| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 19 matching lines...) Expand all Loading... |
| 30 #include "webrtc/rtc_base/openssladapter.h" | 30 #include "webrtc/rtc_base/openssladapter.h" |
| 31 #include "webrtc/rtc_base/openssldigest.h" | 31 #include "webrtc/rtc_base/openssldigest.h" |
| 32 #include "webrtc/rtc_base/opensslidentity.h" | 32 #include "webrtc/rtc_base/opensslidentity.h" |
| 33 #include "webrtc/rtc_base/safe_conversions.h" | 33 #include "webrtc/rtc_base/safe_conversions.h" |
| 34 #include "webrtc/rtc_base/stream.h" | 34 #include "webrtc/rtc_base/stream.h" |
| 35 #include "webrtc/rtc_base/stringutils.h" | 35 #include "webrtc/rtc_base/stringutils.h" |
| 36 #include "webrtc/rtc_base/thread.h" | 36 #include "webrtc/rtc_base/thread.h" |
| 37 #include "webrtc/rtc_base/timeutils.h" | 37 #include "webrtc/rtc_base/timeutils.h" |
| 38 | 38 |
| 39 namespace { | 39 namespace { |
| 40 bool g_use_time_callback_for_testing = false; | 40 bool g_use_time_callback_for_testing = false; |
| 41 } | 41 } |
| 42 | 42 |
| 43 namespace rtc { | 43 namespace rtc { |
| 44 | 44 |
| 45 #if (OPENSSL_VERSION_NUMBER < 0x10001000L) | 45 #if (OPENSSL_VERSION_NUMBER < 0x10001000L) |
| 46 #error "webrtc requires at least OpenSSL version 1.0.1, to support DTLS-SRTP" | 46 #error "webrtc requires at least OpenSSL version 1.0.1, to support DTLS-SRTP" |
| 47 #endif | 47 #endif |
| 48 | 48 |
| 49 // SRTP cipher suite table. |internal_name| is used to construct a | 49 // SRTP cipher suite table. |internal_name| is used to construct a |
| 50 // colon-separated profile strings which is needed by | 50 // colon-separated profile strings which is needed by |
| (...skipping 19 matching lines...) Expand all Loading... |
| 70 out_clock->tv_usec = (time % kNumNanosecsPerSec) / kNumNanosecsPerMicrosec; | 70 out_clock->tv_usec = (time % kNumNanosecsPerSec) / kNumNanosecsPerMicrosec; |
| 71 } | 71 } |
| 72 #else // #ifdef OPENSSL_IS_BORINGSSL | 72 #else // #ifdef OPENSSL_IS_BORINGSSL |
| 73 | 73 |
| 74 // Cipher name table. Maps internal OpenSSL cipher ids to the RFC name. | 74 // Cipher name table. Maps internal OpenSSL cipher ids to the RFC name. |
| 75 struct SslCipherMapEntry { | 75 struct SslCipherMapEntry { |
| 76 uint32_t openssl_id; | 76 uint32_t openssl_id; |
| 77 const char* rfc_name; | 77 const char* rfc_name; |
| 78 }; | 78 }; |
| 79 | 79 |
| 80 #define DEFINE_CIPHER_ENTRY_SSL3(name) {SSL3_CK_##name, "TLS_"#name} | 80 #define DEFINE_CIPHER_ENTRY_SSL3(name) \ |
| 81 #define DEFINE_CIPHER_ENTRY_TLS1(name) {TLS1_CK_##name, "TLS_"#name} | 81 { SSL3_CK_##name, "TLS_" #name } |
| 82 #define DEFINE_CIPHER_ENTRY_TLS1(name) \ |
| 83 { TLS1_CK_##name, "TLS_" #name } |
| 82 | 84 |
| 83 // There currently is no method available to get a RFC-compliant name for a | 85 // There currently is no method available to get a RFC-compliant name for a |
| 84 // cipher suite from BoringSSL, so we need to define the mapping manually here. | 86 // cipher suite from BoringSSL, so we need to define the mapping manually here. |
| 85 // This should go away once BoringSSL supports "SSL_CIPHER_standard_name" | 87 // This should go away once BoringSSL supports "SSL_CIPHER_standard_name" |
| 86 // (as available in OpenSSL if compiled with tracing enabled) or a similar | 88 // (as available in OpenSSL if compiled with tracing enabled) or a similar |
| 87 // method. | 89 // method. |
| 88 static const SslCipherMapEntry kSslCipherMap[] = { | 90 static const SslCipherMapEntry kSslCipherMap[] = { |
| 89 // TLS v1.0 ciphersuites from RFC2246. | 91 // TLS v1.0 ciphersuites from RFC2246. |
| 90 DEFINE_CIPHER_ENTRY_SSL3(RSA_RC4_128_SHA), | 92 DEFINE_CIPHER_ENTRY_SSL3(RSA_RC4_128_SHA), |
| 91 {SSL3_CK_RSA_DES_192_CBC3_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA"}, | 93 {SSL3_CK_RSA_DES_192_CBC3_SHA, "TLS_RSA_WITH_3DES_EDE_CBC_SHA"}, |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 164 static long stream_ctrl(BIO* h, int cmd, long arg1, void* arg2); | 166 static long stream_ctrl(BIO* h, int cmd, long arg1, void* arg2); |
| 165 static int stream_new(BIO* h); | 167 static int stream_new(BIO* h); |
| 166 static int stream_free(BIO* data); | 168 static int stream_free(BIO* data); |
| 167 | 169 |
| 168 // TODO(davidben): This should be const once BoringSSL is assumed. | 170 // TODO(davidben): This should be const once BoringSSL is assumed. |
| 169 static BIO_METHOD methods_stream = { | 171 static BIO_METHOD methods_stream = { |
| 170 BIO_TYPE_BIO, "stream", stream_write, stream_read, stream_puts, 0, | 172 BIO_TYPE_BIO, "stream", stream_write, stream_read, stream_puts, 0, |
| 171 stream_ctrl, stream_new, stream_free, nullptr, | 173 stream_ctrl, stream_new, stream_free, nullptr, |
| 172 }; | 174 }; |
| 173 | 175 |
| 174 static BIO_METHOD* BIO_s_stream() { return(&methods_stream); } | 176 static BIO_METHOD* BIO_s_stream() { |
| 177 return (&methods_stream); |
| 178 } |
| 175 | 179 |
| 176 static BIO* BIO_new_stream(StreamInterface* stream) { | 180 static BIO* BIO_new_stream(StreamInterface* stream) { |
| 177 BIO* ret = BIO_new(BIO_s_stream()); | 181 BIO* ret = BIO_new(BIO_s_stream()); |
| 178 if (ret == nullptr) | 182 if (ret == nullptr) |
| 179 return nullptr; | 183 return nullptr; |
| 180 ret->ptr = stream; | 184 ret->ptr = stream; |
| 181 return ret; | 185 return ret; |
| 182 } | 186 } |
| 183 | 187 |
| 184 // bio methods return 1 (or at least non-zero) on success and 0 on failure. | 188 // bio methods return 1 (or at least non-zero) on success and 0 on failure. |
| (...skipping 267 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 452 | 456 |
| 453 srtp_ciphers_ = internal_ciphers; | 457 srtp_ciphers_ = internal_ciphers; |
| 454 return true; | 458 return true; |
| 455 } | 459 } |
| 456 | 460 |
| 457 bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) { | 461 bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) { |
| 458 RTC_DCHECK(state_ == SSL_CONNECTED); | 462 RTC_DCHECK(state_ == SSL_CONNECTED); |
| 459 if (state_ != SSL_CONNECTED) | 463 if (state_ != SSL_CONNECTED) |
| 460 return false; | 464 return false; |
| 461 | 465 |
| 462 const SRTP_PROTECTION_PROFILE *srtp_profile = | 466 const SRTP_PROTECTION_PROFILE* srtp_profile = |
| 463 SSL_get_selected_srtp_profile(ssl_); | 467 SSL_get_selected_srtp_profile(ssl_); |
| 464 | 468 |
| 465 if (!srtp_profile) | 469 if (!srtp_profile) |
| 466 return false; | 470 return false; |
| 467 | 471 |
| 468 *crypto_suite = srtp_profile->id; | 472 *crypto_suite = srtp_profile->id; |
| 469 RTC_DCHECK(!SrtpCryptoSuiteToName(*crypto_suite).empty()); | 473 RTC_DCHECK(!SrtpCryptoSuiteToName(*crypto_suite).empty()); |
| 470 return true; | 474 return true; |
| 471 } | 475 } |
| 472 | 476 |
| (...skipping 24 matching lines...) Expand all Loading... |
| 497 void OpenSSLStreamAdapter::SetMode(SSLMode mode) { | 501 void OpenSSLStreamAdapter::SetMode(SSLMode mode) { |
| 498 RTC_DCHECK(state_ == SSL_NONE); | 502 RTC_DCHECK(state_ == SSL_NONE); |
| 499 ssl_mode_ = mode; | 503 ssl_mode_ = mode; |
| 500 } | 504 } |
| 501 | 505 |
| 502 void OpenSSLStreamAdapter::SetMaxProtocolVersion(SSLProtocolVersion version) { | 506 void OpenSSLStreamAdapter::SetMaxProtocolVersion(SSLProtocolVersion version) { |
| 503 RTC_DCHECK(ssl_ctx_ == nullptr); | 507 RTC_DCHECK(ssl_ctx_ == nullptr); |
| 504 ssl_max_version_ = version; | 508 ssl_max_version_ = version; |
| 505 } | 509 } |
| 506 | 510 |
| 507 void OpenSSLStreamAdapter::SetInitialRetransmissionTimeout( | 511 void OpenSSLStreamAdapter::SetInitialRetransmissionTimeout(int timeout_ms) { |
| 508 int timeout_ms) { | |
| 509 RTC_DCHECK(ssl_ctx_ == nullptr); | 512 RTC_DCHECK(ssl_ctx_ == nullptr); |
| 510 dtls_handshake_timeout_ms_ = timeout_ms; | 513 dtls_handshake_timeout_ms_ = timeout_ms; |
| 511 } | 514 } |
| 512 | 515 |
| 513 // | 516 // |
| 514 // StreamInterface Implementation | 517 // StreamInterface Implementation |
| 515 // | 518 // |
| 516 | 519 |
| 517 StreamResult OpenSSLStreamAdapter::Write(const void* data, size_t data_len, | 520 StreamResult OpenSSLStreamAdapter::Write(const void* data, |
| 518 size_t* written, int* error) { | 521 size_t data_len, |
| 522 size_t* written, |
| 523 int* error) { |
| 519 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Write(" << data_len << ")"; | 524 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Write(" << data_len << ")"; |
| 520 | 525 |
| 521 switch (state_) { | 526 switch (state_) { |
| 522 case SSL_NONE: | 527 case SSL_NONE: |
| 523 // pass-through in clear text | 528 // pass-through in clear text |
| 524 return StreamAdapterInterface::Write(data, data_len, written, error); | 529 return StreamAdapterInterface::Write(data, data_len, written, error); |
| 525 | 530 |
| 526 case SSL_WAIT: | 531 case SSL_WAIT: |
| 527 case SSL_CONNECTING: | 532 case SSL_CONNECTING: |
| 528 return SR_BLOCK; | 533 return SR_BLOCK; |
| 529 | 534 |
| 530 case SSL_CONNECTED: | 535 case SSL_CONNECTED: |
| 531 if (waiting_to_verify_peer_certificate()) { | 536 if (waiting_to_verify_peer_certificate()) { |
| 532 return SR_BLOCK; | 537 return SR_BLOCK; |
| 533 } | 538 } |
| 534 break; | 539 break; |
| 535 | 540 |
| 536 case SSL_ERROR: | 541 case SSL_ERROR: |
| 537 case SSL_CLOSED: | 542 case SSL_CLOSED: |
| 538 default: | 543 default: |
| 539 if (error) | 544 if (error) |
| 540 *error = ssl_error_code_; | 545 *error = ssl_error_code_; |
| 541 return SR_ERROR; | 546 return SR_ERROR; |
| 542 } | 547 } |
| 543 | 548 |
| 544 // OpenSSL will return an error if we try to write zero bytes | 549 // OpenSSL will return an error if we try to write zero bytes |
| 545 if (data_len == 0) { | 550 if (data_len == 0) { |
| 546 if (written) | 551 if (written) |
| 547 *written = 0; | 552 *written = 0; |
| 548 return SR_SUCCESS; | 553 return SR_SUCCESS; |
| 549 } | 554 } |
| 550 | 555 |
| 551 ssl_write_needs_read_ = false; | 556 ssl_write_needs_read_ = false; |
| 552 | 557 |
| 553 int code = SSL_write(ssl_, data, checked_cast<int>(data_len)); | 558 int code = SSL_write(ssl_, data, checked_cast<int>(data_len)); |
| 554 int ssl_error = SSL_get_error(ssl_, code); | 559 int ssl_error = SSL_get_error(ssl_, code); |
| 555 switch (ssl_error) { | 560 switch (ssl_error) { |
| 556 case SSL_ERROR_NONE: | 561 case SSL_ERROR_NONE: |
| 557 LOG(LS_VERBOSE) << " -- success"; | 562 LOG(LS_VERBOSE) << " -- success"; |
| 558 RTC_DCHECK(0 < code && static_cast<unsigned>(code) <= data_len); | 563 RTC_DCHECK(0 < code && static_cast<unsigned>(code) <= data_len); |
| 559 if (written) | 564 if (written) |
| 560 *written = code; | 565 *written = code; |
| 561 return SR_SUCCESS; | 566 return SR_SUCCESS; |
| 562 case SSL_ERROR_WANT_READ: | 567 case SSL_ERROR_WANT_READ: |
| 563 LOG(LS_VERBOSE) << " -- error want read"; | 568 LOG(LS_VERBOSE) << " -- error want read"; |
| 564 ssl_write_needs_read_ = true; | 569 ssl_write_needs_read_ = true; |
| 565 return SR_BLOCK; | 570 return SR_BLOCK; |
| 566 case SSL_ERROR_WANT_WRITE: | 571 case SSL_ERROR_WANT_WRITE: |
| 567 LOG(LS_VERBOSE) << " -- error want write"; | 572 LOG(LS_VERBOSE) << " -- error want write"; |
| 568 return SR_BLOCK; | 573 return SR_BLOCK; |
| 569 | 574 |
| 570 case SSL_ERROR_ZERO_RETURN: | 575 case SSL_ERROR_ZERO_RETURN: |
| 571 default: | 576 default: |
| 572 Error("SSL_write", (ssl_error ? ssl_error : -1), 0, false); | 577 Error("SSL_write", (ssl_error ? ssl_error : -1), 0, false); |
| 573 if (error) | 578 if (error) |
| 574 *error = ssl_error_code_; | 579 *error = ssl_error_code_; |
| 575 return SR_ERROR; | 580 return SR_ERROR; |
| 576 } | 581 } |
| 577 // not reached | 582 // not reached |
| 578 } | 583 } |
| 579 | 584 |
| 580 StreamResult OpenSSLStreamAdapter::Read(void* data, size_t data_len, | 585 StreamResult OpenSSLStreamAdapter::Read(void* data, |
| 581 size_t* read, int* error) { | 586 size_t data_len, |
| 587 size_t* read, |
| 588 int* error) { |
| 582 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Read(" << data_len << ")"; | 589 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::Read(" << data_len << ")"; |
| 583 switch (state_) { | 590 switch (state_) { |
| 584 case SSL_NONE: | 591 case SSL_NONE: |
| 585 // pass-through in clear text | 592 // pass-through in clear text |
| 586 return StreamAdapterInterface::Read(data, data_len, read, error); | 593 return StreamAdapterInterface::Read(data, data_len, read, error); |
| 587 | 594 |
| 588 case SSL_WAIT: | 595 case SSL_WAIT: |
| 589 case SSL_CONNECTING: | 596 case SSL_CONNECTING: |
| 590 return SR_BLOCK; | 597 return SR_BLOCK; |
| 591 | 598 |
| (...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 698 if (waiting_to_verify_peer_certificate()) { | 705 if (waiting_to_verify_peer_certificate()) { |
| 699 return SS_OPENING; | 706 return SS_OPENING; |
| 700 } | 707 } |
| 701 return SS_OPEN; | 708 return SS_OPEN; |
| 702 default: | 709 default: |
| 703 return SS_CLOSED; | 710 return SS_CLOSED; |
| 704 }; | 711 }; |
| 705 // not reached | 712 // not reached |
| 706 } | 713 } |
| 707 | 714 |
| 708 void OpenSSLStreamAdapter::OnEvent(StreamInterface* stream, int events, | 715 void OpenSSLStreamAdapter::OnEvent(StreamInterface* stream, |
| 716 int events, |
| 709 int err) { | 717 int err) { |
| 710 int events_to_signal = 0; | 718 int events_to_signal = 0; |
| 711 int signal_error = 0; | 719 int signal_error = 0; |
| 712 RTC_DCHECK(stream == this->stream()); | 720 RTC_DCHECK(stream == this->stream()); |
| 713 if ((events & SE_OPEN)) { | 721 if ((events & SE_OPEN)) { |
| 714 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent SE_OPEN"; | 722 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent SE_OPEN"; |
| 715 if (state_ != SSL_WAIT) { | 723 if (state_ != SSL_WAIT) { |
| 716 RTC_DCHECK(state_ == SSL_NONE); | 724 RTC_DCHECK(state_ == SSL_NONE); |
| 717 events_to_signal |= SE_OPEN; | 725 events_to_signal |= SE_OPEN; |
| 718 } else { | 726 } else { |
| 719 state_ = SSL_CONNECTING; | 727 state_ = SSL_CONNECTING; |
| 720 if (int err = BeginSSL()) { | 728 if (int err = BeginSSL()) { |
| 721 Error("BeginSSL", err, 0, true); | 729 Error("BeginSSL", err, 0, true); |
| 722 return; | 730 return; |
| 723 } | 731 } |
| 724 } | 732 } |
| 725 } | 733 } |
| 726 if ((events & (SE_READ|SE_WRITE))) { | 734 if ((events & (SE_READ | SE_WRITE))) { |
| 727 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent" | 735 LOG(LS_VERBOSE) << "OpenSSLStreamAdapter::OnEvent" |
| 728 << ((events & SE_READ) ? " SE_READ" : "") | 736 << ((events & SE_READ) ? " SE_READ" : "") |
| 729 << ((events & SE_WRITE) ? " SE_WRITE" : ""); | 737 << ((events & SE_WRITE) ? " SE_WRITE" : ""); |
| 730 if (state_ == SSL_NONE) { | 738 if (state_ == SSL_NONE) { |
| 731 events_to_signal |= events & (SE_READ|SE_WRITE); | 739 events_to_signal |= events & (SE_READ | SE_WRITE); |
| 732 } else if (state_ == SSL_CONNECTING) { | 740 } else if (state_ == SSL_CONNECTING) { |
| 733 if (int err = ContinueSSL()) { | 741 if (int err = ContinueSSL()) { |
| 734 Error("ContinueSSL", err, 0, true); | 742 Error("ContinueSSL", err, 0, true); |
| 735 return; | 743 return; |
| 736 } | 744 } |
| 737 } else if (state_ == SSL_CONNECTED) { | 745 } else if (state_ == SSL_CONNECTED) { |
| 738 if (((events & SE_READ) && ssl_write_needs_read_) || | 746 if (((events & SE_READ) && ssl_write_needs_read_) || |
| 739 (events & SE_WRITE)) { | 747 (events & SE_WRITE)) { |
| 740 LOG(LS_VERBOSE) << " -- onStreamWriteable"; | 748 LOG(LS_VERBOSE) << " -- onStreamWriteable"; |
| 741 events_to_signal |= SE_WRITE; | 749 events_to_signal |= SE_WRITE; |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 789 #ifdef OPENSSL_IS_BORINGSSL | 797 #ifdef OPENSSL_IS_BORINGSSL |
| 790 DTLSv1_set_initial_timeout_duration(ssl_, dtls_handshake_timeout_ms_); | 798 DTLSv1_set_initial_timeout_duration(ssl_, dtls_handshake_timeout_ms_); |
| 791 #else | 799 #else |
| 792 // Enable read-ahead for DTLS so whole packets are read from internal BIO | 800 // Enable read-ahead for DTLS so whole packets are read from internal BIO |
| 793 // before parsing. This is done internally by BoringSSL for DTLS. | 801 // before parsing. This is done internally by BoringSSL for DTLS. |
| 794 SSL_set_read_ahead(ssl_, 1); | 802 SSL_set_read_ahead(ssl_, 1); |
| 795 #endif | 803 #endif |
| 796 } | 804 } |
| 797 | 805 |
| 798 SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE | | 806 SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE | |
| 799 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); | 807 SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); |
| 800 | 808 |
| 801 #if !defined(OPENSSL_IS_BORINGSSL) | 809 #if !defined(OPENSSL_IS_BORINGSSL) |
| 802 // Specify an ECDH group for ECDHE ciphers, otherwise OpenSSL cannot | 810 // Specify an ECDH group for ECDHE ciphers, otherwise OpenSSL cannot |
| 803 // negotiate them when acting as the server. Use NIST's P-256 which is | 811 // negotiate them when acting as the server. Use NIST's P-256 which is |
| 804 // commonly supported. BoringSSL doesn't need explicit configuration and has | 812 // commonly supported. BoringSSL doesn't need explicit configuration and has |
| 805 // a reasonable default set. | 813 // a reasonable default set. |
| 806 EC_KEY* ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); | 814 EC_KEY* ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1); |
| 807 if (ecdh == nullptr) | 815 if (ecdh == nullptr) |
| 808 return -1; | 816 return -1; |
| 809 SSL_set_options(ssl_, SSL_OP_SINGLE_ECDH_USE); | 817 SSL_set_options(ssl_, SSL_OP_SINGLE_ECDH_USE); |
| (...skipping 30 matching lines...) Expand all Loading... |
| 840 // TODO(deadbeef): Post this event asynchronously to unwind the stack. | 848 // TODO(deadbeef): Post this event asynchronously to unwind the stack. |
| 841 // The caller of ContinueSSL may be the same object listening for these | 849 // The caller of ContinueSSL may be the same object listening for these |
| 842 // events and may not be prepared for reentrancy. | 850 // events and may not be prepared for reentrancy. |
| 843 // PostEvent(SE_OPEN | SE_READ | SE_WRITE, 0); | 851 // PostEvent(SE_OPEN | SE_READ | SE_WRITE, 0); |
| 844 StreamAdapterInterface::OnEvent(stream(), SE_OPEN | SE_READ | SE_WRITE, | 852 StreamAdapterInterface::OnEvent(stream(), SE_OPEN | SE_READ | SE_WRITE, |
| 845 0); | 853 0); |
| 846 } | 854 } |
| 847 break; | 855 break; |
| 848 | 856 |
| 849 case SSL_ERROR_WANT_READ: { | 857 case SSL_ERROR_WANT_READ: { |
| 850 LOG(LS_VERBOSE) << " -- error want read"; | 858 LOG(LS_VERBOSE) << " -- error want read"; |
| 851 struct timeval timeout; | 859 struct timeval timeout; |
| 852 if (DTLSv1_get_timeout(ssl_, &timeout)) { | 860 if (DTLSv1_get_timeout(ssl_, &timeout)) { |
| 853 int delay = timeout.tv_sec * 1000 + timeout.tv_usec/1000; | 861 int delay = timeout.tv_sec * 1000 + timeout.tv_usec / 1000; |
| 854 | 862 |
| 855 Thread::Current()->PostDelayed(RTC_FROM_HERE, delay, this, | 863 Thread::Current()->PostDelayed(RTC_FROM_HERE, delay, this, MSG_TIMEOUT, |
| 856 MSG_TIMEOUT, 0); | 864 0); |
| 857 } | |
| 858 } | 865 } |
| 859 break; | 866 } break; |
| 860 | 867 |
| 861 case SSL_ERROR_WANT_WRITE: | 868 case SSL_ERROR_WANT_WRITE: |
| 862 LOG(LS_VERBOSE) << " -- error want write"; | 869 LOG(LS_VERBOSE) << " -- error want write"; |
| 863 break; | 870 break; |
| 864 | 871 |
| 865 case SSL_ERROR_ZERO_RETURN: | 872 case SSL_ERROR_ZERO_RETURN: |
| 866 default: | 873 default: |
| 867 LOG(LS_VERBOSE) << " -- error " << code; | 874 LOG(LS_VERBOSE) << " -- error " << code; |
| 868 SSLHandshakeError ssl_handshake_err = SSLHandshakeError::UNKNOWN; | 875 SSLHandshakeError ssl_handshake_err = SSLHandshakeError::UNKNOWN; |
| 869 int err_code = ERR_peek_last_error(); | 876 int err_code = ERR_peek_last_error(); |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 925 SSL_CTX_free(ssl_ctx_); | 932 SSL_CTX_free(ssl_ctx_); |
| 926 ssl_ctx_ = nullptr; | 933 ssl_ctx_ = nullptr; |
| 927 } | 934 } |
| 928 identity_.reset(); | 935 identity_.reset(); |
| 929 peer_certificate_.reset(); | 936 peer_certificate_.reset(); |
| 930 | 937 |
| 931 // Clear the DTLS timer | 938 // Clear the DTLS timer |
| 932 Thread::Current()->Clear(this, MSG_TIMEOUT); | 939 Thread::Current()->Clear(this, MSG_TIMEOUT); |
| 933 } | 940 } |
| 934 | 941 |
| 935 | |
| 936 void OpenSSLStreamAdapter::OnMessage(Message* msg) { | 942 void OpenSSLStreamAdapter::OnMessage(Message* msg) { |
| 937 // Process our own messages and then pass others to the superclass | 943 // Process our own messages and then pass others to the superclass |
| 938 if (MSG_TIMEOUT == msg->message_id) { | 944 if (MSG_TIMEOUT == msg->message_id) { |
| 939 LOG(LS_INFO) << "DTLS timeout expired"; | 945 LOG(LS_INFO) << "DTLS timeout expired"; |
| 940 DTLSv1_handle_timeout(ssl_); | 946 DTLSv1_handle_timeout(ssl_); |
| 941 ContinueSSL(); | 947 ContinueSSL(); |
| 942 } else { | 948 } else { |
| 943 StreamInterface::OnMessage(msg); | 949 StreamInterface::OnMessage(msg); |
| 944 } | 950 } |
| 945 } | 951 } |
| 946 | 952 |
| 947 SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() { | 953 SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() { |
| 948 SSL_CTX* ctx = nullptr; | 954 SSL_CTX* ctx = nullptr; |
| 949 | 955 |
| 950 #ifdef OPENSSL_IS_BORINGSSL | 956 #ifdef OPENSSL_IS_BORINGSSL |
| 951 ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? | 957 ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? DTLS_method() : TLS_method()); |
| 952 DTLS_method() : TLS_method()); | 958 // Version limiting for BoringSSL will be done below. |
| 953 // Version limiting for BoringSSL will be done below. | |
| 954 #else | 959 #else |
| 955 const SSL_METHOD* method; | 960 const SSL_METHOD* method; |
| 956 switch (ssl_max_version_) { | 961 switch (ssl_max_version_) { |
| 957 case SSL_PROTOCOL_TLS_10: | 962 case SSL_PROTOCOL_TLS_10: |
| 958 case SSL_PROTOCOL_TLS_11: | 963 case SSL_PROTOCOL_TLS_11: |
| 959 // OpenSSL doesn't support setting min/max versions, so we always use | 964 // OpenSSL doesn't support setting min/max versions, so we always use |
| 960 // (D)TLS 1.0 if a max. version below the max. available is requested. | 965 // (D)TLS 1.0 if a max. version below the max. available is requested. |
| 961 if (ssl_mode_ == SSL_MODE_DTLS) { | 966 if (ssl_mode_ == SSL_MODE_DTLS) { |
| 962 if (role_ == SSL_CLIENT) { | 967 if (role_ == SSL_CLIENT) { |
| 963 method = DTLSv1_client_method(); | 968 method = DTLSv1_client_method(); |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1007 } | 1012 } |
| 1008 break; | 1013 break; |
| 1009 } | 1014 } |
| 1010 ctx = SSL_CTX_new(method); | 1015 ctx = SSL_CTX_new(method); |
| 1011 #endif // OPENSSL_IS_BORINGSSL | 1016 #endif // OPENSSL_IS_BORINGSSL |
| 1012 | 1017 |
| 1013 if (ctx == nullptr) | 1018 if (ctx == nullptr) |
| 1014 return nullptr; | 1019 return nullptr; |
| 1015 | 1020 |
| 1016 #ifdef OPENSSL_IS_BORINGSSL | 1021 #ifdef OPENSSL_IS_BORINGSSL |
| 1017 SSL_CTX_set_min_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? | 1022 SSL_CTX_set_min_proto_version( |
| 1018 DTLS1_VERSION : TLS1_VERSION); | 1023 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_VERSION : TLS1_VERSION); |
| 1019 switch (ssl_max_version_) { | 1024 switch (ssl_max_version_) { |
| 1020 case SSL_PROTOCOL_TLS_10: | 1025 case SSL_PROTOCOL_TLS_10: |
| 1021 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? | 1026 SSL_CTX_set_max_proto_version( |
| 1022 DTLS1_VERSION : TLS1_VERSION); | 1027 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_VERSION : TLS1_VERSION); |
| 1023 break; | 1028 break; |
| 1024 case SSL_PROTOCOL_TLS_11: | 1029 case SSL_PROTOCOL_TLS_11: |
| 1025 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? | 1030 SSL_CTX_set_max_proto_version( |
| 1026 DTLS1_VERSION : TLS1_1_VERSION); | 1031 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_VERSION : TLS1_1_VERSION); |
| 1027 break; | 1032 break; |
| 1028 case SSL_PROTOCOL_TLS_12: | 1033 case SSL_PROTOCOL_TLS_12: |
| 1029 default: | 1034 default: |
| 1030 SSL_CTX_set_max_proto_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? | 1035 SSL_CTX_set_max_proto_version( |
| 1031 DTLS1_2_VERSION : TLS1_2_VERSION); | 1036 ctx, ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION); |
| 1032 break; | 1037 break; |
| 1033 } | 1038 } |
| 1034 if (g_use_time_callback_for_testing) { | 1039 if (g_use_time_callback_for_testing) { |
| 1035 SSL_CTX_set_current_time_cb(ctx, &TimeCallbackForTesting); | 1040 SSL_CTX_set_current_time_cb(ctx, &TimeCallbackForTesting); |
| 1036 } | 1041 } |
| 1037 #endif | 1042 #endif |
| 1038 | 1043 |
| 1039 if (identity_ && !identity_->ConfigureIdentity(ctx)) { | 1044 if (identity_ && !identity_->ConfigureIdentity(ctx)) { |
| 1040 SSL_CTX_free(ctx); | 1045 SSL_CTX_free(ctx); |
| 1041 return nullptr; | 1046 return nullptr; |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1103 int OpenSSLStreamAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) { | 1108 int OpenSSLStreamAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) { |
| 1104 // Get our SSL structure from the store | 1109 // Get our SSL structure from the store |
| 1105 SSL* ssl = reinterpret_cast<SSL*>( | 1110 SSL* ssl = reinterpret_cast<SSL*>( |
| 1106 X509_STORE_CTX_get_ex_data(store, SSL_get_ex_data_X509_STORE_CTX_idx())); | 1111 X509_STORE_CTX_get_ex_data(store, SSL_get_ex_data_X509_STORE_CTX_idx())); |
| 1107 X509* cert = X509_STORE_CTX_get_current_cert(store); | 1112 X509* cert = X509_STORE_CTX_get_current_cert(store); |
| 1108 int depth = X509_STORE_CTX_get_error_depth(store); | 1113 int depth = X509_STORE_CTX_get_error_depth(store); |
| 1109 | 1114 |
| 1110 // For now we ignore the parent certificates and verify the leaf against | 1115 // For now we ignore the parent certificates and verify the leaf against |
| 1111 // the digest. | 1116 // the digest. |
| 1112 // | 1117 // |
| 1113 // TODO(jiayl): Verify the chain is a proper chain and report the chain to | |
| 1114 // |stream->peer_certificate_|. | |
| 1115 if (depth > 0) { | |
| 1116 LOG(LS_INFO) << "Ignored chained certificate at depth " << depth; | |
| 1117 return 1; | |
| 1118 } | |
| 1119 | 1118 |
| 1120 OpenSSLStreamAdapter* stream = | 1119 OpenSSLStreamAdapter* stream = |
| 1121 reinterpret_cast<OpenSSLStreamAdapter*>(SSL_get_app_data(ssl)); | 1120 reinterpret_cast<OpenSSLStreamAdapter*>(SSL_get_app_data(ssl)); |
| 1121 if (depth == 0) { |
| 1122 // Record the peer's certificate. |
| 1123 stream->peer_certificate_.reset(new OpenSSLCertificate(cert)); |
| 1124 } else { |
| 1125 STACK_OF(X509)* chain = X509_STORE_CTX_get_chain(store); |
| 1126 stream->peer_certificate_.reset(new OpenSSLCertificate(chain)); |
| 1127 } |
| 1122 | 1128 |
| 1123 // Record the peer's certificate. | 1129 // Record the peer's certificate. |
| 1124 stream->peer_certificate_.reset(new OpenSSLCertificate(cert)); | 1130 stream->peer_certificate_.reset(new OpenSSLCertificate(cert)); |
| 1125 | 1131 |
| 1126 // If the peer certificate digest isn't known yet, we'll wait to verify | 1132 // If the peer certificate digest isn't known yet, we'll wait to verify |
| 1127 // until it's known, and for now just return a success status. | 1133 // until it's known, and for now just return a success status. |
| 1128 if (stream->peer_certificate_digest_algorithm_.empty()) { | 1134 if (stream->peer_certificate_digest_algorithm_.empty()) { |
| 1129 LOG(LS_INFO) << "Waiting to verify certificate until digest is known."; | 1135 LOG(LS_INFO) << "Waiting to verify certificate until digest is known."; |
| 1130 return 1; | 1136 return 1; |
| 1131 } | 1137 } |
| (...skipping 12 matching lines...) Expand all Loading... |
| 1144 #define CDEF(X) \ | 1150 #define CDEF(X) \ |
| 1145 { static_cast<uint16_t>(TLS1_CK_##X & 0xffff), "TLS_" #X } | 1151 { static_cast<uint16_t>(TLS1_CK_##X & 0xffff), "TLS_" #X } |
| 1146 | 1152 |
| 1147 struct cipher_list { | 1153 struct cipher_list { |
| 1148 uint16_t cipher; | 1154 uint16_t cipher; |
| 1149 const char* cipher_str; | 1155 const char* cipher_str; |
| 1150 }; | 1156 }; |
| 1151 | 1157 |
| 1152 // TODO(torbjorng): Perhaps add more cipher suites to these lists. | 1158 // TODO(torbjorng): Perhaps add more cipher suites to these lists. |
| 1153 static const cipher_list OK_RSA_ciphers[] = { | 1159 static const cipher_list OK_RSA_ciphers[] = { |
| 1154 CDEF(ECDHE_RSA_WITH_AES_128_CBC_SHA), | 1160 CDEF(ECDHE_RSA_WITH_AES_128_CBC_SHA), |
| 1155 CDEF(ECDHE_RSA_WITH_AES_256_CBC_SHA), | 1161 CDEF(ECDHE_RSA_WITH_AES_256_CBC_SHA), |
| 1156 CDEF(ECDHE_RSA_WITH_AES_128_GCM_SHA256), | 1162 CDEF(ECDHE_RSA_WITH_AES_128_GCM_SHA256), |
| 1157 #ifdef TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA256 | 1163 #ifdef TLS1_CK_ECDHE_RSA_WITH_AES_256_GCM_SHA256 |
| 1158 CDEF(ECDHE_RSA_WITH_AES_256_GCM_SHA256), | 1164 CDEF(ECDHE_RSA_WITH_AES_256_GCM_SHA256), |
| 1159 #endif | 1165 #endif |
| 1160 #ifdef TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | 1166 #ifdef TLS1_CK_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 |
| 1161 CDEF(ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256), | 1167 CDEF(ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256), |
| 1162 #endif | 1168 #endif |
| 1163 }; | 1169 }; |
| 1164 | 1170 |
| 1165 static const cipher_list OK_ECDSA_ciphers[] = { | 1171 static const cipher_list OK_ECDSA_ciphers[] = { |
| 1166 CDEF(ECDHE_ECDSA_WITH_AES_128_CBC_SHA), | 1172 CDEF(ECDHE_ECDSA_WITH_AES_128_CBC_SHA), |
| 1167 CDEF(ECDHE_ECDSA_WITH_AES_256_CBC_SHA), | 1173 CDEF(ECDHE_ECDSA_WITH_AES_256_CBC_SHA), |
| 1168 CDEF(ECDHE_ECDSA_WITH_AES_128_GCM_SHA256), | 1174 CDEF(ECDHE_ECDSA_WITH_AES_128_GCM_SHA256), |
| 1169 #ifdef TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA256 | 1175 #ifdef TLS1_CK_ECDHE_ECDSA_WITH_AES_256_GCM_SHA256 |
| 1170 CDEF(ECDHE_ECDSA_WITH_AES_256_GCM_SHA256), | 1176 CDEF(ECDHE_ECDSA_WITH_AES_256_GCM_SHA256), |
| 1171 #endif | 1177 #endif |
| 1172 #ifdef TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | 1178 #ifdef TLS1_CK_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 |
| 1173 CDEF(ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256), | 1179 CDEF(ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256), |
| 1174 #endif | 1180 #endif |
| 1175 }; | 1181 }; |
| 1176 #undef CDEF | 1182 #undef CDEF |
| 1177 | 1183 |
| 1178 bool OpenSSLStreamAdapter::IsAcceptableCipher(int cipher, KeyType key_type) { | 1184 bool OpenSSLStreamAdapter::IsAcceptableCipher(int cipher, KeyType key_type) { |
| 1179 if (key_type == KT_RSA) { | 1185 if (key_type == KT_RSA) { |
| 1180 for (const cipher_list& c : OK_RSA_ciphers) { | 1186 for (const cipher_list& c : OK_RSA_ciphers) { |
| 1181 if (cipher == c.cipher) | 1187 if (cipher == c.cipher) |
| 1182 return true; | 1188 return true; |
| 1183 } | 1189 } |
| (...skipping 26 matching lines...) Expand all Loading... |
| 1210 } | 1216 } |
| 1211 | 1217 |
| 1212 return false; | 1218 return false; |
| 1213 } | 1219 } |
| 1214 | 1220 |
| 1215 void OpenSSLStreamAdapter::enable_time_callback_for_testing() { | 1221 void OpenSSLStreamAdapter::enable_time_callback_for_testing() { |
| 1216 g_use_time_callback_for_testing = true; | 1222 g_use_time_callback_for_testing = true; |
| 1217 } | 1223 } |
| 1218 | 1224 |
| 1219 } // namespace rtc | 1225 } // namespace rtc |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 3010363002:
Implement GetChain for OpenSSLCertificate.
