pRevert 5371 "Revert 5367 "Update talk to 59410372.""

> Revert 5367 "Update talk to 59410372." > > > Update talk to 59410372. > > > > R=jiayl@webrtc.org, wu@webrtc.org > > > > Review URL: https://webrtc-codereview.appspot.com/6929004 > > TBR=mallinath@webrtc.org > > Review URL: https://webrtc-codereview.appspot.com/6999004 TBR=henrika@webrtc.org Review URL: https://webrtc-codereview.appspot.com/7109004 git-svn-id: http://webrtc.googlecode.com/svn/trunk@5381 4adac7df-926f-26a2-2b94-8c16560cd09d
2014-01-14 10:00:58 +00:00
parent 4371d4650a
commit aebb1ade9d
50 changed files with 974 additions and 746 deletions
--- a/talk/base/asyncsocket.h
+++ b/talk/base/asyncsocket.h
@ -27,6 +27,7 @@

 #ifndef TALK_BASE_ASYNCSOCKET_H_
 #define TALK_BASE_ASYNCSOCKET_H_
+#ifndef __native_client__

 #include "talk/base/common.h"
 #include "talk/base/sigslot.h"
@ -138,4 +139,5 @@ class AsyncSocketAdapter : public AsyncSocket, public sigslot::has_slots<> {

 }  // namespace talk_base

+#endif  //  __native_client__
 #endif  // TALK_BASE_ASYNCSOCKET_H_
--- a/talk/base/byteorder.h
+++ b/talk/base/byteorder.h
@ -28,7 +28,7 @@
 #ifndef TALK_BASE_BYTEORDER_H_
 #define TALK_BASE_BYTEORDER_H_

-#ifdef POSIX
+#if defined(POSIX) && !defined(__native_client__)
 #include <arpa/inet.h>
 #endif

--- a/talk/base/logging.cc
+++ b/talk/base/logging.cc
@ -349,6 +349,9 @@ void LogMessage::ConfigureLogging(const char* params, const char* filename) {
  }
 #endif  // WIN32

+  LogToDebug(debug_level);
+
+#if !defined(__native_client__)  // No logging to file in NaCl.
  scoped_ptr<FileStream> stream;
  if (NO_LOGGING != file_level) {
    stream.reset(new FileStream);
@ -357,8 +360,8 @@ void LogMessage::ConfigureLogging(const char* params, const char* filename) {
    }
  }

-  LogToDebug(debug_level);
  LogToStream(stream.release(), file_level);
+#endif
 }

 int LogMessage::ParseLogSeverity(const std::string& value) {
--- a/talk/base/logging.h
+++ b/talk/base/logging.h
@ -376,6 +376,13 @@ inline bool LogCheckLevel(LoggingSeverity sev) {
  LOG_GLE(sev)
 #define LAST_SYSTEM_ERROR \
  (::GetLastError())
+#elif __native_client__
+#define LOG_ERR_EX(sev, err) \
+  LOG(sev)
+#define LOG_ERR(sev) \
+  LOG(sev)
+#define LAST_SYSTEM_ERROR \
+  (0)
 #elif POSIX
 #define LOG_ERR_EX(sev, err) \
  LOG_ERRNO_EX(sev, err)
--- a/talk/base/messagedigest.cc
+++ b/talk/base/messagedigest.cc
@ -70,6 +70,19 @@ MessageDigest* MessageDigestFactory::Create(const std::string& alg) {
 #endif
 }

+bool IsFips180DigestAlgorithm(const std::string& alg) {
+  // These are the FIPS 180 algorithms.  According to RFC 4572 Section 5,
+  // "Self-signed certificates (for which legacy certificates are not a
+  // consideration) MUST use one of the FIPS 180 algorithms (SHA-1,
+  // SHA-224, SHA-256, SHA-384, or SHA-512) as their signature algorithm,
+  // and thus also MUST use it to calculate certificate fingerprints."
+  return alg == DIGEST_SHA_1 ||
+         alg == DIGEST_SHA_224 ||
+         alg == DIGEST_SHA_256 ||
+         alg == DIGEST_SHA_384 ||
+         alg == DIGEST_SHA_512;
+}
+
 size_t ComputeDigest(MessageDigest* digest, const void* input, size_t in_len,
                     void* output, size_t out_len) {
  digest->Update(input, in_len);
--- a/talk/base/messagedigest.h
+++ b/talk/base/messagedigest.h
@ -60,6 +60,9 @@ class MessageDigestFactory {
  static MessageDigest* Create(const std::string& alg);
 };

+// A whitelist of approved digest algorithms from RFC 4572 (FIPS 180).
+bool IsFips180DigestAlgorithm(const std::string& alg);
+
 // Functions to create hashes.

 // Computes the hash of |in_len| bytes of |input|, using the |digest| hash
--- a/talk/base/messagequeue.cc
+++ b/talk/base/messagequeue.cc
@ -32,8 +32,13 @@
 #include "talk/base/common.h"
 #include "talk/base/logging.h"
 #include "talk/base/messagequeue.h"
+#if defined(__native_client__)
+#include "talk/base/nullsocketserver.h"
+typedef talk_base::NullSocketServer DefaultSocketServer;
+#else
 #include "talk/base/physicalsocketserver.h"
-
+typedef talk_base::PhysicalSocketServer DefaultSocketServer;
+#endif

 namespace talk_base {

@ -129,7 +134,7 @@ MessageQueue::MessageQueue(SocketServer* ss)
    // server, and provide it to the MessageQueue, since the Thread controls
    // the I/O model, and MQ is agnostic to those details.  Anyway, this causes
    // messagequeue_unittest to depend on network libraries... yuck.
-    default_ss_.reset(new PhysicalSocketServer());
+    default_ss_.reset(new DefaultSocketServer());
    ss_ = default_ss_.get();
  }
  ss_->SetMessageQueue(this);
--- a/talk/base/socket.h
+++ b/talk/base/socket.h
@ -28,6 +28,14 @@
 #ifndef TALK_BASE_SOCKET_H__
 #define TALK_BASE_SOCKET_H__

+#if defined(__native_client__)
+namespace talk_base {
+// These should never be defined or instantiated.
+class Socket;
+class AsyncSocket;
+}  // namespace talk_base
+#else
+
 #include <errno.h>

 #ifdef POSIX
@ -199,4 +207,5 @@ class Socket {

 }  // namespace talk_base

+#endif  // !__native_client__
 #endif  // TALK_BASE_SOCKET_H__
--- a/talk/base/sslfingerprint.h
+++ b/talk/base/sslfingerprint.h
@ -65,7 +65,7 @@ struct SSLFingerprint {

  static SSLFingerprint* CreateFromRfc4572(const std::string& algorithm,
                                           const std::string& fingerprint) {
-    if (algorithm.empty())
+    if (algorithm.empty() || !talk_base::IsFips180DigestAlgorithm(algorithm))
      return NULL;

    if (fingerprint.empty())
--- a/talk/base/stream.cc
+++ b/talk/base/stream.cc
@ -711,7 +711,7 @@ void AsyncWriteStream::ClearBufferAndWrite() {
  }
 }

-#ifdef POSIX
+#if defined(POSIX) && !defined(__native_client__)

 // Have to identically rewrite the FileStream destructor or else it would call
 // the base class's Close() instead of the sub-class's.
--- a/talk/base/stream.h
+++ b/talk/base/stream.h
@ -28,6 +28,8 @@
 #ifndef TALK_BASE_STREAM_H_
 #define TALK_BASE_STREAM_H_

+#include <stdio.h>
+
 #include "talk/base/basictypes.h"
 #include "talk/base/buffer.h"
 #include "talk/base/criticalsection.h"
@ -497,7 +499,6 @@ class CircularFileStream : public FileStream {
  size_t read_segment_available_;
 };

-
 // A stream which pushes writes onto a separate thread and
 // returns from the write call immediately.
 class AsyncWriteStream : public StreamInterface {
@ -539,7 +540,7 @@ class AsyncWriteStream : public StreamInterface {
 };


-#ifdef POSIX
+#if defined(POSIX) && !defined(__native_client__)
 // A FileStream that is actually not a file, but the output or input of a
 // sub-command. See "man 3 popen" for documentation of the underlying OS popen()
 // function.
--- a/talk/base/unixfilesystem.cc
+++ b/talk/base/unixfilesystem.cc
@ -50,7 +50,6 @@
 #include <limits.h>
 #include <pwd.h>
 #include <stdio.h>
-#include <unistd.h>
 #endif  // POSIX && !OSX

 #if defined(LINUX)
@ -368,6 +367,8 @@ bool UnixFilesystem::GetAppPathname(Pathname* path) {
  if (success)
    path->SetPathname(path8);
  return success;
+#elif defined(__native_client__)
+  return false;
 #else  // OSX
  char buffer[NAME_MAX+1];
  size_t len = readlink("/proc/self/exe", buffer, ARRAY_SIZE(buffer) - 1);
@ -453,6 +454,7 @@ bool UnixFilesystem::GetAppDataFolder(Pathname* path, bool per_user) {
  if (!CreateFolder(*path, 0700)) {
    return false;
  }
+#if !defined(__native_client__)
  // If the folder already exists, it may have the wrong mode or be owned by
  // someone else, both of which are security problems. Setting the mode
  // avoids both issues since it will fail if the path is not owned by us.
@ -460,6 +462,7 @@ bool UnixFilesystem::GetAppDataFolder(Pathname* path, bool per_user) {
    LOG_ERR(LS_ERROR) << "Can't set mode on " << path;
    return false;
  }
+#endif
  return true;
 }

@ -553,3 +556,11 @@ char* UnixFilesystem::CopyString(const std::string& str) {
 }

 }  // namespace talk_base
+
+#if defined(__native_client__)
+extern "C" int __attribute__((weak))
+link(const char* oldpath, const char* newpath) {
+  errno = EACCES;
+  return -1;
+}
+#endif