Chromium Code Reviews Chromium Code Reviews
Issue 1453523002:
Allow remote fingerprint update during a call (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc@master| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 115 channel_->SignalConnectionRemoved.connect(this, | 115 channel_->SignalConnectionRemoved.connect(this, |
| 116 &DtlsTransportChannelWrapper::OnConnectionRemoved); | 116 &DtlsTransportChannelWrapper::OnConnectionRemoved); |
| 117 channel_->SignalReceivingState.connect(this, | 117 channel_->SignalReceivingState.connect(this, |
| 118 &DtlsTransportChannelWrapper::OnReceivingState); | 118 &DtlsTransportChannelWrapper::OnReceivingState); |
| 119 } | 119 } |
| 120 | 120 |
| 121 DtlsTransportChannelWrapper::~DtlsTransportChannelWrapper() { | 121 DtlsTransportChannelWrapper::~DtlsTransportChannelWrapper() { |
| 122 } | 122 } |
| 123 | 123 |
| 124 void DtlsTransportChannelWrapper::Connect() { | 124 void DtlsTransportChannelWrapper::Connect() { |
| 125 // We should only get a single call to Connect. | |
| 126 ASSERT(dtls_state() == DTLS_TRANSPORT_NEW); | 125 ASSERT(dtls_state() == DTLS_TRANSPORT_NEW); |
| 127 channel_->Connect(); | 126 if (channel_->writable()) { |
| 127 OnWritableState(channel_); | |
| 128 } else { | |
| 129 channel_->Connect(); | |
| 130 } | |
|
pthatcher1
2015/11/18 20:42:43
I think instead of changing the Connect method, we
guoweis_webrtc
2015/11/25 21:03:13
Done.
| |
| 128 } | 131 } |
| 129 | 132 |
| 130 bool DtlsTransportChannelWrapper::SetLocalCertificate( | 133 bool DtlsTransportChannelWrapper::SetLocalCertificate( |
| 131 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) { | 134 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) { |
| 132 if (dtls_active_) { | 135 if (dtls_active_) { |
| 133 if (certificate == local_certificate_) { | 136 if (certificate == local_certificate_) { |
| 134 // This may happen during renegotiation. | 137 // This may happen during renegotiation. |
| 135 LOG_J(LS_INFO, this) << "Ignoring identical DTLS identity"; | 138 LOG_J(LS_INFO, this) << "Ignoring identical DTLS identity"; |
| 136 return true; | 139 return true; |
| 137 } else { | 140 } else { |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 192 | 195 |
| 193 return dtls_->GetSslCipherSuite(cipher); | 196 return dtls_->GetSslCipherSuite(cipher); |
| 194 } | 197 } |
| 195 | 198 |
| 196 bool DtlsTransportChannelWrapper::SetRemoteFingerprint( | 199 bool DtlsTransportChannelWrapper::SetRemoteFingerprint( |
| 197 const std::string& digest_alg, | 200 const std::string& digest_alg, |
| 198 const uint8_t* digest, | 201 const uint8_t* digest, |
| 199 size_t digest_len) { | 202 size_t digest_len) { |
| 200 rtc::Buffer remote_fingerprint_value(digest, digest_len); | 203 rtc::Buffer remote_fingerprint_value(digest, digest_len); |
| 201 | 204 |
| 205 bool reconnect = false; | |
| 206 | |
| 202 if (dtls_active_ && remote_fingerprint_value_ == remote_fingerprint_value && | 207 if (dtls_active_ && remote_fingerprint_value_ == remote_fingerprint_value && |
| 203 !digest_alg.empty()) { | 208 !digest_alg.empty()) { |
| 204 // This may happen during renegotiation. | 209 // This may happen during renegotiation. |
| 205 LOG_J(LS_INFO, this) << "Ignoring identical remote DTLS fingerprint"; | 210 LOG_J(LS_INFO, this) << "Ignoring identical remote DTLS fingerprint"; |
| 206 return true; | 211 return true; |
| 207 } | 212 } |
| 208 | 213 |
| 209 // Allow SetRemoteFingerprint with a NULL digest even if SetLocalCertificate | 214 // Allow SetRemoteFingerprint with a NULL digest even if SetLocalCertificate |
| 210 // hasn't been called. | 215 // hasn't been called. |
| 211 if (dtls_ || (!dtls_active_ && !digest_alg.empty())) { | 216 if (!dtls_active_ && !digest_alg.empty()) { |
| 212 LOG_J(LS_ERROR, this) << "Can't set DTLS remote settings in this state."; | 217 LOG_J(LS_ERROR, this) << "Can't set DTLS remote settings in this state."; |
| 213 return false; | 218 return false; |
| 214 } | 219 } |
| 215 | 220 |
| 216 if (digest_alg.empty()) { | 221 if (digest_alg.empty()) { |
| 217 LOG_J(LS_INFO, this) << "Other side didn't support DTLS."; | 222 LOG_J(LS_INFO, this) << "Other side didn't support DTLS."; |
| 218 dtls_active_ = false; | 223 dtls_active_ = false; |
| 219 return true; | 224 return true; |
| 220 } | 225 } |
| 221 | 226 |
| 227 if (dtls_) { | |
| 228 RTC_DCHECK(remote_fingerprint_value_ != remote_fingerprint_value); | |
| 229 reconnect = true; | |
| 230 } | |
|
pthatcher1
2015/11/18 20:42:43
I think this would be more readable as something l
guoweis_webrtc
2015/11/25 21:03:13
Reconnect has to be called after SetupDtls
| |
| 231 | |
| 222 // At this point we know we are doing DTLS | 232 // At this point we know we are doing DTLS |
| 223 remote_fingerprint_value_ = remote_fingerprint_value.Pass(); | 233 remote_fingerprint_value_ = remote_fingerprint_value.Pass(); |
| 224 remote_fingerprint_algorithm_ = digest_alg; | 234 remote_fingerprint_algorithm_ = digest_alg; |
| 225 | 235 |
| 226 if (!SetupDtls()) { | 236 if (!SetupDtls()) { |
| 227 set_dtls_state(DTLS_TRANSPORT_FAILED); | 237 set_dtls_state(DTLS_TRANSPORT_FAILED); |
| 228 return false; | 238 return false; |
| 239 } else { | |
| 240 // We get the Dtls newly set up here. Signal the media side to re-setup SRTP | |
| 241 // context. | |
| 242 SignalDtlsSrtpSetup(this); | |
| 243 } | |
| 244 | |
| 245 if (reconnect) { | |
| 246 set_dtls_state(DTLS_TRANSPORT_NEW); | |
| 247 set_writable(false); | |
| 248 Connect(); | |
| 229 } | 249 } |
| 230 | 250 |
| 231 return true; | 251 return true; |
| 232 } | 252 } |
| 233 | 253 |
| 234 bool DtlsTransportChannelWrapper::GetRemoteSSLCertificate( | 254 bool DtlsTransportChannelWrapper::GetRemoteSSLCertificate( |
| 235 rtc::SSLCertificate** cert) const { | 255 rtc::SSLCertificate** cert) const { |
| 236 if (!dtls_) { | 256 if (!dtls_) { |
| 237 return false; | 257 return false; |
| 238 } | 258 } |
| (...skipping 372 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 611 SignalRouteChange(this, candidate); | 631 SignalRouteChange(this, candidate); |
| 612 } | 632 } |
| 613 | 633 |
| 614 void DtlsTransportChannelWrapper::OnConnectionRemoved( | 634 void DtlsTransportChannelWrapper::OnConnectionRemoved( |
| 615 TransportChannelImpl* channel) { | 635 TransportChannelImpl* channel) { |
| 616 ASSERT(channel == channel_); | 636 ASSERT(channel == channel_); |
| 617 SignalConnectionRemoved(this); | 637 SignalConnectionRemoved(this); |
| 618 } | 638 } |
| 619 | 639 |
| 620 } // namespace cricket | 640 } // namespace cricket |
| OLD | NEW |
