| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| 11 #include <memory> | 11 #include <memory> |
| 12 #include <set> | 12 #include <set> |
| 13 | 13 |
| 14 #include "webrtc/p2p/base/dtlstransport.h" | 14 #include "webrtc/p2p/base/dtlstransportchannel.h" |
| 15 #include "webrtc/p2p/base/faketransportcontroller.h" | 15 #include "webrtc/p2p/base/faketransportcontroller.h" |
| 16 #include "webrtc/p2p/base/packettransportinterface.h" | 16 #include "webrtc/p2p/base/packettransportinterface.h" |
| 17 #include "webrtc/base/common.h" | 17 #include "webrtc/base/common.h" |
| 18 #include "webrtc/base/dscp.h" | 18 #include "webrtc/base/dscp.h" |
| 19 #include "webrtc/base/gunit.h" | 19 #include "webrtc/base/gunit.h" |
| 20 #include "webrtc/base/helpers.h" | 20 #include "webrtc/base/helpers.h" |
| 21 #include "webrtc/base/ssladapter.h" | 21 #include "webrtc/base/ssladapter.h" |
| 22 #include "webrtc/base/sslidentity.h" | 22 #include "webrtc/base/sslidentity.h" |
| 23 #include "webrtc/base/sslstreamadapter.h" | 23 #include "webrtc/base/sslstreamadapter.h" |
| 24 #include "webrtc/base/stringutils.h" | 24 #include "webrtc/base/stringutils.h" |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 56 } | 56 } |
| 57 return cricket::TransportDescription(std::vector<std::string>(), kIceUfrag1, | 57 return cricket::TransportDescription(std::vector<std::string>(), kIceUfrag1, |
| 58 kIcePwd1, cricket::ICEMODE_FULL, role, | 58 kIcePwd1, cricket::ICEMODE_FULL, role, |
| 59 fingerprint.get()); | 59 fingerprint.get()); |
| 60 } | 60 } |
| 61 | 61 |
| 62 using cricket::ConnectionRole; | 62 using cricket::ConnectionRole; |
| 63 | 63 |
| 64 enum Flags { NF_REOFFER = 0x1, NF_EXPECT_FAILURE = 0x2 }; | 64 enum Flags { NF_REOFFER = 0x1, NF_EXPECT_FAILURE = 0x2 }; |
| 65 | 65 |
| 66 // TODO(deadbeef): Remove the dependency on JsepTransport. This test should be |
| 67 // testing DtlsTransportChannel by itself, calling methods to set the |
| 68 // configuration directly instead of negotiating TransportDescriptions. |
| 66 class DtlsTestClient : public sigslot::has_slots<> { | 69 class DtlsTestClient : public sigslot::has_slots<> { |
| 67 public: | 70 public: |
| 68 DtlsTestClient(const std::string& name) : name_(name) {} | 71 DtlsTestClient(const std::string& name) : name_(name) {} |
| 69 void CreateCertificate(rtc::KeyType key_type) { | 72 void CreateCertificate(rtc::KeyType key_type) { |
| 70 certificate_ = | 73 certificate_ = |
| 71 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>( | 74 rtc::RTCCertificate::Create(std::unique_ptr<rtc::SSLIdentity>( |
| 72 rtc::SSLIdentity::Generate(name_, key_type))); | 75 rtc::SSLIdentity::Generate(name_, key_type))); |
| 73 } | 76 } |
| 74 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate() { | 77 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate() { |
| 75 return certificate_; | 78 return certificate_; |
| 76 } | 79 } |
| 77 void SetupSrtp() { | 80 void SetupSrtp() { |
| 78 ASSERT(certificate_); | 81 ASSERT(certificate_); |
| 79 use_dtls_srtp_ = true; | 82 use_dtls_srtp_ = true; |
| 80 } | 83 } |
| 81 void SetupMaxProtocolVersion(rtc::SSLProtocolVersion version) { | 84 void SetupMaxProtocolVersion(rtc::SSLProtocolVersion version) { |
| 82 ASSERT(!transport_); | |
| 83 ssl_max_version_ = version; | 85 ssl_max_version_ = version; |
| 84 } | 86 } |
| 85 void SetupChannels(int count, cricket::IceRole role, int async_delay_ms = 0) { | 87 void SetupChannels(int count, cricket::IceRole role, int async_delay_ms = 0) { |
| 86 transport_.reset(new cricket::DtlsTransport<cricket::FakeTransport>( | 88 transport_.reset( |
| 87 "dtls content name", nullptr, certificate_)); | 89 new cricket::JsepTransport("dtls content name", certificate_)); |
| 88 transport_->SetAsync(true); | 90 for (int i = 0; i < count; ++i) { |
| 89 transport_->SetAsyncDelay(async_delay_ms); | 91 cricket::FakeTransportChannel* fake_ice_channel = |
| 90 transport_->SetIceRole(role); | 92 new cricket::FakeTransportChannel(transport_->mid(), i); |
| 91 transport_->SetIceTiebreaker( | 93 fake_ice_channel->SetAsync(true); |
| 92 (role == cricket::ICEROLE_CONTROLLING) ? 1 : 2); | 94 fake_ice_channel->SetAsyncDelay(async_delay_ms); |
| 95 // Hook the raw packets so that we can verify they are encrypted. |
| 96 fake_ice_channel->SignalReadPacket.connect( |
| 97 this, &DtlsTestClient::OnFakeTransportChannelReadPacket); |
| 93 | 98 |
| 94 for (int i = 0; i < count; ++i) { | |
| 95 cricket::DtlsTransportChannelWrapper* channel = | 99 cricket::DtlsTransportChannelWrapper* channel = |
| 96 static_cast<cricket::DtlsTransportChannelWrapper*>( | 100 new cricket::DtlsTransportChannelWrapper(fake_ice_channel); |
| 97 transport_->CreateChannel(i)); | 101 channel->SetLocalCertificate(certificate_); |
| 98 ASSERT_TRUE(channel != NULL); | 102 channel->SetIceRole(role); |
| 103 channel->SetIceTiebreaker((role == cricket::ICEROLE_CONTROLLING) ? 1 : 2); |
| 99 channel->SetSslMaxProtocolVersion(ssl_max_version_); | 104 channel->SetSslMaxProtocolVersion(ssl_max_version_); |
| 100 channel->SignalWritableState.connect(this, | 105 channel->SignalWritableState.connect(this, |
| 101 &DtlsTestClient::OnTransportChannelWritableState); | 106 &DtlsTestClient::OnTransportChannelWritableState); |
| 102 channel->SignalReadPacket.connect(this, | 107 channel->SignalReadPacket.connect(this, |
| 103 &DtlsTestClient::OnTransportChannelReadPacket); | 108 &DtlsTestClient::OnTransportChannelReadPacket); |
| 104 channel->SignalSentPacket.connect( | 109 channel->SignalSentPacket.connect( |
| 105 this, &DtlsTestClient::OnTransportChannelSentPacket); | 110 this, &DtlsTestClient::OnTransportChannelSentPacket); |
| 106 channels_.push_back(channel); | 111 channels_.push_back( |
| 107 | 112 std::unique_ptr<cricket::DtlsTransportChannelWrapper>(channel)); |
| 108 // Hook the raw packets so that we can verify they are encrypted. | 113 fake_channels_.push_back( |
| 109 channel->channel()->SignalReadPacket.connect( | 114 std::unique_ptr<cricket::FakeTransportChannel>(fake_ice_channel)); |
| 110 this, &DtlsTestClient::OnFakeTransportChannelReadPacket); | 115 transport_->AddChannel(channel, i); |
| 111 } | 116 } |
| 112 } | 117 } |
| 113 | 118 |
| 114 cricket::Transport* transport() { return transport_.get(); } | 119 cricket::JsepTransport* transport() { return transport_.get(); } |
| 115 | 120 |
| 116 cricket::FakeTransportChannel* GetFakeChannel(int component) { | 121 cricket::FakeTransportChannel* GetFakeChannel(int component) { |
| 117 cricket::TransportChannelImpl* ch = transport_->GetChannel(component); | 122 for (const auto& ch : fake_channels_) { |
| 118 cricket::DtlsTransportChannelWrapper* wrapper = | 123 if (ch->component() == component) { |
| 119 static_cast<cricket::DtlsTransportChannelWrapper*>(ch); | 124 return ch.get(); |
| 120 return (wrapper) ? | 125 } |
| 121 static_cast<cricket::FakeTransportChannel*>(wrapper->channel()) : NULL; | 126 } |
| 127 return nullptr; |
| 122 } | 128 } |
| 123 | 129 |
| 124 cricket::DtlsTransportChannelWrapper* GetDtlsChannel(int component) { | 130 cricket::DtlsTransportChannelWrapper* GetDtlsChannel(int component) { |
| 125 cricket::TransportChannelImpl* ch = transport_->GetChannel(component); | 131 for (const auto& ch : channels_) { |
| 126 return static_cast<cricket::DtlsTransportChannelWrapper*>(ch); | 132 if (ch->component() == component) { |
| 133 return ch.get(); |
| 134 } |
| 135 } |
| 136 return nullptr; |
| 127 } | 137 } |
| 128 | 138 |
| 129 // Offer DTLS if we have an identity; pass in a remote fingerprint only if | 139 // Offer DTLS if we have an identity; pass in a remote fingerprint only if |
| 130 // both sides support DTLS. | 140 // both sides support DTLS. |
| 131 void Negotiate(DtlsTestClient* peer, cricket::ContentAction action, | 141 void Negotiate(DtlsTestClient* peer, cricket::ContentAction action, |
| 132 ConnectionRole local_role, ConnectionRole remote_role, | 142 ConnectionRole local_role, ConnectionRole remote_role, |
| 133 int flags) { | 143 int flags) { |
| 134 Negotiate(certificate_, certificate_ ? peer->certificate_ : nullptr, action, | 144 Negotiate(certificate_, certificate_ ? peer->certificate_ : nullptr, action, |
| 135 local_role, remote_role, flags); | 145 local_role, remote_role, flags); |
| 136 } | 146 } |
| 137 | 147 |
| 138 void MaybeSetSrtpCryptoSuites() { | 148 void MaybeSetSrtpCryptoSuites() { |
| 139 if (!use_dtls_srtp_) { | 149 if (!use_dtls_srtp_) { |
| 140 return; | 150 return; |
| 141 } | 151 } |
| 142 std::vector<int> ciphers; | 152 std::vector<int> ciphers; |
| 143 ciphers.push_back(rtc::SRTP_AES128_CM_SHA1_80); | 153 ciphers.push_back(rtc::SRTP_AES128_CM_SHA1_80); |
| 144 // SRTP ciphers will be set only in the beginning. | 154 // SRTP ciphers will be set only in the beginning. |
| 145 for (cricket::DtlsTransportChannelWrapper* channel : channels_) { | 155 for (const auto& channel : channels_) { |
| 146 EXPECT_TRUE(channel->SetSrtpCryptoSuites(ciphers)); | 156 EXPECT_TRUE(channel->SetSrtpCryptoSuites(ciphers)); |
| 147 } | 157 } |
| 148 } | 158 } |
| 149 | 159 |
| 150 void SetLocalTransportDescription( | 160 void SetLocalTransportDescription( |
| 151 const rtc::scoped_refptr<rtc::RTCCertificate>& cert, | 161 const rtc::scoped_refptr<rtc::RTCCertificate>& cert, |
| 152 cricket::ContentAction action, | 162 cricket::ContentAction action, |
| 153 ConnectionRole role, | 163 ConnectionRole role, |
| 154 int flags) { | 164 int flags) { |
| 155 // If |NF_EXPECT_FAILURE| is set, expect SRTD or SLTD to fail when | 165 // If |NF_EXPECT_FAILURE| is set, expect SRTD or SLTD to fail when |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 195 SetRemoteTransportDescription(remote_cert, cricket::CA_OFFER, remote_role, | 205 SetRemoteTransportDescription(remote_cert, cricket::CA_OFFER, remote_role, |
| 196 flags); | 206 flags); |
| 197 // If remote if the offerer and has no DTLS support, answer will be | 207 // If remote if the offerer and has no DTLS support, answer will be |
| 198 // without any fingerprint. | 208 // without any fingerprint. |
| 199 SetLocalTransportDescription(remote_cert ? local_cert : nullptr, | 209 SetLocalTransportDescription(remote_cert ? local_cert : nullptr, |
| 200 cricket::CA_ANSWER, local_role, flags); | 210 cricket::CA_ANSWER, local_role, flags); |
| 201 } | 211 } |
| 202 } | 212 } |
| 203 | 213 |
| 204 bool Connect(DtlsTestClient* peer, bool asymmetric) { | 214 bool Connect(DtlsTestClient* peer, bool asymmetric) { |
| 205 transport_->SetDestination(peer->transport_.get(), asymmetric); | 215 for (auto& channel : fake_channels_) { |
| 216 channel->SetDestination(peer->GetFakeChannel(channel->component()), |
| 217 asymmetric); |
| 218 } |
| 206 return true; | 219 return true; |
| 207 } | 220 } |
| 208 | 221 |
| 209 bool all_channels_writable() const { | 222 bool all_channels_writable() const { |
| 210 if (channels_.empty()) { | 223 if (channels_.empty()) { |
| 211 return false; | 224 return false; |
| 212 } | 225 } |
| 213 for (cricket::DtlsTransportChannelWrapper* channel : channels_) { | 226 for (const auto& channel : channels_) { |
| 214 if (!channel->writable()) { | 227 if (!channel->writable()) { |
| 215 return false; | 228 return false; |
| 216 } | 229 } |
| 217 } | 230 } |
| 218 return true; | 231 return true; |
| 219 } | 232 } |
| 220 | 233 |
| 221 bool all_raw_channels_writable() const { | 234 bool all_raw_channels_writable() const { |
| 222 if (channels_.empty()) { | 235 if (channels_.empty()) { |
| 223 return false; | 236 return false; |
| 224 } | 237 } |
| 225 for (cricket::DtlsTransportChannelWrapper* channel : channels_) { | 238 for (const auto& channel : channels_) { |
| 226 if (!channel->channel()->writable()) { | 239 if (!channel->channel()->writable()) { |
| 227 return false; | 240 return false; |
| 228 } | 241 } |
| 229 } | 242 } |
| 230 return true; | 243 return true; |
| 231 } | 244 } |
| 232 | 245 |
| 233 int received_dtls_client_hellos() const { | 246 int received_dtls_client_hellos() const { |
| 234 return received_dtls_client_hellos_; | 247 return received_dtls_client_hellos_; |
| 235 } | 248 } |
| (...skipping 13 matching lines...) Expand all Loading... |
| 249 if (role == rtc::SSL_CLIENT) { | 262 if (role == rtc::SSL_CLIENT) { |
| 250 ASSERT_EQ(0, received_dtls_client_hellos_); | 263 ASSERT_EQ(0, received_dtls_client_hellos_); |
| 251 ASSERT_GT(received_dtls_server_hellos_, 0); | 264 ASSERT_GT(received_dtls_server_hellos_, 0); |
| 252 } else { | 265 } else { |
| 253 ASSERT_GT(received_dtls_client_hellos_, 0); | 266 ASSERT_GT(received_dtls_client_hellos_, 0); |
| 254 ASSERT_EQ(0, received_dtls_server_hellos_); | 267 ASSERT_EQ(0, received_dtls_server_hellos_); |
| 255 } | 268 } |
| 256 } | 269 } |
| 257 | 270 |
| 258 void CheckSrtp(int expected_crypto_suite) { | 271 void CheckSrtp(int expected_crypto_suite) { |
| 259 for (std::vector<cricket::DtlsTransportChannelWrapper*>::iterator it = | 272 for (const auto& channel : channels_) { |
| 260 channels_.begin(); it != channels_.end(); ++it) { | |
| 261 int crypto_suite; | 273 int crypto_suite; |
| 262 | 274 |
| 263 bool rv = (*it)->GetSrtpCryptoSuite(&crypto_suite); | 275 bool rv = channel->GetSrtpCryptoSuite(&crypto_suite); |
| 264 if (negotiated_dtls() && expected_crypto_suite) { | 276 if (negotiated_dtls() && expected_crypto_suite) { |
| 265 ASSERT_TRUE(rv); | 277 ASSERT_TRUE(rv); |
| 266 | 278 |
| 267 ASSERT_EQ(crypto_suite, expected_crypto_suite); | 279 ASSERT_EQ(crypto_suite, expected_crypto_suite); |
| 268 } else { | 280 } else { |
| 269 ASSERT_FALSE(rv); | 281 ASSERT_FALSE(rv); |
| 270 } | 282 } |
| 271 } | 283 } |
| 272 } | 284 } |
| 273 | 285 |
| 274 void CheckSsl() { | 286 void CheckSsl() { |
| 275 for (std::vector<cricket::DtlsTransportChannelWrapper*>::iterator it = | 287 for (const auto& channel : channels_) { |
| 276 channels_.begin(); it != channels_.end(); ++it) { | |
| 277 int cipher; | 288 int cipher; |
| 278 | 289 |
| 279 bool rv = (*it)->GetSslCipherSuite(&cipher); | 290 bool rv = channel->GetSslCipherSuite(&cipher); |
| 280 if (negotiated_dtls()) { | 291 if (negotiated_dtls()) { |
| 281 ASSERT_TRUE(rv); | 292 ASSERT_TRUE(rv); |
| 282 | 293 |
| 283 EXPECT_TRUE( | 294 EXPECT_TRUE( |
| 284 rtc::SSLStreamAdapter::IsAcceptableCipher(cipher, rtc::KT_DEFAULT)); | 295 rtc::SSLStreamAdapter::IsAcceptableCipher(cipher, rtc::KT_DEFAULT)); |
| 285 } else { | 296 } else { |
| 286 ASSERT_FALSE(rv); | 297 ASSERT_FALSE(rv); |
| 287 } | 298 } |
| 288 } | 299 } |
| 289 } | 300 } |
| (...skipping 126 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 416 ASSERT_TRUE(VerifyEncryptedPacket(data, size)); | 427 ASSERT_TRUE(VerifyEncryptedPacket(data, size)); |
| 417 } else if (IsRtpLeadByte(data[0])) { | 428 } else if (IsRtpLeadByte(data[0])) { |
| 418 ASSERT_TRUE(VerifyPacket(data, size, NULL)); | 429 ASSERT_TRUE(VerifyPacket(data, size, NULL)); |
| 419 } | 430 } |
| 420 } | 431 } |
| 421 } | 432 } |
| 422 | 433 |
| 423 private: | 434 private: |
| 424 std::string name_; | 435 std::string name_; |
| 425 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; | 436 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; |
| 426 std::unique_ptr<cricket::FakeTransport> transport_; | 437 std::vector<std::unique_ptr<cricket::FakeTransportChannel>> fake_channels_; |
| 427 std::vector<cricket::DtlsTransportChannelWrapper*> channels_; | 438 std::vector<std::unique_ptr<cricket::DtlsTransportChannelWrapper>> channels_; |
| 439 std::unique_ptr<cricket::JsepTransport> transport_; |
| 428 size_t packet_size_ = 0u; | 440 size_t packet_size_ = 0u; |
| 429 std::set<int> received_; | 441 std::set<int> received_; |
| 430 bool use_dtls_srtp_ = false; | 442 bool use_dtls_srtp_ = false; |
| 431 rtc::SSLProtocolVersion ssl_max_version_ = rtc::SSL_PROTOCOL_DTLS_12; | 443 rtc::SSLProtocolVersion ssl_max_version_ = rtc::SSL_PROTOCOL_DTLS_12; |
| 432 int received_dtls_client_hellos_ = 0; | 444 int received_dtls_client_hellos_ = 0; |
| 433 int received_dtls_server_hellos_ = 0; | 445 int received_dtls_server_hellos_ = 0; |
| 434 rtc::SentPacket sent_packet_; | 446 rtc::SentPacket sent_packet_; |
| 435 }; | 447 }; |
| 436 | 448 |
| 437 // Base class for DtlsTransportChannelTest and DtlsEventOrderingTest, which | 449 // Base class for DtlsTransportChannelTest and DtlsEventOrderingTest, which |
| (...skipping 376 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 814 } | 826 } |
| 815 | 827 |
| 816 // Testing with the legacy DTLS client which doesn't use setup attribute. | 828 // Testing with the legacy DTLS client which doesn't use setup attribute. |
| 817 // In this case legacy is the answerer. | 829 // In this case legacy is the answerer. |
| 818 TEST_F(DtlsTransportChannelTest, TestDtlsSetupWithLegacyAsAnswerer) { | 830 TEST_F(DtlsTransportChannelTest, TestDtlsSetupWithLegacyAsAnswerer) { |
| 819 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 831 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 820 PrepareDtls(true, true, rtc::KT_DEFAULT); | 832 PrepareDtls(true, true, rtc::KT_DEFAULT); |
| 821 NegotiateWithLegacy(); | 833 NegotiateWithLegacy(); |
| 822 rtc::SSLRole channel1_role; | 834 rtc::SSLRole channel1_role; |
| 823 rtc::SSLRole channel2_role; | 835 rtc::SSLRole channel2_role; |
| 824 EXPECT_TRUE(client1_.transport()->GetSslRole(&channel1_role)); | 836 client1_.transport()->GetSslRole(&channel1_role); |
| 825 EXPECT_TRUE(client2_.transport()->GetSslRole(&channel2_role)); | 837 client2_.transport()->GetSslRole(&channel2_role); |
| 826 EXPECT_EQ(rtc::SSL_SERVER, channel1_role); | 838 EXPECT_EQ(rtc::SSL_SERVER, channel1_role); |
| 827 EXPECT_EQ(rtc::SSL_CLIENT, channel2_role); | 839 EXPECT_EQ(rtc::SSL_CLIENT, channel2_role); |
| 828 } | 840 } |
| 829 | 841 |
| 830 // Testing re offer/answer after the session is estbalished. Roles will be | 842 // Testing re offer/answer after the session is estbalished. Roles will be |
| 831 // kept same as of the previous negotiation. | 843 // kept same as of the previous negotiation. |
| 832 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromOfferer) { | 844 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromOfferer) { |
| 833 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 845 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
| 834 SetChannelCount(2); | 846 SetChannelCount(2); |
| 835 PrepareDtls(true, true, rtc::KT_DEFAULT); | 847 PrepareDtls(true, true, rtc::KT_DEFAULT); |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 925 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; | 937 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; |
| 926 std::unique_ptr<rtc::SSLCertificate> remote_cert1; | 938 std::unique_ptr<rtc::SSLCertificate> remote_cert1; |
| 927 std::unique_ptr<rtc::SSLCertificate> remote_cert2; | 939 std::unique_ptr<rtc::SSLCertificate> remote_cert2; |
| 928 | 940 |
| 929 // After negotiation, each side has a distinct local certificate, but still no | 941 // After negotiation, each side has a distinct local certificate, but still no |
| 930 // remote certificate, because connection has not yet occurred. | 942 // remote certificate, because connection has not yet occurred. |
| 931 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); | 943 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); |
| 932 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); | 944 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); |
| 933 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), | 945 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), |
| 934 certificate2->ssl_certificate().ToPEMString()); | 946 certificate2->ssl_certificate().ToPEMString()); |
| 935 ASSERT_FALSE(client1_.transport()->GetRemoteSSLCertificate()); | 947 ASSERT_FALSE(client1_.GetDtlsChannel(0)->GetRemoteSSLCertificate()); |
| 936 ASSERT_FALSE(client2_.transport()->GetRemoteSSLCertificate()); | 948 ASSERT_FALSE(client2_.GetDtlsChannel(0)->GetRemoteSSLCertificate()); |
| 937 } | 949 } |
| 938 | 950 |
| 939 // Test Certificates state after connection. | 951 // Test Certificates state after connection. |
| 940 TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { | 952 TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { |
| 941 MAYBE_SKIP_TEST(HaveDtls); | 953 MAYBE_SKIP_TEST(HaveDtls); |
| 942 PrepareDtls(true, true, rtc::KT_DEFAULT); | 954 PrepareDtls(true, true, rtc::KT_DEFAULT); |
| 943 ASSERT_TRUE(Connect()); | 955 ASSERT_TRUE(Connect()); |
| 944 | 956 |
| 945 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; | 957 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; |
| 946 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; | 958 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; |
| 947 | 959 |
| 948 // After connection, each side has a distinct local certificate. | 960 // After connection, each side has a distinct local certificate. |
| 949 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); | 961 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); |
| 950 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); | 962 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); |
| 951 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), | 963 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), |
| 952 certificate2->ssl_certificate().ToPEMString()); | 964 certificate2->ssl_certificate().ToPEMString()); |
| 953 | 965 |
| 954 // Each side's remote certificate is the other side's local certificate. | 966 // Each side's remote certificate is the other side's local certificate. |
| 955 std::unique_ptr<rtc::SSLCertificate> remote_cert1 = | 967 std::unique_ptr<rtc::SSLCertificate> remote_cert1 = |
| 956 client1_.transport()->GetRemoteSSLCertificate(); | 968 client1_.GetDtlsChannel(0)->GetRemoteSSLCertificate(); |
| 957 ASSERT_TRUE(remote_cert1); | 969 ASSERT_TRUE(remote_cert1); |
| 958 ASSERT_EQ(remote_cert1->ToPEMString(), | 970 ASSERT_EQ(remote_cert1->ToPEMString(), |
| 959 certificate2->ssl_certificate().ToPEMString()); | 971 certificate2->ssl_certificate().ToPEMString()); |
| 960 std::unique_ptr<rtc::SSLCertificate> remote_cert2 = | 972 std::unique_ptr<rtc::SSLCertificate> remote_cert2 = |
| 961 client2_.transport()->GetRemoteSSLCertificate(); | 973 client2_.GetDtlsChannel(0)->GetRemoteSSLCertificate(); |
| 962 ASSERT_TRUE(remote_cert2); | 974 ASSERT_TRUE(remote_cert2); |
| 963 ASSERT_EQ(remote_cert2->ToPEMString(), | 975 ASSERT_EQ(remote_cert2->ToPEMString(), |
| 964 certificate1->ssl_certificate().ToPEMString()); | 976 certificate1->ssl_certificate().ToPEMString()); |
| 965 } | 977 } |
| 966 | 978 |
| 967 // Test that packets are retransmitted according to the expected schedule. | 979 // Test that packets are retransmitted according to the expected schedule. |
| 968 // Each time a timeout occurs, the retransmission timer should be doubled up to | 980 // Each time a timeout occurs, the retransmission timer should be doubled up to |
| 969 // 60 seconds. The timer defaults to 1 second, but for WebRTC we should be | 981 // 60 seconds. The timer defaults to 1 second, but for WebRTC we should be |
| 970 // initializing it to 50ms. | 982 // initializing it to 50ms. |
| 971 TEST_F(DtlsTransportChannelTest, TestRetransmissionSchedule) { | 983 TEST_F(DtlsTransportChannelTest, TestRetransmissionSchedule) { |
| (...skipping 199 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1171 std::vector<DtlsTransportEvent>{ | 1183 std::vector<DtlsTransportEvent>{ |
| 1172 CALLER_RECEIVES_CLIENTHELLO, CALLER_RECEIVES_FINGERPRINT, | 1184 CALLER_RECEIVES_CLIENTHELLO, CALLER_RECEIVES_FINGERPRINT, |
| 1173 CALLER_WRITABLE, HANDSHAKE_FINISHES}, | 1185 CALLER_WRITABLE, HANDSHAKE_FINISHES}, |
| 1174 std::vector<DtlsTransportEvent>{ | 1186 std::vector<DtlsTransportEvent>{ |
| 1175 CALLER_RECEIVES_CLIENTHELLO, CALLER_WRITABLE, | 1187 CALLER_RECEIVES_CLIENTHELLO, CALLER_WRITABLE, |
| 1176 CALLER_RECEIVES_FINGERPRINT, HANDSHAKE_FINISHES}, | 1188 CALLER_RECEIVES_FINGERPRINT, HANDSHAKE_FINISHES}, |
| 1177 std::vector<DtlsTransportEvent>{CALLER_RECEIVES_CLIENTHELLO, | 1189 std::vector<DtlsTransportEvent>{CALLER_RECEIVES_CLIENTHELLO, |
| 1178 CALLER_WRITABLE, HANDSHAKE_FINISHES, | 1190 CALLER_WRITABLE, HANDSHAKE_FINISHES, |
| 1179 CALLER_RECEIVES_FINGERPRINT}), | 1191 CALLER_RECEIVES_FINGERPRINT}), |
| 1180 ::testing::Bool())); | 1192 ::testing::Bool())); |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2517883002:
Refactoring that removes P2PTransport and DtlsTransport classes. (Closed)
