Revert of Add disabled certificate check support to IceServer PeerConnection API.

webrtc/p2p/base/basicpacketsocketfactory.cc

 /*
  *  Copyright 2011 The WebRTC Project Authors. All rights reserved.
  *
  *  Use of this source code is governed by a BSD-style license
  *  that can be found in the LICENSE file in the root of the source
  *  tree. An additional intellectual property rights grant can be found
  *  in the file PATENTS.  All contributing project authors may
  *  be found in the AUTHORS file in the root of the source tree.
  */
 
@@ skipping 69 matching lines @@
     return NULL;
   }
 
   if (BindSocket(socket, local_address, min_port, max_port) < 0) {
     LOG(LS_ERROR) << "TCP bind failed with error "
                   << socket->GetError();
     delete socket;
     return NULL;
   }
 
-  // If using fake TLS, wrap the TCP socket in a pseudo-SSL socket.
-  if (opts & PacketSocketFactory::OPT_TLS_FAKE) {
+  // If using SSLTCP, wrap the TCP socket in a pseudo-SSL socket.
+  if (opts & PacketSocketFactory::OPT_SSLTCP) {
     ASSERT(!(opts & PacketSocketFactory::OPT_TLS));
     socket = new AsyncSSLSocket(socket);
   }
 
   // Set TCP_NODELAY (via OPT_NODELAY) for improved performance.
   // See http://go/gtalktcpnodelayexperiment
   socket->SetOption(Socket::OPT_NODELAY, 1);
 
   if (opts & PacketSocketFactory::OPT_STUN)
     return new cricket::AsyncStunTCPSocket(socket, true);
@@ skipping 20 matching lines @@
   // If using a proxy, wrap the socket in a proxy socket.
   if (proxy_info.type == PROXY_SOCKS5) {
     socket = new AsyncSocksProxySocket(
         socket, proxy_info.address, proxy_info.username, proxy_info.password);
   } else if (proxy_info.type == PROXY_HTTPS) {
     socket =
         new AsyncHttpsProxySocket(socket, user_agent, proxy_info.address,
                                   proxy_info.username, proxy_info.password);
   }
 
-  // Assert that at most one TLS option is used.
-  int tlsOpts =
-      opts & (PacketSocketFactory::OPT_TLS | PacketSocketFactory::OPT_TLS_FAKE |
-              PacketSocketFactory::OPT_TLS_INSECURE);
-  ASSERT((tlsOpts & (tlsOpts - 1)) == 0);
+  // If using TLS, wrap the socket in an SSL adapter.
+  if (opts & PacketSocketFactory::OPT_TLS) {
+    ASSERT(!(opts & PacketSocketFactory::OPT_SSLTCP));
 
-  if ((tlsOpts & PacketSocketFactory::OPT_TLS) ||
-      (tlsOpts & PacketSocketFactory::OPT_TLS_INSECURE)) {
-    // Using TLS, wrap the socket in an SSL adapter.
     SSLAdapter* ssl_adapter = SSLAdapter::Create(socket);
     if (!ssl_adapter) {
       return NULL;
     }
 
-    if (tlsOpts & PacketSocketFactory::OPT_TLS_INSECURE) {
-      ssl_adapter->set_ignore_bad_cert(true);
-    }
-
     socket = ssl_adapter;
 
     if (ssl_adapter->StartSSL(remote_address.hostname().c_str(), false) != 0) {
       delete ssl_adapter;
       return NULL;
     }
 
-  } else if (tlsOpts & PacketSocketFactory::OPT_TLS_FAKE) {
-    // Using fake TLS, wrap the TCP socket in a pseudo-SSL socket.
+  // If using SSLTCP, wrap the TCP socket in a pseudo-SSL socket.
+  } else if (opts & PacketSocketFactory::OPT_SSLTCP) {
+    ASSERT(!(opts & PacketSocketFactory::OPT_TLS));
     socket = new AsyncSSLSocket(socket);
   }
 
   if (socket->Connect(remote_address) < 0) {
     LOG(LS_ERROR) << "TCP connect failed with error "
                   << socket->GetError();
     delete socket;
     return NULL;
   }
 
@@ skipping 36 matching lines @@
 SocketFactory* BasicPacketSocketFactory::socket_factory() {
   if (thread_) {
     ASSERT(thread_ == Thread::Current());
     return thread_->socketserver();
   } else {
     return socket_factory_;
   }
 }
 
 }  // namespace rtc