Relanding: Allow the DTLS fingerprint verification to occur after the handshake.

webrtc/base/opensslstreamadapter.h

 /*
  *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
@@ skipping 89 matching lines @@
                             const uint8_t* context,
                             size_t context_len,
                             bool use_context,
                             uint8_t* result,
                             size_t result_len) override;
 
   // DTLS-SRTP interface
   bool SetDtlsSrtpCryptoSuites(const std::vector<int>& crypto_suites) override;
   bool GetDtlsSrtpCryptoSuite(int* crypto_suite) override;
 
+  bool IsTlsConnected() override { return state_ == SSL_CONNECTED; }
+
   // Capabilities interfaces
   static bool HaveDtls();
   static bool HaveDtlsSrtp();
   static bool HaveExporter();
   static bool IsBoringSsl();
 
   static bool IsAcceptableCipher(int cipher, KeyType key_type);
   static bool IsAcceptableCipher(const std::string& cipher, KeyType key_type);
 
  protected:
@@ skipping 38 matching lines @@
 
   // Override MessageHandler
   void OnMessage(Message* msg) override;
 
   // Flush the input buffers by reading left bytes (for DTLS)
   void FlushInput(unsigned int left);
 
   // SSL library configuration
   SSL_CTX* SetupSSLContext();
   // SSL verification check
-  bool SSLPostConnectionCheck(SSL* ssl, const char* server_name,
-                              const X509* peer_cert,
-                              const std::string& peer_digest);
+  bool SSLPostConnectionCheck();
+  bool VerifyPeerCertificate();
   // SSL certification verification error handler, called back from
   // the openssl library. Returns an int interpreted as a boolean in
   // the C style: zero means verification failure, non-zero means
   // passed.
   static int SSLVerifyCallback(int ok, X509_STORE_CTX* store);
 
+  bool waiting_to_verify_client_cert() const {

[pthatcher1, 2016/07/27 19:32:35]

Whould this be waiting_to_verify_peer_certificate() to match
VerifyPeerCertificate and peer_certificate_verified_?

Or would needs_to_verify_peer_certificate() be a better name?

[Taylor Brandstetter, 2016/08/13 00:09:53]

I'll change it to "peer". I prefer "waiting" to "needs" because "waiting"
implies "something needs to happen but hasn't happened yet" whereas "needs"
doesn't. At least in my opinion.

+    // If |ssl_server_name_| is non-empty we're in client/server mode and don't
+    // need to verify a peer certificate.
+    return ssl_server_name_.empty() && client_auth_enabled() &&
+           !peer_certificate_verified_;
+  }

[pthatcher1, 2016/07/27 19:32:35]

If we're going to keep the ssl_server_name_ stuff, can we at least avoid calling
ssl_server_name_.empty() with an explanation of what it means?  Perhaps have
something like this:

bool in_peer_mode() {
  return ssl_server_name_.empty();
}

Then you can have this: 

bool waiting_to_verify_peer_certificate() {
  return in_peer_mode() && client_auth_enabled() && !peer_certificate_verified_;
}

+
+  bool have_peer_certificate_digest() const {

[pthatcher1, 2016/07/27 19:32:35]

Should this be has_peer_certificate_digest()?

[Taylor Brandstetter, 2016/08/13 00:09:53]

Sure.

+    return !peer_certificate_digest_algorithm_.empty() &&
+           !peer_certificate_digest_value_.empty();
+  }
+
+  // These methods tell us whether we're in "traditional" mode (verifying the
+  // server name using the certificate chain) or "peer-to-peer" mode (verifying
+  // the digest of a self-signed certificate).
+  bool verify_certificate_using_server_name() const {
+    return state_ != SSL_NONE && !ssl_server_name_.empty();

[pthatcher1, 2016/07/27 19:32:35]

Here in_peer_mode() would be nice as well.

[Taylor Brandstetter, 2016/08/13 00:09:53]

These functions *were* the equivalent of in_peer_mode (we need to check that
state_ isn't SSL_NONE, because in that state we don't know what mode we'll use).

However this is obsoleted now that StartSSLWithServer is removed.

+  }
+  bool verify_certificate_using_peer_digest() const {
+    return state_ != SSL_NONE && ssl_server_name_.empty();
+  }
+
   SSLState state_;
   SSLRole role_;
   int ssl_error_code_;  // valid when state_ == SSL_ERROR or SSL_CLOSED
   // Whether the SSL negotiation is blocked on needing to read or
   // write to the wrapped stream.
   bool ssl_read_needs_write_;
   bool ssl_write_needs_read_;
 
   SSL* ssl_;
   SSL_CTX* ssl_ctx_;
 
   // Our key and certificate, mostly useful in peer-to-peer mode.
   std::unique_ptr<OpenSSLIdentity> identity_;
-  // in traditional mode, the server name that the server's certificate
+  // In traditional mode, the server name that the server's certificate
   // must specify. Empty in peer-to-peer mode.
   std::string ssl_server_name_;
   // The certificate that the peer must present or did present. Initially
   // null in traditional mode, until the connection is established.
   std::unique_ptr<OpenSSLCertificate> peer_certificate_;
+  bool peer_certificate_verified_ = false;
   // In peer-to-peer mode, the digest of the certificate that
   // the peer must present.
   Buffer peer_certificate_digest_value_;
   std::string peer_certificate_digest_algorithm_;
 
   // OpenSSLAdapter::custom_verify_callback_ result
   bool custom_verification_succeeded_;
 
   // The DtlsSrtp ciphers
   std::string srtp_ciphers_;
 
   // Do DTLS or not
   SSLMode ssl_mode_;
 
   // Max. allowed protocol version
   SSLProtocolVersion ssl_max_version_;
 };
 
 /////////////////////////////////////////////////////////////////////////////
 
 }  // namespace rtc
 
 #endif  // WEBRTC_BASE_OPENSSLSTREAMADAPTER_H__