a9b1ec0247
1) Added SetMode() to SSLAdapter and OpenSSLAdapter so the mode can be set to
SSL_MODE_DTLS
2) OpenSSLAdapter overrides SendTo() and RecvFrom() to handle calls from
TurnPort via AsyncUdpSocket
3) OpenSSLAdapter derives from MessageHandler to implement an internal DTLS
timer
4) Updated SSLAdapter unit tests
BUG=
R=juberti@webrtc.org
Review URL: https://webrtc-codereview.appspot.com/19059004
git-svn-id: http://webrtc.googlecode.com/svn/trunk@7981 4adac7df-926f-26a2-2b94-8c16560cd09d
100 lines
3.0 KiB
C++
100 lines
3.0 KiB
C++
/*
|
|
* Copyright 2004 The WebRTC Project Authors. All rights reserved.
|
|
*
|
|
* Use of this source code is governed by a BSD-style license
|
|
* that can be found in the LICENSE file in the root of the source
|
|
* tree. An additional intellectual property rights grant can be found
|
|
* in the file PATENTS. All contributing project authors may
|
|
* be found in the AUTHORS file in the root of the source tree.
|
|
*/
|
|
|
|
#ifndef WEBRTC_BASE_OPENSSLADAPTER_H__
|
|
#define WEBRTC_BASE_OPENSSLADAPTER_H__
|
|
|
|
#include <string>
|
|
#include "webrtc/base/messagehandler.h"
|
|
#include "webrtc/base/messagequeue.h"
|
|
#include "webrtc/base/ssladapter.h"
|
|
|
|
typedef struct ssl_st SSL;
|
|
typedef struct ssl_ctx_st SSL_CTX;
|
|
typedef struct x509_store_ctx_st X509_STORE_CTX;
|
|
|
|
namespace rtc {
|
|
|
|
///////////////////////////////////////////////////////////////////////////////
|
|
|
|
class OpenSSLAdapter : public SSLAdapter, public MessageHandler {
|
|
public:
|
|
static bool InitializeSSL(VerificationCallback callback);
|
|
static bool InitializeSSLThread();
|
|
static bool CleanupSSL();
|
|
|
|
OpenSSLAdapter(AsyncSocket* socket);
|
|
virtual ~OpenSSLAdapter();
|
|
|
|
virtual void SetMode(SSLMode mode);
|
|
virtual int StartSSL(const char* hostname, bool restartable);
|
|
virtual int Send(const void* pv, size_t cb);
|
|
virtual int SendTo(const void* pv, size_t cb, const SocketAddress& addr);
|
|
virtual int Recv(void* pv, size_t cb);
|
|
virtual int RecvFrom(void* pv, size_t cb, SocketAddress* paddr);
|
|
virtual int Close();
|
|
|
|
// Note that the socket returns ST_CONNECTING while SSL is being negotiated.
|
|
virtual ConnState GetState() const;
|
|
|
|
protected:
|
|
virtual void OnConnectEvent(AsyncSocket* socket);
|
|
virtual void OnReadEvent(AsyncSocket* socket);
|
|
virtual void OnWriteEvent(AsyncSocket* socket);
|
|
virtual void OnCloseEvent(AsyncSocket* socket, int err);
|
|
|
|
private:
|
|
enum SSLState {
|
|
SSL_NONE, SSL_WAIT, SSL_CONNECTING, SSL_CONNECTED, SSL_ERROR
|
|
};
|
|
|
|
enum { MSG_TIMEOUT };
|
|
|
|
int BeginSSL();
|
|
int ContinueSSL();
|
|
void Error(const char* context, int err, bool signal = true);
|
|
void Cleanup();
|
|
|
|
virtual void OnMessage(Message* msg);
|
|
|
|
static bool VerifyServerName(SSL* ssl, const char* host,
|
|
bool ignore_bad_cert);
|
|
bool SSLPostConnectionCheck(SSL* ssl, const char* host);
|
|
#if _DEBUG
|
|
static void SSLInfoCallback(const SSL* s, int where, int ret);
|
|
#endif // !_DEBUG
|
|
static int SSLVerifyCallback(int ok, X509_STORE_CTX* store);
|
|
static VerificationCallback custom_verify_callback_;
|
|
friend class OpenSSLStreamAdapter; // for custom_verify_callback_;
|
|
|
|
static bool ConfigureTrustedRootCertificates(SSL_CTX* ctx);
|
|
SSL_CTX* SetupSSLContext();
|
|
|
|
SSLState state_;
|
|
bool ssl_read_needs_write_;
|
|
bool ssl_write_needs_read_;
|
|
// If true, socket will retain SSL configuration after Close.
|
|
bool restartable_;
|
|
|
|
SSL* ssl_;
|
|
SSL_CTX* ssl_ctx_;
|
|
std::string ssl_host_name_;
|
|
// Do DTLS or not
|
|
SSLMode ssl_mode_;
|
|
|
|
bool custom_verification_succeeded_;
|
|
};
|
|
|
|
/////////////////////////////////////////////////////////////////////////////
|
|
|
|
} // namespace rtc
|
|
|
|
#endif // WEBRTC_BASE_OPENSSLADAPTER_H__
|