| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 101 SignalEvent(this, rtc::SE_READ, 0); | 101 SignalEvent(this, rtc::SE_READ, 0); |
| 102 } | 102 } |
| 103 return ret; | 103 return ret; |
| 104 } | 104 } |
| 105 | 105 |
| 106 void StreamInterfaceChannel::Close() { | 106 void StreamInterfaceChannel::Close() { |
| 107 packets_.Clear(); | 107 packets_.Clear(); |
| 108 state_ = rtc::SS_CLOSED; | 108 state_ = rtc::SS_CLOSED; |
| 109 } | 109 } |
| 110 | 110 |
| 111 DtlsTransport::DtlsTransport(IceTransportInternal* ice_transport) | 111 DtlsTransport::DtlsTransport(IceTransportInternal* ice_transport, |
| 112 const rtc::CryptoOptions& crypto_options) |
| 112 : transport_name_(ice_transport->transport_name()), | 113 : transport_name_(ice_transport->transport_name()), |
| 113 component_(ice_transport->component()), | 114 component_(ice_transport->component()), |
| 114 network_thread_(rtc::Thread::Current()), | 115 network_thread_(rtc::Thread::Current()), |
| 115 ice_transport_(ice_transport), | 116 ice_transport_(ice_transport), |
| 116 downward_(NULL), | 117 downward_(NULL), |
| 117 ssl_role_(rtc::SSL_CLIENT), | 118 ssl_role_(rtc::SSL_CLIENT), |
| 118 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_12) { | 119 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_12) { |
| 120 GetDefaultSrtpCryptoSuites(crypto_options, &srtp_ciphers_); |
| 119 ice_transport_->SignalWritableState.connect(this, | 121 ice_transport_->SignalWritableState.connect(this, |
| 120 &DtlsTransport::OnWritableState); | 122 &DtlsTransport::OnWritableState); |
| 121 ice_transport_->SignalReadPacket.connect(this, &DtlsTransport::OnReadPacket); | 123 ice_transport_->SignalReadPacket.connect(this, &DtlsTransport::OnReadPacket); |
| 122 ice_transport_->SignalSentPacket.connect(this, &DtlsTransport::OnSentPacket); | 124 ice_transport_->SignalSentPacket.connect(this, &DtlsTransport::OnSentPacket); |
| 123 ice_transport_->SignalReadyToSend.connect(this, | 125 ice_transport_->SignalReadyToSend.connect(this, |
| 124 &DtlsTransport::OnReadyToSend); | 126 &DtlsTransport::OnReadyToSend); |
| 125 ice_transport_->SignalReceivingState.connect( | 127 ice_transport_->SignalReceivingState.connect( |
| 126 this, &DtlsTransport::OnReceivingState); | 128 this, &DtlsTransport::OnReceivingState); |
| 127 } | 129 } |
| 128 | 130 |
| (...skipping 182 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 311 } | 313 } |
| 312 | 314 |
| 313 LOG_J(LS_INFO, this) << "DTLS setup complete."; | 315 LOG_J(LS_INFO, this) << "DTLS setup complete."; |
| 314 | 316 |
| 315 // If the underlying ice_transport is already writable at this point, we may | 317 // If the underlying ice_transport is already writable at this point, we may |
| 316 // be able to start DTLS right away. | 318 // be able to start DTLS right away. |
| 317 MaybeStartDtls(); | 319 MaybeStartDtls(); |
| 318 return true; | 320 return true; |
| 319 } | 321 } |
| 320 | 322 |
| 321 bool DtlsTransport::SetSrtpCryptoSuites(const std::vector<int>& ciphers) { | |
| 322 if (srtp_ciphers_ == ciphers) | |
| 323 return true; | |
| 324 | |
| 325 if (dtls_state() == DTLS_TRANSPORT_CONNECTING) { | |
| 326 LOG(LS_WARNING) << "Ignoring new SRTP ciphers while DTLS is negotiating"; | |
| 327 return true; | |
| 328 } | |
| 329 | |
| 330 if (dtls_state() == DTLS_TRANSPORT_CONNECTED) { | |
| 331 // We don't support DTLS renegotiation currently. If new set of srtp ciphers | |
| 332 // are different than what's being used currently, we will not use it. | |
| 333 // So for now, let's be happy (or sad) with a warning message. | |
| 334 int current_srtp_cipher; | |
| 335 if (!dtls_->GetDtlsSrtpCryptoSuite(¤t_srtp_cipher)) { | |
| 336 LOG(LS_ERROR) | |
| 337 << "Failed to get the current SRTP cipher for DTLS transport"; | |
| 338 return false; | |
| 339 } | |
| 340 const std::vector<int>::const_iterator iter = | |
| 341 std::find(ciphers.begin(), ciphers.end(), current_srtp_cipher); | |
| 342 if (iter == ciphers.end()) { | |
| 343 std::string requested_str; | |
| 344 for (size_t i = 0; i < ciphers.size(); ++i) { | |
| 345 requested_str.append(" "); | |
| 346 requested_str.append(rtc::SrtpCryptoSuiteToName(ciphers[i])); | |
| 347 requested_str.append(" "); | |
| 348 } | |
| 349 LOG(LS_WARNING) << "Ignoring new set of SRTP ciphers, as DTLS " | |
| 350 << "renegotiation is not supported currently " | |
| 351 << "current cipher = " << current_srtp_cipher << " and " | |
| 352 << "requested = " << "[" << requested_str << "]"; | |
| 353 } | |
| 354 return true; | |
| 355 } | |
| 356 | |
| 357 if (dtls_state() != DTLS_TRANSPORT_NEW) { | |
| 358 LOG(LS_ERROR) << "Can't set SRTP ciphers for a closed session"; | |
| 359 return false; | |
| 360 } | |
| 361 | |
| 362 srtp_ciphers_ = ciphers; | |
| 363 return true; | |
| 364 } | |
| 365 | |
| 366 bool DtlsTransport::GetSrtpCryptoSuite(int* cipher) { | 323 bool DtlsTransport::GetSrtpCryptoSuite(int* cipher) { |
| 367 if (dtls_state() != DTLS_TRANSPORT_CONNECTED) { | 324 if (dtls_state() != DTLS_TRANSPORT_CONNECTED) { |
| 368 return false; | 325 return false; |
| 369 } | 326 } |
| 370 | 327 |
| 371 return dtls_->GetDtlsSrtpCryptoSuite(cipher); | 328 return dtls_->GetDtlsSrtpCryptoSuite(cipher); |
| 372 } | 329 } |
| 373 | 330 |
| 374 | 331 |
| 375 // Called from upper layers to send a media packet. | 332 // Called from upper layers to send a media packet. |
| (...skipping 339 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 715 | 672 |
| 716 dtls_->SetInitialRetransmissionTimeout(initial_timeout); | 673 dtls_->SetInitialRetransmissionTimeout(initial_timeout); |
| 717 } else { | 674 } else { |
| 718 LOG_J(LS_INFO, this) | 675 LOG_J(LS_INFO, this) |
| 719 << "no RTT estimate - using default DTLS handshake timeout"; | 676 << "no RTT estimate - using default DTLS handshake timeout"; |
| 720 } | 677 } |
| 721 } | 678 } |
| 722 | 679 |
| 723 | 680 |
| 724 } // namespace cricket | 681 } // namespace cricket |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2815513012:
Negotiate the same SRTP crypto suites for every DTLS association formed. (Closed)
