commit 0483362377fb38556009f2101816fa565885eef9
author hnsl <hnsl@webrtc.org> Mon Jan 09 08:35:45 2017 -0800
committer Commit bot <commit-bot@chromium.org> Mon Jan 09 16:35:45 2017 +0000
tree 6f37388bc2311686ce3ea61f81a9f65184c6283b
parent 4843dd13aa3426d9a3caee768fc015d8731c5d18

Add disabled certificate check support to IceServer PeerConnection API.

Refactor "OPT_SSLTCP" renaming it to "OPT_TLS_FAKE", making it clear
that it's not actually some kind of SSL over TCP. Also making it clear
that it's mutually exclusive with OPT_TLS. Maintaining deprecated
backwards compatible support for "OPT_SSLTCP".

Add "OPT_TLS_INSECURE" that implements the new certificate-check
disabled TLS mode, which is also mutually exclusive with the other
TLS options.

PortAllocator: Add a new TLS policy enum TlsCertPolicy which defines
the new insecure mode and added it as a RelayCredentials member.

TurnPort: Add new TLS policy member with appropriate getter and setter
to avoid constructor bloat. Initialize it from the RelayCredentials
after the TurnPort is created.

Expose the new feature in the PeerConnection API via
IceServer.tls_certificate_policy as well as via the Android JNI
PeerConnection API.

For security reasons we ensure that:

	1) The policy is always explicitly initialized to secure.
        2) API users have to explicitly integrate with the feature to
           use it, and will otherwise get no change in behavior.
	3) The feature is not immediately exposed in non-native
	   contexts. For example, disabling of certificate validation
           is not implemented via URI parsing since this would
           immediately allow it to be used from a web page.

This is a second attempt of https://codereview.webrtc.org/2557803002/
which was rolled back in https://codereview.webrtc.org/2590153002/

BUG=webrtc:6840

Review-Url: https://codereview.webrtc.org/2594623002
Cr-Commit-Position: refs/heads/master@{#15967}

webrtc/api/peerconnectioninterface.h

diff --git a/webrtc/api/peerconnectioninterface.h b/webrtc/api/peerconnectioninterface.h
index e81eee2..5f5a58b4 100644
--- a/webrtc/api/peerconnectioninterface.h
+++ b/webrtc/api/peerconnectioninterface.h
@@ -216,15 +216,28 @@
     kIceConnectionMax,
   };
 
+  // TLS certificate policy.
+  enum TlsCertPolicy {
+    // For TLS based protocols, ensure the connection is secure by not
+    // circumventing certificate validation.
+    kTlsCertPolicySecure,
+    // For TLS based protocols, disregard security completely by skipping
+    // certificate validation. This is insecure and should never be used unless
+    // security is irrelevant in that particular context.
+    kTlsCertPolicyInsecureNoCheck,
+  };
+
   struct IceServer {
     // TODO(jbauch): Remove uri when all code using it has switched to urls.
     std::string uri;
     std::vector<std::string> urls;
     std::string username;
     std::string password;
+    TlsCertPolicy tls_cert_policy = kTlsCertPolicySecure;
+
     bool operator==(const IceServer& o) const {
       return uri == o.uri && urls == o.urls && username == o.username &&
-             password == o.password;
+             password == o.password && tls_cert_policy == o.tls_cert_policy;
     }
     bool operator!=(const IceServer& o) const { return !(*this == o); }
   };