Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(318)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: webrtc/base/opensslstreamadapter.cc

Issue 2526433002: Only use BoringSSL time callback in unit tests. (Closed)
Patch Set: Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« webrtc/base/opensslstreamadapter.h ('K') | « webrtc/base/opensslstreamadapter.h ('k') | webrtc/base/sslstreamadapter.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved.
3 * 3 *
4 * Use of this source code is governed by a BSD-style license 4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source 5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found 6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may 7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree. 8 * be found in the AUTHORS file in the root of the source tree.
9 */ 9 */
10 10
(...skipping 20 matching lines...) Expand all
31 #include "webrtc/base/safe_conversions.h" 31 #include "webrtc/base/safe_conversions.h"
32 #include "webrtc/base/stream.h" 32 #include "webrtc/base/stream.h"
33 #include "webrtc/base/openssl.h" 33 #include "webrtc/base/openssl.h"
34 #include "webrtc/base/openssladapter.h" 34 #include "webrtc/base/openssladapter.h"
35 #include "webrtc/base/openssldigest.h" 35 #include "webrtc/base/openssldigest.h"
36 #include "webrtc/base/opensslidentity.h" 36 #include "webrtc/base/opensslidentity.h"
37 #include "webrtc/base/stringutils.h" 37 #include "webrtc/base/stringutils.h"
38 #include "webrtc/base/timeutils.h" 38 #include "webrtc/base/timeutils.h"
39 #include "webrtc/base/thread.h" 39 #include "webrtc/base/thread.h"
40 40
41 namespace {
42 bool g_use_time_callback_for_testing = false;
43 }
44
41 namespace rtc { 45 namespace rtc {
42 46
43 #if (OPENSSL_VERSION_NUMBER >= 0x10001000L) 47 #if (OPENSSL_VERSION_NUMBER >= 0x10001000L)
44 #define HAVE_DTLS_SRTP 48 #define HAVE_DTLS_SRTP
45 #endif 49 #endif
46 50
47 #ifdef HAVE_DTLS_SRTP 51 #ifdef HAVE_DTLS_SRTP
48 // SRTP cipher suite table. |internal_name| is used to construct a 52 // SRTP cipher suite table. |internal_name| is used to construct a
49 // colon-separated profile strings which is needed by 53 // colon-separated profile strings which is needed by
50 // SSL_CTX_set_tlsext_use_srtp(). 54 // SSL_CTX_set_tlsext_use_srtp().
51 struct SrtpCipherMapEntry { 55 struct SrtpCipherMapEntry {
52 const char* internal_name; 56 const char* internal_name;
53 const int id; 57 const int id;
54 }; 58 };
55 59
56 // This isn't elegant, but it's better than an external reference 60 // This isn't elegant, but it's better than an external reference
57 static SrtpCipherMapEntry SrtpCipherMap[] = { 61 static SrtpCipherMapEntry SrtpCipherMap[] = {
58 {"SRTP_AES128_CM_SHA1_80", SRTP_AES128_CM_SHA1_80}, 62 {"SRTP_AES128_CM_SHA1_80", SRTP_AES128_CM_SHA1_80},
59 {"SRTP_AES128_CM_SHA1_32", SRTP_AES128_CM_SHA1_32}, 63 {"SRTP_AES128_CM_SHA1_32", SRTP_AES128_CM_SHA1_32},
60 {"SRTP_AEAD_AES_128_GCM", SRTP_AEAD_AES_128_GCM}, 64 {"SRTP_AEAD_AES_128_GCM", SRTP_AEAD_AES_128_GCM},
61 {"SRTP_AEAD_AES_256_GCM", SRTP_AEAD_AES_256_GCM}, 65 {"SRTP_AEAD_AES_256_GCM", SRTP_AEAD_AES_256_GCM},
62 {nullptr, 0}}; 66 {nullptr, 0}};
63 #endif 67 #endif
64 68
65 #ifdef OPENSSL_IS_BORINGSSL 69 #ifdef OPENSSL_IS_BORINGSSL
66 static void TimeCallback(const SSL* ssl, struct timeval* out_clock) { 70 // Not used in production code. Actual time should be relative to Jan 1, 1970.
71 static void TimeCallbackForTesting(const SSL* ssl, struct timeval* out_clock) {
pthatcher1 2016/11/29 00:32:40 FakeClockTimeCallback?
67 uint64_t time = TimeNanos(); 72 uint64_t time = TimeNanos();
68 out_clock->tv_sec = time / kNumNanosecsPerSec; 73 out_clock->tv_sec = time / kNumNanosecsPerSec;
69 out_clock->tv_usec = (time % kNumNanosecsPerSec) / kNumNanosecsPerMicrosec; 74 out_clock->tv_usec = (time % kNumNanosecsPerSec) / kNumNanosecsPerMicrosec;
70 } 75 }
71 #else // #ifdef OPENSSL_IS_BORINGSSL 76 #else // #ifdef OPENSSL_IS_BORINGSSL
72 77
73 // Cipher name table. Maps internal OpenSSL cipher ids to the RFC name. 78 // Cipher name table. Maps internal OpenSSL cipher ids to the RFC name.
74 struct SslCipherMapEntry { 79 struct SslCipherMapEntry {
75 uint32_t openssl_id; 80 uint32_t openssl_id;
76 const char* rfc_name; 81 const char* rfc_name;
(...skipping 975 matching lines...) Expand 10 before | Expand all | Expand 10 after
1052 case SSL_PROTOCOL_TLS_11: 1057 case SSL_PROTOCOL_TLS_11:
1053 SSL_CTX_set_max_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? 1058 SSL_CTX_set_max_version(ctx, ssl_mode_ == SSL_MODE_DTLS ?
1054 DTLS1_VERSION : TLS1_1_VERSION); 1059 DTLS1_VERSION : TLS1_1_VERSION);
1055 break; 1060 break;
1056 case SSL_PROTOCOL_TLS_12: 1061 case SSL_PROTOCOL_TLS_12:
1057 default: 1062 default:
1058 SSL_CTX_set_max_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? 1063 SSL_CTX_set_max_version(ctx, ssl_mode_ == SSL_MODE_DTLS ?
1059 DTLS1_2_VERSION : TLS1_2_VERSION); 1064 DTLS1_2_VERSION : TLS1_2_VERSION);
1060 break; 1065 break;
1061 } 1066 }
1062 // Set a time callback for BoringSSL because: 1067 if (g_use_time_callback_for_testing) {
1063 // 1. Our time function is more accurate (doesn't just use gettimeofday). 1068 SSL_CTX_set_current_time_cb(ctx, &TimeCallbackForTesting);
1064 // 2. This allows us to inject a fake clock for testing. 1069 }
1065 SSL_CTX_set_current_time_cb(ctx, &TimeCallback);
1066 #endif 1070 #endif
1067 1071
1068 if (identity_ && !identity_->ConfigureIdentity(ctx)) { 1072 if (identity_ && !identity_->ConfigureIdentity(ctx)) {
1069 SSL_CTX_free(ctx); 1073 SSL_CTX_free(ctx);
1070 return NULL; 1074 return NULL;
1071 } 1075 }
1072 1076
1073 #if !defined(NDEBUG) 1077 #if !defined(NDEBUG)
1074 SSL_CTX_set_info_callback(ctx, OpenSSLAdapter::SSLInfoCallback); 1078 SSL_CTX_set_info_callback(ctx, OpenSSLAdapter::SSLInfoCallback);
1075 #endif 1079 #endif
(...skipping 180 matching lines...) Expand 10 before | Expand all | Expand 10 after
1256 if (key_type == KT_ECDSA) { 1260 if (key_type == KT_ECDSA) {
1257 for (const cipher_list& c : OK_ECDSA_ciphers) { 1261 for (const cipher_list& c : OK_ECDSA_ciphers) {
1258 if (cipher == c.cipher_str) 1262 if (cipher == c.cipher_str)
1259 return true; 1263 return true;
1260 } 1264 }
1261 } 1265 }
1262 1266
1263 return false; 1267 return false;
1264 } 1268 }
1265 1269
1270 void OpenSSLStreamAdapter::enable_time_callback_for_testing() {
1271 g_use_time_callback_for_testing = true;
pthatcher1 2016/11/29 00:32:40 g_use_fake_clock?
1272 }
1273
1266 } // namespace rtc 1274 } // namespace rtc
1267 1275
1268 #endif // HAVE_OPENSSL_SSL_H 1276 #endif // HAVE_OPENSSL_SSL_H
OLDNEW
« webrtc/base/opensslstreamadapter.h ('K') | « webrtc/base/opensslstreamadapter.h ('k') | webrtc/base/sslstreamadapter.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698