OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
88 | 88 |
89 DtlsTransportChannelWrapper::DtlsTransportChannelWrapper( | 89 DtlsTransportChannelWrapper::DtlsTransportChannelWrapper( |
90 Transport* transport, | 90 Transport* transport, |
91 TransportChannelImpl* channel) | 91 TransportChannelImpl* channel) |
92 : TransportChannelImpl(channel->content_name(), channel->component()), | 92 : TransportChannelImpl(channel->content_name(), channel->component()), |
93 transport_(transport), | 93 transport_(transport), |
94 worker_thread_(rtc::Thread::Current()), | 94 worker_thread_(rtc::Thread::Current()), |
95 channel_(channel), | 95 channel_(channel), |
96 downward_(NULL), | 96 downward_(NULL), |
97 dtls_state_(STATE_NONE), | 97 dtls_state_(STATE_NONE), |
98 local_identity_(NULL), | |
99 ssl_role_(rtc::SSL_CLIENT), | 98 ssl_role_(rtc::SSL_CLIENT), |
100 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10) { | 99 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10) { |
101 channel_->SignalReadableState.connect(this, | 100 channel_->SignalReadableState.connect(this, |
102 &DtlsTransportChannelWrapper::OnReadableState); | 101 &DtlsTransportChannelWrapper::OnReadableState); |
103 channel_->SignalWritableState.connect(this, | 102 channel_->SignalWritableState.connect(this, |
104 &DtlsTransportChannelWrapper::OnWritableState); | 103 &DtlsTransportChannelWrapper::OnWritableState); |
105 channel_->SignalReadPacket.connect(this, | 104 channel_->SignalReadPacket.connect(this, |
106 &DtlsTransportChannelWrapper::OnReadPacket); | 105 &DtlsTransportChannelWrapper::OnReadPacket); |
107 channel_->SignalReadyToSend.connect(this, | 106 channel_->SignalReadyToSend.connect(this, |
108 &DtlsTransportChannelWrapper::OnReadyToSend); | 107 &DtlsTransportChannelWrapper::OnReadyToSend); |
(...skipping 17 matching lines...) Expand all Loading... |
126 } | 125 } |
127 | 126 |
128 void DtlsTransportChannelWrapper::Connect() { | 127 void DtlsTransportChannelWrapper::Connect() { |
129 // We should only get a single call to Connect. | 128 // We should only get a single call to Connect. |
130 ASSERT(dtls_state_ == STATE_NONE || | 129 ASSERT(dtls_state_ == STATE_NONE || |
131 dtls_state_ == STATE_OFFERED || | 130 dtls_state_ == STATE_OFFERED || |
132 dtls_state_ == STATE_ACCEPTED); | 131 dtls_state_ == STATE_ACCEPTED); |
133 channel_->Connect(); | 132 channel_->Connect(); |
134 } | 133 } |
135 | 134 |
136 bool DtlsTransportChannelWrapper::SetLocalIdentity( | 135 bool DtlsTransportChannelWrapper::SetLocalCertificate( |
137 rtc::SSLIdentity* identity) { | 136 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) { |
138 if (dtls_state_ != STATE_NONE) { | 137 if (dtls_state_ != STATE_NONE) { |
139 if (identity == local_identity_) { | 138 if (certificate == local_certificate_) { |
140 // This may happen during renegotiation. | 139 // This may happen during renegotiation. |
141 LOG_J(LS_INFO, this) << "Ignoring identical DTLS identity"; | 140 LOG_J(LS_INFO, this) << "Ignoring identical DTLS identity"; |
142 return true; | 141 return true; |
143 } else { | 142 } else { |
144 LOG_J(LS_ERROR, this) << "Can't change DTLS local identity in this state"; | 143 LOG_J(LS_ERROR, this) << "Can't change DTLS local identity in this state"; |
145 return false; | 144 return false; |
146 } | 145 } |
147 } | 146 } |
148 | 147 |
149 if (identity) { | 148 if (certificate) { |
150 local_identity_ = identity; | 149 local_certificate_ = certificate; |
151 dtls_state_ = STATE_OFFERED; | 150 dtls_state_ = STATE_OFFERED; |
152 } else { | 151 } else { |
153 LOG_J(LS_INFO, this) << "NULL DTLS identity supplied. Not doing DTLS"; | 152 LOG_J(LS_INFO, this) << "NULL DTLS identity supplied. Not doing DTLS"; |
154 } | 153 } |
155 | 154 |
156 return true; | 155 return true; |
157 } | 156 } |
158 | 157 |
159 bool DtlsTransportChannelWrapper::GetLocalIdentity( | 158 rtc::scoped_refptr<rtc::RTCCertificate> |
160 rtc::SSLIdentity** identity) const { | 159 DtlsTransportChannelWrapper::GetLocalCertificate() const { |
161 if (!local_identity_) | 160 return local_certificate_; |
162 return false; | |
163 | |
164 *identity = local_identity_->GetReference(); | |
165 return true; | |
166 } | 161 } |
167 | 162 |
168 bool DtlsTransportChannelWrapper::SetSslMaxProtocolVersion( | 163 bool DtlsTransportChannelWrapper::SetSslMaxProtocolVersion( |
169 rtc::SSLProtocolVersion version) { | 164 rtc::SSLProtocolVersion version) { |
170 if (dtls_state_ != STATE_NONE) { | 165 if (dtls_state_ != STATE_NONE) { |
171 LOG(LS_ERROR) << "Not changing max. protocol version " | 166 LOG(LS_ERROR) << "Not changing max. protocol version " |
172 << "while DTLS is negotiating"; | 167 << "while DTLS is negotiating"; |
173 return false; | 168 return false; |
174 } | 169 } |
175 | 170 |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
238 | 233 |
239 if (!SetupDtls()) { | 234 if (!SetupDtls()) { |
240 dtls_state_ = STATE_CLOSED; | 235 dtls_state_ = STATE_CLOSED; |
241 return false; | 236 return false; |
242 } | 237 } |
243 | 238 |
244 dtls_state_ = STATE_ACCEPTED; | 239 dtls_state_ = STATE_ACCEPTED; |
245 return true; | 240 return true; |
246 } | 241 } |
247 | 242 |
248 bool DtlsTransportChannelWrapper::GetRemoteCertificate( | 243 bool DtlsTransportChannelWrapper::GetRemoteSSLCertificate( |
249 rtc::SSLCertificate** cert) const { | 244 rtc::SSLCertificate** cert) const { |
250 if (!dtls_) | 245 if (!dtls_) |
251 return false; | 246 return false; |
252 | 247 |
253 return dtls_->GetPeerCertificate(cert); | 248 return dtls_->GetPeerCertificate(cert); |
254 } | 249 } |
255 | 250 |
256 bool DtlsTransportChannelWrapper::SetupDtls() { | 251 bool DtlsTransportChannelWrapper::SetupDtls() { |
257 StreamInterfaceChannel* downward = new StreamInterfaceChannel(channel_); | 252 StreamInterfaceChannel* downward = new StreamInterfaceChannel(channel_); |
258 | 253 |
259 dtls_.reset(rtc::SSLStreamAdapter::Create(downward)); | 254 dtls_.reset(rtc::SSLStreamAdapter::Create(downward)); |
260 if (!dtls_) { | 255 if (!dtls_) { |
261 LOG_J(LS_ERROR, this) << "Failed to create DTLS adapter."; | 256 LOG_J(LS_ERROR, this) << "Failed to create DTLS adapter."; |
262 delete downward; | 257 delete downward; |
263 return false; | 258 return false; |
264 } | 259 } |
265 | 260 |
266 downward_ = downward; | 261 downward_ = downward; |
267 | 262 |
268 dtls_->SetIdentity(local_identity_->GetReference()); | 263 dtls_->SetIdentity(local_certificate_->identity()->GetReference()); |
269 dtls_->SetMode(rtc::SSL_MODE_DTLS); | 264 dtls_->SetMode(rtc::SSL_MODE_DTLS); |
270 dtls_->SetMaxProtocolVersion(ssl_max_version_); | 265 dtls_->SetMaxProtocolVersion(ssl_max_version_); |
271 dtls_->SetServerRole(ssl_role_); | 266 dtls_->SetServerRole(ssl_role_); |
272 dtls_->SignalEvent.connect(this, &DtlsTransportChannelWrapper::OnDtlsEvent); | 267 dtls_->SignalEvent.connect(this, &DtlsTransportChannelWrapper::OnDtlsEvent); |
273 if (!dtls_->SetPeerCertificateDigest( | 268 if (!dtls_->SetPeerCertificateDigest( |
274 remote_fingerprint_algorithm_, | 269 remote_fingerprint_algorithm_, |
275 reinterpret_cast<unsigned char*>(remote_fingerprint_value_.data()), | 270 reinterpret_cast<unsigned char*>(remote_fingerprint_value_.data()), |
276 remote_fingerprint_value_.size())) { | 271 remote_fingerprint_value_.size())) { |
277 LOG_J(LS_ERROR, this) << "Couldn't set DTLS certificate digest."; | 272 LOG_J(LS_ERROR, this) << "Couldn't set DTLS certificate digest."; |
278 return false; | 273 return false; |
(...skipping 366 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
645 SignalRouteChange(this, candidate); | 640 SignalRouteChange(this, candidate); |
646 } | 641 } |
647 | 642 |
648 void DtlsTransportChannelWrapper::OnConnectionRemoved( | 643 void DtlsTransportChannelWrapper::OnConnectionRemoved( |
649 TransportChannelImpl* channel) { | 644 TransportChannelImpl* channel) { |
650 ASSERT(channel == channel_); | 645 ASSERT(channel == channel_); |
651 SignalConnectionRemoved(this); | 646 SignalConnectionRemoved(this); |
652 } | 647 } |
653 | 648 |
654 } // namespace cricket | 649 } // namespace cricket |
OLD | NEW |