OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
11 #ifndef WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ | 11 #ifndef WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ |
12 #define WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ | 12 #define WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ |
13 | 13 |
14 #include "webrtc/base/checks.h" | |
15 #include "webrtc/p2p/base/dtlstransportchannel.h" | 14 #include "webrtc/p2p/base/dtlstransportchannel.h" |
16 #include "webrtc/p2p/base/transport.h" | 15 #include "webrtc/p2p/base/transport.h" |
17 | 16 |
18 namespace rtc { | 17 namespace rtc { |
19 class SSLIdentity; | 18 class SSLIdentity; |
20 } | 19 } |
21 | 20 |
22 namespace cricket { | 21 namespace cricket { |
23 | 22 |
24 class PortAllocator; | 23 class PortAllocator; |
25 | 24 |
26 // Base should be a descendant of cricket::Transport | 25 // Base should be a descendant of cricket::Transport and have a constructor |
27 // TODO(hbos): Add appropriate RTC_DCHECK thread checks to all methods. | 26 // that takes a transport name and PortAllocator. |
| 27 // |
| 28 // Everything in this class should be called on the worker thread. |
28 template<class Base> | 29 template<class Base> |
29 class DtlsTransport : public Base { | 30 class DtlsTransport : public Base { |
30 public: | 31 public: |
31 DtlsTransport(rtc::Thread* signaling_thread, | 32 DtlsTransport(const std::string& name, |
32 rtc::Thread* worker_thread, | |
33 const std::string& content_name, | |
34 PortAllocator* allocator, | 33 PortAllocator* allocator, |
35 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) | 34 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) |
36 : Base(signaling_thread, worker_thread, content_name, allocator), | 35 : Base(name, allocator), |
37 certificate_(certificate), | 36 certificate_(certificate), |
38 secure_role_(rtc::SSL_CLIENT), | 37 secure_role_(rtc::SSL_CLIENT), |
39 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10) { | 38 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10) {} |
40 } | |
41 | 39 |
42 ~DtlsTransport() { | 40 ~DtlsTransport() { |
43 Base::DestroyAllChannels(); | 41 Base::DestroyAllChannels(); |
44 } | 42 } |
45 void SetCertificate_w( | 43 |
| 44 void SetLocalCertificate( |
46 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) override { | 45 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) override { |
47 RTC_DCHECK(Base::worker_thread()->IsCurrent()); | |
48 certificate_ = certificate; | 46 certificate_ = certificate; |
49 } | 47 } |
50 bool GetCertificate_w( | 48 bool GetLocalCertificate( |
51 rtc::scoped_refptr<rtc::RTCCertificate>* certificate) override { | 49 rtc::scoped_refptr<rtc::RTCCertificate>* certificate) override { |
52 RTC_DCHECK(Base::worker_thread()->IsCurrent()); | |
53 if (!certificate_) | 50 if (!certificate_) |
54 return false; | 51 return false; |
55 | 52 |
56 *certificate = certificate_; | 53 *certificate = certificate_; |
57 return true; | 54 return true; |
58 } | 55 } |
59 | 56 |
60 bool SetSslMaxProtocolVersion_w(rtc::SSLProtocolVersion version) override { | 57 bool SetSslMaxProtocolVersion(rtc::SSLProtocolVersion version) override { |
61 RTC_DCHECK(Base::worker_thread()->IsCurrent()); | |
62 ssl_max_version_ = version; | 58 ssl_max_version_ = version; |
63 return true; | 59 return true; |
64 } | 60 } |
65 | 61 |
66 bool ApplyLocalTransportDescription_w(TransportChannelImpl* channel, | 62 bool ApplyLocalTransportDescription(TransportChannelImpl* channel, |
67 std::string* error_desc) override { | 63 std::string* error_desc) override { |
68 RTC_DCHECK(Base::worker_thread()->IsCurrent()); | |
69 rtc::SSLFingerprint* local_fp = | 64 rtc::SSLFingerprint* local_fp = |
70 Base::local_description()->identity_fingerprint.get(); | 65 Base::local_description()->identity_fingerprint.get(); |
71 | 66 |
72 if (local_fp) { | 67 if (local_fp) { |
73 // Sanity check local fingerprint. | 68 // Sanity check local fingerprint. |
74 if (certificate_) { | 69 if (certificate_) { |
75 rtc::scoped_ptr<rtc::SSLFingerprint> local_fp_tmp( | 70 rtc::scoped_ptr<rtc::SSLFingerprint> local_fp_tmp( |
76 rtc::SSLFingerprint::Create(local_fp->algorithm, | 71 rtc::SSLFingerprint::Create(local_fp->algorithm, |
77 certificate_->identity())); | 72 certificate_->identity())); |
78 ASSERT(local_fp_tmp.get() != NULL); | 73 ASSERT(local_fp_tmp.get() != NULL); |
(...skipping 12 matching lines...) Expand all Loading... |
91 } else { | 86 } else { |
92 certificate_ = nullptr; | 87 certificate_ = nullptr; |
93 } | 88 } |
94 | 89 |
95 if (!channel->SetLocalCertificate(certificate_)) { | 90 if (!channel->SetLocalCertificate(certificate_)) { |
96 return BadTransportDescription("Failed to set local identity.", | 91 return BadTransportDescription("Failed to set local identity.", |
97 error_desc); | 92 error_desc); |
98 } | 93 } |
99 | 94 |
100 // Apply the description in the base class. | 95 // Apply the description in the base class. |
101 return Base::ApplyLocalTransportDescription_w(channel, error_desc); | 96 return Base::ApplyLocalTransportDescription(channel, error_desc); |
102 } | 97 } |
103 | 98 |
104 bool NegotiateTransportDescription_w(ContentAction local_role, | 99 bool NegotiateTransportDescription(ContentAction local_role, |
105 std::string* error_desc) override { | 100 std::string* error_desc) override { |
106 RTC_DCHECK(Base::worker_thread()->IsCurrent()); | |
107 if (!Base::local_description() || !Base::remote_description()) { | 101 if (!Base::local_description() || !Base::remote_description()) { |
108 const std::string msg = "Local and Remote description must be set before " | 102 const std::string msg = "Local and Remote description must be set before " |
109 "transport descriptions are negotiated"; | 103 "transport descriptions are negotiated"; |
110 return BadTransportDescription(msg, error_desc); | 104 return BadTransportDescription(msg, error_desc); |
111 } | 105 } |
112 | 106 |
113 rtc::SSLFingerprint* local_fp = | 107 rtc::SSLFingerprint* local_fp = |
114 Base::local_description()->identity_fingerprint.get(); | 108 Base::local_description()->identity_fingerprint.get(); |
115 rtc::SSLFingerprint* remote_fp = | 109 rtc::SSLFingerprint* remote_fp = |
116 Base::remote_description()->identity_fingerprint.get(); | 110 Base::remote_description()->identity_fingerprint.get(); |
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
193 return BadTransportDescription( | 187 return BadTransportDescription( |
194 "Local fingerprint supplied when caller didn't offer DTLS.", | 188 "Local fingerprint supplied when caller didn't offer DTLS.", |
195 error_desc); | 189 error_desc); |
196 } else { | 190 } else { |
197 // We are not doing DTLS | 191 // We are not doing DTLS |
198 remote_fingerprint_.reset(new rtc::SSLFingerprint( | 192 remote_fingerprint_.reset(new rtc::SSLFingerprint( |
199 "", NULL, 0)); | 193 "", NULL, 0)); |
200 } | 194 } |
201 | 195 |
202 // Now run the negotiation for the base class. | 196 // Now run the negotiation for the base class. |
203 return Base::NegotiateTransportDescription_w(local_role, error_desc); | 197 return Base::NegotiateTransportDescription(local_role, error_desc); |
204 } | 198 } |
205 | 199 |
206 DtlsTransportChannelWrapper* CreateTransportChannel(int component) override { | 200 DtlsTransportChannelWrapper* CreateTransportChannel(int component) override { |
207 DtlsTransportChannelWrapper* channel = new DtlsTransportChannelWrapper( | 201 DtlsTransportChannelWrapper* channel = new DtlsTransportChannelWrapper( |
208 this, Base::CreateTransportChannel(component)); | 202 this, Base::CreateTransportChannel(component)); |
209 channel->SetSslMaxProtocolVersion(ssl_max_version_); | 203 channel->SetSslMaxProtocolVersion(ssl_max_version_); |
210 return channel; | 204 return channel; |
211 } | 205 } |
212 | 206 |
213 void DestroyTransportChannel(TransportChannelImpl* channel) override { | 207 void DestroyTransportChannel(TransportChannelImpl* channel) override { |
214 // Kind of ugly, but this lets us do the exact inverse of the create. | 208 // Kind of ugly, but this lets us do the exact inverse of the create. |
215 DtlsTransportChannelWrapper* dtls_channel = | 209 DtlsTransportChannelWrapper* dtls_channel = |
216 static_cast<DtlsTransportChannelWrapper*>(channel); | 210 static_cast<DtlsTransportChannelWrapper*>(channel); |
217 TransportChannelImpl* base_channel = dtls_channel->channel(); | 211 TransportChannelImpl* base_channel = dtls_channel->channel(); |
218 delete dtls_channel; | 212 delete dtls_channel; |
219 Base::DestroyTransportChannel(base_channel); | 213 Base::DestroyTransportChannel(base_channel); |
220 } | 214 } |
221 | 215 |
222 bool GetSslRole_w(rtc::SSLRole* ssl_role) const override { | 216 bool GetSslRole(rtc::SSLRole* ssl_role) const override { |
223 RTC_DCHECK(Base::worker_thread()->IsCurrent()); | |
224 ASSERT(ssl_role != NULL); | 217 ASSERT(ssl_role != NULL); |
225 *ssl_role = secure_role_; | 218 *ssl_role = secure_role_; |
226 return true; | 219 return true; |
227 } | 220 } |
228 | 221 |
229 private: | 222 private: |
230 bool ApplyNegotiatedTransportDescription_w( | 223 bool ApplyNegotiatedTransportDescription(TransportChannelImpl* channel, |
231 TransportChannelImpl* channel, | 224 std::string* error_desc) override { |
232 std::string* error_desc) override { | |
233 RTC_DCHECK(Base::worker_thread()->IsCurrent()); | |
234 // Set ssl role. Role must be set before fingerprint is applied, which | 225 // Set ssl role. Role must be set before fingerprint is applied, which |
235 // initiates DTLS setup. | 226 // initiates DTLS setup. |
236 if (!channel->SetSslRole(secure_role_)) { | 227 if (!channel->SetSslRole(secure_role_)) { |
237 return BadTransportDescription("Failed to set ssl role for the channel.", | 228 return BadTransportDescription("Failed to set ssl role for the channel.", |
238 error_desc); | 229 error_desc); |
239 } | 230 } |
240 // Apply remote fingerprint. | 231 // Apply remote fingerprint. |
241 if (!channel->SetRemoteFingerprint( | 232 if (!channel->SetRemoteFingerprint( |
242 remote_fingerprint_->algorithm, | 233 remote_fingerprint_->algorithm, |
243 reinterpret_cast<const uint8*>(remote_fingerprint_->digest.data()), | 234 reinterpret_cast<const uint8*>(remote_fingerprint_->digest.data()), |
244 remote_fingerprint_->digest.size())) { | 235 remote_fingerprint_->digest.size())) { |
245 return BadTransportDescription("Failed to apply remote fingerprint.", | 236 return BadTransportDescription("Failed to apply remote fingerprint.", |
246 error_desc); | 237 error_desc); |
247 } | 238 } |
248 return Base::ApplyNegotiatedTransportDescription_w(channel, error_desc); | 239 return Base::ApplyNegotiatedTransportDescription(channel, error_desc); |
249 } | 240 } |
250 | 241 |
251 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; | 242 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; |
252 rtc::SSLRole secure_role_; | 243 rtc::SSLRole secure_role_; |
253 rtc::SSLProtocolVersion ssl_max_version_; | 244 rtc::SSLProtocolVersion ssl_max_version_; |
254 rtc::scoped_ptr<rtc::SSLFingerprint> remote_fingerprint_; | 245 rtc::scoped_ptr<rtc::SSLFingerprint> remote_fingerprint_; |
255 }; | 246 }; |
256 | 247 |
257 } // namespace cricket | 248 } // namespace cricket |
258 | 249 |
259 #endif // WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ | 250 #endif // WEBRTC_P2P_BASE_DTLSTRANSPORT_H_ |
OLD | NEW |