transport_->SetIceRole(role); |
| 83 transport_->SetIceTiebreaker( | 76 transport_->SetIceTiebreaker( |
| 84 (role == cricket::ICEROLE_CONTROLLING) ? 1 : 2); | 77 (role == cricket::ICEROLE_CONTROLLING) ? 1 : 2); |
| 85 transport_->SignalWritableState.connect(this, | 78 transport_->SignalWritableState.connect(this, |
| 86 &DtlsTestClient::OnTransportWritableState); | 79 &DtlsTestClient::OnTransportWritableState); |
| 87 | 80 |
| 88 for (int i = 0; i < count; ++i) { | 81 for (int i = 0; i < count; ++i) { |
| 89 cricket::DtlsTransportChannelWrapper* channel = | 82 cricket::DtlsTransportChannelWrapper* channel = |
| 90 static_cast<cricket::DtlsTransportChannelWrapper*>( | 83 static_cast<cricket::DtlsTransportChannelWrapper*>( |
| (...skipping 20 matching lines...) Expand all Loading... |
| 111 static_cast<cricket::DtlsTransportChannelWrapper*>(ch); | 104 static_cast<cricket::DtlsTransportChannelWrapper*>(ch); |
| 112 return (wrapper) ? | 105 return (wrapper) ? |
| 113 static_cast<cricket::FakeTransportChannel*>(wrapper->channel()) : NULL; | 106 static_cast<cricket::FakeTransportChannel*>(wrapper->channel()) : NULL; |
| 114 } | 107 } |
| 115 | 108 |
| 116 // Offer DTLS if we have an identity; pass in a remote fingerprint only if | 109 // Offer DTLS if we have an identity; pass in a remote fingerprint only if |
| 117 // both sides support DTLS. | 110 // both sides support DTLS. |
| 118 void Negotiate(DtlsTestClient* peer, cricket::ContentAction action, | 111 void Negotiate(DtlsTestClient* peer, cricket::ContentAction action, |
| 119 ConnectionRole local_role, ConnectionRole remote_role, | 112 ConnectionRole local_role, ConnectionRole remote_role, |
| 120 int flags) { | 113 int flags) { |
| 121 Negotiate(certificate_, certificate_ ? peer->certificate_ : nullptr, | 114 Negotiate(certificate_, certificate_ ? peer->certificate_ : nullptr, action, |
| 122 action, local_role, remote_role, flags); | 115 local_role, remote_role, flags); |
| 123 } | 116 } |
| 124 | 117 |
| 125 // Allow any DTLS configuration to be specified (including invalid ones). | 118 // Allow any DTLS configuration to be specified (including invalid ones). |
| 126 void Negotiate(const rtc::scoped_refptr<rtc::RTCCertificate>& local_cert, | 119 void Negotiate(const rtc::scoped_refptr<rtc::RTCCertificate>& local_cert, |
| 127 const rtc::scoped_refptr<rtc::RTCCertificate>& remote_cert, | 120 const rtc::scoped_refptr<rtc::RTCCertificate>& remote_cert, |
| 128 cricket::ContentAction action, | 121 cricket::ContentAction action, |
| 129 ConnectionRole local_role, | 122 ConnectionRole local_role, |
| 130 ConnectionRole remote_role, | 123 ConnectionRole remote_role, |
| 131 int flags) { | 124 int flags) { |
| 132 rtc::scoped_ptr<rtc::SSLFingerprint> local_fingerprint; | 125 rtc::scoped_ptr<rtc::SSLFingerprint> local_fingerprint; |
| (...skipping 23 matching lines...) Expand all Loading... |
| 156 // SRTP ciphers will be set only in the beginning. | 149 // SRTP ciphers will be set only in the beginning. |
| 157 for (std::vector<cricket::DtlsTransportChannelWrapper*>::iterator it = | 150 for (std::vector<cricket::DtlsTransportChannelWrapper*>::iterator it = |
| 158 channels_.begin(); it != channels_.end(); ++it) { | 151 channels_.begin(); it != channels_.end(); ++it) { |
| 159 std::vector<std::string> ciphers; | 152 std::vector<std::string> ciphers; |
| 160 ciphers.push_back(AES_CM_128_HMAC_SHA1_80); | 153 ciphers.push_back(AES_CM_128_HMAC_SHA1_80); |
| 161 ASSERT_TRUE((*it)->SetSrtpCiphers(ciphers)); | 154 ASSERT_TRUE((*it)->SetSrtpCiphers(ciphers)); |
| 162 } | 155 } |
| 163 } | 156 } |
| 164 | 157 |
| 165 cricket::TransportDescription local_desc( | 158 cricket::TransportDescription local_desc( |
| 166 std::vector<std::string>(), kIceUfrag1, kIcePwd1, | 159 std::vector<std::string>(), kIceUfrag1, kIcePwd1, cricket::ICEMODE_FULL, |
| 167 cricket::ICEMODE_FULL, local_role, | 160 local_role, |
| 168 // If remote if the offerer and has no DTLS support, answer will be | 161 // If remote if the offerer and has no DTLS support, answer will be |
| 169 // without any fingerprint. | 162 // without any fingerprint. |
| 170 (action == cricket::CA_ANSWER && !remote_cert) ? | 163 (action == cricket::CA_ANSWER && !remote_cert) |
| 171 NULL : local_fingerprint.get(), | 164 ? nullptr |
| 165 : local_fingerprint.get(), |
| 172 cricket::Candidates()); | 166 cricket::Candidates()); |
| 173 | 167 |
| 174 cricket::TransportDescription remote_desc( | 168 cricket::TransportDescription remote_desc( |
| 175 std::vector<std::string>(), kIceUfrag1, kIcePwd1, | 169 std::vector<std::string>(), kIceUfrag1, kIcePwd1, cricket::ICEMODE_FULL, |
| 176 cricket::ICEMODE_FULL, remote_role, remote_fingerprint.get(), | 170 remote_role, remote_fingerprint.get(), cricket::Candidates()); |
| 177 cricket::Candidates()); | |
| 178 | 171 |
| 179 bool expect_success = (flags & NF_EXPECT_FAILURE) ? false : true; | 172 bool expect_success = (flags & NF_EXPECT_FAILURE) ? false : true; |
| 180 // If |expect_success| is false, expect SRTD or SLTD to fail when | 173 // If |expect_success| is false, expect SRTD or SLTD to fail when |
| 181 // content action is CA_ANSWER. | 174 // content action is CA_ANSWER. |
| 182 if (action == cricket::CA_OFFER) { | 175 if (action == cricket::CA_OFFER) { |
| 183 ASSERT_TRUE(transport_->SetLocalTransportDescription( | 176 ASSERT_TRUE(transport_->SetLocalTransportDescription( |
| 184 local_desc, cricket::CA_OFFER, NULL)); | 177 local_desc, cricket::CA_OFFER, NULL)); |
| 185 ASSERT_EQ(expect_success, transport_->SetRemoteTransportDescription( | 178 ASSERT_EQ(expect_success, transport_->SetRemoteTransportDescription( |
| 186 remote_desc, cricket::CA_ANSWER, NULL)); | 179 remote_desc, cricket::CA_ANSWER, NULL)); |
| 187 } else { | 180 } else { |
| 188 ASSERT_TRUE(transport_->SetRemoteTransportDescription( | 181 ASSERT_TRUE(transport_->SetRemoteTransportDescription( |
| 189 remote_desc, cricket::CA_OFFER, NULL)); | 182 remote_desc, cricket::CA_OFFER, NULL)); |
| 190 ASSERT_EQ(expect_success, transport_->SetLocalTransportDescription( | 183 ASSERT_EQ(expect_success, transport_->SetLocalTransportDescription( |
| 191 local_desc, cricket::CA_ANSWER, NULL)); | 184 local_desc, cricket::CA_ANSWER, NULL)); |
| 192 } | 185 } |
| 193 negotiated_dtls_ = (local_cert && remote_cert); | 186 negotiated_dtls_ = (local_cert && remote_cert); |
| 194 } | 187 } |
| 195 | 188 |
| 196 bool Connect(DtlsTestClient* peer) { | 189 bool Connect(DtlsTestClient* peer) { |
| 197 transport_->ConnectChannels(); | 190 transport_->ConnectChannels(); |
| 198 transport_->SetDestination(peer->transport_.get()); | 191 transport_->SetDestination(peer->transport_.get()); |
| 199 return true; | 192 return true; |
| 200 } | 193 } |
| 201 | 194 |
| 202 bool writable() const { return transport_->writable(); } | 195 bool all_channels_writable() const { |
| 196 return transport_->all_channels_writable(); |
| 197 } |
| 203 | 198 |
| 204 void CheckRole(rtc::SSLRole role) { | 199 void CheckRole(rtc::SSLRole role) { |
| 205 if (role == rtc::SSL_CLIENT) { | 200 if (role == rtc::SSL_CLIENT) { |
| 206 ASSERT_FALSE(received_dtls_client_hello_); | 201 ASSERT_FALSE(received_dtls_client_hello_); |
| 207 ASSERT_TRUE(received_dtls_server_hello_); | 202 ASSERT_TRUE(received_dtls_server_hello_); |
| 208 } else { | 203 } else { |
| 209 ASSERT_TRUE(received_dtls_client_hello_); | 204 ASSERT_TRUE(received_dtls_client_hello_); |
| 210 ASSERT_FALSE(received_dtls_server_hello_); | 205 ASSERT_FALSE(received_dtls_server_hello_); |
| 211 } | 206 } |
| 212 } | 207 } |
| (...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 330 } | 325 } |
| 331 | 326 |
| 332 void OnTransportChannelReadPacket(cricket::TransportChannel* channel, | 327 void OnTransportChannelReadPacket(cricket::TransportChannel* channel, |
| 333 const char* data, size_t size, | 328 const char* data, size_t size, |
| 334 const rtc::PacketTime& packet_time, | 329 const rtc::PacketTime& packet_time, |
| 335 int flags) { | 330 int flags) { |
| 336 uint32 packet_num = 0; | 331 uint32 packet_num = 0; |
| 337 ASSERT_TRUE(VerifyPacket(data, size, &packet_num)); | 332 ASSERT_TRUE(VerifyPacket(data, size, &packet_num)); |
| 338 received_.insert(packet_num); | 333 received_.insert(packet_num); |
| 339 // Only DTLS-SRTP packets should have the bypass flag set. | 334 // Only DTLS-SRTP packets should have the bypass flag set. |
| 340 int expected_flags = (certificate_ && IsRtpLeadByte(data[0])) ? | 335 int expected_flags = |
| 341 cricket::PF_SRTP_BYPASS : 0; | 336 (certificate_ && IsRtpLeadByte(data[0])) ? cricket::PF_SRTP_BYPASS : 0; |
| 342 ASSERT_EQ(expected_flags, flags); | 337 ASSERT_EQ(expected_flags, flags); |
| 343 } | 338 } |
| 344 | 339 |
| 345 // Hook into the raw packet stream to make sure DTLS packets are encrypted. | 340 // Hook into the raw packet stream to make sure DTLS packets are encrypted. |
| 346 void OnFakeTransportChannelReadPacket(cricket::TransportChannel* channel, | 341 void OnFakeTransportChannelReadPacket(cricket::TransportChannel* channel, |
| 347 const char* data, size_t size, | 342 const char* data, size_t size, |
| 348 const rtc::PacketTime& time, | 343 const rtc::PacketTime& time, |
| 349 int flags) { | 344 int flags) { |
| 350 // Flags shouldn't be set on the underlying TransportChannel packets. | 345 // Flags shouldn't be set on the underlying TransportChannel packets. |
| 351 ASSERT_EQ(0, flags); | 346 ASSERT_EQ(0, flags); |
| (...skipping 13 matching lines...) Expand all Loading... |
| 365 ASSERT_TRUE(VerifyEncryptedPacket(data, size)); | 360 ASSERT_TRUE(VerifyEncryptedPacket(data, size)); |
| 366 } else if (IsRtpLeadByte(data[0])) { | 361 } else if (IsRtpLeadByte(data[0])) { |
| 367 ASSERT_TRUE(VerifyPacket(data, size, NULL)); | 362 ASSERT_TRUE(VerifyPacket(data, size, NULL)); |
| 368 } | 363 } |
| 369 } | 364 } |
| 370 } | 365 } |
| 371 } | 366 } |
| 372 | 367 |
| 373 private: | 368 private: |
| 374 std::string name_; | 369 std::string name_; |
| 375 rtc::Thread* signaling_thread_; | |
| 376 rtc::Thread* worker_thread_; | |
| 377 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; | 370 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; |
| 378 rtc::scoped_ptr<cricket::FakeTransport> transport_; | 371 rtc::scoped_ptr<cricket::FakeTransport> transport_; |
| 379 std::vector<cricket::DtlsTransportChannelWrapper*> channels_; | 372 std::vector<cricket::DtlsTransportChannelWrapper*> channels_; |
| 380 size_t packet_size_; | 373 size_t packet_size_; |
| 381 std::set<int> received_; | 374 std::set<int> received_; |
| 382 bool use_dtls_srtp_; | 375 bool use_dtls_srtp_; |
| 383 rtc::SSLProtocolVersion ssl_max_version_; | 376 rtc::SSLProtocolVersion ssl_max_version_; |
| 384 bool negotiated_dtls_; | 377 bool negotiated_dtls_; |
| 385 bool received_dtls_client_hello_; | 378 bool received_dtls_client_hello_; |
| 386 bool received_dtls_server_hello_; | 379 bool received_dtls_server_hello_; |
| 387 }; | 380 }; |
| 388 | 381 |
| 389 | 382 |
| 390 class DtlsTransportChannelTest : public testing::Test { | 383 class DtlsTransportChannelTest : public testing::Test { |
| 391 public: | 384 public: |
| 392 DtlsTransportChannelTest() : | 385 DtlsTransportChannelTest() |
| 393 client1_("P1", rtc::Thread::Current(), | 386 : client1_("P1"), |
| 394 rtc::Thread::Current()), | 387 client2_("P2"), |
| 395 client2_("P2", rtc::Thread::Current(), | 388 channel_ct_(1), |
| 396 rtc::Thread::Current()), | 389 use_dtls_(false), |
| 397 channel_ct_(1), | 390 use_dtls_srtp_(false), |
| 398 use_dtls_(false), | 391 ssl_expected_version_(rtc::SSL_PROTOCOL_DTLS_10) {} |
| 399 use_dtls_srtp_(false), | |
| 400 ssl_expected_version_(rtc::SSL_PROTOCOL_DTLS_10) { | |
| 401 } | |
| 402 | 392 |
| 403 void SetChannelCount(size_t channel_ct) { | 393 void SetChannelCount(size_t channel_ct) { |
| 404 channel_ct_ = static_cast<int>(channel_ct); | 394 channel_ct_ = static_cast<int>(channel_ct); |
| 405 } | 395 } |
| 406 void SetMaxProtocolVersions(rtc::SSLProtocolVersion c1, | 396 void SetMaxProtocolVersions(rtc::SSLProtocolVersion c1, |
| 407 rtc::SSLProtocolVersion c2) { | 397 rtc::SSLProtocolVersion c2) { |
| 408 client1_.SetupMaxProtocolVersion(c1); | 398 client1_.SetupMaxProtocolVersion(c1); |
| 409 client2_.SetupMaxProtocolVersion(c2); | 399 client2_.SetupMaxProtocolVersion(c2); |
| 410 ssl_expected_version_ = std::min(c1, c2); | 400 ssl_expected_version_ = std::min(c1, c2); |
| 411 } | 401 } |
| (...skipping 21 matching lines...) Expand all Loading... |
| 433 } | 423 } |
| 434 | 424 |
| 435 bool Connect(ConnectionRole client1_role, ConnectionRole client2_role) { | 425 bool Connect(ConnectionRole client1_role, ConnectionRole client2_role) { |
| 436 Negotiate(client1_role, client2_role); | 426 Negotiate(client1_role, client2_role); |
| 437 | 427 |
| 438 bool rv = client1_.Connect(&client2_); | 428 bool rv = client1_.Connect(&client2_); |
| 439 EXPECT_TRUE(rv); | 429 EXPECT_TRUE(rv); |
| 440 if (!rv) | 430 if (!rv) |
| 441 return false; | 431 return false; |
| 442 | 432 |
| 443 EXPECT_TRUE_WAIT(client1_.writable() && client2_.writable(), 10000); | 433 EXPECT_TRUE_WAIT( |
| 444 if (!client1_.writable() || !client2_.writable()) | 434 client1_.all_channels_writable() && client2_.all_channels_writable(), |
| 435 10000); |
| 436 if (!client1_.all_channels_writable() || !client2_.all_channels_writable()) |
| 445 return false; | 437 return false; |
| 446 | 438 |
| 447 // Check that we used the right roles. | 439 // Check that we used the right roles. |
| 448 if (use_dtls_) { | 440 if (use_dtls_) { |
| 449 rtc::SSLRole client1_ssl_role = | 441 rtc::SSLRole client1_ssl_role = |
| 450 (client1_role == cricket::CONNECTIONROLE_ACTIVE || | 442 (client1_role == cricket::CONNECTIONROLE_ACTIVE || |
| 451 (client2_role == cricket::CONNECTIONROLE_PASSIVE && | 443 (client2_role == cricket::CONNECTIONROLE_PASSIVE && |
| 452 client1_role == cricket::CONNECTIONROLE_ACTPASS)) ? | 444 client1_role == cricket::CONNECTIONROLE_ACTPASS)) ? |
| 453 rtc::SSL_CLIENT : rtc::SSL_SERVER; | 445 rtc::SSL_CLIENT : rtc::SSL_SERVER; |
| 454 | 446 |
| (...skipping 356 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 811 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 803 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 812 SetChannelCount(2); | 804 SetChannelCount(2); |
| 813 PrepareDtls(true, true, rtc::KT_DEFAULT); | 805 PrepareDtls(true, true, rtc::KT_DEFAULT); |
| 814 PrepareDtlsSrtp(true, true); | 806 PrepareDtlsSrtp(true, true); |
| 815 Negotiate(); | 807 Negotiate(); |
| 816 | 808 |
| 817 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, | 809 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, |
| 818 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); | 810 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); |
| 819 bool rv = client1_.Connect(&client2_); | 811 bool rv = client1_.Connect(&client2_); |
| 820 EXPECT_TRUE(rv); | 812 EXPECT_TRUE(rv); |
| 821 EXPECT_TRUE_WAIT(client1_.writable() && client2_.writable(), 10000); | 813 EXPECT_TRUE_WAIT( |
| 814 client1_.all_channels_writable() && client2_.all_channels_writable(), |
| 815 10000); |
| 822 | 816 |
| 823 TestTransfer(0, 1000, 100, true); | 817 TestTransfer(0, 1000, 100, true); |
| 824 TestTransfer(1, 1000, 100, true); | 818 TestTransfer(1, 1000, 100, true); |
| 825 } | 819 } |
| 826 | 820 |
| 827 // Test Certificates state after negotiation but before connection. | 821 // Test Certificates state after negotiation but before connection. |
| 828 TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) { | 822 TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) { |
| 829 MAYBE_SKIP_TEST(HaveDtls); | 823 MAYBE_SKIP_TEST(HaveDtls); |
| 830 PrepareDtls(true, true, rtc::KT_DEFAULT); | 824 PrepareDtls(true, true, rtc::KT_DEFAULT); |
| 831 Negotiate(); | 825 Negotiate(); |
| 832 | 826 |
| 833 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; | 827 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; |
| 834 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; | 828 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; |
| 835 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; | 829 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; |
| 836 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; | 830 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; |
| 837 | 831 |
| 838 // After negotiation, each side has a distinct local certificate, but still no | 832 // After negotiation, each side has a distinct local certificate, but still no |
| 839 // remote certificate, because connection has not yet occurred. | 833 // remote certificate, because connection has not yet occurred. |
| 840 ASSERT_TRUE(client1_.transport()->GetCertificate(&certificate1)); | 834 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); |
| 841 ASSERT_TRUE(client2_.transport()->GetCertificate(&certificate2)); | 835 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); |
| 842 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), | 836 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), |
| 843 certificate2->ssl_certificate().ToPEMString()); | 837 certificate2->ssl_certificate().ToPEMString()); |
| 844 ASSERT_FALSE( | 838 ASSERT_FALSE( |
| 845 client1_.transport()->GetRemoteCertificate(remote_cert1.accept())); | 839 client1_.transport()->GetRemoteCertificate(remote_cert1.accept())); |
| 846 ASSERT_FALSE(remote_cert1 != NULL); | 840 ASSERT_FALSE(remote_cert1 != NULL); |
| 847 ASSERT_FALSE( | 841 ASSERT_FALSE( |
| 848 client2_.transport()->GetRemoteCertificate(remote_cert2.accept())); | 842 client2_.transport()->GetRemoteCertificate(remote_cert2.accept())); |
| 849 ASSERT_FALSE(remote_cert2 != NULL); | 843 ASSERT_FALSE(remote_cert2 != NULL); |
| 850 } | 844 } |
| 851 | 845 |
| 852 // Test Certificates state after connection. | 846 // Test Certificates state after connection. |
| 853 TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { | 847 TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { |
| 854 MAYBE_SKIP_TEST(HaveDtls); | 848 MAYBE_SKIP_TEST(HaveDtls); |
| 855 PrepareDtls(true, true, rtc::KT_DEFAULT); | 849 PrepareDtls(true, true, rtc::KT_DEFAULT); |
| 856 ASSERT_TRUE(Connect()); | 850 ASSERT_TRUE(Connect()); |
| 857 | 851 |
| 858 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; | 852 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; |
| 859 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; | 853 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; |
| 860 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; | 854 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; |
| 861 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; | 855 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; |
| 862 | 856 |
| 863 // After connection, each side has a distinct local certificate. | 857 // After connection, each side has a distinct local certificate. |
| 864 ASSERT_TRUE(client1_.transport()->GetCertificate(&certificate1)); | 858 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); |
| 865 ASSERT_TRUE(client2_.transport()->GetCertificate(&certificate2)); | 859 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); |
| 866 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), | 860 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), |
| 867 certificate2->ssl_certificate().ToPEMString()); | 861 certificate2->ssl_certificate().ToPEMString()); |
| 868 | 862 |
| 869 // Each side's remote certificate is the other side's local certificate. | 863 // Each side's remote certificate is the other side's local certificate. |
| 870 ASSERT_TRUE( | 864 ASSERT_TRUE( |
| 871 client1_.transport()->GetRemoteCertificate(remote_cert1.accept())); | 865 client1_.transport()->GetRemoteCertificate(remote_cert1.accept())); |
| 872 ASSERT_EQ(remote_cert1->ToPEMString(), | 866 ASSERT_EQ(remote_cert1->ToPEMString(), |
| 873 certificate2->ssl_certificate().ToPEMString()); | 867 certificate2->ssl_certificate().ToPEMString()); |
| 874 ASSERT_TRUE( | 868 ASSERT_TRUE( |
| 875 client2_.transport()->GetRemoteCertificate(remote_cert2.accept())); | 869 client2_.transport()->GetRemoteCertificate(remote_cert2.accept())); |
| 876 ASSERT_EQ(remote_cert2->ToPEMString(), | 870 ASSERT_EQ(remote_cert2->ToPEMString(), |
| 877 certificate1->ssl_certificate().ToPEMString()); | 871 certificate1->ssl_certificate().ToPEMString()); |
| 878 } | 872 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1246913005:
TransportController refactoring (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master