Chromium Code Reviews Chromium Code Reviews
Issue 2557803002:
Add disabled certificate check support to IceServer PeerConnection API. (Closed)
| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 26 matching lines...) Expand all Loading... | |
| 37 // Retry at most twice (i.e. three different ALLOCATE requests) on | 37 // Retry at most twice (i.e. three different ALLOCATE requests) on |
| 38 // STUN_ERROR_ALLOCATION_MISMATCH error per rfc5766. | 38 // STUN_ERROR_ALLOCATION_MISMATCH error per rfc5766. |
| 39 static const size_t MAX_ALLOCATE_MISMATCH_RETRIES = 2; | 39 static const size_t MAX_ALLOCATE_MISMATCH_RETRIES = 2; |
| 40 | 40 |
| 41 static const int TURN_SUCCESS_RESULT_CODE = 0; | 41 static const int TURN_SUCCESS_RESULT_CODE = 0; |
| 42 | 42 |
| 43 inline bool IsTurnChannelData(uint16_t msg_type) { | 43 inline bool IsTurnChannelData(uint16_t msg_type) { |
| 44 return ((msg_type & 0xC000) == 0x4000); // MSB are 0b01 | 44 return ((msg_type & 0xC000) == 0x4000); // MSB are 0b01 |
| 45 } | 45 } |
| 46 | 46 |
| 47 static int GetRelayPreference(cricket::ProtocolType proto, bool secure) { | 47 static int GetRelayPreference(cricket::ProtocolType proto) { |
| 48 int relay_preference = ICE_TYPE_PREFERENCE_RELAY; | 48 switch (proto) { |
| 49 if (proto == cricket::PROTO_TCP) { | 49 case cricket::PROTO_TCP: |
| 50 relay_preference -= 1; | 50 return ICE_TYPE_PREFERENCE_RELAY_TCP; |
| 51 if (secure) | 51 case cricket::PROTO_TLS: |
| 52 relay_preference -= 1; | 52 return ICE_TYPE_PREFERENCE_RELAY_TLS; |
| 53 default: | |
| 54 return ICE_TYPE_PREFERENCE_RELAY_UDP; | |
| 53 } | 55 } |
| 54 | |
| 55 ASSERT(relay_preference >= 0); | |
| 56 return relay_preference; | |
| 57 } | 56 } |
| 58 | 57 |
| 59 class TurnAllocateRequest : public StunRequest { | 58 class TurnAllocateRequest : public StunRequest { |
| 60 public: | 59 public: |
| 61 explicit TurnAllocateRequest(TurnPort* port); | 60 explicit TurnAllocateRequest(TurnPort* port); |
| 62 void Prepare(StunMessage* request) override; | 61 void Prepare(StunMessage* request) override; |
| 63 void OnSent() override; | 62 void OnSent() override; |
| 64 void OnResponse(StunMessage* response) override; | 63 void OnResponse(StunMessage* response) override; |
| 65 void OnErrorResponse(StunMessage* response) override; | 64 void OnErrorResponse(StunMessage* response) override; |
| 66 void OnTimeout() override; | 65 void OnTimeout() override; |
| (...skipping 248 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 315 } | 314 } |
| 316 } | 315 } |
| 317 } | 316 } |
| 318 | 317 |
| 319 bool TurnPort::CreateTurnClientSocket() { | 318 bool TurnPort::CreateTurnClientSocket() { |
| 320 ASSERT(!socket_ || SharedSocket()); | 319 ASSERT(!socket_ || SharedSocket()); |
| 321 | 320 |
| 322 if (server_address_.proto == PROTO_UDP && !SharedSocket()) { | 321 if (server_address_.proto == PROTO_UDP && !SharedSocket()) { |
| 323 socket_ = socket_factory()->CreateUdpSocket( | 322 socket_ = socket_factory()->CreateUdpSocket( |
| 324 rtc::SocketAddress(ip(), 0), min_port(), max_port()); | 323 rtc::SocketAddress(ip(), 0), min_port(), max_port()); |
| 325 } else if (server_address_.proto == PROTO_TCP) { | 324 } else if (server_address_.proto == PROTO_TCP || |
| 325 server_address_.proto == PROTO_TLS) { | |
| 326 ASSERT(!SharedSocket()); | 326 ASSERT(!SharedSocket()); |
| 327 int opts = rtc::PacketSocketFactory::OPT_STUN; | 327 int opts = rtc::PacketSocketFactory::OPT_STUN; |
| 328 // If secure bit is enabled in server address, use TLS over TCP. | 328 |
| 329 if (server_address_.secure) { | 329 // Apply server address TLS and insecure bits to options. |
| 330 if (server_address_.proto == PROTO_TLS) { | |
| 330 opts |= rtc::PacketSocketFactory::OPT_TLS; | 331 opts |= rtc::PacketSocketFactory::OPT_TLS; |
| 331 } | 332 } |
|
pthatcher1
2016/12/07 21:29:36
I like the cleanup/refactoring going on here (the
Taylor Brandstetter
2016/12/08 01:36:40
I agree, if it's not too hard to pull the two apar
hnsl1
2016/12/12 16:08:13
Okay, I'll prepare a new CL where I do the PROTO_T
| |
| 333 if (server_address_.flags & PROTO_FLAG_INSECURE_CERT_CHECK) { | |
| 334 opts |= rtc::PacketSocketFactory::OPT_INSECURE_CERT_CHECK; | |
| 335 } | |
| 336 | |
| 332 socket_ = socket_factory()->CreateClientTcpSocket( | 337 socket_ = socket_factory()->CreateClientTcpSocket( |
| 333 rtc::SocketAddress(ip(), 0), server_address_.address, | 338 rtc::SocketAddress(ip(), 0), server_address_.address, |
| 334 proxy(), user_agent(), opts); | 339 proxy(), user_agent(), opts); |
| 335 } | 340 } |
| 336 | 341 |
| 337 if (!socket_) { | 342 if (!socket_) { |
| 338 error_ = SOCKET_ERROR; | 343 error_ = SOCKET_ERROR; |
| 339 return false; | 344 return false; |
| 340 } | 345 } |
| 341 | 346 |
| 342 // Apply options if any. | 347 // Apply options if any. |
| 343 for (SocketOptionsMap::iterator iter = socket_options_.begin(); | 348 for (SocketOptionsMap::iterator iter = socket_options_.begin(); |
| 344 iter != socket_options_.end(); ++iter) { | 349 iter != socket_options_.end(); ++iter) { |
| 345 socket_->SetOption(iter->first, iter->second); | 350 socket_->SetOption(iter->first, iter->second); |
| 346 } | 351 } |
| 347 | 352 |
| 348 if (!SharedSocket()) { | 353 if (!SharedSocket()) { |
| 349 // If socket is shared, AllocationSequence will receive the packet. | 354 // If socket is shared, AllocationSequence will receive the packet. |
| 350 socket_->SignalReadPacket.connect(this, &TurnPort::OnReadPacket); | 355 socket_->SignalReadPacket.connect(this, &TurnPort::OnReadPacket); |
| 351 } | 356 } |
| 352 | 357 |
| 353 socket_->SignalReadyToSend.connect(this, &TurnPort::OnReadyToSend); | 358 socket_->SignalReadyToSend.connect(this, &TurnPort::OnReadyToSend); |
| 354 | 359 |
| 355 socket_->SignalSentPacket.connect(this, &TurnPort::OnSentPacket); | 360 socket_->SignalSentPacket.connect(this, &TurnPort::OnSentPacket); |
| 356 | 361 |
| 357 // TCP port is ready to send stun requests after the socket is connected, | 362 // TCP port is ready to send stun requests after the socket is connected, |
| 358 // while UDP port is ready to do so once the socket is created. | 363 // while UDP port is ready to do so once the socket is created. |
| 359 if (server_address_.proto == PROTO_TCP) { | 364 if (server_address_.proto == PROTO_TCP || |
| 365 server_address_.proto == PROTO_TLS) { | |
| 360 socket_->SignalConnect.connect(this, &TurnPort::OnSocketConnect); | 366 socket_->SignalConnect.connect(this, &TurnPort::OnSocketConnect); |
| 361 socket_->SignalClose.connect(this, &TurnPort::OnSocketClose); | 367 socket_->SignalClose.connect(this, &TurnPort::OnSocketClose); |
| 362 } else { | 368 } else { |
| 363 state_ = STATE_CONNECTED; | 369 state_ = STATE_CONNECTED; |
| 364 } | 370 } |
| 365 return true; | 371 return true; |
| 366 } | 372 } |
| 367 | 373 |
| 368 void TurnPort::OnSocketConnect(rtc::AsyncPacketSocket* socket) { | 374 void TurnPort::OnSocketConnect(rtc::AsyncPacketSocket* socket) { |
| 369 ASSERT(server_address_.proto == PROTO_TCP); | 375 ASSERT(server_address_.proto == PROTO_TCP); |
| (...skipping 275 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 645 LOG_J(LS_WARNING, this) | 651 LOG_J(LS_WARNING, this) |
| 646 << "Blocking attempted redirect to loopback address."; | 652 << "Blocking attempted redirect to loopback address."; |
| 647 return false; | 653 return false; |
| 648 } | 654 } |
| 649 | 655 |
| 650 LOG_J(LS_INFO, this) << "Redirecting from TURN server [" | 656 LOG_J(LS_INFO, this) << "Redirecting from TURN server [" |
| 651 << server_address_.address.ToSensitiveString() | 657 << server_address_.address.ToSensitiveString() |
| 652 << "] to TURN server [" | 658 << "] to TURN server [" |
| 653 << address.ToSensitiveString() | 659 << address.ToSensitiveString() |
| 654 << "]"; | 660 << "]"; |
| 655 server_address_ = ProtocolAddress(address, server_address_.proto, | 661 server_address_ = |
| 656 server_address_.secure); | 662 ProtocolAddress(address, server_address_.proto, server_address_.flags); |
| 657 | 663 |
| 658 // Insert the current address to prevent redirection pingpong. | 664 // Insert the current address to prevent redirection pingpong. |
| 659 attempted_server_addresses_.insert(server_address_.address); | 665 attempted_server_addresses_.insert(server_address_.address); |
| 660 return true; | 666 return true; |
| 661 } | 667 } |
| 662 | 668 |
| 663 void TurnPort::ResolveTurnAddress(const rtc::SocketAddress& address) { | 669 void TurnPort::ResolveTurnAddress(const rtc::SocketAddress& address) { |
| 664 if (resolver_) | 670 if (resolver_) |
| 665 return; | 671 return; |
| 666 | 672 |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 729 | 735 |
| 730 rtc::SocketAddress related_address = stun_address; | 736 rtc::SocketAddress related_address = stun_address; |
| 731 | 737 |
| 732 // For relayed candidate, Base is the candidate itself. | 738 // For relayed candidate, Base is the candidate itself. |
| 733 AddAddress(address, // Candidate address. | 739 AddAddress(address, // Candidate address. |
| 734 address, // Base address. | 740 address, // Base address. |
| 735 related_address, // Related address. | 741 related_address, // Related address. |
| 736 UDP_PROTOCOL_NAME, | 742 UDP_PROTOCOL_NAME, |
| 737 ProtoToString(server_address_.proto), // The first hop protocol. | 743 ProtoToString(server_address_.proto), // The first hop protocol. |
| 738 "", // TCP canddiate type, empty for turn candidates. | 744 "", // TCP canddiate type, empty for turn candidates. |
| 739 RELAY_PORT_TYPE, | 745 RELAY_PORT_TYPE, GetRelayPreference(server_address_.proto), |
| 740 GetRelayPreference(server_address_.proto, server_address_.secure), | |
| 741 server_priority_, true); | 746 server_priority_, true); |
| 742 } | 747 } |
| 743 | 748 |
| 744 void TurnPort::OnAllocateError() { | 749 void TurnPort::OnAllocateError() { |
| 745 // We will send SignalPortError asynchronously as this can be sent during | 750 // We will send SignalPortError asynchronously as this can be sent during |
| 746 // port initialization. This way it will not be blocking other port | 751 // port initialization. This way it will not be blocking other port |
| 747 // creation. | 752 // creation. |
| 748 thread()->Post(RTC_FROM_HERE, this, MSG_ALLOCATE_ERROR); | 753 thread()->Post(RTC_FROM_HERE, this, MSG_ALLOCATE_ERROR); |
| 749 } | 754 } |
| 750 | 755 |
| (...skipping 791 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1542 } else { | 1547 } else { |
| 1543 state_ = STATE_UNBOUND; | 1548 state_ = STATE_UNBOUND; |
| 1544 port_->FailAndPruneConnection(ext_addr_); | 1549 port_->FailAndPruneConnection(ext_addr_); |
| 1545 } | 1550 } |
| 1546 } | 1551 } |
| 1547 void TurnEntry::OnChannelBindTimeout() { | 1552 void TurnEntry::OnChannelBindTimeout() { |
| 1548 state_ = STATE_UNBOUND; | 1553 state_ = STATE_UNBOUND; |
| 1549 port_->FailAndPruneConnection(ext_addr_); | 1554 port_->FailAndPruneConnection(ext_addr_); |
| 1550 } | 1555 } |
| 1551 } // namespace cricket | 1556 } // namespace cricket |
| OLD | NEW |
