OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2008 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2008 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 10 matching lines...) Expand all Loading... |
21 | 21 |
22 #include <openssl/bio.h> | 22 #include <openssl/bio.h> |
23 #include <openssl/crypto.h> | 23 #include <openssl/crypto.h> |
24 #include <openssl/err.h> | 24 #include <openssl/err.h> |
25 #include <openssl/opensslv.h> | 25 #include <openssl/opensslv.h> |
26 #include <openssl/rand.h> | 26 #include <openssl/rand.h> |
27 #include <openssl/x509.h> | 27 #include <openssl/x509.h> |
28 #include <openssl/x509v3.h> | 28 #include <openssl/x509v3.h> |
29 | 29 |
30 #include "webrtc/base/arraysize.h" | 30 #include "webrtc/base/arraysize.h" |
| 31 #include "webrtc/base/checks.h" |
31 #include "webrtc/base/common.h" | 32 #include "webrtc/base/common.h" |
32 #include "webrtc/base/logging.h" | 33 #include "webrtc/base/logging.h" |
33 #include "webrtc/base/openssl.h" | 34 #include "webrtc/base/openssl.h" |
34 #include "webrtc/base/safe_conversions.h" | 35 #include "webrtc/base/safe_conversions.h" |
35 #include "webrtc/base/sslroots.h" | 36 #include "webrtc/base/sslroots.h" |
36 #include "webrtc/base/stringutils.h" | 37 #include "webrtc/base/stringutils.h" |
37 #include "webrtc/base/thread.h" | 38 #include "webrtc/base/thread.h" |
38 | 39 |
39 #ifndef OPENSSL_IS_BORINGSSL | 40 #ifndef OPENSSL_IS_BORINGSSL |
40 | 41 |
(...skipping 241 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
282 ssl_mode_(SSL_MODE_TLS), | 283 ssl_mode_(SSL_MODE_TLS), |
283 custom_verification_succeeded_(false) { | 284 custom_verification_succeeded_(false) { |
284 } | 285 } |
285 | 286 |
286 OpenSSLAdapter::~OpenSSLAdapter() { | 287 OpenSSLAdapter::~OpenSSLAdapter() { |
287 Cleanup(); | 288 Cleanup(); |
288 } | 289 } |
289 | 290 |
290 void | 291 void |
291 OpenSSLAdapter::SetMode(SSLMode mode) { | 292 OpenSSLAdapter::SetMode(SSLMode mode) { |
292 ASSERT(state_ == SSL_NONE); | 293 RTC_DCHECK(state_ == SSL_NONE); |
293 ssl_mode_ = mode; | 294 ssl_mode_ = mode; |
294 } | 295 } |
295 | 296 |
296 int | 297 int |
297 OpenSSLAdapter::StartSSL(const char* hostname, bool restartable) { | 298 OpenSSLAdapter::StartSSL(const char* hostname, bool restartable) { |
298 if (state_ != SSL_NONE) | 299 if (state_ != SSL_NONE) |
299 return -1; | 300 return -1; |
300 | 301 |
301 ssl_host_name_ = hostname; | 302 ssl_host_name_ = hostname; |
302 restartable_ = restartable; | 303 restartable_ = restartable; |
303 | 304 |
304 if (socket_->GetState() != Socket::CS_CONNECTED) { | 305 if (socket_->GetState() != Socket::CS_CONNECTED) { |
305 state_ = SSL_WAIT; | 306 state_ = SSL_WAIT; |
306 return 0; | 307 return 0; |
307 } | 308 } |
308 | 309 |
309 state_ = SSL_CONNECTING; | 310 state_ = SSL_CONNECTING; |
310 if (int err = BeginSSL()) { | 311 if (int err = BeginSSL()) { |
311 Error("BeginSSL", err, false); | 312 Error("BeginSSL", err, false); |
312 return err; | 313 return err; |
313 } | 314 } |
314 | 315 |
315 return 0; | 316 return 0; |
316 } | 317 } |
317 | 318 |
318 int | 319 int |
319 OpenSSLAdapter::BeginSSL() { | 320 OpenSSLAdapter::BeginSSL() { |
320 LOG(LS_INFO) << "BeginSSL: " << ssl_host_name_; | 321 LOG(LS_INFO) << "BeginSSL: " << ssl_host_name_; |
321 ASSERT(state_ == SSL_CONNECTING); | 322 RTC_DCHECK(state_ == SSL_CONNECTING); |
322 | 323 |
323 int err = 0; | 324 int err = 0; |
324 BIO* bio = NULL; | 325 BIO* bio = NULL; |
325 | 326 |
326 // First set up the context | 327 // First set up the context |
327 if (!ssl_ctx_) | 328 if (!ssl_ctx_) |
328 ssl_ctx_ = SetupSSLContext(); | 329 ssl_ctx_ = SetupSSLContext(); |
329 | 330 |
330 if (!ssl_ctx_) { | 331 if (!ssl_ctx_) { |
331 err = -1; | 332 err = -1; |
(...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
363 ssl_error: | 364 ssl_error: |
364 Cleanup(); | 365 Cleanup(); |
365 if (bio) | 366 if (bio) |
366 BIO_free(bio); | 367 BIO_free(bio); |
367 | 368 |
368 return err; | 369 return err; |
369 } | 370 } |
370 | 371 |
371 int | 372 int |
372 OpenSSLAdapter::ContinueSSL() { | 373 OpenSSLAdapter::ContinueSSL() { |
373 ASSERT(state_ == SSL_CONNECTING); | 374 RTC_DCHECK(state_ == SSL_CONNECTING); |
374 | 375 |
375 // Clear the DTLS timer | 376 // Clear the DTLS timer |
376 Thread::Current()->Clear(this, MSG_TIMEOUT); | 377 Thread::Current()->Clear(this, MSG_TIMEOUT); |
377 | 378 |
378 int code = SSL_connect(ssl_); | 379 int code = SSL_connect(ssl_); |
379 switch (SSL_get_error(ssl_, code)) { | 380 switch (SSL_get_error(ssl_, code)) { |
380 case SSL_ERROR_NONE: | 381 case SSL_ERROR_NONE: |
381 if (!SSLPostConnectionCheck(ssl_, ssl_host_name_.c_str())) { | 382 if (!SSLPostConnectionCheck(ssl_, ssl_host_name_.c_str())) { |
382 LOG(LS_ERROR) << "TLS post connection check failed"; | 383 LOG(LS_ERROR) << "TLS post connection check failed"; |
383 // make sure we close the socket | 384 // make sure we close the socket |
(...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
620 LOG(LS_INFO) << "DTLS timeout expired"; | 621 LOG(LS_INFO) << "DTLS timeout expired"; |
621 DTLSv1_handle_timeout(ssl_); | 622 DTLSv1_handle_timeout(ssl_); |
622 ContinueSSL(); | 623 ContinueSSL(); |
623 } | 624 } |
624 } | 625 } |
625 | 626 |
626 void | 627 void |
627 OpenSSLAdapter::OnConnectEvent(AsyncSocket* socket) { | 628 OpenSSLAdapter::OnConnectEvent(AsyncSocket* socket) { |
628 LOG(LS_INFO) << "OpenSSLAdapter::OnConnectEvent"; | 629 LOG(LS_INFO) << "OpenSSLAdapter::OnConnectEvent"; |
629 if (state_ != SSL_WAIT) { | 630 if (state_ != SSL_WAIT) { |
630 ASSERT(state_ == SSL_NONE); | 631 RTC_DCHECK(state_ == SSL_NONE); |
631 AsyncSocketAdapter::OnConnectEvent(socket); | 632 AsyncSocketAdapter::OnConnectEvent(socket); |
632 return; | 633 return; |
633 } | 634 } |
634 | 635 |
635 state_ = SSL_CONNECTING; | 636 state_ = SSL_CONNECTING; |
636 if (int err = BeginSSL()) { | 637 if (int err = BeginSSL()) { |
637 AsyncSocketAdapter::OnCloseEvent(socket, err); | 638 AsyncSocketAdapter::OnCloseEvent(socket, err); |
638 } | 639 } |
639 } | 640 } |
640 | 641 |
(...skipping 318 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
959 if (ssl_mode_ == SSL_MODE_DTLS) { | 960 if (ssl_mode_ == SSL_MODE_DTLS) { |
960 SSL_CTX_set_read_ahead(ctx, 1); | 961 SSL_CTX_set_read_ahead(ctx, 1); |
961 } | 962 } |
962 | 963 |
963 return ctx; | 964 return ctx; |
964 } | 965 } |
965 | 966 |
966 } // namespace rtc | 967 } // namespace rtc |
967 | 968 |
968 #endif // HAVE_OPENSSL_SSL_H | 969 #endif // HAVE_OPENSSL_SSL_H |
OLD | NEW |