Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(850)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: webrtc/p2p/base/basicpacketsocketfactory.cc

Issue 2594623002: Add disabled certificate check support to IceServer PeerConnection API. (Closed)
Patch Set: Support deprecated OPT_SSLTCP name to prevent API breakage. Created 4 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « webrtc/api/peerconnectioninterface.h ('k') | webrtc/p2p/base/packetsocketfactory.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved.
3 * 3 *
4 * Use of this source code is governed by a BSD-style license 4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source 5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found 6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may 7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree. 8 * be found in the AUTHORS file in the root of the source tree.
9 */ 9 */
10 10
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after
80 return NULL; 80 return NULL;
81 } 81 }
82 82
83 if (BindSocket(socket, local_address, min_port, max_port) < 0) { 83 if (BindSocket(socket, local_address, min_port, max_port) < 0) {
84 LOG(LS_ERROR) << "TCP bind failed with error " 84 LOG(LS_ERROR) << "TCP bind failed with error "
85 << socket->GetError(); 85 << socket->GetError();
86 delete socket; 86 delete socket;
87 return NULL; 87 return NULL;
88 } 88 }
89 89
90 // If using SSLTCP, wrap the TCP socket in a pseudo-SSL socket. 90 // If using fake TLS, wrap the TCP socket in a pseudo-SSL socket.
91 if (opts & PacketSocketFactory::OPT_SSLTCP) { 91 if (opts & PacketSocketFactory::OPT_TLS_FAKE) {
92 ASSERT(!(opts & PacketSocketFactory::OPT_TLS)); 92 ASSERT(!(opts & PacketSocketFactory::OPT_TLS));
93 socket = new AsyncSSLSocket(socket); 93 socket = new AsyncSSLSocket(socket);
94 } 94 }
95 95
96 // Set TCP_NODELAY (via OPT_NODELAY) for improved performance. 96 // Set TCP_NODELAY (via OPT_NODELAY) for improved performance.
97 // See http://go/gtalktcpnodelayexperiment 97 // See http://go/gtalktcpnodelayexperiment
98 socket->SetOption(Socket::OPT_NODELAY, 1); 98 socket->SetOption(Socket::OPT_NODELAY, 1);
99 99
100 if (opts & PacketSocketFactory::OPT_STUN) 100 if (opts & PacketSocketFactory::OPT_STUN)
101 return new cricket::AsyncStunTCPSocket(socket, true); 101 return new cricket::AsyncStunTCPSocket(socket, true);
(...skipping 20 matching lines...) Expand all
122 // If using a proxy, wrap the socket in a proxy socket. 122 // If using a proxy, wrap the socket in a proxy socket.
123 if (proxy_info.type == PROXY_SOCKS5) { 123 if (proxy_info.type == PROXY_SOCKS5) {
124 socket = new AsyncSocksProxySocket( 124 socket = new AsyncSocksProxySocket(
125 socket, proxy_info.address, proxy_info.username, proxy_info.password); 125 socket, proxy_info.address, proxy_info.username, proxy_info.password);
126 } else if (proxy_info.type == PROXY_HTTPS) { 126 } else if (proxy_info.type == PROXY_HTTPS) {
127 socket = 127 socket =
128 new AsyncHttpsProxySocket(socket, user_agent, proxy_info.address, 128 new AsyncHttpsProxySocket(socket, user_agent, proxy_info.address,
129 proxy_info.username, proxy_info.password); 129 proxy_info.username, proxy_info.password);
130 } 130 }
131 131
132 // If using TLS, wrap the socket in an SSL adapter. 132 // Assert that at most one TLS option is used.
133 if (opts & PacketSocketFactory::OPT_TLS) { 133 int tlsOpts =
134 ASSERT(!(opts & PacketSocketFactory::OPT_SSLTCP)); 134 opts & (PacketSocketFactory::OPT_TLS | PacketSocketFactory::OPT_TLS_FAKE |
135 PacketSocketFactory::OPT_TLS_INSECURE);
136 ASSERT((tlsOpts & (tlsOpts - 1)) == 0);
135 137
138 if ((tlsOpts & PacketSocketFactory::OPT_TLS) ||
139 (tlsOpts & PacketSocketFactory::OPT_TLS_INSECURE)) {
140 // Using TLS, wrap the socket in an SSL adapter.
136 SSLAdapter* ssl_adapter = SSLAdapter::Create(socket); 141 SSLAdapter* ssl_adapter = SSLAdapter::Create(socket);
137 if (!ssl_adapter) { 142 if (!ssl_adapter) {
138 return NULL; 143 return NULL;
139 } 144 }
140 145
146 if (tlsOpts & PacketSocketFactory::OPT_TLS_INSECURE) {
147 ssl_adapter->set_ignore_bad_cert(true);
148 }
149
141 socket = ssl_adapter; 150 socket = ssl_adapter;
142 151
143 if (ssl_adapter->StartSSL(remote_address.hostname().c_str(), false) != 0) { 152 if (ssl_adapter->StartSSL(remote_address.hostname().c_str(), false) != 0) {
144 delete ssl_adapter; 153 delete ssl_adapter;
145 return NULL; 154 return NULL;
146 } 155 }
147 156
148 // If using SSLTCP, wrap the TCP socket in a pseudo-SSL socket. 157 } else if (tlsOpts & PacketSocketFactory::OPT_TLS_FAKE) {
149 } else if (opts & PacketSocketFactory::OPT_SSLTCP) { 158 // Using fake TLS, wrap the TCP socket in a pseudo-SSL socket.
150 ASSERT(!(opts & PacketSocketFactory::OPT_TLS));
151 socket = new AsyncSSLSocket(socket); 159 socket = new AsyncSSLSocket(socket);
152 } 160 }
153 161
154 if (socket->Connect(remote_address) < 0) { 162 if (socket->Connect(remote_address) < 0) {
155 LOG(LS_ERROR) << "TCP connect failed with error " 163 LOG(LS_ERROR) << "TCP connect failed with error "
156 << socket->GetError(); 164 << socket->GetError();
157 delete socket; 165 delete socket;
158 return NULL; 166 return NULL;
159 } 167 }
160 168
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after
197 SocketFactory* BasicPacketSocketFactory::socket_factory() { 205 SocketFactory* BasicPacketSocketFactory::socket_factory() {
198 if (thread_) { 206 if (thread_) {
199 ASSERT(thread_ == Thread::Current()); 207 ASSERT(thread_ == Thread::Current());
200 return thread_->socketserver(); 208 return thread_->socketserver();
201 } else { 209 } else {
202 return socket_factory_; 210 return socket_factory_;
203 } 211 }
204 } 212 }
205 213
206 } // namespace rtc 214 } // namespace rtc
OLDNEW
« no previous file with comments | « webrtc/api/peerconnectioninterface.h ('k') | webrtc/p2p/base/packetsocketfactory.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698