Add SSLConfig object to IceServer.

This is a rollforward of https://webrtc-review.googlesource.com/c/src/+/96020,
with the addition of setting the old tlsCertPolicy, tlsAlpnProtocols and
tlsEllipticCurves in the RTCIceServer initializer, for backwards compatibility.

Bug: webrtc:9662
Change-Id: I28706ed4ff5abe3f7f913f105779f0e5412aeac5
Reviewed-on: https://webrtc-review.googlesource.com/98762
Commit-Queue: Diogo Real <diogor@google.com>
Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
Reviewed-by: Kári Helgason <kthelgason@webrtc.org>
Reviewed-by: Steve Anton <steveanton@webrtc.org>
Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24696}

sdk/android/api/org/webrtc/PeerConnection.java

@@ -50,6 +50,7 @@ public class PeerConnection {
     }
   }
 
+  // TODO(diogor, webrtc:9673): Remove TlsCertPolicy. It's deprecated, in favor of SslConfig.
   /** Tracks PeerConnectionInterface::TlsCertPolicy */
   public enum TlsCertPolicy {
     TLS_CERT_POLICY_SECURE,
@@ -126,7 +127,9 @@ public class PeerConnection {
     public final List<String> urls;
     public final String username;
     public final String password;
-    public final TlsCertPolicy tlsCertPolicy;
+    // TODO(diogor, webrtc:9673): Remove tlsCertPolicy from this API.
+    // This field will be ignored if tlsCertPolicy is also set in SslConfig.
+    @Deprecated public final TlsCertPolicy tlsCertPolicy;
 
     // If the URIs in |urls| only contain IP addresses, this field can be used
     // to indicate the hostname, which may be necessary for TLS (using the SNI
@@ -134,12 +137,18 @@ public class PeerConnection {
     // necessary.
     public final String hostname;
 
+    // TODO(diogor, webrtc:9673): Remove tlsAlpnProtocols from this API.
     // List of protocols to be used in the TLS ALPN extension.
-    public final List<String> tlsAlpnProtocols;
+    @Deprecated public final List<String> tlsAlpnProtocols;
 
+    // TODO(diogor, webrtc:9673): Remove tlsEllipticCurves from this API.
     // List of elliptic curves to be used in the TLS elliptic curves extension.
     // Only curve names supported by OpenSSL should be used (eg. "P-256","X25519").
-    public final List<String> tlsEllipticCurves;
+    // This field will be ignored if tlsEllipticCurves is also set in SslConfig.
+    @Deprecated public final List<String> tlsEllipticCurves;
+
+    // SSL configuration options for any SSL/TLS connections to this IceServer.
+    public final SslConfig sslConfig;
 
     /** Convenience constructor for STUN servers. */
     @Deprecated
@@ -161,12 +170,12 @@ public class PeerConnection {
     public IceServer(String uri, String username, String password, TlsCertPolicy tlsCertPolicy,
         String hostname) {
       this(uri, Collections.singletonList(uri), username, password, tlsCertPolicy, hostname, null,
-          null);
+          null, SslConfig.builder().createSslConfig());
     }
 
     private IceServer(String uri, List<String> urls, String username, String password,
         TlsCertPolicy tlsCertPolicy, String hostname, List<String> tlsAlpnProtocols,
-        List<String> tlsEllipticCurves) {
+        List<String> tlsEllipticCurves, SslConfig sslConfig) {
       if (uri == null || urls == null || urls.isEmpty()) {
         throw new IllegalArgumentException("uri == null || urls == null || urls.isEmpty()");
       }
@@ -192,12 +201,13 @@ public class PeerConnection {
       this.hostname = hostname;
       this.tlsAlpnProtocols = tlsAlpnProtocols;
       this.tlsEllipticCurves = tlsEllipticCurves;
+      this.sslConfig = sslConfig;
     }
 
     @Override
     public String toString() {
       return urls + " [" + username + ":" + password + "] [" + tlsCertPolicy + "] [" + hostname
-          + "] [" + tlsAlpnProtocols + "] [" + tlsEllipticCurves + "]";
+          + "] [" + tlsAlpnProtocols + "] [" + tlsEllipticCurves + "] [" + sslConfig + "]";
     }
 
     public static Builder builder(String uri) {
@@ -216,6 +226,7 @@ public class PeerConnection {
       private String hostname = "";
       private List<String> tlsAlpnProtocols;
       private List<String> tlsEllipticCurves;
+      private SslConfig sslConfig = SslConfig.builder().createSslConfig();
 
       private Builder(List<String> urls) {
         if (urls == null || urls.isEmpty()) {
@@ -234,6 +245,7 @@ public class PeerConnection {
         return this;
       }
 
+      @Deprecated
       public Builder setTlsCertPolicy(TlsCertPolicy tlsCertPolicy) {
         this.tlsCertPolicy = tlsCertPolicy;
         return this;
@@ -244,19 +256,26 @@ public class PeerConnection {
         return this;
       }
 
+      @Deprecated
       public Builder setTlsAlpnProtocols(List<String> tlsAlpnProtocols) {
         this.tlsAlpnProtocols = tlsAlpnProtocols;
         return this;
       }
 
+      @Deprecated
       public Builder setTlsEllipticCurves(List<String> tlsEllipticCurves) {
         this.tlsEllipticCurves = tlsEllipticCurves;
         return this;
       }
 
+      public Builder setSslConfig(SslConfig sslConfig) {
+        this.sslConfig = sslConfig;
+        return this;
+      }
+
       public IceServer createIceServer() {
         return new IceServer(urls.get(0), urls, username, password, tlsCertPolicy, hostname,
-            tlsAlpnProtocols, tlsEllipticCurves);
+            tlsAlpnProtocols, tlsEllipticCurves, sslConfig);
       }
     }
 
@@ -298,6 +317,11 @@ public class PeerConnection {
     List<String> getTlsEllipticCurves() {
       return tlsEllipticCurves;
     }
+
+    @CalledByNative("IceServer")
+    SslConfig getSslConfig() {
+      return sslConfig;
+    }
   }
 
   /** Java version of PeerConnectionInterface.IceTransportsType */