zqz/platform-external-webrtc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert of Removing #defines previously used for building without BoringSSL/OpenSSL. (patchset #2 id:20001 of https://codereview.webrtc.org/2640513002/ )

Browse Source 
Reason for revert:
Broke chromium build, due to a config being removed. Will add it back and remove the dependency in a chromium CL.

Original issue's description:
> Removing #defines previously used for building without BoringSSL/OpenSSL.
>
> These defines don't work any more, so they only cause confusion:
>
> FEATURE_ENABLE_SSL
> HAVE_OPENSSL_SSL_H
> SSL_USE_OPENSSL
>
> BUG=webrtc:7025
>
> Review-Url: https://codereview.webrtc.org/2640513002
> Cr-Commit-Position: refs/heads/master@{#16196}
> Committed: eaa826c2ee

TBR=kjellander@webrtc.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=webrtc:7025

Review-Url: https://codereview.webrtc.org/2648003003
Cr-Commit-Position: refs/heads/master@{#16197}
This commit is contained in:
deadbeef
2017-01-20 17:01:45 -08:00
committed by Commit bot
parent eaa826c2ee
commit f33491ebaf
24 changed files with 447 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
webrtc/base/opensslstreamadapter.cc
View File

@ -8,6 +8,8 @@
* be found in the AUTHORS file in the root of the source tree.
*/
#if HAVE_OPENSSL_SSL_H
#include "webrtc/base/opensslstreamadapter.h"
#include <openssl/bio.h>
@ -43,10 +45,11 @@ namespace {
namespace rtc {
#if (OPENSSL_VERSION_NUMBER < 0x10001000L)
#error "webrtc requires at least OpenSSL version 1.0.1, to support DTLS-SRTP"
#if (OPENSSL_VERSION_NUMBER >= 0x10001000L)
#define HAVE_DTLS_SRTP
#endif
#ifdef HAVE_DTLS_SRTP
// SRTP cipher suite table. |internal_name| is used to construct a
// colon-separated profile strings which is needed by
// SSL_CTX_set_tlsext_use_srtp().
@ -62,6 +65,7 @@ static SrtpCipherMapEntry SrtpCipherMap[] = {
{"SRTP_AEAD_AES_128_GCM", SRTP_AEAD_AES_128_GCM},
{"SRTP_AEAD_AES_256_GCM", SRTP_AEAD_AES_256_GCM},
{nullptr, 0}};
#endif
#ifdef OPENSSL_IS_BORINGSSL
// Not used in production code. Actual time should be relative to Jan 1, 1970.
@ -428,6 +432,7 @@ bool OpenSSLStreamAdapter::ExportKeyingMaterial(const std::string& label,
bool use_context,
uint8_t* result,
size_t result_len) {
#ifdef HAVE_DTLS_SRTP
int i;
i = SSL_export_keying_material(ssl_, result, result_len, label.c_str(),
@ -438,10 +443,14 @@ bool OpenSSLStreamAdapter::ExportKeyingMaterial(const std::string& label,
return false;
return true;
#else
return false;
#endif
}
bool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites(
const std::vector<int>& ciphers) {
#ifdef HAVE_DTLS_SRTP
std::string internal_ciphers;
if (state_ != SSL_NONE)
@ -472,9 +481,13 @@ bool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites(
srtp_ciphers_ = internal_ciphers;
return true;
#else
return false;
#endif
}
bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) {
#ifdef HAVE_DTLS_SRTP
RTC_DCHECK(state_ == SSL_CONNECTED);
if (state_ != SSL_CONNECTED)
return false;
@ -488,6 +501,9 @@ bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) {
*crypto_suite = srtp_profile->id;
RTC_DCHECK(!SrtpCryptoSuiteToName(*crypto_suite).empty());
return true;
#else
return false;
#endif
}
bool OpenSSLStreamAdapter::IsTlsConnected() {
@ -1080,12 +1096,14 @@ SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() {
SSL_CTX_set_cipher_list(ctx,
"DEFAULT:!NULL:!aNULL:!SHA256:!SHA384:!aECDH:!AESGCM+AES256:!aPSK");
#ifdef HAVE_DTLS_SRTP
if (!srtp_ciphers_.empty()) {
if (SSL_CTX_set_tlsext_use_srtp(ctx, srtp_ciphers_.c_str())) {
SSL_CTX_free(ctx);
return NULL;
}
}
#endif
return ctx;
}
@ -1151,6 +1169,26 @@ int OpenSSLStreamAdapter::SSLVerifyCallback(int ok, X509_STORE_CTX* store) {
return stream->VerifyPeerCertificate();
}
bool OpenSSLStreamAdapter::HaveDtls() {
return true;
}
bool OpenSSLStreamAdapter::HaveDtlsSrtp() {
#ifdef HAVE_DTLS_SRTP
return true;
#else
return false;
#endif
}
bool OpenSSLStreamAdapter::HaveExporter() {
#ifdef HAVE_DTLS_SRTP
return true;
#else
return false;
#endif
}
bool OpenSSLStreamAdapter::IsBoringSsl() {
#ifdef OPENSSL_IS_BORINGSSL
return true;
@ -1235,3 +1273,5 @@ void OpenSSLStreamAdapter::enable_time_callback_for_testing() {
}
} // namespace rtc
#endif // HAVE_OPENSSL_SSL_H