Chromium Code Reviews Chromium Code Reviews
Issue 1337673002:
Change WebRTC SslCipher to be exposed as number only. (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc@master| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 29 matching lines...) Expand all Loading... | |
| 40 SSL_PROTOCOL_TLS_10, | 40 SSL_PROTOCOL_TLS_10, |
| 41 SSL_PROTOCOL_TLS_11, | 41 SSL_PROTOCOL_TLS_11, |
| 42 SSL_PROTOCOL_TLS_12, | 42 SSL_PROTOCOL_TLS_12, |
| 43 SSL_PROTOCOL_DTLS_10 = SSL_PROTOCOL_TLS_11, | 43 SSL_PROTOCOL_DTLS_10 = SSL_PROTOCOL_TLS_11, |
| 44 SSL_PROTOCOL_DTLS_12 = SSL_PROTOCOL_TLS_12, | 44 SSL_PROTOCOL_DTLS_12 = SSL_PROTOCOL_TLS_12, |
| 45 }; | 45 }; |
| 46 | 46 |
| 47 // Errors for Read -- in the high range so no conflict with OpenSSL. | 47 // Errors for Read -- in the high range so no conflict with OpenSSL. |
| 48 enum { SSE_MSG_TRUNC = 0xff0001 }; | 48 enum { SSE_MSG_TRUNC = 0xff0001 }; |
| 49 | 49 |
| 50 // Helper struct to retrieve both IANA number and the RFC name. | |
| 51 struct SslCipher { | |
| 52 uint16_t ssl_id; | |
|
juberti
2015/09/24 13:41:15
prefer plain |int| to a sized type.
guoweis_webrtc
2015/09/24 18:27:13
Done.
| |
| 53 std::string rfc_name; | |
|
juberti
2015/09/24 13:41:15
I would just call this |name|
guoweis_webrtc
2015/09/24 18:27:13
Done.
| |
| 54 SslCipher() : ssl_id(0) {} | |
| 55 SslCipher(uint16_t ssl_id, const std::string& rfc_name) | |
| 56 : ssl_id(ssl_id), rfc_name(rfc_name) {} | |
| 57 }; | |
| 58 | |
| 50 class SSLStreamAdapter : public StreamAdapterInterface { | 59 class SSLStreamAdapter : public StreamAdapterInterface { |
| 51 public: | 60 public: |
| 52 // Instantiate an SSLStreamAdapter wrapping the given stream, | 61 // Instantiate an SSLStreamAdapter wrapping the given stream, |
| 53 // (using the selected implementation for the platform). | 62 // (using the selected implementation for the platform). |
| 54 // Caller is responsible for freeing the returned object. | 63 // Caller is responsible for freeing the returned object. |
| 55 static SSLStreamAdapter* Create(StreamInterface* stream); | 64 static SSLStreamAdapter* Create(StreamInterface* stream); |
| 56 | 65 |
| 57 explicit SSLStreamAdapter(StreamInterface* stream) | 66 explicit SSLStreamAdapter(StreamInterface* stream) |
| 58 : StreamAdapterInterface(stream), ignore_bad_cert_(false), | 67 : StreamAdapterInterface(stream), ignore_bad_cert_(false), |
| 59 client_auth_enabled_(true) { } | 68 client_auth_enabled_(true) { } |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 128 const unsigned char* digest_val, | 137 const unsigned char* digest_val, |
| 129 size_t digest_len) = 0; | 138 size_t digest_len) = 0; |
| 130 | 139 |
| 131 // Retrieves the peer's X.509 certificate, if a connection has been | 140 // Retrieves the peer's X.509 certificate, if a connection has been |
| 132 // established. It returns the transmitted over SSL, including the entire | 141 // established. It returns the transmitted over SSL, including the entire |
| 133 // chain. The returned certificate is owned by the caller. | 142 // chain. The returned certificate is owned by the caller. |
| 134 virtual bool GetPeerCertificate(SSLCertificate** cert) const = 0; | 143 virtual bool GetPeerCertificate(SSLCertificate** cert) const = 0; |
| 135 | 144 |
| 136 // Retrieves the name of the cipher suite used for the connection | 145 // Retrieves the name of the cipher suite used for the connection |
| 137 // (e.g. "TLS_RSA_WITH_AES_128_CBC_SHA"). | 146 // (e.g. "TLS_RSA_WITH_AES_128_CBC_SHA"). |
| 138 virtual bool GetSslCipher(std::string* cipher); | 147 virtual bool GetSslCipher(SslCipher* cipher); |
| 139 | 148 |
| 140 // Key Exporter interface from RFC 5705 | 149 // Key Exporter interface from RFC 5705 |
| 141 // Arguments are: | 150 // Arguments are: |
| 142 // label -- the exporter label. | 151 // label -- the exporter label. |
| 143 // part of the RFC defining each exporter | 152 // part of the RFC defining each exporter |
| 144 // usage (IN) | 153 // usage (IN) |
| 145 // context/context_len -- a context to bind to for this connection; | 154 // context/context_len -- a context to bind to for this connection; |
| 146 // optional, can be NULL, 0 (IN) | 155 // optional, can be NULL, 0 (IN) |
| 147 // use_context -- whether to use the context value | 156 // use_context -- whether to use the context value |
| 148 // (needed to distinguish no context from | 157 // (needed to distinguish no context from |
| (...skipping 12 matching lines...) Expand all Loading... | |
| 161 virtual bool GetDtlsSrtpCipher(std::string* cipher); | 170 virtual bool GetDtlsSrtpCipher(std::string* cipher); |
| 162 | 171 |
| 163 // Capabilities testing | 172 // Capabilities testing |
| 164 static bool HaveDtls(); | 173 static bool HaveDtls(); |
| 165 static bool HaveDtlsSrtp(); | 174 static bool HaveDtlsSrtp(); |
| 166 static bool HaveExporter(); | 175 static bool HaveExporter(); |
| 167 | 176 |
| 168 // Returns the default Ssl cipher used between streams of this class | 177 // Returns the default Ssl cipher used between streams of this class |
| 169 // for the given protocol version. This is used by the unit tests. | 178 // for the given protocol version. This is used by the unit tests. |
| 170 // TODO(torbjorng@webrtc.org): Fix callers to avoid default parameter. | 179 // TODO(torbjorng@webrtc.org): Fix callers to avoid default parameter. |
| 171 static std::string GetDefaultSslCipher(SSLProtocolVersion version, | 180 static const SslCipher& GetDefaultSslCipher(SSLProtocolVersion version, |
| 172 KeyType key_type = KT_DEFAULT); | 181 KeyType key_type = KT_DEFAULT); |
| 173 | 182 |
| 174 private: | 183 private: |
| 175 // If true, the server certificate need not match the configured | 184 // If true, the server certificate need not match the configured |
| 176 // server_name, and in fact missing certificate authority and other | 185 // server_name, and in fact missing certificate authority and other |
| 177 // verification errors are ignored. | 186 // verification errors are ignored. |
| 178 bool ignore_bad_cert_; | 187 bool ignore_bad_cert_; |
| 179 | 188 |
| 180 // If true (default), the client is required to provide a certificate during | 189 // If true (default), the client is required to provide a certificate during |
| 181 // handshake. If no certificate is given, handshake fails. This applies to | 190 // handshake. If no certificate is given, handshake fails. This applies to |
| 182 // server mode only. | 191 // server mode only. |
| 183 bool client_auth_enabled_; | 192 bool client_auth_enabled_; |
| 184 }; | 193 }; |
| 185 | 194 |
| 186 } // namespace rtc | 195 } // namespace rtc |
| 187 | 196 |
| 188 #endif // WEBRTC_BASE_SSLSTREAMADAPTER_H_ | 197 #endif // WEBRTC_BASE_SSLSTREAMADAPTER_H_ |
| OLD | NEW |
