Re-land: Add API to get negotiated SSL ciphers
This CL adds an API to the SSL stream adapters and transport channels to get the SSL cipher that was negotiated with the remote peer.
The previously approved CL https://webrtc-codereview.appspot.com/26009004/ was reverted in https://webrtc-codereview.appspot.com/40689004/ due to compilation issues while rolling into Chromium.
As the new method has landed in Chromium in https://crrev.com/bc321c76ace6e1d5a03440e554ccb207159802ec, this should be safe to land here now.
BUG=3976
R=pthatcher@webrtc.org
Review URL: https://webrtc-codereview.appspot.com/37209004
Cr-Commit-Position: refs/heads/master@{#8343}
git-svn-id: http://webrtc.googlecode.com/svn/trunk@8343 4adac7df-926f-26a2-2b94-8c16560cd09d
diff --git a/webrtc/base/sslstreamadapter_unittest.cc b/webrtc/base/sslstreamadapter_unittest.cc
index b9d477d..677be35 100644
--- a/webrtc/base/sslstreamadapter_unittest.cc
+++ b/webrtc/base/sslstreamadapter_unittest.cc
@@ -388,6 +388,13 @@
return server_ssl_->GetPeerCertificate(cert);
}
+ bool GetSslCipher(bool client, std::string *retval) {
+ if (client)
+ return client_ssl_->GetSslCipher(retval);
+ else
+ return server_ssl_->GetSslCipher(retval);
+ }
+
bool ExportKeyingMaterial(const char *label,
const unsigned char *context,
size_t context_len,
@@ -939,3 +946,17 @@
rtc::SSLCertChain* server_peer_chain;
ASSERT_FALSE(server_peer_cert->GetChain(&server_peer_chain));
}
+
+// Test getting the used DTLS ciphers.
+TEST_F(SSLStreamAdapterTestDTLS, TestGetSslCipher) {
+ MAYBE_SKIP_TEST(HaveDtls);
+ TestHandshake();
+
+ std::string client_cipher;
+ ASSERT_TRUE(GetSslCipher(true, &client_cipher));
+ std::string server_cipher;
+ ASSERT_TRUE(GetSslCipher(false, &server_cipher));
+
+ ASSERT_EQ(client_cipher, server_cipher);
+ ASSERT_EQ(rtc::SSLStreamAdapter::GetDefaultSslCipher(), client_cipher);
+}