OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
90 new cricket::JsepTransport("dtls content name", certificate_)); | 90 new cricket::JsepTransport("dtls content name", certificate_)); |
91 for (int i = 0; i < count; ++i) { | 91 for (int i = 0; i < count; ++i) { |
92 cricket::FakeIceTransport* fake_ice_channel = | 92 cricket::FakeIceTransport* fake_ice_channel = |
93 new cricket::FakeIceTransport(transport_->mid(), i); | 93 new cricket::FakeIceTransport(transport_->mid(), i); |
94 fake_ice_channel->SetAsync(true); | 94 fake_ice_channel->SetAsync(true); |
95 fake_ice_channel->SetAsyncDelay(async_delay_ms); | 95 fake_ice_channel->SetAsyncDelay(async_delay_ms); |
96 // Hook the raw packets so that we can verify they are encrypted. | 96 // Hook the raw packets so that we can verify they are encrypted. |
97 fake_ice_channel->SignalReadPacket.connect( | 97 fake_ice_channel->SignalReadPacket.connect( |
98 this, &DtlsTestClient::OnFakeTransportChannelReadPacket); | 98 this, &DtlsTestClient::OnFakeTransportChannelReadPacket); |
99 | 99 |
100 cricket::DtlsTransport* dtls = | 100 cricket::DtlsTransportChannelWrapper* channel = |
101 new cricket::DtlsTransport(fake_ice_channel); | 101 new cricket::DtlsTransportChannelWrapper(fake_ice_channel); |
102 dtls->SetLocalCertificate(certificate_); | 102 channel->SetLocalCertificate(certificate_); |
103 dtls->ice_transport()->SetIceRole(role); | 103 channel->SetIceRole(role); |
104 dtls->ice_transport()->SetIceTiebreaker( | 104 channel->SetIceTiebreaker((role == cricket::ICEROLE_CONTROLLING) ? 1 : 2); |
105 (role == cricket::ICEROLE_CONTROLLING) ? 1 : 2); | 105 channel->SetSslMaxProtocolVersion(ssl_max_version_); |
106 dtls->SetSslMaxProtocolVersion(ssl_max_version_); | 106 channel->SignalWritableState.connect(this, |
107 dtls->SignalWritableState.connect( | 107 &DtlsTestClient::OnTransportChannelWritableState); |
108 this, &DtlsTestClient::OnTransportChannelWritableState); | 108 channel->SignalReadPacket.connect(this, |
109 dtls->SignalReadPacket.connect( | 109 &DtlsTestClient::OnTransportChannelReadPacket); |
110 this, &DtlsTestClient::OnTransportChannelReadPacket); | 110 channel->SignalSentPacket.connect( |
111 dtls->SignalSentPacket.connect( | |
112 this, &DtlsTestClient::OnTransportChannelSentPacket); | 111 this, &DtlsTestClient::OnTransportChannelSentPacket); |
113 fake_dtls_transports_.push_back( | 112 channels_.push_back( |
114 std::unique_ptr<cricket::DtlsTransport>(dtls)); | 113 std::unique_ptr<cricket::DtlsTransportChannelWrapper>(channel)); |
115 fake_ice_transports_.push_back( | 114 fake_channels_.push_back( |
116 std::unique_ptr<cricket::FakeIceTransport>(fake_ice_channel)); | 115 std::unique_ptr<cricket::FakeIceTransport>(fake_ice_channel)); |
117 transport_->AddChannel(dtls, i); | 116 transport_->AddChannel(channel, i); |
118 } | 117 } |
119 } | 118 } |
120 | 119 |
121 cricket::JsepTransport* transport() { return transport_.get(); } | 120 cricket::JsepTransport* transport() { return transport_.get(); } |
122 | 121 |
123 cricket::FakeIceTransport* GetFakeIceTransort(int component) { | 122 cricket::FakeIceTransport* GetFakeChannel(int component) { |
124 for (const auto& ch : fake_ice_transports_) { | 123 for (const auto& ch : fake_channels_) { |
125 if (ch->component() == component) { | 124 if (ch->component() == component) { |
126 return ch.get(); | 125 return ch.get(); |
127 } | 126 } |
128 } | 127 } |
129 return nullptr; | 128 return nullptr; |
130 } | 129 } |
131 | 130 |
132 cricket::DtlsTransport* GetDtlsTransport(int component) { | 131 cricket::DtlsTransportChannelWrapper* GetDtlsChannel(int component) { |
133 for (const auto& dtls : fake_dtls_transports_) { | 132 for (const auto& ch : channels_) { |
134 if (dtls->component() == component) { | 133 if (ch->component() == component) { |
135 return dtls.get(); | 134 return ch.get(); |
136 } | 135 } |
137 } | 136 } |
138 return nullptr; | 137 return nullptr; |
139 } | 138 } |
140 | 139 |
141 // Offer DTLS if we have an identity; pass in a remote fingerprint only if | 140 // Offer DTLS if we have an identity; pass in a remote fingerprint only if |
142 // both sides support DTLS. | 141 // both sides support DTLS. |
143 void Negotiate(DtlsTestClient* peer, cricket::ContentAction action, | 142 void Negotiate(DtlsTestClient* peer, cricket::ContentAction action, |
144 ConnectionRole local_role, ConnectionRole remote_role, | 143 ConnectionRole local_role, ConnectionRole remote_role, |
145 int flags) { | 144 int flags) { |
146 Negotiate(certificate_, certificate_ ? peer->certificate_ : nullptr, action, | 145 Negotiate(certificate_, certificate_ ? peer->certificate_ : nullptr, action, |
147 local_role, remote_role, flags); | 146 local_role, remote_role, flags); |
148 } | 147 } |
149 | 148 |
150 void MaybeSetSrtpCryptoSuites() { | 149 void MaybeSetSrtpCryptoSuites() { |
151 if (!use_dtls_srtp_) { | 150 if (!use_dtls_srtp_) { |
152 return; | 151 return; |
153 } | 152 } |
154 std::vector<int> ciphers; | 153 std::vector<int> ciphers; |
155 ciphers.push_back(rtc::SRTP_AES128_CM_SHA1_80); | 154 ciphers.push_back(rtc::SRTP_AES128_CM_SHA1_80); |
156 // SRTP ciphers will be set only in the beginning. | 155 // SRTP ciphers will be set only in the beginning. |
157 for (const auto& dtls : fake_dtls_transports_) { | 156 for (const auto& channel : channels_) { |
158 EXPECT_TRUE(dtls->SetSrtpCryptoSuites(ciphers)); | 157 EXPECT_TRUE(channel->SetSrtpCryptoSuites(ciphers)); |
159 } | 158 } |
160 } | 159 } |
161 | 160 |
162 void SetLocalTransportDescription( | 161 void SetLocalTransportDescription( |
163 const rtc::scoped_refptr<rtc::RTCCertificate>& cert, | 162 const rtc::scoped_refptr<rtc::RTCCertificate>& cert, |
164 cricket::ContentAction action, | 163 cricket::ContentAction action, |
165 ConnectionRole role, | 164 ConnectionRole role, |
166 int flags) { | 165 int flags) { |
167 // If |NF_EXPECT_FAILURE| is set, expect SRTD or SLTD to fail when | 166 // If |NF_EXPECT_FAILURE| is set, expect SRTD or SLTD to fail when |
168 // content action is CA_ANSWER. | 167 // content action is CA_ANSWER. |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
207 SetRemoteTransportDescription(remote_cert, cricket::CA_OFFER, remote_role, | 206 SetRemoteTransportDescription(remote_cert, cricket::CA_OFFER, remote_role, |
208 flags); | 207 flags); |
209 // If remote if the offerer and has no DTLS support, answer will be | 208 // If remote if the offerer and has no DTLS support, answer will be |
210 // without any fingerprint. | 209 // without any fingerprint. |
211 SetLocalTransportDescription(remote_cert ? local_cert : nullptr, | 210 SetLocalTransportDescription(remote_cert ? local_cert : nullptr, |
212 cricket::CA_ANSWER, local_role, flags); | 211 cricket::CA_ANSWER, local_role, flags); |
213 } | 212 } |
214 } | 213 } |
215 | 214 |
216 bool Connect(DtlsTestClient* peer, bool asymmetric) { | 215 bool Connect(DtlsTestClient* peer, bool asymmetric) { |
217 for (auto& ice : fake_ice_transports_) { | 216 for (auto& channel : fake_channels_) { |
218 ice->SetDestination(peer->GetFakeIceTransort(ice->component()), | 217 channel->SetDestination(peer->GetFakeChannel(channel->component()), |
219 asymmetric); | 218 asymmetric); |
220 } | 219 } |
221 return true; | 220 return true; |
222 } | 221 } |
223 | 222 |
224 bool all_dtls_transports_writable() const { | 223 bool all_channels_writable() const { |
225 if (fake_dtls_transports_.empty()) { | 224 if (channels_.empty()) { |
226 return false; | 225 return false; |
227 } | 226 } |
228 for (const auto& dtls : fake_dtls_transports_) { | 227 for (const auto& channel : channels_) { |
229 if (!dtls->writable()) { | 228 if (!channel->writable()) { |
230 return false; | 229 return false; |
231 } | 230 } |
232 } | 231 } |
233 return true; | 232 return true; |
234 } | 233 } |
235 | 234 |
236 bool all_ice_transports_writable() const { | 235 bool all_raw_channels_writable() const { |
237 if (fake_dtls_transports_.empty()) { | 236 if (channels_.empty()) { |
238 return false; | 237 return false; |
239 } | 238 } |
240 for (const auto& dtls : fake_dtls_transports_) { | 239 for (const auto& channel : channels_) { |
241 if (!dtls->ice_transport()->writable()) { | 240 if (!channel->channel()->writable()) { |
242 return false; | 241 return false; |
243 } | 242 } |
244 } | 243 } |
245 return true; | 244 return true; |
246 } | 245 } |
247 | 246 |
248 int received_dtls_client_hellos() const { | 247 int received_dtls_client_hellos() const { |
249 return received_dtls_client_hellos_; | 248 return received_dtls_client_hellos_; |
250 } | 249 } |
251 | 250 |
(...skipping 12 matching lines...) Expand all Loading... |
264 if (role == rtc::SSL_CLIENT) { | 263 if (role == rtc::SSL_CLIENT) { |
265 ASSERT_EQ(0, received_dtls_client_hellos_); | 264 ASSERT_EQ(0, received_dtls_client_hellos_); |
266 ASSERT_GT(received_dtls_server_hellos_, 0); | 265 ASSERT_GT(received_dtls_server_hellos_, 0); |
267 } else { | 266 } else { |
268 ASSERT_GT(received_dtls_client_hellos_, 0); | 267 ASSERT_GT(received_dtls_client_hellos_, 0); |
269 ASSERT_EQ(0, received_dtls_server_hellos_); | 268 ASSERT_EQ(0, received_dtls_server_hellos_); |
270 } | 269 } |
271 } | 270 } |
272 | 271 |
273 void CheckSrtp(int expected_crypto_suite) { | 272 void CheckSrtp(int expected_crypto_suite) { |
274 for (const auto& dtls : fake_dtls_transports_) { | 273 for (const auto& channel : channels_) { |
275 int crypto_suite; | 274 int crypto_suite; |
276 | 275 |
277 bool rv = dtls->GetSrtpCryptoSuite(&crypto_suite); | 276 bool rv = channel->GetSrtpCryptoSuite(&crypto_suite); |
278 if (negotiated_dtls() && expected_crypto_suite) { | 277 if (negotiated_dtls() && expected_crypto_suite) { |
279 ASSERT_TRUE(rv); | 278 ASSERT_TRUE(rv); |
280 | 279 |
281 ASSERT_EQ(crypto_suite, expected_crypto_suite); | 280 ASSERT_EQ(crypto_suite, expected_crypto_suite); |
282 } else { | 281 } else { |
283 ASSERT_FALSE(rv); | 282 ASSERT_FALSE(rv); |
284 } | 283 } |
285 } | 284 } |
286 } | 285 } |
287 | 286 |
288 void CheckSsl() { | 287 void CheckSsl() { |
289 for (const auto& dtls : fake_dtls_transports_) { | 288 for (const auto& channel : channels_) { |
290 int cipher; | 289 int cipher; |
291 | 290 |
292 bool rv = dtls->GetSslCipherSuite(&cipher); | 291 bool rv = channel->GetSslCipherSuite(&cipher); |
293 if (negotiated_dtls()) { | 292 if (negotiated_dtls()) { |
294 ASSERT_TRUE(rv); | 293 ASSERT_TRUE(rv); |
295 | 294 |
296 EXPECT_TRUE( | 295 EXPECT_TRUE( |
297 rtc::SSLStreamAdapter::IsAcceptableCipher(cipher, rtc::KT_DEFAULT)); | 296 rtc::SSLStreamAdapter::IsAcceptableCipher(cipher, rtc::KT_DEFAULT)); |
298 } else { | 297 } else { |
299 ASSERT_FALSE(rv); | 298 ASSERT_FALSE(rv); |
300 } | 299 } |
301 } | 300 } |
302 } | 301 } |
303 | 302 |
304 void SendPackets(size_t transport, size_t size, size_t count, bool srtp) { | 303 void SendPackets(size_t channel, size_t size, size_t count, bool srtp) { |
305 RTC_CHECK(transport < fake_dtls_transports_.size()); | 304 RTC_CHECK(channel < channels_.size()); |
306 std::unique_ptr<char[]> packet(new char[size]); | 305 std::unique_ptr<char[]> packet(new char[size]); |
307 size_t sent = 0; | 306 size_t sent = 0; |
308 do { | 307 do { |
309 // Fill the packet with a known value and a sequence number to check | 308 // Fill the packet with a known value and a sequence number to check |
310 // against, and make sure that it doesn't look like DTLS. | 309 // against, and make sure that it doesn't look like DTLS. |
311 memset(packet.get(), sent & 0xff, size); | 310 memset(packet.get(), sent & 0xff, size); |
312 packet[0] = (srtp) ? 0x80 : 0x00; | 311 packet[0] = (srtp) ? 0x80 : 0x00; |
313 rtc::SetBE32(packet.get() + kPacketNumOffset, | 312 rtc::SetBE32(packet.get() + kPacketNumOffset, |
314 static_cast<uint32_t>(sent)); | 313 static_cast<uint32_t>(sent)); |
315 | 314 |
316 // Only set the bypass flag if we've activated DTLS. | 315 // Only set the bypass flag if we've activated DTLS. |
317 int flags = (certificate_ && srtp) ? cricket::PF_SRTP_BYPASS : 0; | 316 int flags = (certificate_ && srtp) ? cricket::PF_SRTP_BYPASS : 0; |
318 rtc::PacketOptions packet_options; | 317 rtc::PacketOptions packet_options; |
319 packet_options.packet_id = kFakePacketId; | 318 packet_options.packet_id = kFakePacketId; |
320 int rv = fake_dtls_transports_[transport]->SendPacket( | 319 int rv = channels_[channel]->SendPacket( |
321 packet.get(), size, packet_options, flags); | 320 packet.get(), size, packet_options, flags); |
322 ASSERT_GT(rv, 0); | 321 ASSERT_GT(rv, 0); |
323 ASSERT_EQ(size, static_cast<size_t>(rv)); | 322 ASSERT_EQ(size, static_cast<size_t>(rv)); |
324 ++sent; | 323 ++sent; |
325 } while (sent < count); | 324 } while (sent < count); |
326 } | 325 } |
327 | 326 |
328 int SendInvalidSrtpPacket(size_t transport, size_t size) { | 327 int SendInvalidSrtpPacket(size_t channel, size_t size) { |
329 RTC_CHECK(transport < fake_dtls_transports_.size()); | 328 RTC_CHECK(channel < channels_.size()); |
330 std::unique_ptr<char[]> packet(new char[size]); | 329 std::unique_ptr<char[]> packet(new char[size]); |
331 // Fill the packet with 0 to form an invalid SRTP packet. | 330 // Fill the packet with 0 to form an invalid SRTP packet. |
332 memset(packet.get(), 0, size); | 331 memset(packet.get(), 0, size); |
333 | 332 |
334 rtc::PacketOptions packet_options; | 333 rtc::PacketOptions packet_options; |
335 return fake_dtls_transports_[transport]->SendPacket( | 334 return channels_[channel]->SendPacket( |
336 packet.get(), size, packet_options, cricket::PF_SRTP_BYPASS); | 335 packet.get(), size, packet_options, cricket::PF_SRTP_BYPASS); |
337 } | 336 } |
338 | 337 |
339 void ExpectPackets(size_t transport, size_t size) { | 338 void ExpectPackets(size_t channel, size_t size) { |
340 packet_size_ = size; | 339 packet_size_ = size; |
341 received_.clear(); | 340 received_.clear(); |
342 } | 341 } |
343 | 342 |
344 size_t NumPacketsReceived() { | 343 size_t NumPacketsReceived() { |
345 return received_.size(); | 344 return received_.size(); |
346 } | 345 } |
347 | 346 |
348 bool VerifyPacket(const char* data, size_t size, uint32_t* out_num) { | 347 bool VerifyPacket(const char* data, size_t size, uint32_t* out_num) { |
349 if (size != packet_size_ || | 348 if (size != packet_size_ || |
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
429 ASSERT_TRUE(VerifyEncryptedPacket(data, size)); | 428 ASSERT_TRUE(VerifyEncryptedPacket(data, size)); |
430 } else if (IsRtpLeadByte(data[0])) { | 429 } else if (IsRtpLeadByte(data[0])) { |
431 ASSERT_TRUE(VerifyPacket(data, size, NULL)); | 430 ASSERT_TRUE(VerifyPacket(data, size, NULL)); |
432 } | 431 } |
433 } | 432 } |
434 } | 433 } |
435 | 434 |
436 private: | 435 private: |
437 std::string name_; | 436 std::string name_; |
438 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; | 437 rtc::scoped_refptr<rtc::RTCCertificate> certificate_; |
439 std::vector<std::unique_ptr<cricket::FakeIceTransport>> fake_ice_transports_; | 438 std::vector<std::unique_ptr<cricket::FakeIceTransport>> fake_channels_; |
440 std::vector<std::unique_ptr<cricket::DtlsTransport>> fake_dtls_transports_; | 439 std::vector<std::unique_ptr<cricket::DtlsTransportChannelWrapper>> channels_; |
441 std::unique_ptr<cricket::JsepTransport> transport_; | 440 std::unique_ptr<cricket::JsepTransport> transport_; |
442 size_t packet_size_ = 0u; | 441 size_t packet_size_ = 0u; |
443 std::set<int> received_; | 442 std::set<int> received_; |
444 bool use_dtls_srtp_ = false; | 443 bool use_dtls_srtp_ = false; |
445 rtc::SSLProtocolVersion ssl_max_version_ = rtc::SSL_PROTOCOL_DTLS_12; | 444 rtc::SSLProtocolVersion ssl_max_version_ = rtc::SSL_PROTOCOL_DTLS_12; |
446 int received_dtls_client_hellos_ = 0; | 445 int received_dtls_client_hellos_ = 0; |
447 int received_dtls_server_hellos_ = 0; | 446 int received_dtls_server_hellos_ = 0; |
448 rtc::SentPacket sent_packet_; | 447 rtc::SentPacket sent_packet_; |
449 }; | 448 }; |
450 | 449 |
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
521 client2_.certificate(), cricket::CA_ANSWER, client2_role, 0); | 520 client2_.certificate(), cricket::CA_ANSWER, client2_role, 0); |
522 rv = client1_.Connect(&client2_, false); | 521 rv = client1_.Connect(&client2_, false); |
523 client1_.SetRemoteTransportDescription( | 522 client1_.SetRemoteTransportDescription( |
524 client2_.certificate(), cricket::CA_ANSWER, client2_role, 0); | 523 client2_.certificate(), cricket::CA_ANSWER, client2_role, 0); |
525 } | 524 } |
526 | 525 |
527 EXPECT_TRUE(rv); | 526 EXPECT_TRUE(rv); |
528 if (!rv) | 527 if (!rv) |
529 return false; | 528 return false; |
530 | 529 |
531 EXPECT_TRUE_SIMULATED_WAIT(client1_.all_dtls_transports_writable() && | 530 EXPECT_TRUE_SIMULATED_WAIT( |
532 client2_.all_dtls_transports_writable(), | 531 client1_.all_channels_writable() && client2_.all_channels_writable(), |
533 kTimeout, fake_clock_); | 532 kTimeout, fake_clock_); |
534 if (!client1_.all_dtls_transports_writable() || | 533 if (!client1_.all_channels_writable() || !client2_.all_channels_writable()) |
535 !client2_.all_dtls_transports_writable()) | |
536 return false; | 534 return false; |
537 | 535 |
538 // Check that we used the right roles. | 536 // Check that we used the right roles. |
539 if (use_dtls_) { | 537 if (use_dtls_) { |
540 rtc::SSLRole client1_ssl_role = | 538 rtc::SSLRole client1_ssl_role = |
541 (client1_role == cricket::CONNECTIONROLE_ACTIVE || | 539 (client1_role == cricket::CONNECTIONROLE_ACTIVE || |
542 (client2_role == cricket::CONNECTIONROLE_PASSIVE && | 540 (client2_role == cricket::CONNECTIONROLE_PASSIVE && |
543 client1_role == cricket::CONNECTIONROLE_ACTPASS)) ? | 541 client1_role == cricket::CONNECTIONROLE_ACTPASS)) ? |
544 rtc::SSL_CLIENT : rtc::SSL_SERVER; | 542 rtc::SSL_CLIENT : rtc::SSL_SERVER; |
545 | 543 |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
611 client2_.Negotiate(&client1_, cricket::CA_ANSWER, | 609 client2_.Negotiate(&client1_, cricket::CA_ANSWER, |
612 client2_role, client1_role, flags); | 610 client2_role, client1_role, flags); |
613 } else { | 611 } else { |
614 client2_.Negotiate(&client1_, cricket::CA_OFFER, | 612 client2_.Negotiate(&client1_, cricket::CA_OFFER, |
615 client2_role, client1_role, flags); | 613 client2_role, client1_role, flags); |
616 client1_.Negotiate(&client2_, cricket::CA_ANSWER, | 614 client1_.Negotiate(&client2_, cricket::CA_ANSWER, |
617 client1_role, client2_role, flags); | 615 client1_role, client2_role, flags); |
618 } | 616 } |
619 } | 617 } |
620 | 618 |
621 void TestTransfer(size_t transport, size_t size, size_t count, bool srtp) { | 619 void TestTransfer(size_t channel, size_t size, size_t count, bool srtp) { |
622 LOG(LS_INFO) << "Expect packets, size=" << size; | 620 LOG(LS_INFO) << "Expect packets, size=" << size; |
623 client2_.ExpectPackets(transport, size); | 621 client2_.ExpectPackets(channel, size); |
624 client1_.SendPackets(transport, size, count, srtp); | 622 client1_.SendPackets(channel, size, count, srtp); |
625 EXPECT_EQ_SIMULATED_WAIT(count, client2_.NumPacketsReceived(), kTimeout, | 623 EXPECT_EQ_SIMULATED_WAIT(count, client2_.NumPacketsReceived(), kTimeout, |
626 fake_clock_); | 624 fake_clock_); |
627 } | 625 } |
628 | 626 |
629 protected: | 627 protected: |
630 rtc::ScopedFakeClock fake_clock_; | 628 rtc::ScopedFakeClock fake_clock_; |
631 DtlsTestClient client1_; | 629 DtlsTestClient client1_; |
632 DtlsTestClient client2_; | 630 DtlsTestClient client2_; |
633 int channel_ct_; | 631 int channel_ct_; |
634 bool use_dtls_; | 632 bool use_dtls_; |
635 bool use_dtls_srtp_; | 633 bool use_dtls_srtp_; |
636 rtc::SSLProtocolVersion ssl_expected_version_; | 634 rtc::SSLProtocolVersion ssl_expected_version_; |
637 }; | 635 }; |
638 | 636 |
639 class DtlsTransportChannelTest : public DtlsTransportChannelTestBase, | 637 class DtlsTransportChannelTest : public DtlsTransportChannelTestBase, |
640 public ::testing::Test {}; | 638 public ::testing::Test {}; |
641 | 639 |
642 // Test that transport negotiation of ICE, no DTLS works properly. | 640 // Test that transport negotiation of ICE, no DTLS works properly. |
643 TEST_F(DtlsTransportChannelTest, TestChannelSetupIce) { | 641 TEST_F(DtlsTransportChannelTest, TestChannelSetupIce) { |
644 Negotiate(); | 642 Negotiate(); |
645 cricket::FakeIceTransport* channel1 = client1_.GetFakeIceTransort(0); | 643 cricket::FakeIceTransport* channel1 = client1_.GetFakeChannel(0); |
646 cricket::FakeIceTransport* channel2 = client2_.GetFakeIceTransort(0); | 644 cricket::FakeIceTransport* channel2 = client2_.GetFakeChannel(0); |
647 ASSERT_TRUE(channel1 != NULL); | 645 ASSERT_TRUE(channel1 != NULL); |
648 ASSERT_TRUE(channel2 != NULL); | 646 ASSERT_TRUE(channel2 != NULL); |
649 EXPECT_EQ(cricket::ICEROLE_CONTROLLING, channel1->GetIceRole()); | 647 EXPECT_EQ(cricket::ICEROLE_CONTROLLING, channel1->GetIceRole()); |
650 EXPECT_EQ(1U, channel1->IceTiebreaker()); | 648 EXPECT_EQ(1U, channel1->IceTiebreaker()); |
651 EXPECT_EQ(kIceUfrag1, channel1->ice_ufrag()); | 649 EXPECT_EQ(kIceUfrag1, channel1->ice_ufrag()); |
652 EXPECT_EQ(kIcePwd1, channel1->ice_pwd()); | 650 EXPECT_EQ(kIcePwd1, channel1->ice_pwd()); |
653 EXPECT_EQ(cricket::ICEROLE_CONTROLLED, channel2->GetIceRole()); | 651 EXPECT_EQ(cricket::ICEROLE_CONTROLLED, channel2->GetIceRole()); |
654 EXPECT_EQ(2U, channel2->IceTiebreaker()); | 652 EXPECT_EQ(2U, channel2->IceTiebreaker()); |
655 } | 653 } |
656 | 654 |
(...skipping 258 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
915 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 913 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
916 SetChannelCount(2); | 914 SetChannelCount(2); |
917 PrepareDtls(true, true, rtc::KT_DEFAULT); | 915 PrepareDtls(true, true, rtc::KT_DEFAULT); |
918 PrepareDtlsSrtp(true, true); | 916 PrepareDtlsSrtp(true, true); |
919 Negotiate(); | 917 Negotiate(); |
920 | 918 |
921 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, | 919 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, |
922 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); | 920 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); |
923 bool rv = client1_.Connect(&client2_, false); | 921 bool rv = client1_.Connect(&client2_, false); |
924 EXPECT_TRUE(rv); | 922 EXPECT_TRUE(rv); |
925 EXPECT_TRUE_SIMULATED_WAIT(client1_.all_dtls_transports_writable() && | 923 EXPECT_TRUE_SIMULATED_WAIT( |
926 client2_.all_dtls_transports_writable(), | 924 client1_.all_channels_writable() && client2_.all_channels_writable(), |
927 kTimeout, fake_clock_); | 925 kTimeout, fake_clock_); |
928 | 926 |
929 TestTransfer(0, 1000, 100, true); | 927 TestTransfer(0, 1000, 100, true); |
930 TestTransfer(1, 1000, 100, true); | 928 TestTransfer(1, 1000, 100, true); |
931 } | 929 } |
932 | 930 |
933 // Test Certificates state after negotiation but before connection. | 931 // Test Certificates state after negotiation but before connection. |
934 TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) { | 932 TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) { |
935 MAYBE_SKIP_TEST(HaveDtls); | 933 MAYBE_SKIP_TEST(HaveDtls); |
936 PrepareDtls(true, true, rtc::KT_DEFAULT); | 934 PrepareDtls(true, true, rtc::KT_DEFAULT); |
937 Negotiate(); | 935 Negotiate(); |
938 | 936 |
939 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; | 937 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; |
940 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; | 938 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; |
941 std::unique_ptr<rtc::SSLCertificate> remote_cert1; | 939 std::unique_ptr<rtc::SSLCertificate> remote_cert1; |
942 std::unique_ptr<rtc::SSLCertificate> remote_cert2; | 940 std::unique_ptr<rtc::SSLCertificate> remote_cert2; |
943 | 941 |
944 // After negotiation, each side has a distinct local certificate, but still no | 942 // After negotiation, each side has a distinct local certificate, but still no |
945 // remote certificate, because connection has not yet occurred. | 943 // remote certificate, because connection has not yet occurred. |
946 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); | 944 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); |
947 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); | 945 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); |
948 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), | 946 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), |
949 certificate2->ssl_certificate().ToPEMString()); | 947 certificate2->ssl_certificate().ToPEMString()); |
950 ASSERT_FALSE(client1_.GetDtlsTransport(0)->GetRemoteSSLCertificate()); | 948 ASSERT_FALSE(client1_.GetDtlsChannel(0)->GetRemoteSSLCertificate()); |
951 ASSERT_FALSE(client2_.GetDtlsTransport(0)->GetRemoteSSLCertificate()); | 949 ASSERT_FALSE(client2_.GetDtlsChannel(0)->GetRemoteSSLCertificate()); |
952 } | 950 } |
953 | 951 |
954 // Test Certificates state after connection. | 952 // Test Certificates state after connection. |
955 TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { | 953 TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { |
956 MAYBE_SKIP_TEST(HaveDtls); | 954 MAYBE_SKIP_TEST(HaveDtls); |
957 PrepareDtls(true, true, rtc::KT_DEFAULT); | 955 PrepareDtls(true, true, rtc::KT_DEFAULT); |
958 ASSERT_TRUE(Connect()); | 956 ASSERT_TRUE(Connect()); |
959 | 957 |
960 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; | 958 rtc::scoped_refptr<rtc::RTCCertificate> certificate1; |
961 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; | 959 rtc::scoped_refptr<rtc::RTCCertificate> certificate2; |
962 | 960 |
963 // After connection, each side has a distinct local certificate. | 961 // After connection, each side has a distinct local certificate. |
964 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); | 962 ASSERT_TRUE(client1_.transport()->GetLocalCertificate(&certificate1)); |
965 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); | 963 ASSERT_TRUE(client2_.transport()->GetLocalCertificate(&certificate2)); |
966 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), | 964 ASSERT_NE(certificate1->ssl_certificate().ToPEMString(), |
967 certificate2->ssl_certificate().ToPEMString()); | 965 certificate2->ssl_certificate().ToPEMString()); |
968 | 966 |
969 // Each side's remote certificate is the other side's local certificate. | 967 // Each side's remote certificate is the other side's local certificate. |
970 std::unique_ptr<rtc::SSLCertificate> remote_cert1 = | 968 std::unique_ptr<rtc::SSLCertificate> remote_cert1 = |
971 client1_.GetDtlsTransport(0)->GetRemoteSSLCertificate(); | 969 client1_.GetDtlsChannel(0)->GetRemoteSSLCertificate(); |
972 ASSERT_TRUE(remote_cert1); | 970 ASSERT_TRUE(remote_cert1); |
973 ASSERT_EQ(remote_cert1->ToPEMString(), | 971 ASSERT_EQ(remote_cert1->ToPEMString(), |
974 certificate2->ssl_certificate().ToPEMString()); | 972 certificate2->ssl_certificate().ToPEMString()); |
975 std::unique_ptr<rtc::SSLCertificate> remote_cert2 = | 973 std::unique_ptr<rtc::SSLCertificate> remote_cert2 = |
976 client2_.GetDtlsTransport(0)->GetRemoteSSLCertificate(); | 974 client2_.GetDtlsChannel(0)->GetRemoteSSLCertificate(); |
977 ASSERT_TRUE(remote_cert2); | 975 ASSERT_TRUE(remote_cert2); |
978 ASSERT_EQ(remote_cert2->ToPEMString(), | 976 ASSERT_EQ(remote_cert2->ToPEMString(), |
979 certificate1->ssl_certificate().ToPEMString()); | 977 certificate1->ssl_certificate().ToPEMString()); |
980 } | 978 } |
981 | 979 |
982 // Test that packets are retransmitted according to the expected schedule. | 980 // Test that packets are retransmitted according to the expected schedule. |
983 // Each time a timeout occurs, the retransmission timer should be doubled up to | 981 // Each time a timeout occurs, the retransmission timer should be doubled up to |
984 // 60 seconds. The timer defaults to 1 second, but for WebRTC we should be | 982 // 60 seconds. The timer defaults to 1 second, but for WebRTC we should be |
985 // initializing it to 50ms. | 983 // initializing it to 50ms. |
986 TEST_F(DtlsTransportChannelTest, TestRetransmissionSchedule) { | 984 TEST_F(DtlsTransportChannelTest, TestRetransmissionSchedule) { |
987 MAYBE_SKIP_TEST(HaveDtls); | 985 MAYBE_SKIP_TEST(HaveDtls); |
988 // We can only change the retransmission schedule with a recently-added | 986 // We can only change the retransmission schedule with a recently-added |
989 // BoringSSL API. Skip the test if not built with BoringSSL. | 987 // BoringSSL API. Skip the test if not built with BoringSSL. |
990 MAYBE_SKIP_TEST(IsBoringSsl); | 988 MAYBE_SKIP_TEST(IsBoringSsl); |
991 | 989 |
992 PrepareDtls(true, true, rtc::KT_DEFAULT); | 990 PrepareDtls(true, true, rtc::KT_DEFAULT); |
993 // Exchange transport descriptions. | 991 // Exchange transport descriptions. |
994 Negotiate(cricket::CONNECTIONROLE_ACTPASS, cricket::CONNECTIONROLE_ACTIVE); | 992 Negotiate(cricket::CONNECTIONROLE_ACTPASS, cricket::CONNECTIONROLE_ACTIVE); |
995 | 993 |
996 // Make client2_ writable, but not client1_. | 994 // Make client2_ writable, but not client1_. |
997 // This means client1_ will send DTLS client hellos but get no response. | 995 // This means client1_ will send DTLS client hellos but get no response. |
998 EXPECT_TRUE(client2_.Connect(&client1_, true)); | 996 EXPECT_TRUE(client2_.Connect(&client1_, true)); |
999 EXPECT_TRUE_SIMULATED_WAIT(client2_.all_ice_transports_writable(), kTimeout, | 997 EXPECT_TRUE_SIMULATED_WAIT(client2_.all_raw_channels_writable(), kTimeout, |
1000 fake_clock_); | 998 fake_clock_); |
1001 | 999 |
1002 // Wait for the first client hello to be sent. | 1000 // Wait for the first client hello to be sent. |
1003 EXPECT_EQ_WAIT(1, client1_.received_dtls_client_hellos(), kTimeout); | 1001 EXPECT_EQ_WAIT(1, client1_.received_dtls_client_hellos(), kTimeout); |
1004 EXPECT_FALSE(client1_.all_ice_transports_writable()); | 1002 EXPECT_FALSE(client1_.all_raw_channels_writable()); |
1005 | 1003 |
1006 static int timeout_schedule_ms[] = {50, 100, 200, 400, 800, 1600, | 1004 static int timeout_schedule_ms[] = {50, 100, 200, 400, 800, 1600, |
1007 3200, 6400, 12800, 25600, 51200, 60000}; | 1005 3200, 6400, 12800, 25600, 51200, 60000}; |
1008 | 1006 |
1009 int expected_hellos = 1; | 1007 int expected_hellos = 1; |
1010 for (size_t i = 0; | 1008 for (size_t i = 0; |
1011 i < (sizeof(timeout_schedule_ms) / sizeof(timeout_schedule_ms[0])); | 1009 i < (sizeof(timeout_schedule_ms) / sizeof(timeout_schedule_ms[0])); |
1012 ++i) { | 1010 ++i) { |
1013 // For each expected retransmission time, advance the fake clock a | 1011 // For each expected retransmission time, advance the fake clock a |
1014 // millisecond before the expected time and verify that no unexpected | 1012 // millisecond before the expected time and verify that no unexpected |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1099 ++(remote_desc.identity_fingerprint->digest[0]); | 1097 ++(remote_desc.identity_fingerprint->digest[0]); |
1100 // Even if certificate verification fails inside this method, | 1098 // Even if certificate verification fails inside this method, |
1101 // it should return true as long as the fingerprint was formatted | 1099 // it should return true as long as the fingerprint was formatted |
1102 // correctly. | 1100 // correctly. |
1103 EXPECT_TRUE(client1_.transport()->SetRemoteTransportDescription( | 1101 EXPECT_TRUE(client1_.transport()->SetRemoteTransportDescription( |
1104 remote_desc, cricket::CA_ANSWER, nullptr)); | 1102 remote_desc, cricket::CA_ANSWER, nullptr)); |
1105 } | 1103 } |
1106 break; | 1104 break; |
1107 case CALLER_WRITABLE: | 1105 case CALLER_WRITABLE: |
1108 EXPECT_TRUE(client1_.Connect(&client2_, true)); | 1106 EXPECT_TRUE(client1_.Connect(&client2_, true)); |
1109 EXPECT_TRUE_SIMULATED_WAIT(client1_.all_ice_transports_writable(), | 1107 EXPECT_TRUE_SIMULATED_WAIT(client1_.all_raw_channels_writable(), |
1110 kTimeout, fake_clock_); | 1108 kTimeout, fake_clock_); |
1111 break; | 1109 break; |
1112 case CALLER_RECEIVES_CLIENTHELLO: | 1110 case CALLER_RECEIVES_CLIENTHELLO: |
1113 // Sanity check that a ClientHello hasn't already been received. | 1111 // Sanity check that a ClientHello hasn't already been received. |
1114 EXPECT_EQ(0, client1_.received_dtls_client_hellos()); | 1112 EXPECT_EQ(0, client1_.received_dtls_client_hellos()); |
1115 // Making client2_ writable will cause it to send the ClientHello. | 1113 // Making client2_ writable will cause it to send the ClientHello. |
1116 EXPECT_TRUE(client2_.Connect(&client1_, true)); | 1114 EXPECT_TRUE(client2_.Connect(&client1_, true)); |
1117 EXPECT_TRUE_SIMULATED_WAIT(client2_.all_ice_transports_writable(), | 1115 EXPECT_TRUE_SIMULATED_WAIT(client2_.all_raw_channels_writable(), |
1118 kTimeout, fake_clock_); | 1116 kTimeout, fake_clock_); |
1119 EXPECT_EQ_SIMULATED_WAIT(1, client1_.received_dtls_client_hellos(), | 1117 EXPECT_EQ_SIMULATED_WAIT(1, client1_.received_dtls_client_hellos(), |
1120 kTimeout, fake_clock_); | 1118 kTimeout, fake_clock_); |
1121 break; | 1119 break; |
1122 case HANDSHAKE_FINISHES: | 1120 case HANDSHAKE_FINISHES: |
1123 // Sanity check that the handshake hasn't already finished. | 1121 // Sanity check that the handshake hasn't already finished. |
1124 EXPECT_FALSE(client1_.GetDtlsTransport(0)->IsDtlsConnected() || | 1122 EXPECT_FALSE(client1_.GetDtlsChannel(0)->IsDtlsConnected() || |
1125 client1_.GetDtlsTransport(0)->dtls_state() == | 1123 client1_.GetDtlsChannel(0)->dtls_state() == |
1126 cricket::DTLS_TRANSPORT_FAILED); | 1124 cricket::DTLS_TRANSPORT_FAILED); |
1127 EXPECT_TRUE_SIMULATED_WAIT( | 1125 EXPECT_TRUE_SIMULATED_WAIT( |
1128 client1_.GetDtlsTransport(0)->IsDtlsConnected() || | 1126 client1_.GetDtlsChannel(0)->IsDtlsConnected() || |
1129 client1_.GetDtlsTransport(0)->dtls_state() == | 1127 client1_.GetDtlsChannel(0)->dtls_state() == |
1130 cricket::DTLS_TRANSPORT_FAILED, | 1128 cricket::DTLS_TRANSPORT_FAILED, |
1131 kTimeout, fake_clock_); | 1129 kTimeout, fake_clock_); |
1132 break; | 1130 break; |
1133 } | 1131 } |
1134 } | 1132 } |
1135 | 1133 |
1136 cricket::DtlsTransportState expected_final_state = | 1134 cricket::DtlsTransportState expected_final_state = |
1137 valid_fingerprint ? cricket::DTLS_TRANSPORT_CONNECTED | 1135 valid_fingerprint ? cricket::DTLS_TRANSPORT_CONNECTED |
1138 : cricket::DTLS_TRANSPORT_FAILED; | 1136 : cricket::DTLS_TRANSPORT_FAILED; |
1139 EXPECT_EQ_SIMULATED_WAIT(expected_final_state, | 1137 EXPECT_EQ_SIMULATED_WAIT(expected_final_state, |
1140 client1_.GetDtlsTransport(0)->dtls_state(), | 1138 client1_.GetDtlsChannel(0)->dtls_state(), kTimeout, |
1141 kTimeout, fake_clock_); | 1139 fake_clock_); |
1142 EXPECT_EQ_SIMULATED_WAIT(expected_final_state, | 1140 EXPECT_EQ_SIMULATED_WAIT(expected_final_state, |
1143 client2_.GetDtlsTransport(0)->dtls_state(), | 1141 client2_.GetDtlsChannel(0)->dtls_state(), kTimeout, |
1144 kTimeout, fake_clock_); | 1142 fake_clock_); |
1145 | 1143 |
1146 // Channel should be writable iff there was a valid fingerprint. | 1144 // Channel should be writable iff there was a valid fingerprint. |
1147 EXPECT_EQ(valid_fingerprint, client1_.GetDtlsTransport(0)->writable()); | 1145 EXPECT_EQ(valid_fingerprint, client1_.GetDtlsChannel(0)->writable()); |
1148 EXPECT_EQ(valid_fingerprint, client2_.GetDtlsTransport(0)->writable()); | 1146 EXPECT_EQ(valid_fingerprint, client2_.GetDtlsChannel(0)->writable()); |
1149 | 1147 |
1150 // Check that no hello needed to be retransmitted. | 1148 // Check that no hello needed to be retransmitted. |
1151 EXPECT_EQ(1, client1_.received_dtls_client_hellos()); | 1149 EXPECT_EQ(1, client1_.received_dtls_client_hellos()); |
1152 EXPECT_EQ(1, client2_.received_dtls_server_hellos()); | 1150 EXPECT_EQ(1, client2_.received_dtls_server_hellos()); |
1153 | 1151 |
1154 if (valid_fingerprint) { | 1152 if (valid_fingerprint) { |
1155 TestTransfer(0, 1000, 100, false); | 1153 TestTransfer(0, 1000, 100, false); |
1156 } | 1154 } |
1157 } | 1155 } |
1158 }; | 1156 }; |
(...skipping 27 matching lines...) Expand all Loading... |
1186 std::vector<DtlsTransportEvent>{ | 1184 std::vector<DtlsTransportEvent>{ |
1187 CALLER_RECEIVES_CLIENTHELLO, CALLER_RECEIVES_FINGERPRINT, | 1185 CALLER_RECEIVES_CLIENTHELLO, CALLER_RECEIVES_FINGERPRINT, |
1188 CALLER_WRITABLE, HANDSHAKE_FINISHES}, | 1186 CALLER_WRITABLE, HANDSHAKE_FINISHES}, |
1189 std::vector<DtlsTransportEvent>{ | 1187 std::vector<DtlsTransportEvent>{ |
1190 CALLER_RECEIVES_CLIENTHELLO, CALLER_WRITABLE, | 1188 CALLER_RECEIVES_CLIENTHELLO, CALLER_WRITABLE, |
1191 CALLER_RECEIVES_FINGERPRINT, HANDSHAKE_FINISHES}, | 1189 CALLER_RECEIVES_FINGERPRINT, HANDSHAKE_FINISHES}, |
1192 std::vector<DtlsTransportEvent>{CALLER_RECEIVES_CLIENTHELLO, | 1190 std::vector<DtlsTransportEvent>{CALLER_RECEIVES_CLIENTHELLO, |
1193 CALLER_WRITABLE, HANDSHAKE_FINISHES, | 1191 CALLER_WRITABLE, HANDSHAKE_FINISHES, |
1194 CALLER_RECEIVES_FINGERPRINT}), | 1192 CALLER_RECEIVES_FINGERPRINT}), |
1195 ::testing::Bool())); | 1193 ::testing::Bool())); |
OLD | NEW |