Revert of Add disabled certificate check support to IceServer PeerConnection API. (patchset #8 id:140001 of https://codereview.webrtc.org/2557803002/ )

Reason for revert: This CL broke all Chromium WebRTC FYI bots. A roll+fix was attempted here: https://codereview.chromium.org/2590783003/, but failed to land. I'm reverting this CL now to make the tree green again. Make the API change gradual when you reland so that we can update Chromium between. Original issue's description: > Add disabled certificate check support to IceServer PeerConnection API. > > Refactor "OPT_SSLTCP" renaming it to "OPT_TLS_FAKE", making it clear > that it's not actually some kind of SSL over TCP. Also making it clear > that it's mutually exclusive with OPT_TLS. > > Add "OPT_TLS_INSECURE" that implements the new certificate-check > disabled TLS mode, which is also mutually exclusive with the other > TLS options. > > PortAllocator: Add a new TLS policy enum TlsCertPolicy which defines > the new insecure mode and added it as a RelayCredentials member. > > TurnPort: Add new TLS policy member with appropriate getter and setter > to avoid constructor bloat. Initialize it from the RelayCredentials > after the TurnPort is created. > > Expose the new feature in the PeerConnection API via > IceServer.tls_certificate_policy as well as via the Android JNI > PeerConnection API. > > For security reasons we ensure that: > > 1) The policy is always explicitly initialized to secure. > 2) API users have to explicitly integrate with the feature to > use it, and will otherwise get no change in behavior. > 3) The feature is not immediately exposed in non-native > contexts. For example, disabling of certificate validation > is not implemented via URI parsing since this would > immediately allow it to be used from a web page. > > BUG=webrtc:6840 > > Review-Url: https://codereview.webrtc.org/2557803002 > Cr-Commit-Position: refs/heads/master@{#15670} > Committed: b0f04fdb9e TBR=pthatcher@webrtc.org,deadbeef@webrtc.org,hnsl@webrtc.org # Skipping CQ checks because original CL landed less than 1 days ago. NOPRESUBMIT=true NOTREECHECKS=true NOTRY=true BUG=webrtc:6840 Review-Url: https://codereview.webrtc.org/2590153002 Cr-Commit-Position: refs/heads/master@{#15703}
2016-12-20 02:22:06 -08:00
parent 03ab4e7818
commit d5236e2948
14 changed files with 18 additions and 136 deletions
--- a/webrtc/sdk/android/src/jni/classreferenceholder.cc
+++ b/webrtc/sdk/android/src/jni/classreferenceholder.cc
@ -82,7 +82,6 @@ ClassReferenceHolder::ClassReferenceHolder(JNIEnv* jni) {
  LoadClass(jni, "org/webrtc/PeerConnection$IceGatheringState");
  LoadClass(jni, "org/webrtc/PeerConnection$IceTransportsType");
  LoadClass(jni, "org/webrtc/PeerConnection$TcpCandidatePolicy");
-  LoadClass(jni, "org/webrtc/PeerConnection$TlsCertPolicy");
  LoadClass(jni, "org/webrtc/PeerConnection$CandidateNetworkPolicy");
  LoadClass(jni, "org/webrtc/PeerConnection$KeyType");
  LoadClass(jni, "org/webrtc/PeerConnection$SignalingState");
--- a/webrtc/sdk/android/src/jni/peerconnection_jni.cc
+++ b/webrtc/sdk/android/src/jni/peerconnection_jni.cc
@ -1566,23 +1566,6 @@ static PeerConnectionInterface::ContinualGatheringPolicy
  return PeerConnectionInterface::GATHER_ONCE;
 }

-static PeerConnectionInterface::TlsCertPolicy JavaTlsCertPolicyTypeToNativeType(
-    JNIEnv* jni,
-    jobject j_ice_server_tls_cert_policy) {
-  std::string enum_name =
-      GetJavaEnumName(jni, "org/webrtc/PeerConnection$TlsCertPolicy",
-                      j_ice_server_tls_cert_policy);
-
-  if (enum_name == "TLS_CERT_POLICY_SECURE")
-    return PeerConnectionInterface::kTlsCertPolicySecure;
-
-  if (enum_name == "TLS_CERT_POLICY_INSECURE_NO_CHECK")
-    return PeerConnectionInterface::kTlsCertPolicyInsecureNoCheck;
-
-  RTC_CHECK(false) << "Unexpected TlsCertPolicy enum_name " << enum_name;
-  return PeerConnectionInterface::kTlsCertPolicySecure;
-}
-
 static void JavaIceServersToJsepIceServers(
    JNIEnv* jni, jobject j_ice_servers,
    PeerConnectionInterface::IceServers* ice_servers) {
@ -1594,24 +1577,16 @@ static void JavaIceServersToJsepIceServers(
        GetFieldID(jni, j_ice_server_class, "username", "Ljava/lang/String;");
    jfieldID j_ice_server_password_id =
        GetFieldID(jni, j_ice_server_class, "password", "Ljava/lang/String;");
-    jfieldID j_ice_server_tls_cert_policy_id =
-        GetFieldID(jni, j_ice_server_class, "tlsCertPolicy",
-                   "Lorg/webrtc/PeerConnection$TlsCertPolicy;");
-    jobject j_ice_server_tls_cert_policy =
-        GetObjectField(jni, j_ice_server, j_ice_server_tls_cert_policy_id);
    jstring uri = reinterpret_cast<jstring>(
        GetObjectField(jni, j_ice_server, j_ice_server_uri_id));
    jstring username = reinterpret_cast<jstring>(
        GetObjectField(jni, j_ice_server, j_ice_server_username_id));
    jstring password = reinterpret_cast<jstring>(
        GetObjectField(jni, j_ice_server, j_ice_server_password_id));
-    PeerConnectionInterface::TlsCertPolicy tls_cert_policy =
-        JavaTlsCertPolicyTypeToNativeType(jni, j_ice_server_tls_cert_policy);
    PeerConnectionInterface::IceServer server;
    server.uri = JavaToStdString(jni, uri);
    server.username = JavaToStdString(jni, username);
    server.password = JavaToStdString(jni, password);
-    server.tls_cert_policy = tls_cert_policy;
    ice_servers->push_back(server);
  }
 }