| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2008 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2008 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 10 matching lines...) Expand all Loading... |
| 21 | 21 |
| 22 #include <openssl/bio.h> | 22 #include <openssl/bio.h> |
| 23 #include <openssl/crypto.h> | 23 #include <openssl/crypto.h> |
| 24 #include <openssl/err.h> | 24 #include <openssl/err.h> |
| 25 #include <openssl/opensslv.h> | 25 #include <openssl/opensslv.h> |
| 26 #include <openssl/rand.h> | 26 #include <openssl/rand.h> |
| 27 #include <openssl/x509.h> | 27 #include <openssl/x509.h> |
| 28 #include <openssl/x509v3.h> | 28 #include <openssl/x509v3.h> |
| 29 | 29 |
| 30 #include "webrtc/base/arraysize.h" | 30 #include "webrtc/base/arraysize.h" |
| 31 #include "webrtc/base/checks.h" |
| 31 #include "webrtc/base/common.h" | 32 #include "webrtc/base/common.h" |
| 32 #include "webrtc/base/logging.h" | 33 #include "webrtc/base/logging.h" |
| 33 #include "webrtc/base/openssl.h" | 34 #include "webrtc/base/openssl.h" |
| 34 #include "webrtc/base/safe_conversions.h" | 35 #include "webrtc/base/safe_conversions.h" |
| 35 #include "webrtc/base/sslroots.h" | 36 #include "webrtc/base/sslroots.h" |
| 36 #include "webrtc/base/stringutils.h" | 37 #include "webrtc/base/stringutils.h" |
| 37 #include "webrtc/base/thread.h" | 38 #include "webrtc/base/thread.h" |
| 38 | 39 |
| 39 #ifndef OPENSSL_IS_BORINGSSL | 40 #ifndef OPENSSL_IS_BORINGSSL |
| 40 | 41 |
| (...skipping 241 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 282 ssl_mode_(SSL_MODE_TLS), | 283 ssl_mode_(SSL_MODE_TLS), |
| 283 custom_verification_succeeded_(false) { | 284 custom_verification_succeeded_(false) { |
| 284 } | 285 } |
| 285 | 286 |
| 286 OpenSSLAdapter::~OpenSSLAdapter() { | 287 OpenSSLAdapter::~OpenSSLAdapter() { |
| 287 Cleanup(); | 288 Cleanup(); |
| 288 } | 289 } |
| 289 | 290 |
| 290 void | 291 void |
| 291 OpenSSLAdapter::SetMode(SSLMode mode) { | 292 OpenSSLAdapter::SetMode(SSLMode mode) { |
| 292 ASSERT(state_ == SSL_NONE); | 293 RTC_DCHECK(state_ == SSL_NONE); |
| 293 ssl_mode_ = mode; | 294 ssl_mode_ = mode; |
| 294 } | 295 } |
| 295 | 296 |
| 296 int | 297 int |
| 297 OpenSSLAdapter::StartSSL(const char* hostname, bool restartable) { | 298 OpenSSLAdapter::StartSSL(const char* hostname, bool restartable) { |
| 298 if (state_ != SSL_NONE) | 299 if (state_ != SSL_NONE) |
| 299 return -1; | 300 return -1; |
| 300 | 301 |
| 301 ssl_host_name_ = hostname; | 302 ssl_host_name_ = hostname; |
| 302 restartable_ = restartable; | 303 restartable_ = restartable; |
| 303 | 304 |
| 304 if (socket_->GetState() != Socket::CS_CONNECTED) { | 305 if (socket_->GetState() != Socket::CS_CONNECTED) { |
| 305 state_ = SSL_WAIT; | 306 state_ = SSL_WAIT; |
| 306 return 0; | 307 return 0; |
| 307 } | 308 } |
| 308 | 309 |
| 309 state_ = SSL_CONNECTING; | 310 state_ = SSL_CONNECTING; |
| 310 if (int err = BeginSSL()) { | 311 if (int err = BeginSSL()) { |
| 311 Error("BeginSSL", err, false); | 312 Error("BeginSSL", err, false); |
| 312 return err; | 313 return err; |
| 313 } | 314 } |
| 314 | 315 |
| 315 return 0; | 316 return 0; |
| 316 } | 317 } |
| 317 | 318 |
| 318 int | 319 int |
| 319 OpenSSLAdapter::BeginSSL() { | 320 OpenSSLAdapter::BeginSSL() { |
| 320 LOG(LS_INFO) << "BeginSSL: " << ssl_host_name_; | 321 LOG(LS_INFO) << "BeginSSL: " << ssl_host_name_; |
| 321 ASSERT(state_ == SSL_CONNECTING); | 322 RTC_DCHECK(state_ == SSL_CONNECTING); |
| 322 | 323 |
| 323 int err = 0; | 324 int err = 0; |
| 324 BIO* bio = NULL; | 325 BIO* bio = NULL; |
| 325 | 326 |
| 326 // First set up the context | 327 // First set up the context |
| 327 if (!ssl_ctx_) | 328 if (!ssl_ctx_) |
| 328 ssl_ctx_ = SetupSSLContext(); | 329 ssl_ctx_ = SetupSSLContext(); |
| 329 | 330 |
| 330 if (!ssl_ctx_) { | 331 if (!ssl_ctx_) { |
| 331 err = -1; | 332 err = -1; |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 363 ssl_error: | 364 ssl_error: |
| 364 Cleanup(); | 365 Cleanup(); |
| 365 if (bio) | 366 if (bio) |
| 366 BIO_free(bio); | 367 BIO_free(bio); |
| 367 | 368 |
| 368 return err; | 369 return err; |
| 369 } | 370 } |
| 370 | 371 |
| 371 int | 372 int |
| 372 OpenSSLAdapter::ContinueSSL() { | 373 OpenSSLAdapter::ContinueSSL() { |
| 373 ASSERT(state_ == SSL_CONNECTING); | 374 RTC_DCHECK(state_ == SSL_CONNECTING); |
| 374 | 375 |
| 375 // Clear the DTLS timer | 376 // Clear the DTLS timer |
| 376 Thread::Current()->Clear(this, MSG_TIMEOUT); | 377 Thread::Current()->Clear(this, MSG_TIMEOUT); |
| 377 | 378 |
| 378 int code = SSL_connect(ssl_); | 379 int code = SSL_connect(ssl_); |
| 379 switch (SSL_get_error(ssl_, code)) { | 380 switch (SSL_get_error(ssl_, code)) { |
| 380 case SSL_ERROR_NONE: | 381 case SSL_ERROR_NONE: |
| 381 if (!SSLPostConnectionCheck(ssl_, ssl_host_name_.c_str())) { | 382 if (!SSLPostConnectionCheck(ssl_, ssl_host_name_.c_str())) { |
| 382 LOG(LS_ERROR) << "TLS post connection check failed"; | 383 LOG(LS_ERROR) << "TLS post connection check failed"; |
| 383 // make sure we close the socket | 384 // make sure we close the socket |
| (...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 620 LOG(LS_INFO) << "DTLS timeout expired"; | 621 LOG(LS_INFO) << "DTLS timeout expired"; |
| 621 DTLSv1_handle_timeout(ssl_); | 622 DTLSv1_handle_timeout(ssl_); |
| 622 ContinueSSL(); | 623 ContinueSSL(); |
| 623 } | 624 } |
| 624 } | 625 } |
| 625 | 626 |
| 626 void | 627 void |
| 627 OpenSSLAdapter::OnConnectEvent(AsyncSocket* socket) { | 628 OpenSSLAdapter::OnConnectEvent(AsyncSocket* socket) { |
| 628 LOG(LS_INFO) << "OpenSSLAdapter::OnConnectEvent"; | 629 LOG(LS_INFO) << "OpenSSLAdapter::OnConnectEvent"; |
| 629 if (state_ != SSL_WAIT) { | 630 if (state_ != SSL_WAIT) { |
| 630 ASSERT(state_ == SSL_NONE); | 631 RTC_DCHECK(state_ == SSL_NONE); |
| 631 AsyncSocketAdapter::OnConnectEvent(socket); | 632 AsyncSocketAdapter::OnConnectEvent(socket); |
| 632 return; | 633 return; |
| 633 } | 634 } |
| 634 | 635 |
| 635 state_ = SSL_CONNECTING; | 636 state_ = SSL_CONNECTING; |
| 636 if (int err = BeginSSL()) { | 637 if (int err = BeginSSL()) { |
| 637 AsyncSocketAdapter::OnCloseEvent(socket, err); | 638 AsyncSocketAdapter::OnCloseEvent(socket, err); |
| 638 } | 639 } |
| 639 } | 640 } |
| 640 | 641 |
| (...skipping 318 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 959 if (ssl_mode_ == SSL_MODE_DTLS) { | 960 if (ssl_mode_ == SSL_MODE_DTLS) { |
| 960 SSL_CTX_set_read_ahead(ctx, 1); | 961 SSL_CTX_set_read_ahead(ctx, 1); |
| 961 } | 962 } |
| 962 | 963 |
| 963 return ctx; | 964 return ctx; |
| 964 } | 965 } |
| 965 | 966 |
| 966 } // namespace rtc | 967 } // namespace rtc |
| 967 | 968 |
| 968 #endif // HAVE_OPENSSL_SSL_H | 969 #endif // HAVE_OPENSSL_SSL_H |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2620303003:
Replace ASSERT by RTC_DCHECK in all non-test code. (Closed)
