Revert "Add SSLConfig object to IceServer."
This reverts commit 7f1ffcccce563a086da037334aec2d4faa723edb.
Reason for revert: Speculative revert
Original change's description:
> Add SSLConfig object to IceServer.
>
> This is being added to allow greater configurability to TLS connections.
> tlsAlpnProtocols, tlsEllipticCurves and tlsCertPolicy will be removed from IceServer in a
> follow-up CL.
>
> Bug: webrtc:9662
> Change-Id: I33cb804b02c26c662ed2a28c76f9a9dc2df40f36
> Reviewed-on: https://webrtc-review.googlesource.com/96020
> Commit-Queue: Diogo Real <diogor@google.com>
> Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
> Reviewed-by: Benjamin Wright <benwright@webrtc.org>
> Reviewed-by: Steve Anton <steveanton@webrtc.org>
> Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
> Reviewed-by: Kári Helgason <kthelgason@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#24559}
TBR=steveanton@webrtc.org,sakal@webrtc.org,kthelgason@webrtc.org,juberti@webrtc.org,emadomara@webrtc.org,qingsi@webrtc.org,benwright@webrtc.org,diogor@google.com
Change-Id: Iae9fc68b77f743876bda36fc2a04f6d791aae8e2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: webrtc:9662
Reviewed-on: https://webrtc-review.googlesource.com/98000
Reviewed-by: Ying Wang <yinwa@webrtc.org>
Commit-Queue: Ying Wang <yinwa@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24563}diff --git a/sdk/android/api/org/webrtc/PeerConnection.java b/sdk/android/api/org/webrtc/PeerConnection.java
index d2a61e0..2f9adcf 100644
--- a/sdk/android/api/org/webrtc/PeerConnection.java
+++ b/sdk/android/api/org/webrtc/PeerConnection.java
@@ -71,180 +71,6 @@
}
}
- /**
- * Java version of PeerConnectionInterface::SSLConfig.
- *
- * Contains the configuration of any SSL/TLS connections that are initiated by
- * our client.
- */
- public static class SslConfig {
- /** Indicates whether to enable OCSP stapling in TLS. */
- public final boolean enableOcspStapling;
- /** Indicates whether to enable the signed certificate timestamp extension in TLS. */
- public final boolean enableSignedCertTimestamp;
- /** Indicates whether to enable the TLS Channel ID extension. */
- public final boolean enableTlsChannelId;
- /** Indicates whether to enable the TLS GREASE extension. */
- public final boolean enableGrease;
-
- /** Indicates how to process TURN server certificates */
- public final TlsCertPolicy tlsCertPolicy;
-
- /**
- * Highest supported SSL version, as defined in the supported_versions TLS extension.
- * If null, the default OpenSSL/BoringSSL max version will be used.
- */
- @Nullable public final Integer maxSslVersion;
-
- /**
- * List of protocols to be used in the TLS ALPN extension.
- * If null, the default list of OpenSSL/BoringSSL ALPN protocols will be used.
- */
- @Nullable public final List<String> tlsAlpnProtocols;
-
- /**
- * List of elliptic curves to be used in the TLS elliptic curves extension.
- * Only curve names supported by OpenSSL should be used (eg. "P-256","X25519").
- * If null, the default list of OpenSSL/BoringSSL curves will be used.
- */
- @Nullable public final List<String> tlsEllipticCurves;
-
- private SslConfig(boolean enableOcspStapling, boolean enableSignedCertTimestamp,
- boolean enableTlsChannelId, boolean enableGrease, TlsCertPolicy tlsCertPolicy,
- Integer maxSslVersion, List<String> tlsAlpnProtocols, List<String> tlsEllipticCurves) {
- this.enableOcspStapling = enableOcspStapling;
- this.enableSignedCertTimestamp = enableSignedCertTimestamp;
- this.enableTlsChannelId = enableTlsChannelId;
- this.enableGrease = enableGrease;
- this.tlsCertPolicy = tlsCertPolicy;
- this.maxSslVersion = maxSslVersion;
- if (tlsAlpnProtocols != null) {
- this.tlsAlpnProtocols = Collections.unmodifiableList(tlsAlpnProtocols);
- } else {
- this.tlsAlpnProtocols = null;
- }
- if (tlsEllipticCurves != null) {
- this.tlsEllipticCurves = Collections.unmodifiableList(tlsEllipticCurves);
- } else {
- this.tlsEllipticCurves = null;
- }
- }
-
- @Override
- public String toString() {
- return "[enableOcspStapling=" + enableOcspStapling + "] [enableSignedCertTimestamp="
- + enableSignedCertTimestamp + "] [enableTlsChannelId=" + enableTlsChannelId
- + "] [enableGrease=" + enableGrease + "] [tlsCertPolicy=" + tlsCertPolicy
- + "] [maxSslVersion=" + maxSslVersion + "] [tlsAlpnProtocols=" + tlsAlpnProtocols
- + "] [tlsEllipticCurves=" + tlsEllipticCurves + "]";
- }
-
- public static Builder builder() {
- return new Builder();
- }
-
- public static class Builder {
- private boolean enableOcspStapling = true;
- private boolean enableSignedCertTimestamp = true;
- private boolean enableTlsChannelId = false;
- private boolean enableGrease = false;
- private TlsCertPolicy tlsCertPolicy = TlsCertPolicy.TLS_CERT_POLICY_SECURE;
- @Nullable private Integer maxSslVersion = null;
- @Nullable private List<String> tlsAlpnProtocols = null;
- @Nullable private List<String> tlsEllipticCurves = null;
-
- private Builder() {}
-
- public Builder setEnableOcspStapling(boolean enableOcspStapling) {
- this.enableOcspStapling = enableOcspStapling;
- return this;
- }
-
- public Builder setEnableSignedCertTimestamp(boolean enableSignedCertTimestamp) {
- this.enableSignedCertTimestamp = enableSignedCertTimestamp;
- return this;
- }
-
- public Builder setEnableTlsChannelId(boolean enableTlsChannelId) {
- this.enableTlsChannelId = enableTlsChannelId;
- return this;
- }
-
- public Builder setEnableGrease(boolean enableGrease) {
- this.enableGrease = enableGrease;
- return this;
- }
-
- public Builder setTlsCertPolicy(TlsCertPolicy tlsCertPolicy) {
- this.tlsCertPolicy = tlsCertPolicy;
- return this;
- }
-
- public Builder setMaxSslVersion(int maxSslVersion) {
- this.maxSslVersion = maxSslVersion;
- return this;
- }
-
- public Builder setTlsAlpnProtocols(List<String> tlsAlpnProtocols) {
- this.tlsAlpnProtocols = tlsAlpnProtocols;
- return this;
- }
-
- public Builder setTlsEllipticCurves(List<String> tlsEllipticCurves) {
- this.tlsEllipticCurves = tlsEllipticCurves;
- return this;
- }
-
- public SslConfig createSslConfig() {
- return new SslConfig(enableOcspStapling, enableSignedCertTimestamp, enableTlsChannelId,
- enableGrease, tlsCertPolicy, maxSslVersion, tlsAlpnProtocols, tlsEllipticCurves);
- }
- }
-
- @CalledByNative("SslConfig")
- boolean getEnableOcspStapling() {
- return enableOcspStapling;
- }
-
- @CalledByNative("SslConfig")
- boolean getEnableSignedCertTimestamp() {
- return enableSignedCertTimestamp;
- }
-
- @CalledByNative("SslConfig")
- boolean getEnableTlsChannelId() {
- return enableTlsChannelId;
- }
-
- @CalledByNative("SslConfig")
- boolean getEnableGrease() {
- return enableGrease;
- }
-
- @CalledByNative("SslConfig")
- TlsCertPolicy getTlsCertPolicy() {
- return tlsCertPolicy;
- }
-
- @Nullable
- @CalledByNative("SslConfig")
- Integer getMaxSslVersion() {
- return maxSslVersion;
- }
-
- @Nullable
- @CalledByNative("SslConfig")
- List<String> getTlsAlpnProtocols() {
- return tlsAlpnProtocols;
- }
-
- @Nullable
- @CalledByNative("SslConfig")
- List<String> getTlsEllipticCurves() {
- return tlsEllipticCurves;
- }
- }
-
/** Java version of PeerConnectionObserver. */
public static interface Observer {
/** Triggered when the SignalingState changes. */
@@ -300,9 +126,7 @@
public final List<String> urls;
public final String username;
public final String password;
- // TODO(diogor, webrtc:9673): Remove tlsCertPolicy from this API.
- // This field will be ignored if tlsCertPolicy is also set in SslConfig.
- @Deprecated public final TlsCertPolicy tlsCertPolicy;
+ public final TlsCertPolicy tlsCertPolicy;
// If the URIs in |urls| only contain IP addresses, this field can be used
// to indicate the hostname, which may be necessary for TLS (using the SNI
@@ -310,18 +134,12 @@
// necessary.
public final String hostname;
- // TODO(diogor, webrtc:9673): Remove tlsAlpnProtocols from this API.
// List of protocols to be used in the TLS ALPN extension.
- @Deprecated public final List<String> tlsAlpnProtocols;
+ public final List<String> tlsAlpnProtocols;
- // TODO(diogor, webrtc:9673): Remove tlsEllipticCurves from this API.
// List of elliptic curves to be used in the TLS elliptic curves extension.
// Only curve names supported by OpenSSL should be used (eg. "P-256","X25519").
- // This field will be ignored if tlsEllipticCurves is also set in SslConfig.
- @Deprecated public final List<String> tlsEllipticCurves;
-
- // SSL configuration options for any SSL/TLS connections to this IceServer.
- public final SslConfig sslConfig;
+ public final List<String> tlsEllipticCurves;
/** Convenience constructor for STUN servers. */
@Deprecated
@@ -343,12 +161,12 @@
public IceServer(String uri, String username, String password, TlsCertPolicy tlsCertPolicy,
String hostname) {
this(uri, Collections.singletonList(uri), username, password, tlsCertPolicy, hostname, null,
- null, SslConfig.builder().createSslConfig());
+ null);
}
private IceServer(String uri, List<String> urls, String username, String password,
TlsCertPolicy tlsCertPolicy, String hostname, List<String> tlsAlpnProtocols,
- List<String> tlsEllipticCurves, SslConfig sslConfig) {
+ List<String> tlsEllipticCurves) {
if (uri == null || urls == null || urls.isEmpty()) {
throw new IllegalArgumentException("uri == null || urls == null || urls.isEmpty()");
}
@@ -374,13 +192,12 @@
this.hostname = hostname;
this.tlsAlpnProtocols = tlsAlpnProtocols;
this.tlsEllipticCurves = tlsEllipticCurves;
- this.sslConfig = sslConfig;
}
@Override
public String toString() {
return urls + " [" + username + ":" + password + "] [" + tlsCertPolicy + "] [" + hostname
- + "] [" + tlsAlpnProtocols + "] [" + tlsEllipticCurves + "] [" + sslConfig + "]";
+ + "] [" + tlsAlpnProtocols + "] [" + tlsEllipticCurves + "]";
}
public static Builder builder(String uri) {
@@ -399,7 +216,6 @@
private String hostname = "";
private List<String> tlsAlpnProtocols;
private List<String> tlsEllipticCurves;
- private SslConfig sslConfig = SslConfig.builder().createSslConfig();
private Builder(List<String> urls) {
if (urls == null || urls.isEmpty()) {
@@ -418,7 +234,6 @@
return this;
}
- @Deprecated
public Builder setTlsCertPolicy(TlsCertPolicy tlsCertPolicy) {
this.tlsCertPolicy = tlsCertPolicy;
return this;
@@ -429,26 +244,19 @@
return this;
}
- @Deprecated
public Builder setTlsAlpnProtocols(List<String> tlsAlpnProtocols) {
this.tlsAlpnProtocols = tlsAlpnProtocols;
return this;
}
- @Deprecated
public Builder setTlsEllipticCurves(List<String> tlsEllipticCurves) {
this.tlsEllipticCurves = tlsEllipticCurves;
return this;
}
- public Builder setSslConfig(SslConfig sslConfig) {
- this.sslConfig = sslConfig;
- return this;
- }
-
public IceServer createIceServer() {
return new IceServer(urls.get(0), urls, username, password, tlsCertPolicy, hostname,
- tlsAlpnProtocols, tlsEllipticCurves, sslConfig);
+ tlsAlpnProtocols, tlsEllipticCurves);
}
}
@@ -490,11 +298,6 @@
List<String> getTlsEllipticCurves() {
return tlsEllipticCurves;
}
-
- @CalledByNative("IceServer")
- SslConfig getSslConfig() {
- return sslConfig;
- }
}
/** Java version of PeerConnectionInterface.IceTransportsType */