Added DtlsCertificate, a ref counted object owning an SSLIdentity

talk/app/webrtc/webrtcsession.cc

Index: talk/app/webrtc/webrtcsession.cc
diff --git a/talk/app/webrtc/webrtcsession.cc b/talk/app/webrtc/webrtcsession.cc
index c37eadb8a82ceb0cc48f401ab0256957ed9f21f1..1f48055ce0b00efc00e221552e60f840aa1ad493 100644
--- a/talk/app/webrtc/webrtcsession.cc
+++ b/talk/app/webrtc/webrtcsession.cc
@@ -517,14 +517,95 @@ WebRtcSession::~WebRtcSession() {
   for (size_t i = 0; i < saved_candidates_.size(); ++i) {
     delete saved_candidates_[i];
   }
-  delete identity();
 }
 
 bool WebRtcSession::Initialize(
     const PeerConnectionFactoryInterface::Options& options,
-    const MediaConstraintsInterface*  constraints,
+    const MediaConstraintsInterface* constraints,
     rtc::scoped_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
     const PeerConnectionInterface::RTCConfiguration& rtc_configuration) {
+  // Default |dtls_enabled_| value, may get overwritten in InitializeCommon.
+  dtls_enabled_ = (dtls_identity_store != nullptr);
+
+  if (!InitializeCommon(options, constraints, rtc_configuration)) {
+    return false;
+  }
+
+  if (dtls_enabled_) {
+    webrtc_session_desc_factory_.reset(new WebRtcSessionDescriptionFactory(
+          signaling_thread(),
+          worker_thread(),
+          channel_manager_,
+          mediastream_signaling_,
+          dtls_identity_store.Pass(),
+          this,
+          id(),
+          data_channel_type_));
+  } else {
+    webrtc_session_desc_factory_.reset(new WebRtcSessionDescriptionFactory(
+          signaling_thread(),
+          worker_thread(),
+          channel_manager_,
+          mediastream_signaling_,
+          this,
+          id(),
+          data_channel_type_));
+  }
+  InitializeFactoryAfterConstruction(options);
+  return true;
+}
+
+bool WebRtcSession::Initialize(
+    const PeerConnectionFactoryInterface::Options& options,
+    const MediaConstraintsInterface* constraints,
+    const rtc::scoped_refptr<webrtc::DtlsCertificate>& certificate,
+    const PeerConnectionInterface::RTCConfiguration& rtc_configuration) {
+  DCHECK(certificate.get());
+
+  // Default |dtls_enabled_| value, may get overwritten in InitializeCommon.
+  dtls_enabled_ = true;
+
+  if (!InitializeCommon(options, constraints, rtc_configuration)) {
+    return false;
+  }
+
+  if (dtls_enabled_) {
+    webrtc_session_desc_factory_.reset(new WebRtcSessionDescriptionFactory(
+          signaling_thread(),
+          worker_thread(),
+          channel_manager_,
+          mediastream_signaling_,
+          certificate,
+          this,
+          id(),
+          data_channel_type_));
+  } else {
+    webrtc_session_desc_factory_.reset(new WebRtcSessionDescriptionFactory(
+          signaling_thread(),
+          worker_thread(),
+          channel_manager_,
+          mediastream_signaling_,
+          this,
+          id(),
+          data_channel_type_));
+  }
+  InitializeFactoryAfterConstruction(options);
+  return true;
+}
+
+void WebRtcSession::InitializeFactoryAfterConstruction(
+    const PeerConnectionFactoryInterface::Options& options) {
+  webrtc_session_desc_factory_->SignalCertificateReady.connect(
+      this, &WebRtcSession::OnCertificateReady);
+  if (options.disable_encryption) {
+    webrtc_session_desc_factory_->SetSdesPolicy(cricket::SEC_DISABLED);
+  }
+}
+
+bool WebRtcSession::InitializeCommon(
+    const PeerConnectionFactoryInterface::Options& options,
+    const MediaConstraintsInterface* constraints,
+    const PeerConnectionInterface::RTCConfiguration& rtc_configuration) {
   bundle_policy_ = rtc_configuration.bundle_policy;
   rtcp_mux_policy_ = rtc_configuration.rtcp_mux_policy;
   SetSslMaxProtocolVersion(options.ssl_max_version);
@@ -537,13 +618,11 @@ bool WebRtcSession::Initialize(
   if (options.disable_encryption) {
     dtls_enabled_ = false;
   } else {
-    // Enable DTLS by default if we have a |dtls_identity_store|.
-    dtls_enabled_ = (dtls_identity_store != nullptr);
     // |constraints| can override the default |dtls_enabled_| value.
     if (FindConstraint(
           constraints,
           MediaConstraintsInterface::kEnableDtlsSrtp,
-          &value, NULL)) {
+          &value, nullptr)) {
       dtls_enabled_ = value;
     }
   }
@@ -660,22 +739,6 @@ bool WebRtcSession::Initialize(
   channel_manager_->SetDefaultVideoEncoderConfig(
       cricket::VideoEncoderConfig(default_codec));
 
-  webrtc_session_desc_factory_.reset(new WebRtcSessionDescriptionFactory(
-      signaling_thread(),
-      channel_manager_,
-      mediastream_signaling_,
-      dtls_identity_store.Pass(),
-      this,
-      id(),
-      data_channel_type_,
-      dtls_enabled_));
-
-  webrtc_session_desc_factory_->SignalIdentityReady.connect(
-      this, &WebRtcSession::OnIdentityReady);
-
-  if (options.disable_encryption) {
-    webrtc_session_desc_factory_->SetSdesPolicy(cricket::SEC_DISABLED);
-  }
   port_allocator()->set_candidate_filter(

[Henrik Grunell WebRTC, 2015/08/12 14:46:30]

Was there any reason this was done after creating session desc factory? Is it OK
to do before now?

[hbos, 2015/08/14 14:09:39]

No, looks like a simple variable setter unrelated to the
WebRtcSessionDescriptionFactory stuff. The factory doesn't use the port
allocator. Order should not matter.

       ConvertIceTransportTypeToCandidateFilter(rtc_configuration.type));
   return true;
@@ -1304,12 +1367,18 @@ void WebRtcSession::ResetIceRestartLatch() {
   ice_restart_latch_->Reset();
 }
 
-void WebRtcSession::OnIdentityReady(rtc::SSLIdentity* identity) {
-  SetIdentity(identity);
+void WebRtcSession::OnCertificateReady(
+    const rtc::scoped_refptr<DtlsCertificate>& certificate) {
+  certificate_ = certificate;
+  SetCertificate(certificate_);
+}
+
+bool WebRtcSession::waiting_for_certificate() const {

[Henrik Grunell WebRTC, 2015/08/12 14:46:30]

Rename to IsWaitingForCertificate since it's not a getter.

[hbos, 2015/08/14 14:09:39]

Done.

+  return webrtc_session_desc_factory_->waiting_for_certificate();
 }
 
-bool WebRtcSession::waiting_for_identity() const {
-  return webrtc_session_desc_factory_->waiting_for_identity();
+rtc::scoped_refptr<DtlsCertificate> WebRtcSession::get_certificate() const {

[Henrik Grunell WebRTC, 2015/08/12 14:46:30]

Move to header file.

[hbos, 2015/08/14 14:09:39]

Done.

+  return certificate_;
 }
 
 void WebRtcSession::SetIceConnectionState(