| Index: webrtc/base/opensslstreamadapter.cc
|
| diff --git a/webrtc/base/opensslstreamadapter.cc b/webrtc/base/opensslstreamadapter.cc
|
| index 158315f150e9a9d63b926d3d68f1d5d8ca99304d..3b3aa5d219b7c04320cc738652daa263e7706a5f 100644
|
| --- a/webrtc/base/opensslstreamadapter.cc
|
| +++ b/webrtc/base/opensslstreamadapter.cc
|
| @@ -7,6 +7,8 @@
|
| * in the file PATENTS. All contributing project authors may
|
| * be found in the AUTHORS file in the root of the source tree.
|
| */
|
| +
|
| +#if HAVE_OPENSSL_SSL_H
|
|
|
| #include "webrtc/base/opensslstreamadapter.h"
|
|
|
| @@ -43,10 +45,11 @@
|
|
|
| namespace rtc {
|
|
|
| -#if (OPENSSL_VERSION_NUMBER < 0x10001000L)
|
| -#error "webrtc requires at least OpenSSL version 1.0.1, to support DTLS-SRTP"
|
| -#endif
|
| -
|
| +#if (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
| +#define HAVE_DTLS_SRTP
|
| +#endif
|
| +
|
| +#ifdef HAVE_DTLS_SRTP
|
| // SRTP cipher suite table. |internal_name| is used to construct a
|
| // colon-separated profile strings which is needed by
|
| // SSL_CTX_set_tlsext_use_srtp().
|
| @@ -62,6 +65,7 @@
|
| {"SRTP_AEAD_AES_128_GCM", SRTP_AEAD_AES_128_GCM},
|
| {"SRTP_AEAD_AES_256_GCM", SRTP_AEAD_AES_256_GCM},
|
| {nullptr, 0}};
|
| +#endif
|
|
|
| #ifdef OPENSSL_IS_BORINGSSL
|
| // Not used in production code. Actual time should be relative to Jan 1, 1970.
|
| @@ -428,6 +432,7 @@
|
| bool use_context,
|
| uint8_t* result,
|
| size_t result_len) {
|
| +#ifdef HAVE_DTLS_SRTP
|
| int i;
|
|
|
| i = SSL_export_keying_material(ssl_, result, result_len, label.c_str(),
|
| @@ -438,10 +443,14 @@
|
| return false;
|
|
|
| return true;
|
| +#else
|
| + return false;
|
| +#endif
|
| }
|
|
|
| bool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites(
|
| const std::vector<int>& ciphers) {
|
| +#ifdef HAVE_DTLS_SRTP
|
| std::string internal_ciphers;
|
|
|
| if (state_ != SSL_NONE)
|
| @@ -472,9 +481,13 @@
|
|
|
| srtp_ciphers_ = internal_ciphers;
|
| return true;
|
| +#else
|
| + return false;
|
| +#endif
|
| }
|
|
|
| bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) {
|
| +#ifdef HAVE_DTLS_SRTP
|
| RTC_DCHECK(state_ == SSL_CONNECTED);
|
| if (state_ != SSL_CONNECTED)
|
| return false;
|
| @@ -488,6 +501,9 @@
|
| *crypto_suite = srtp_profile->id;
|
| RTC_DCHECK(!SrtpCryptoSuiteToName(*crypto_suite).empty());
|
| return true;
|
| +#else
|
| + return false;
|
| +#endif
|
| }
|
|
|
| bool OpenSSLStreamAdapter::IsTlsConnected() {
|
| @@ -1080,12 +1096,14 @@
|
| SSL_CTX_set_cipher_list(ctx,
|
| "DEFAULT:!NULL:!aNULL:!SHA256:!SHA384:!aECDH:!AESGCM+AES256:!aPSK");
|
|
|
| +#ifdef HAVE_DTLS_SRTP
|
| if (!srtp_ciphers_.empty()) {
|
| if (SSL_CTX_set_tlsext_use_srtp(ctx, srtp_ciphers_.c_str())) {
|
| SSL_CTX_free(ctx);
|
| return NULL;
|
| }
|
| }
|
| +#endif
|
|
|
| return ctx;
|
| }
|
| @@ -1151,6 +1169,26 @@
|
| return stream->VerifyPeerCertificate();
|
| }
|
|
|
| +bool OpenSSLStreamAdapter::HaveDtls() {
|
| + return true;
|
| +}
|
| +
|
| +bool OpenSSLStreamAdapter::HaveDtlsSrtp() {
|
| +#ifdef HAVE_DTLS_SRTP
|
| + return true;
|
| +#else
|
| + return false;
|
| +#endif
|
| +}
|
| +
|
| +bool OpenSSLStreamAdapter::HaveExporter() {
|
| +#ifdef HAVE_DTLS_SRTP
|
| + return true;
|
| +#else
|
| + return false;
|
| +#endif
|
| +}
|
| +
|
| bool OpenSSLStreamAdapter::IsBoringSsl() {
|
| #ifdef OPENSSL_IS_BORINGSSL
|
| return true;
|
| @@ -1235,3 +1273,5 @@
|
| }
|
|
|
| } // namespace rtc
|
| +
|
| +#endif // HAVE_OPENSSL_SSL_H
|
|
|
Chromium Code Reviews
Issue 2648003003:
Revert of Removing #defines previously used for building without BoringSSL/OpenSSL. (Closed)
