Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / c03627683fc2181981bd5207c2fdba6b5bd7a67c^! / . / webrtc / rtc_base / openssladapter.h
commitc03627683fc2181981bd5207c2fdba6b5bd7a67c[log] [tgz]
authorHenrik Kjellander <kjellander@webrtc.org>Thu Jun 29 08:03:04 2017 +0200
committerHenrik Kjellander <kjellander@webrtc.org>Thu Jun 29 06:04:25 2017 +0000
tree45c66ca881a3c28918f4170a950a5e39a1f27a57
parentec78f1cebcbf1181d93450bd9c91efe8f6a7688d [diff] [blame]
Reland "Move webrtc/{base => rtc_base}" (https://codereview.webrtc.org/2877023002)

Reland the base->rtc_base without adding stub headers (will be
done in follow-up CL). This preserves git blame history of all files.

BUG=webrtc:7634
NOTRY=True
TBR=kwiberg@webrtc.org

Change-Id: Iea3bb6f3f67b8374c96337b63e8f5aa3e6181012
Reviewed-on: https://chromium-review.googlesource.com/554611
Reviewed-by: Henrik Kjellander <kjellander@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#18821}
diff --git a/webrtc/rtc_base/openssladapter.h b/webrtc/rtc_base/openssladapter.h
new file mode 100644
index 0000000..7080b8b
--- /dev/null
+++ b/webrtc/rtc_base/openssladapter.h

@@ -0,0 +1,113 @@
+/*
+ *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+#ifndef WEBRTC_RTC_BASE_OPENSSLADAPTER_H_
+#define WEBRTC_RTC_BASE_OPENSSLADAPTER_H_
+
+#include <string>
+#include "webrtc/base/buffer.h"
+#include "webrtc/base/messagehandler.h"
+#include "webrtc/base/messagequeue.h"
+#include "webrtc/base/ssladapter.h"
+
+typedef struct ssl_st SSL;
+typedef struct ssl_ctx_st SSL_CTX;
+typedef struct x509_store_ctx_st X509_STORE_CTX;
+
+namespace rtc {
+
+///////////////////////////////////////////////////////////////////////////////
+
+class OpenSSLAdapter : public SSLAdapter, public MessageHandler {
+public:
+  static bool InitializeSSL(VerificationCallback callback);
+  static bool InitializeSSLThread();
+  static bool CleanupSSL();
+
+  OpenSSLAdapter(AsyncSocket* socket);
+  ~OpenSSLAdapter() override;
+
+  void SetMode(SSLMode mode) override;
+  int StartSSL(const char* hostname, bool restartable) override;
+  int Send(const void* pv, size_t cb) override;
+  int SendTo(const void* pv, size_t cb, const SocketAddress& addr) override;
+  int Recv(void* pv, size_t cb, int64_t* timestamp) override;
+  int RecvFrom(void* pv,
+               size_t cb,
+               SocketAddress* paddr,
+               int64_t* timestamp) override;
+  int Close() override;
+
+  // Note that the socket returns ST_CONNECTING while SSL is being negotiated.
+  ConnState GetState() const override;
+
+protected:
+ void OnConnectEvent(AsyncSocket* socket) override;
+ void OnReadEvent(AsyncSocket* socket) override;
+ void OnWriteEvent(AsyncSocket* socket) override;
+ void OnCloseEvent(AsyncSocket* socket, int err) override;
+
+private:
+  enum SSLState {
+    SSL_NONE, SSL_WAIT, SSL_CONNECTING, SSL_CONNECTED, SSL_ERROR
+  };
+
+  enum { MSG_TIMEOUT };
+
+  int BeginSSL();
+  int ContinueSSL();
+  void Error(const char* context, int err, bool signal = true);
+  void Cleanup();
+
+  // Return value and arguments have the same meanings as for Send; |error| is
+  // an output parameter filled with the result of SSL_get_error.
+  int DoSslWrite(const void* pv, size_t cb, int* error);
+
+  void OnMessage(Message* msg) override;
+
+  static bool VerifyServerName(SSL* ssl, const char* host,
+                               bool ignore_bad_cert);
+  bool SSLPostConnectionCheck(SSL* ssl, const char* host);
+#if !defined(NDEBUG)
+  static void SSLInfoCallback(const SSL* s, int where, int ret);
+#endif
+  static int SSLVerifyCallback(int ok, X509_STORE_CTX* store);
+  static VerificationCallback custom_verify_callback_;
+  friend class OpenSSLStreamAdapter;  // for custom_verify_callback_;
+
+  static bool ConfigureTrustedRootCertificates(SSL_CTX* ctx);
+  SSL_CTX* SetupSSLContext();
+
+  SSLState state_;
+  bool ssl_read_needs_write_;
+  bool ssl_write_needs_read_;
+  // If true, socket will retain SSL configuration after Close.
+  bool restartable_;
+
+  // This buffer is used if SSL_write fails with SSL_ERROR_WANT_WRITE, which
+  // means we need to keep retrying with *the same exact data* until it
+  // succeeds. Afterwards it will be cleared.
+  Buffer pending_data_;
+
+  SSL* ssl_;
+  SSL_CTX* ssl_ctx_;
+  std::string ssl_host_name_;
+  // Do DTLS or not
+  SSLMode ssl_mode_;
+
+  bool custom_verification_succeeded_;
+};
+
+/////////////////////////////////////////////////////////////////////////////
+
+} // namespace rtc
+
+
+#endif // WEBRTC_RTC_BASE_OPENSSLADAPTER_H_