OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 181 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
192 | 192 |
193 return dtls_->GetSslCipherSuite(cipher); | 193 return dtls_->GetSslCipherSuite(cipher); |
194 } | 194 } |
195 | 195 |
196 bool DtlsTransportChannelWrapper::SetRemoteFingerprint( | 196 bool DtlsTransportChannelWrapper::SetRemoteFingerprint( |
197 const std::string& digest_alg, | 197 const std::string& digest_alg, |
198 const uint8_t* digest, | 198 const uint8_t* digest, |
199 size_t digest_len) { | 199 size_t digest_len) { |
200 rtc::Buffer remote_fingerprint_value(digest, digest_len); | 200 rtc::Buffer remote_fingerprint_value(digest, digest_len); |
201 | 201 |
| 202 // Once we have the local certificate, the same remote fingerprint can be set |
| 203 // multiple times. |
202 if (dtls_active_ && remote_fingerprint_value_ == remote_fingerprint_value && | 204 if (dtls_active_ && remote_fingerprint_value_ == remote_fingerprint_value && |
203 !digest_alg.empty()) { | 205 !digest_alg.empty()) { |
204 // This may happen during renegotiation. | 206 // This may happen during renegotiation. |
205 LOG_J(LS_INFO, this) << "Ignoring identical remote DTLS fingerprint"; | 207 LOG_J(LS_INFO, this) << "Ignoring identical remote DTLS fingerprint"; |
206 return true; | 208 return true; |
207 } | 209 } |
208 | 210 |
209 // Allow SetRemoteFingerprint with a NULL digest even if SetLocalCertificate | 211 // If the other side doesn't support DTLS, turn off |dtls_active_|. |
210 // hasn't been called. | |
211 if (dtls_ || (!dtls_active_ && !digest_alg.empty())) { | |
212 LOG_J(LS_ERROR, this) << "Can't set DTLS remote settings in this state."; | |
213 return false; | |
214 } | |
215 | |
216 if (digest_alg.empty()) { | 212 if (digest_alg.empty()) { |
| 213 RTC_DCHECK(!digest_len); |
217 LOG_J(LS_INFO, this) << "Other side didn't support DTLS."; | 214 LOG_J(LS_INFO, this) << "Other side didn't support DTLS."; |
218 dtls_active_ = false; | 215 dtls_active_ = false; |
219 return true; | 216 return true; |
220 } | 217 } |
221 | 218 |
| 219 // Otherwise, we must have a local certificate before setting remote |
| 220 // fingerprint. |
| 221 if (!dtls_active_) { |
| 222 LOG_J(LS_ERROR, this) << "Can't set DTLS remote settings in this state."; |
| 223 return false; |
| 224 } |
| 225 |
222 // At this point we know we are doing DTLS | 226 // At this point we know we are doing DTLS |
223 remote_fingerprint_value_ = remote_fingerprint_value.Pass(); | 227 remote_fingerprint_value_ = remote_fingerprint_value.Pass(); |
224 remote_fingerprint_algorithm_ = digest_alg; | 228 remote_fingerprint_algorithm_ = digest_alg; |
225 | 229 |
| 230 bool reconnect = dtls_; |
| 231 |
226 if (!SetupDtls()) { | 232 if (!SetupDtls()) { |
227 set_dtls_state(DTLS_TRANSPORT_FAILED); | 233 set_dtls_state(DTLS_TRANSPORT_FAILED); |
228 return false; | 234 return false; |
229 } | 235 } |
230 | 236 |
| 237 if (reconnect) { |
| 238 Reconnect(); |
| 239 } |
| 240 |
231 return true; | 241 return true; |
232 } | 242 } |
233 | 243 |
234 bool DtlsTransportChannelWrapper::GetRemoteSSLCertificate( | 244 bool DtlsTransportChannelWrapper::GetRemoteSSLCertificate( |
235 rtc::SSLCertificate** cert) const { | 245 rtc::SSLCertificate** cert) const { |
236 if (!dtls_) { | 246 if (!dtls_) { |
237 return false; | 247 return false; |
238 } | 248 } |
239 | 249 |
240 return dtls_->GetPeerCertificate(cert); | 250 return dtls_->GetPeerCertificate(cert); |
(...skipping 368 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
609 ASSERT(channel == channel_); | 619 ASSERT(channel == channel_); |
610 SignalRouteChange(this, candidate); | 620 SignalRouteChange(this, candidate); |
611 } | 621 } |
612 | 622 |
613 void DtlsTransportChannelWrapper::OnConnectionRemoved( | 623 void DtlsTransportChannelWrapper::OnConnectionRemoved( |
614 TransportChannelImpl* channel) { | 624 TransportChannelImpl* channel) { |
615 ASSERT(channel == channel_); | 625 ASSERT(channel == channel_); |
616 SignalConnectionRemoved(this); | 626 SignalConnectionRemoved(this); |
617 } | 627 } |
618 | 628 |
| 629 void DtlsTransportChannelWrapper::Reconnect() { |
| 630 set_dtls_state(DTLS_TRANSPORT_NEW); |
| 631 set_writable(false); |
| 632 if (channel_->writable()) { |
| 633 OnWritableState(channel_); |
| 634 } |
| 635 } |
| 636 |
619 } // namespace cricket | 637 } // namespace cricket |
OLD | NEW |