Revert of Change WebRTC SslCipher to be exposed as number only. (patchset #20 id:750001 of https://codereview.webrtc.org/1337673002/ )

Reason for revert: This broke chromium.fyi bot. Original issue's description: > Change WebRTC SslCipher to be exposed as number only. > > This makes the SSL exposed as uint16_t which is the IANA value. GetRfcSslCipherName is introduced to handle the conversion to names from ID. IANA value will be used for UMA reporting. Names will still be used for WebRTC stats reporting. > > For SRTP, currently it's still string internally but is reported as IANA number. > > This is used by the ongoing CL https://codereview.chromium.org/1335023002. > > BUG=523033 > > Committed: https://crrev.com/4fe3c9a77386598db9abd1f0d6983aefee9cc943 > Cr-Commit-Position: refs/heads/master@{#10124} TBR=juberti@webrtc.org,rsleevi@chromium.org,pthatcher@webrtc.org,davidben@chromium.org,juberti@google.com,davidben@webrtc.org NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=523033 Review URL: https://codereview.webrtc.org/1380603005 Cr-Commit-Position: refs/heads/master@{#10125}
2015-09-30 19:23:09 -07:00
parent 4fe3c9a773
commit 27dc29b0df
30 changed files with 275 additions and 320 deletions
--- a/webrtc/base/opensslstreamadapter.cc
+++ b/webrtc/base/opensslstreamadapter.cc
@ -51,13 +51,13 @@ struct SrtpCipherMapEntry {

 // This isn't elegant, but it's better than an external reference
 static SrtpCipherMapEntry SrtpCipherMap[] = {
-    {CS_AES_CM_128_HMAC_SHA1_80, "SRTP_AES128_CM_SHA1_80"},
-    {CS_AES_CM_128_HMAC_SHA1_32, "SRTP_AES128_CM_SHA1_32"},
-    {NULL, NULL}};
+  {"AES_CM_128_HMAC_SHA1_80", "SRTP_AES128_CM_SHA1_80"},
+  {"AES_CM_128_HMAC_SHA1_32", "SRTP_AES128_CM_SHA1_32"},
+  {NULL, NULL}
+};
 #endif

 #ifndef OPENSSL_IS_BORINGSSL
-
 // Cipher name table. Maps internal OpenSSL cipher ids to the RFC name.
 struct SslCipherMapEntry {
  uint32_t openssl_id;
@ -139,42 +139,32 @@ static const SslCipherMapEntry kSslCipherMap[] = {
 };
 #endif  // #ifndef OPENSSL_IS_BORINGSSL

-#if defined(_MSC_VER)
-#pragma warning(push)
-#pragma warning(disable : 4309)
-#pragma warning(disable : 4310)
-#endif  // defined(_MSC_VER)
-
 // Default cipher used between OpenSSL/BoringSSL stream adapters.
 // This needs to be updated when the default of the SSL library changes.
-// static_cast<uint16_t> causes build warnings on windows platform.
-static uint16_t kDefaultSslCipher10 =
-    static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA);
-static uint16_t kDefaultSslEcCipher10 =
-    static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA);
+static const char kDefaultSslCipher10[] =
+    "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA";
+static const char kDefaultSslEcCipher10[] =
+    "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA";
+
 #ifdef OPENSSL_IS_BORINGSSL
-static uint16_t kDefaultSslCipher12 =
-    static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_128_GCM_SHA256);
-static uint16_t kDefaultSslEcCipher12 =
-    static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256);
+static const char kDefaultSslCipher12[] =
+    "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
+static const char kDefaultSslEcCipher12[] =
+    "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256";
 // Fallback cipher for DTLS 1.2 if hardware-accelerated AES-GCM is unavailable.
-static uint16_t kDefaultSslCipher12NoAesGcm =
-    static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_CHACHA20_POLY1305);
-static uint16_t kDefaultSslEcCipher12NoAesGcm =
-    static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_CHACHA20_POLY1305);
+static const char kDefaultSslCipher12NoAesGcm[] =
+    "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256";
+static const char kDefaultSslEcCipher12NoAesGcm[] =
+    "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256";
 #else  // !OPENSSL_IS_BORINGSSL
 // OpenSSL sorts differently than BoringSSL, so the default cipher doesn't
 // change between TLS 1.0 and TLS 1.2 with the current setup.
-static uint16_t kDefaultSslCipher12 =
-    static_cast<uint16_t>(TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA);
-static uint16_t kDefaultSslEcCipher12 =
-    static_cast<uint16_t>(TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA);
+static const char kDefaultSslCipher12[] =
+    "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA";
+static const char kDefaultSslEcCipher12[] =
+    "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA";
 #endif

-#if defined(_MSC_VER)
-#pragma warning(pop)
-#endif  // defined(_MSC_VER)
-
 //////////////////////////////////////////////////////////////////////
 // StreamBIO
 //////////////////////////////////////////////////////////////////////
@ -348,17 +338,9 @@ bool OpenSSLStreamAdapter::SetPeerCertificateDigest(const std::string
  return true;
 }

-std::string OpenSSLStreamAdapter::GetSslCipherSuiteName(uint16_t cipher) {
-#ifdef OPENSSL_IS_BORINGSSL
-  const SSL_CIPHER* ssl_cipher = SSL_get_cipher_by_value(cipher);
-  if (!ssl_cipher) {
-    return std::string();
-  }
-  char* cipher_name = SSL_CIPHER_get_rfc_name(ssl_cipher);
-  std::string rfc_name = std::string(cipher_name);
-  OPENSSL_free(cipher_name);
-  return rfc_name;
-#else
+#ifndef OPENSSL_IS_BORINGSSL
+const char* OpenSSLStreamAdapter::GetRfcSslCipherName(
+    const SSL_CIPHER* cipher) {
  ASSERT(cipher != NULL);
  for (const SslCipherMapEntry* entry = kSslCipherMap; entry->rfc_name;
       ++entry) {
@ -366,11 +348,11 @@ std::string OpenSSLStreamAdapter::GetSslCipherSuiteName(uint16_t cipher) {
      return entry->rfc_name;
    }
  }
-  return std::string();
-#endif
+  return NULL;
 }
+#endif

-bool OpenSSLStreamAdapter::GetSslCipherSuite(uint16_t* cipher) {
+bool OpenSSLStreamAdapter::GetSslCipher(std::string* cipher) {
  if (state_ != SSL_CONNECTED)
    return false;

@ -379,7 +361,19 @@ bool OpenSSLStreamAdapter::GetSslCipherSuite(uint16_t* cipher) {
    return false;
  }

-  *cipher = static_cast<uint16_t>(SSL_CIPHER_get_id(current_cipher));
+#ifdef OPENSSL_IS_BORINGSSL
+  char* cipher_name = SSL_CIPHER_get_rfc_name(current_cipher);
+#else
+  const char* cipher_name = GetRfcSslCipherName(current_cipher);
+#endif
+  if (cipher_name == NULL) {
+    return false;
+  }
+
+  *cipher = cipher_name;
+#ifdef OPENSSL_IS_BORINGSSL
+  OPENSSL_free(cipher_name);
+#endif
  return true;
 }

@ -1131,7 +1125,7 @@ bool OpenSSLStreamAdapter::HaveExporter() {
 #endif
 }

-uint16_t OpenSSLStreamAdapter::GetDefaultSslCipherForTest(
+std::string OpenSSLStreamAdapter::GetDefaultSslCipher(
    SSLProtocolVersion version,
    KeyType key_type) {
  if (key_type == KT_RSA) {
@ -1169,8 +1163,7 @@ uint16_t OpenSSLStreamAdapter::GetDefaultSslCipherForTest(
 #endif
    }
  } else {
-    RTC_NOTREACHED();
-    return kDefaultSslEcCipher12;
+    return std::string();
  }
 }