| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 272 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 283 ssl_(NULL), ssl_ctx_(NULL), | 283 ssl_(NULL), ssl_ctx_(NULL), |
| 284 custom_verification_succeeded_(false), | 284 custom_verification_succeeded_(false), |
| 285 ssl_mode_(SSL_MODE_TLS), | 285 ssl_mode_(SSL_MODE_TLS), |
| 286 ssl_max_version_(SSL_PROTOCOL_TLS_11) { | 286 ssl_max_version_(SSL_PROTOCOL_TLS_11) { |
| 287 } | 287 } |
| 288 | 288 |
| 289 OpenSSLStreamAdapter::~OpenSSLStreamAdapter() { | 289 OpenSSLStreamAdapter::~OpenSSLStreamAdapter() { |
| 290 Cleanup(); | 290 Cleanup(); |
| 291 } | 291 } |
| 292 | 292 |
| 293 void OpenSSLStreamAdapter::SetIdentity(SSLIdentity* identity) { | 293 void OpenSSLStreamAdapter::SetCertificate( |
| 294 ASSERT(!identity_); | 294 const scoped_refptr<webrtc::DtlsCertificate>& certificate) { |
| 295 identity_.reset(static_cast<OpenSSLIdentity*>(identity)); | 295 ASSERT(!certificate_.get()); |
| 296 certificate_ = certificate; |
| 296 } | 297 } |
| 297 | 298 |
| 298 void OpenSSLStreamAdapter::SetServerRole(SSLRole role) { | 299 void OpenSSLStreamAdapter::SetServerRole(SSLRole role) { |
| 299 role_ = role; | 300 role_ = role; |
| 300 } | 301 } |
| 301 | 302 |
| 302 bool OpenSSLStreamAdapter::GetPeerCertificate(SSLCertificate** cert) const { | 303 bool OpenSSLStreamAdapter::GetPeerCertificate(SSLCertificate** cert) const { |
| 303 if (!peer_certificate_) | 304 if (!peer_certificate_) |
| 304 return false; | 305 return false; |
| 305 | 306 |
| (...skipping 556 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 862 << SSL_get_error(ssl_, ret); | 863 << SSL_get_error(ssl_, ret); |
| 863 } | 864 } |
| 864 | 865 |
| 865 SSL_free(ssl_); | 866 SSL_free(ssl_); |
| 866 ssl_ = NULL; | 867 ssl_ = NULL; |
| 867 } | 868 } |
| 868 if (ssl_ctx_) { | 869 if (ssl_ctx_) { |
| 869 SSL_CTX_free(ssl_ctx_); | 870 SSL_CTX_free(ssl_ctx_); |
| 870 ssl_ctx_ = NULL; | 871 ssl_ctx_ = NULL; |
| 871 } | 872 } |
| 872 identity_.reset(); | 873 certificate_ = nullptr; |
| 873 peer_certificate_.reset(); | 874 peer_certificate_.reset(); |
| 874 | 875 |
| 875 // Clear the DTLS timer | 876 // Clear the DTLS timer |
| 876 Thread::Current()->Clear(this, MSG_TIMEOUT); | 877 Thread::Current()->Clear(this, MSG_TIMEOUT); |
| 877 } | 878 } |
| 878 | 879 |
| 879 | 880 |
| 880 void OpenSSLStreamAdapter::OnMessage(Message* msg) { | 881 void OpenSSLStreamAdapter::OnMessage(Message* msg) { |
| 881 // Process our own messages and then pass others to the superclass | 882 // Process our own messages and then pass others to the superclass |
| 882 if (MSG_TIMEOUT == msg->message_id) { | 883 if (MSG_TIMEOUT == msg->message_id) { |
| (...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 970 DTLS1_VERSION : TLS1_1_VERSION); | 971 DTLS1_VERSION : TLS1_1_VERSION); |
| 971 break; | 972 break; |
| 972 case SSL_PROTOCOL_TLS_12: | 973 case SSL_PROTOCOL_TLS_12: |
| 973 default: | 974 default: |
| 974 SSL_CTX_set_max_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? | 975 SSL_CTX_set_max_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? |
| 975 DTLS1_2_VERSION : TLS1_2_VERSION); | 976 DTLS1_2_VERSION : TLS1_2_VERSION); |
| 976 break; | 977 break; |
| 977 } | 978 } |
| 978 #endif | 979 #endif |
| 979 | 980 |
| 980 if (identity_ && !identity_->ConfigureIdentity(ctx)) { | 981 if (certificate_.get() && |
| 982 !static_cast<OpenSSLIdentity*>(certificate_->identity()) |
| 983 ->ConfigureIdentity(ctx)) { |
| 981 SSL_CTX_free(ctx); | 984 SSL_CTX_free(ctx); |
| 982 return NULL; | 985 return NULL; |
| 983 } | 986 } |
| 984 | 987 |
| 985 #ifdef _DEBUG | 988 #ifdef _DEBUG |
| 986 SSL_CTX_set_info_callback(ctx, OpenSSLAdapter::SSLInfoCallback); | 989 SSL_CTX_set_info_callback(ctx, OpenSSLAdapter::SSLInfoCallback); |
| 987 #endif | 990 #endif |
| 988 | 991 |
| 989 int mode = SSL_VERIFY_PEER; | 992 int mode = SSL_VERIFY_PEER; |
| 990 if (client_auth_enabled()) { | 993 if (client_auth_enabled()) { |
| (...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1133 } | 1136 } |
| 1134 #else // !OPENSSL_IS_BORINGSSL | 1137 #else // !OPENSSL_IS_BORINGSSL |
| 1135 return kDefaultSslCipher12; | 1138 return kDefaultSslCipher12; |
| 1136 #endif | 1139 #endif |
| 1137 } | 1140 } |
| 1138 } | 1141 } |
| 1139 | 1142 |
| 1140 } // namespace rtc | 1143 } // namespace rtc |
| 1141 | 1144 |
| 1142 #endif // HAVE_OPENSSL_SSL_H | 1145 #endif // HAVE_OPENSSL_SSL_H |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1269843005:
Added DtlsCertificate, a ref counted object owning an SSLIdentity (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master