OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 19 matching lines...) Expand all Loading... |
30 #include "webrtc/rtc_base/openssladapter.h" | 30 #include "webrtc/rtc_base/openssladapter.h" |
31 #include "webrtc/rtc_base/openssldigest.h" | 31 #include "webrtc/rtc_base/openssldigest.h" |
32 #include "webrtc/rtc_base/opensslidentity.h" | 32 #include "webrtc/rtc_base/opensslidentity.h" |
33 #include "webrtc/rtc_base/safe_conversions.h" | 33 #include "webrtc/rtc_base/safe_conversions.h" |
34 #include "webrtc/rtc_base/stream.h" | 34 #include "webrtc/rtc_base/stream.h" |
35 #include "webrtc/rtc_base/stringutils.h" | 35 #include "webrtc/rtc_base/stringutils.h" |
36 #include "webrtc/rtc_base/thread.h" | 36 #include "webrtc/rtc_base/thread.h" |
37 #include "webrtc/rtc_base/timeutils.h" | 37 #include "webrtc/rtc_base/timeutils.h" |
38 | 38 |
39 namespace { | 39 namespace { |
40 bool g_use_time_callback_for_testing = false; | 40 bool g_use_time_callback_for_testing = false; |
41 } | 41 } |
42 | 42 |
43 namespace rtc { | 43 namespace rtc { |
44 | 44 |
45 #if (OPENSSL_VERSION_NUMBER < 0x10001000L) | 45 #if (OPENSSL_VERSION_NUMBER < 0x10001000L) |
46 #error "webrtc requires at least OpenSSL version 1.0.1, to support DTLS-SRTP" | 46 #error "webrtc requires at least OpenSSL version 1.0.1, to support DTLS-SRTP" |
47 #endif | 47 #endif |
48 | 48 |
49 // SRTP cipher suite table. |internal_name| is used to construct a | 49 // SRTP cipher suite table. |internal_name| is used to construct a |
50 // colon-separated profile strings which is needed by | 50 // colon-separated profile strings which is needed by |
(...skipping 19 matching lines...) Expand all Loading... |
70 out_clock->tv_usec = (time % kNumNanosecsPerSec) / kNumNanosecsPerMicrosec; | 70 out_clock->tv_usec = (time % kNumNanosecsPerSec) / kNumNanosecsPerMicrosec; |
71 } | 71 } |
72 #else // #ifdef OPENSSL_IS_BORINGSSL | 72 #else // #ifdef OPENSSL_IS_BORINGSSL |
73 | 73 |
74 // Cipher name table. Maps internal OpenSSL cipher ids to the RFC name. | 74 // Cipher name table. Maps internal OpenSSL cipher ids to the RFC name. |
75 struct SslCipherMapEntry { | 75 struct SslCipherMapEntry { |
76 uint32_t openssl_id; | 76 uint32_t openssl_id; |
77 const char* rfc_name; | 77 const char* rfc_name; |
78 }; | 78 }; |
79 | 79 |
80 #define DEFINE_CIPHER_ENTRY_SSL3(name) {SSL3_CK_##name, "TLS_"#name} | 80 #define DEFINE_CIPHER_ENTRY_SSL3(name) \ |
81 #define DEFINE_CIPHER_ENTRY_TLS1(name) {TLS1_CK_##name, "TLS_"#name} | 81 { SSL3_CK_##name, "TLS_" #name } |
| 82 #define DEFINE_CIPHER_ENTRY_TLS1(name) \ |
| 83 { TLS1_CK_##name, "TLS_" #name } |
82 | 84 |
83 // There currently is no method available to get a RFC-compliant name for a | 85 // There currently is no method available to get a RFC-compliant name for a |
84 // cipher suite from BoringSSL, so we need to define the mapping manually here. | 86 // cipher suite from BoringSSL, so we need to define the mapping manually here. |
85 // This should go away once BoringSSL supports "SSL_CIPHER_standard_name" | 87 // This should go away once BoringSSL supports "SSL_CIPHER_standard_name" |
86 // (as available in OpenSSL if compiled with tracing enabled) or a similar | 88 // (as available in OpenSSL if compiled with tracing enabled) or a similar |
87 // method. | 89 // method. |
88 static const SslCipherMapEntry kSslCipherMap[] = { | 90 static const SslCipherMapEntry kSslCipherMap[] = { |
89 // TLS v1.0 ciphersuites from RFC2246. | 91 // TLS v1.0 ciphersuites from RFC2246. |
90 DEFINE_CIPHER_ENTRY_SSL3(RSA_RC4_128_SHA), | 92 DEFINE_CIPHER_ENTRY_SSL3(RSA_RC4_128_SHA), |
91 {SSL3_CK_RSA_DES_192_CBC3_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA"}, | 93 {SSL3_CK_RSA_DES_192_CBC3_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA"}, |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
164 static long stream_ctrl(BIO* h, int cmd, long arg1, void* arg2); | 166 static long stream_ctrl(BIO* h, int cmd, long arg1, void* arg2); |
165 static int stream_new(BIO* h); | 167 static int stream_new(BIO* h); |
166 static int stream_free(BIO* data); | 168 static int stream_free(BIO* data); |
167 | 169 |
168 // TODO(davidben): This should be const once BoringSSL is assumed. | 170 // TODO(davidben): This should be const once BoringSSL is assumed. |
169 static BIO_METHOD methods_stream = { | 171 static BIO_METHOD methods_stream = { |
170 BIO_TYPE_BIO, "stream", stream_write, stream_read, stream_puts, 0, | 172 BIO_TYPE_BIO, "stream", stream_write, stream_read, stream_puts, 0, |
171 stream_ctrl, stream_new, stream_free, nullptr, | 173 stream_ctrl, stream_new, stream_free, nullptr, |
172 }; | 174 }; |
173 | 175 |
174 static BIO_METHOD* BIO_s_stream() { return(&methods_stream); } | 176 static BIO_METHOD* BIO_s_stream() { |
| 177 return (&methods_stream); |
| 178 } |
175 | 179 |
176 static BIO* BIO_new_stream(StreamInterface* stream) { | 180 static BIO* BIO_new_stream(StreamInterface* stream) { |
177 BIO* ret = BIO_new(BIO_s_stream()); | 181 BIO* ret = BIO_new(BIO_s_stream()); |
178 if (ret == nullptr) | 182 if (ret == nullptr) |
179 return nullptr; | 183 return nullptr; |
180 ret->ptr = stream; | 184 ret->ptr = stream; |
181 return ret; | 185 return ret; |
182 } | 186 } |
183 | 187 |
184 // bio methods return 1 (or at least non-zero) on success and 0 on failure. | 188 // bio methods return 1 (or at least non-zero) on success and 0 on failure. |
(...skipping 267 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
452 | 456 |
453 srtp_ciphers_ = internal_ciphers; | 457 srtp_ciphers_ = internal_ciphers; |
454 return true; | 458 return true; |
455 } | 459 } |
456 | 460 |
457 bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) { | 461 bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) { |
458 RTC_DCHECK(state_ == SSL_CONNECTED); | 462 RTC_DCHECK(state_ == SSL_CONNECTED); |
459 if (state_ != SSL_CONNECTED) | 463 if (state_ != SSL_CONNECTED) |
460 return false; | 464 return false; |
461 | 465 |
462 const SRTP_PROTECTION_PROFILE *srtp_profile = | 466 const SRTP_PROTECTION_PROFILE* srtp_profile = |
463 SSL_get_selected_srtp_profile(ssl_); | 467 SSL_get_selected_srtp_profile(ssl_); |
464 | 468 |
465 if (!srtp_profile) | 469 if (!srtp_profile) |
466 return false; | 470 return false; |
467 | 471 |
468 *crypto_suite = srtp_profile->id; | 472 *crypto_suite = srtp_profile->id; |
469 RTC_DCHECK(!SrtpCryptoSuiteToName(*crypto_suite).empty()); | 473 RTC_DCHECK(!SrtpCryptoSuiteToName(*crypto_suite).empty()); |
470 return true; | 474 return true; |
471 } | 475 } |
472 | 476 |
(...skipping 24 matching lines...) Expand all Loading... |
497 void OpenSSLStreamAdapter::SetMode(SSLMode mode) { | 501 void OpenSSLStreamAdapter::SetMode(SSLMode mode) { |
498 RTC_DCHECK(state_ == SSL_NONE); | 502 RTC_DCHECK(state_ == SSL_NONE); |
499 ssl_mode_ = mode; | 503 ssl_mode_ = mode; |
500 } | 504 } |
501 | 505 |
502 void OpenSSLStreamAdapter::SetMaxProtocolVersion(SSLProtocolVersion version) { | 506 void OpenSSLStreamAdapter::SetMaxProtocolVersion(SSLProtocolVersion version) { |
503 RTC_DCHECK(ssl_ctx_ == nullptr); | 507 RTC_DCHECK(ssl_ctx_ == nullptr); |
504 ssl_max_version_ = version; | 508 ssl_max_version_ = version; |
505 } | 509 } |
506 | 510 |
507 void OpenSSLStreamAdapter::SetInitialRetransmissionTimeout( | 511 void OpenSSLStreamAdapter::SetInitialRetransmissionTimeout(int timeout_ms) { |
508 int timeout_ms) { | |
509 RTC_DCHECK(ssl_ctx_ == nullptr); | 512 RTC_DCHECK(ssl_ctx_ == nullptr); |
510 dtls_handshake_timeout_ms_ = timeout_ms; | 513 dtls_handshake_timeout_ms_ = timeout_ms; |
511 } | 514 } |
512 | 515 |
513 // | 516 // |
514 // StreamInterface Implementation | 517 // StreamInterface Implementation |
515 // | 518 // |
516 | 519 |
517 StreamResult OpenSSLStreamAdapter::Write(const void* data, size_t data_len, | 520 StreamResult OpenSSLStreamAdapter::Write(const void* data, |
518 size_t* written, int* error) { | 521 size_t data_len, |
| 522 size_t* written, |
| 523 int* error) { |
519 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Write(" << data_len << ")"; | 524 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Write(" << data_len << ")"; |
520 | 525 |
521 switch (state_) { | 526 switch (state_) { |
522 case SSL_NONE: | 527 case SSL_NONE: |
523 // pass-through in clear text | 528 // pass-through in clear text |
524 return StreamAdapterInterface::Write(data, data_len, written, error); | 529 return StreamAdapterInterface::Write(data, data_len, written, error); |
525 | 530 |
526 case SSL_WAIT: | 531 case SSL_WAIT: |
527 case SSL_CONNECTING: | 532 case SSL_CONNECTING: |
528 return SR_BLOCK; | 533 return SR_BLOCK; |
529 | 534 |
530 case SSL_CONNECTED: | 535 case SSL_CONNECTED: |
531 if (waiting_to_verify_peer_certificate()) { | 536 if (waiting_to_verify_peer_certificate()) { |
532 return SR_BLOCK; | 537 return SR_BLOCK; |
533 } | 538 } |
534 break; | 539 break; |
535 | 540 |
536 case SSL_ERROR: | 541 case SSL_ERROR: |
537 case SSL_CLOSED: | 542 case SSL_CLOSED: |
538 default: | 543 default: |
539 if (error) | 544 if (error) |
540 *error = ssl_error_code_; | 545 *error = ssl_error_code_; |
541 return SR_ERROR; | 546 return SR_ERROR; |
542 } | 547 } |
543 | 548 |
544 // OpenSSL will return an error if we try to write zero bytes | 549 // OpenSSL will return an error if we try to write zero bytes |
545 if (data_len == 0) { | 550 if (data_len == 0) { |
546 if (written) | 551 if (written) |
547 *written = 0; | 552 *written = 0; |
548 return SR_SUCCESS; | 553 return SR_SUCCESS; |
549 } | 554 } |
550 | 555 |
551 ssl_write_needs_read_ = false; | 556 ssl_write_needs_read_ = false; |
552 | 557 |
553 int code = SSL_write(ssl_, data, checked_cast<int>(data_len)); | 558 int code = SSL_write(ssl_, data, checked_cast<int>(data_len)); |
554 int ssl_error = SSL_get_error(ssl_, code); | 559 int ssl_error = SSL_get_error(ssl_, code); |
555 switch (ssl_error) { | 560 switch (ssl_error) { |
556 case SSL_ERROR_NONE: | 561 case SSL_ERROR_NONE: |
557 LOG(LS_VERBOSE) << " -- success"; | 562 LOG(LS_VERBOSE) << " -- success"; |
558 RTC_DCHECK(0 < code && static_cast<unsigned>(code) <= data_len); | 563 RTC_DCHECK(0 < code && static_cast<unsigned>(code) <= data_len); |
559 if (written) | 564 if (written) |
560 *written = code; | 565 *written = code; |
561 return SR_SUCCESS; | 566 return SR_SUCCESS; |
562 case SSL_ERROR_WANT_READ: | 567 case SSL_ERROR_WANT_READ: |
563 LOG(LS_VERBOSE) << " -- error want read"; | 568 LOG(LS_VERBOSE) << " -- error want read"; |
564 ssl_write_needs_read_ = true; | 569 ssl_write_needs_read_ = true; |
565 return SR_BLOCK; | 570 return SR_BLOCK; |
566 case SSL_ERROR_WANT_WRITE: | 571 case SSL_ERROR_WANT_WRITE: |
567 LOG(LS_VERBOSE) << " -- error want write"; | 572 LOG(LS_VERBOSE) << " -- error want write"; |
568 return SR_BLOCK; | 573 return SR_BLOCK; |
569 | 574 |
570 case SSL_ERROR_ZERO_RETURN: | 575 case SSL_ERROR_ZERO_RETURN: |
571 default: | 576 default: |
572 Error("SSL_write", (ssl_error ? ssl_error : -1), 0, false); | 577 Error("SSL_write", (ssl_error ? ssl_error : -1), 0, false); |
573 if (error) | 578 if (error) |
574 *error = ssl_error_code_; | 579 *error = ssl_error_code_; |
575 return SR_ERROR; | 580 return SR_ERROR; |
576 } | 581 } |
577 // not reached | 582 // not reached |
578 } | 583 } |
579 | 584 |
580 StreamResult OpenSSLStreamAdapter::Read(void* data, size_t data_len, | 585 StreamResult OpenSSLStreamAdapter::Read(void* data, |
581 size_t* read, int* error) { | 586 size_t data_len, |
| 587 size_t* read, |
| 588 int* error) { |
582 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Read(" << data_len << ")"; | 589 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Read(" << data_len << ")"; |
583 switch (state_) { | 590 switch (state_) { |
584 case SSL_NONE: | 591 case SSL_NONE: |
585 // pass-through in clear text | 592 // pass-through in clear text |
586 return StreamAdapterInterface::Read(data, data_len, read, error); | 593 return StreamAdapterInterface::Read(data, data_len, read, error); |
587 | 594 |
588 case SSL_WAIT: | 595 case SSL_WAIT: |
589 case SSL_CONNECTING: | 596 case SSL_CONNECTING: |
590 return SR_BLOCK; | 597 return SR_BLOCK; |
591 | 598 |
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
698 if (waiting_to_verify_peer_certificate()) { | 705 if (waiting_to_verify_peer_certificate()) { |
699 return SS_OPENING; | 706 return SS_OPENING; |
700 } | 707 } |
701 return SS_OPEN; | 708 return SS_OPEN; |
702 default: | 709 default: |
703 return SS_CLOSED; | 710 return SS_CLOSED; |
704 }; | 711 }; |
705 // not reached | 712 // not reached |
706 } | 713 } |
707 | 714 |
708 void OpenSSLStreamAdapter::OnEvent(StreamInterface* stream, int events, | 715 void OpenSSLStreamAdapter::OnEvent(StreamInterface* stream, |
| 716 int events, |
709 int err) { | 717 int err) { |
710 int events_to_signal = 0; | 718 int events_to_signal = 0; |
711 int signal_error = 0; | 719 int signal_error = 0; |
712 RTC_DCHECK(stream == this->stream()); | 720 RTC_DCHECK(stream == this->stream()); |
713 if ((events & SE_OPEN)) { | 721 if ((events & SE_OPEN)) { |
714 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent SE_OPEN"; | 722 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent SE_OPEN"; |
715 if (state_ != SSL_WAIT) { | 723 if (state_ != SSL_WAIT) { |
716 RTC_DCHECK(state_ == SSL_NONE); | 724 RTC_DCHECK(state_ == SSL_NONE); |
717 events_to_signal |= SE_OPEN; | 725 events_to_signal |= SE_OPEN; |
718 } else { | 726 } else { |
719 state_ = SSL_CONNECTING; | 727 state_ = SSL_CONNECTING; |
720 if (int err = BeginSSL()) { | 728 if (int err = BeginSSL()) { |
721 Error("BeginSSL", err, 0, true); | 729 Error("BeginSSL", err, 0, true); |
722 return; | 730 return; |
723 } | 731 } |
724 } | 732 } |
725 } | 733 } |
726 if ((events & (SE_READ|SE_WRITE))) { | 734 if ((events & (SE_READ | SE_WRITE))) { |
727 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent" | 735 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent" |
728 << ((events & SE_READ) ? " SE_READ" : "") | 736 << ((events & SE_READ) ? " SE_READ" : "") |
729 << ((events & SE_WRITE) ? " SE_WRITE" : ""); | 737 << ((events & SE_WRITE) ? " SE_WRITE" : ""); |
730 if (state_ == SSL_NONE) { | 738 if (state_ == SSL_NONE) { |
731 events_to_signal |= events & (SE_READ|SE_WRITE); | 739 events_to_signal |= events & (SE_READ | SE_WRITE); |
732 } else if (state_ == SSL_CONNECTING) { | 740 } else if (state_ == SSL_CONNECTING) { |
733 if (int err = ContinueSSL()) { | 741 if (int err = ContinueSSL()) { |
734 Error("ContinueSSL", err, 0, true); | 742 Error("ContinueSSL", err, 0, true); |
735 return; | 743 return; |
736 } | 744 } |
737 } else if (state_ == SSL_CONNECTED) { | 745 } else if (state_ == SSL_CONNECTED) { |
738 if (((events & SE_READ) && ssl_write_needs_read_) || | 746 if (((events & SE_READ) && ssl_write_needs_read_) || |
739 (events & SE_WRITE)) { | 747 (events & SE_WRITE)) { |
740 LOG(LS_VERBOSE) << " -- onStreamWriteable"; | 748 LOG(LS_VERBOSE) << " -- onStreamWriteable"; |
741 events_to_signal |= SE_WRITE; | 749 events_to_signal |= SE_WRITE; |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
789 #ifdef OPENSSL_IS_BORINGSSL | 797 #ifdef OPENSSL_IS_BORINGSSL |
790 DTLSv1_set_initial_timeout_duration(ssl_, dtls_handshake_timeout_ms_); | 798 DTLSv1_set_initial_timeout_duration(ssl_, dtls_handshake_timeout_ms_); |
791 #else | 799 #else |
792 // Enable read-ahead for DTLS so whole packets are read from internal BIO | 800 // Enable read-ahead for DTLS so whole packets are read from internal BIO |
793 // before parsing. This is done internally by BoringSSL for DTLS. | 801 // before parsing. This is done internally by BoringSSL for DTLS. |
794 SSL_set_read_ahead(ssl_, 1); | 802 SSL_set_read_ahead(ssl_, 1); |
795 #endif | 803 #endif |
796 } | 804 } |
797 | 805 |
798 SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE | | 806 SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE | |
799 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); | 807 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); |
800 | 808 |
801 #if !defined(OPENSSL_IS_BORINGSSL) | 809 #if !defined(OPENSSL_IS_BORINGSSL) |
802 // Specify an ECDH group for ECDHE ciphers, otherwise OpenSSL cannot | 810 // Specify an ECDH group for ECDHE ciphers, otherwise OpenSSL cannot |
803 // negotiate them when acting as the server. Use NIST's P-256 which is | 811 // negotiate them when acting as the server. Use NIST's P-256 which is |
804 // commonly supported. BoringSSL doesn't need explicit configuration and has | 812 // commonly supported. BoringSSL doesn't need explicit configuration and has |
805 // a reasonable default set. | 813 // a reasonable default set. |
806 EC_KEY* ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); | 814 EC_KEY* ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); |
807 if (ecdh == nullptr) | 815 if (ecdh == nullptr) |
808 return -1; | 816 return -1; |
809 SSL_set_options(ssl_, SSL_OP_SINGLE_ECDH_USE); | 817 SSL_set_options(ssl_, SSL_OP_SINGLE_ECDH_USE); |
(...skipping 30 matching lines...) Expand all Loading... |
840 // TODO(deadbeef): Post this event asynchronously to unwind the stack. | 848 // TODO(deadbeef): Post this event asynchronously to unwind the stack. |
841 // The caller of ContinueSSL may be the same object listening for these | 849 // The caller of ContinueSSL may be the same object listening for these |
842 // events and may not be prepared for reentrancy. | 850 // events and may not be prepared for reentrancy. |
843 // PostEvent(SE_OPEN | SE_READ | SE_WRITE, 0); | 851 // PostEvent(SE_OPEN | SE_READ | SE_WRITE, 0); |
844 StreamAdapterInterface::OnEvent(stream(), SE_OPEN | SE_READ | SE_WRITE, | 852 StreamAdapterInterface::OnEvent(stream(), SE_OPEN | SE_READ | SE_WRITE, |
845 0); | 853 0); |
846 } | 854 } |
847 break; | 855 break; |
848 | 856 |
849 case SSL_ERROR_WANT_READ: { | 857 case SSL_ERROR_WANT_READ: { |
850 LOG(LS_VERBOSE) << " -- error want read"; | 858 LOG(LS_VERBOSE) << " -- error want read"; |
851 struct timeval timeout; | 859 struct timeval timeout; |
852 if (DTLSv1_get_timeout(ssl_, &timeout)) { | 860 if (DTLSv1_get_timeout(ssl_, &timeout)) { |
853 int delay = timeout.tv_sec * 1000 + timeout.tv_usec/1000; | 861 int delay = timeout.tv_sec * 1000 + timeout.tv_usec / 1000; |
854 | 862 |
855 Thread::Current()->PostDelayed(RTC_FROM_HERE, delay, this, | 863 Thread::Current()->PostDelayed(RTC_FROM_HERE, delay, this, MSG_TIMEOUT, |
856 MSG_TIMEOUT, 0); | 864 0); |
857 } | |
858 } | 865 } |
859 break; | 866 } break; |
860 | 867 |
861 case SSL_ERROR_WANT_WRITE: | 868 case SSL_ERROR_WANT_WRITE: |
862 LOG(LS_VERBOSE) << " -- error want write"; | 869 LOG(LS_VERBOSE) << " -- error want write"; |
863 break; | 870 break; |
864 | 871 |
865 case SSL_ERROR_ZERO_RETURN: | 872 case SSL_ERROR_ZERO_RETURN: |
866 default: | 873 default: |
867 LOG(LS_VERBOSE) << " -- error " << code; | 874 LOG(LS_VERBOSE) << " -- error " << code; |
868 SSLHandshakeError ssl_handshake_err = SSLHandshakeError::UNKNOWN; | 875 SSLHandshakeError ssl_handshake_err = SSLHandshakeError::UNKNOWN; |
869 int err_code = ERR_peek_last_error(); | 876 int err_code = ERR_peek_last_error(); |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
925 SSL_CTX_free(ssl_ctx_); | 932 SSL_CTX_free(ssl_ctx_); |
926 ssl_ctx_ = nullptr; | 933 ssl_ctx_ = nullptr; |
927 } | 934 } |
928 identity_.reset(); | 935 identity_.reset(); |
929 peer_certificate_.reset(); | 936 peer_certificate_.reset(); |
930 | 937 |
931 // Clear the DTLS timer | 938 // Clear the DTLS timer |
932 Thread::Current()->Clear(this, MSG_TIMEOUT); | 939 Thread::Current()->Clear(this, MSG_TIMEOUT); |
933 } | 940 } |
934 | 941 |
935 | |
936 void OpenSSLStreamAdapter::OnMessage(Message* msg) { | 942 void OpenSSLStreamAdapter::OnMessage(Message* msg) { |
937 // Process our own messages and then pass others to the superclass | 943 // Process our own messages and then pass others to the superclass |
938 if (MSG_TIMEOUT == msg->message_id) { | 944 if (MSG_TIMEOUT == msg->message_id) { |
939 LOG(LS_INFO) << "DTLS timeout expired"; | 945 LOG(LS_INFO) << "DTLS timeout expired"; |
940 DTLSv1_handle_timeout(ssl_); | 946 DTLSv1_handle_timeout(ssl_); |
941 ContinueSSL(); | 947 ContinueSSL(); |
942 } else { | 948 } else { |
943 StreamInterface::OnMessage(msg); | 949 StreamInterface::OnMessage(msg); |
944 } | 950 } |
945 } | 951 } |
946 | 952 |
947 SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() { | 953 SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() { |
948 SSL_CTX* ctx = nullptr; | 954 SSL_CTX* ctx = nullptr; |
949 | 955 |
950 #ifdef OPENSSL_IS_BORINGSSL | 956 #ifdef OPENSSL_IS_BORINGSSL |
951 ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? | 957 ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? DTLS_method() : TLS_method()); |
952 DTLS_method() : TLS_method()); | 958 // Version limiting for BoringSSL will be done below. |
953 // Version limiting for BoringSSL will be done below. | |
954 #else | 959 #else |
955 const SSL_METHOD* method; | 960 const SSL_METHOD* method; |
956 switch (ssl_max_version_) { | 961 switch (ssl_max_version_) { |
957 case SSL_PROTOCOL_TLS_10: | 962 case SSL_PROTOCOL_TLS_10: |
958 case SSL_PROTOCOL_TLS_11: | 963 case SSL_PROTOCOL_TLS_11: |
959 // OpenSSL doesn't support setting min/max versions, so we always use | 964 // OpenSSL doesn't support setting min/max versions, so we always use |
960 // (D)TLS 1.0 if a max. version below the max. available is requested. | 965 // (D)TLS 1.0 if a max. version below the max. available is requested. |
961 if (ssl_mode_ == SSL_MODE_DTLS) { | 966 if (ssl_mode_ == SSL_MODE_DTLS) { |
962 if (role_ == SSL_CLIENT) { | 967 if (role_ == SSL_CLIENT) { |
963 method = DTLSv1_client_method(); | 968 method = DTLSv1_client_method(); |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1007 } | 1012 } |
1008 break; | 1013 break; |
1009 } | 1014 } |
1010 ctx = SSL_CTX_new(method); | 1015 ctx = SSL_CTX_new(method); |
1011 #endif // OPENSSL_IS_BORINGSSL | 1016 #endif // OPENSSL_IS_BORINGSSL |
1012 | 1017 |
1013 if (ctx == nullptr) | 1018 if (ctx == nullptr) |
1014 return nullptr; | 1019 return nullptr; |
1015 | 1020 |
1016 #ifdef OPENSSL_IS_BORINGSSL | 1021 #ifdef OPENSSL_IS_BORINGSSL |
1017 SSL_CTX_set_min_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? | 1022 SSL_CTX_set_min_proto_version( |
1018 DTLS1_VERSION : TLS1_VERSION); | 1023 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_VERSION : TLS1_VERSION); |
1019 switch (ssl_max_version_) { | 1024 switch (ssl_max_version_) { |
1020 case SSL_PROTOCOL_TLS_10: | 1025 case SSL_PROTOCOL_TLS_10: |
1021 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? | 1026 SSL_CTX_set_max_proto_version( |
1022 DTLS1_VERSION : TLS1_VERSION); | 1027 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_VERSION : TLS1_VERSION); |
1023 break; | 1028 break; |
1024 case SSL_PROTOCOL_TLS_11: | 1029 case SSL_PROTOCOL_TLS_11: |
1025 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? | 1030 SSL_CTX_set_max_proto_version( |
1026 DTLS1_VERSION : TLS1_1_VERSION); | 1031 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_VERSION : TLS1_1_VERSION); |
1027 break; | 1032 break; |
1028 case SSL_PROTOCOL_TLS_12: | 1033 case SSL_PROTOCOL_TLS_12: |
1029 default: | 1034 default: |
1030 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? | 1035 SSL_CTX_set_max_proto_version( |
1031 DTLS1_2_VERSION : TLS1_2_VERSION); | 1036 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION); |
1032 break; | 1037 break; |
1033 } | 1038 } |
1034 if (g_use_time_callback_for_testing) { | 1039 if (g_use_time_callback_for_testing) { |
1035 SSL_CTX_set_current_time_cb(ctx, &TimeCallbackForTesting); | 1040 SSL_CTX_set_current_time_cb(ctx, &TimeCallbackForTesting); |
1036 } | 1041 } |
1037 #endif | 1042 #endif |
1038 | 1043 |
1039 if (identity_ && !identity_->ConfigureIdentity(ctx)) { | 1044 if (identity_ && !identity_->ConfigureIdentity(ctx)) { |
1040 SSL_CTX_free(ctx); | 1045 SSL_CTX_free(ctx); |
1041 return nullptr; | 1046 return nullptr; |
(...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1103 int OpenSSLStreamAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) { | 1108 int OpenSSLStreamAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) { |
1104 // Get our SSL structure from the store | 1109 // Get our SSL structure from the store |
1105 SSL* ssl = reinterpret_cast<SSL*>( | 1110 SSL* ssl = reinterpret_cast<SSL*>( |
1106 X509_STORE_CTX_get_ex_data(store, SSL_get_ex_data_X509_STORE_CTX_idx())); | 1111 X509_STORE_CTX_get_ex_data(store, SSL_get_ex_data_X509_STORE_CTX_idx())); |
1107 X509* cert = X509_STORE_CTX_get_current_cert(store); | 1112 X509* cert = X509_STORE_CTX_get_current_cert(store); |
1108 int depth = X509_STORE_CTX_get_error_depth(store); | 1113 int depth = X509_STORE_CTX_get_error_depth(store); |
1109 | 1114 |
1110 // For now we ignore the parent certificates and verify the leaf against | 1115 // For now we ignore the parent certificates and verify the leaf against |
1111 // the digest. | 1116 // the digest. |
1112 // | 1117 // |
1113 // TODO(jiayl): Verify the chain is a proper chain and report the chain to | |
1114 // |stream->peer_certificate_|. | |
1115 if (depth > 0) { | |
1116 LOG(LS_INFO) << "Ignored chained certificate at depth " << depth; | |
1117 return 1; | |
1118 } | |
1119 | 1118 |
1120 OpenSSLStreamAdapter* stream = | 1119 OpenSSLStreamAdapter* stream = |
1121 reinterpret_cast<OpenSSLStreamAdapter*>(SSL_get_app_data(ssl)); | 1120 reinterpret_cast<OpenSSLStreamAdapter*>(SSL_get_app_data(ssl)); |
| 1121 if (depth == 0) { |
| 1122 // Record the peer's certificate. |
| 1123 stream->peer_certificate_.reset(new OpenSSLCertificate(cert)); |
| 1124 } else { |
| 1125 STACK_OF(X509)* chain = X509_STORE_CTX_get_chain(store); |
| 1126 stream->peer_certificate_.reset(new OpenSSLCertificate(chain)); |
| 1127 } |
1122 | 1128 |
1123 // Record the peer's certificate. | 1129 // Record the peer's certificate. |
1124 stream->peer_certificate_.reset(new OpenSSLCertificate(cert)); | 1130 stream->peer_certificate_.reset(new OpenSSLCertificate(cert)); |
1125 | 1131 |
1126 // If the peer certificate digest isn't known yet, we'll wait to verify | 1132 // If the peer certificate digest isn't known yet, we'll wait to verify |
1127 // until it's known, and for now just return a success status. | 1133 // until it's known, and for now just return a success status. |
1128 if (stream->peer_certificate_digest_algorithm_.empty()) { | 1134 if (stream->peer_certificate_digest_algorithm_.empty()) { |
1129 LOG(LS_INFO) << "Waiting to verify certificate until digest is known."; | 1135 LOG(LS_INFO) << "Waiting to verify certificate until digest is known."; |
1130 return 1; | 1136 return 1; |
1131 } | 1137 } |
(...skipping 12 matching lines...) Expand all Loading... |
1144 #define CDEF(X) \ | 1150 #define CDEF(X) \ |
1145 { static_cast<uint16_t>(TLS1_CK_##X & 0xffff), "TLS_" #X } | 1151 { static_cast<uint16_t>(TLS1_CK_##X & 0xffff), "TLS_" #X } |
1146 | 1152 |
1147 struct cipher_list { | 1153 struct cipher_list { |
1148 uint16_t cipher; | 1154 uint16_t cipher; |
1149 const char* cipher_str; | 1155 const char* cipher_str; |
1150 }; | 1156 }; |
1151 | 1157 |
1152 // TODO(torbjorng): Perhaps add more cipher suites to these lists. | 1158 // TODO(torbjorng): Perhaps add more cipher suites to these lists. |
1153 static const cipher_list OK_RSA_ciphers[] = { | 1159 static const cipher_list OK_RSA_ciphers[] = { |
1154 CDEF(ECDHE_RSA_WITH_AES_128_CBC_SHA), | 1160 CDEF(ECDHE_RSA_WITH_AES_128_CBC_SHA), |
1155 CDEF(ECDHE_RSA_WITH_AES_256_CBC_SHA), | 1161 CDEF(ECDHE_RSA_WITH_AES_256_CBC_SHA), |
1156 CDEF(ECDHE_RSA_WITH_AES_128_GCM_SHA256), | 1162 CDEF(ECDHE_RSA_WITH_AES_128_GCM_SHA256), |
1157 #ifdef TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA256 | 1163 #ifdef TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA256 |
1158 CDEF(ECDHE_RSA_WITH_AES_256_GCM_SHA256), | 1164 CDEF(ECDHE_RSA_WITH_AES_256_GCM_SHA256), |
1159 #endif | 1165 #endif |
1160 #ifdef TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | 1166 #ifdef TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 |
1161 CDEF(ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256), | 1167 CDEF(ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256), |
1162 #endif | 1168 #endif |
1163 }; | 1169 }; |
1164 | 1170 |
1165 static const cipher_list OK_ECDSA_ciphers[] = { | 1171 static const cipher_list OK_ECDSA_ciphers[] = { |
1166 CDEF(ECDHE_ECDSA_WITH_AES_128_CBC_SHA), | 1172 CDEF(ECDHE_ECDSA_WITH_AES_128_CBC_SHA), |
1167 CDEF(ECDHE_ECDSA_WITH_AES_256_CBC_SHA), | 1173 CDEF(ECDHE_ECDSA_WITH_AES_256_CBC_SHA), |
1168 CDEF(ECDHE_ECDSA_WITH_AES_128_GCM_SHA256), | 1174 CDEF(ECDHE_ECDSA_WITH_AES_128_GCM_SHA256), |
1169 #ifdef TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA256 | 1175 #ifdef TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA256 |
1170 CDEF(ECDHE_ECDSA_WITH_AES_256_GCM_SHA256), | 1176 CDEF(ECDHE_ECDSA_WITH_AES_256_GCM_SHA256), |
1171 #endif | 1177 #endif |
1172 #ifdef TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | 1178 #ifdef TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 |
1173 CDEF(ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256), | 1179 CDEF(ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256), |
1174 #endif | 1180 #endif |
1175 }; | 1181 }; |
1176 #undef CDEF | 1182 #undef CDEF |
1177 | 1183 |
1178 bool OpenSSLStreamAdapter::IsAcceptableCipher(int cipher, KeyType key_type) { | 1184 bool OpenSSLStreamAdapter::IsAcceptableCipher(int cipher, KeyType key_type) { |
1179 if (key_type == KT_RSA) { | 1185 if (key_type == KT_RSA) { |
1180 for (const cipher_list& c : OK_RSA_ciphers) { | 1186 for (const cipher_list& c : OK_RSA_ciphers) { |
1181 if (cipher == c.cipher) | 1187 if (cipher == c.cipher) |
1182 return true; | 1188 return true; |
1183 } | 1189 } |
(...skipping 26 matching lines...) Expand all Loading... |
1210 } | 1216 } |
1211 | 1217 |
1212 return false; | 1218 return false; |
1213 } | 1219 } |
1214 | 1220 |
1215 void OpenSSLStreamAdapter::enable_time_callback_for_testing() { | 1221 void OpenSSLStreamAdapter::enable_time_callback_for_testing() { |
1216 g_use_time_callback_for_testing = true; | 1222 g_use_time_callback_for_testing = true; |
1217 } | 1223 } |
1218 | 1224 |
1219 } // namespace rtc | 1225 } // namespace rtc |
OLD | NEW |