blob: 76560e9f032b122f98da2309dc19592dcab5b80d [file] [log] [blame]
mikescarlett6459f842016-03-04 09:55:02 -08001/*
2 * Copyright 2016 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11#ifndef WEBRTC_P2P_QUIC_QUICTRANSPORTCHANNEL_H_
12#define WEBRTC_P2P_QUIC_QUICTRANSPORTCHANNEL_H_
13
kwiberg3ec46792016-04-27 07:22:53 -070014#include <memory>
mikescarlett6459f842016-03-04 09:55:02 -080015#include <string>
16#include <vector>
17
mikescarlettf5377682016-03-29 12:14:55 -070018#include "net/quic/quic_crypto_client_stream.h"
mikescarlett6459f842016-03-04 09:55:02 -080019#include "net/quic/quic_packet_writer.h"
kwiberg84f6a3f2017-09-05 08:43:13 -070020#include "webrtc/api/optional.h"
mikescarlett6459f842016-03-04 09:55:02 -080021#include "webrtc/p2p/base/transportchannelimpl.h"
22#include "webrtc/p2p/quic/quicconnectionhelper.h"
23#include "webrtc/p2p/quic/quicsession.h"
Edward Lemurc20978e2017-07-06 19:44:34 +020024#include "webrtc/rtc_base/constructormagic.h"
mikescarlett6459f842016-03-04 09:55:02 -080025
26namespace cricket {
27
28enum QuicTransportState {
29 // Haven't started QUIC handshake.
30 QUIC_TRANSPORT_NEW = 0,
31 // Started QUIC handshake.
32 QUIC_TRANSPORT_CONNECTING,
33 // Negotiated, and has an encrypted connection.
34 QUIC_TRANSPORT_CONNECTED,
35 // QUIC connection closed due to handshake failure or explicit shutdown.
36 QUIC_TRANSPORT_CLOSED,
37};
38
39// QuicTransportChannel uses the QUIC protocol to establish encryption with
40// another peer, wrapping an existing TransportChannelImpl instance
41// (e.g a P2PTransportChannel) responsible for connecting peers.
42// Once the wrapped transport channel is connected, QuicTransportChannel
43// negotiates the crypto handshake and establishes SRTP keying material.
44//
45// How it works:
46//
47// QuicTransportChannel {
48// QuicSession* quic_;
49// TransportChannelImpl* channel_;
50// }
51//
mikescarlett18b67a52016-04-11 16:56:23 -070052// - Data written to SendPacket() is passed directly to |channel_| if it is
mikescarlett6459f842016-03-04 09:55:02 -080053// an SRTP packet with the PF_SRTP_BYPASS flag.
54//
55// - |quic_| passes outgoing packets to WritePacket(), which transfers them
56// to |channel_| to be sent across the network.
57//
58// - Data which comes into QuicTransportChannel::OnReadPacket is checked to
59// see if it is QUIC, and if it is, passed to |quic_|. SRTP packets are
60// signaled upwards as bypass packets.
61//
62// - When the QUIC handshake is completed, quic_state() returns
63// QUIC_TRANSPORT_CONNECTED and SRTP keying material can be exported.
64//
mikescarlett18b67a52016-04-11 16:56:23 -070065// - CreateQuicStream() creates an outgoing QUIC stream. Once the local peer
66// sends data from this stream, the remote peer emits SignalIncomingStream
67// with a QUIC stream of the same id to handle received data.
68//
69// TODO(mikescarlett): Implement secure QUIC handshake and 0-RTT handshakes.
mikescarlett6459f842016-03-04 09:55:02 -080070class QuicTransportChannel : public TransportChannelImpl,
71 public net::QuicPacketWriter,
72 public net::QuicCryptoClientStream::ProofHandler {
73 public:
74 // |channel| - the TransportChannelImpl we are wrapping.
75 explicit QuicTransportChannel(TransportChannelImpl* channel);
76 ~QuicTransportChannel() override;
77
78 // TransportChannel overrides.
79 // TODO(mikescarlett): Implement certificate authentication.
80 bool SetLocalCertificate(
81 const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) override;
82 rtc::scoped_refptr<rtc::RTCCertificate> GetLocalCertificate() const override;
83 // TODO(mikescarlett): Implement fingerprint authentication.
84 bool SetRemoteFingerprint(const std::string& digest_alg,
85 const uint8_t* digest,
86 size_t digest_len) override;
87 // TODO(mikescarlett): Remove this DTLS-specific method when TransportChannel
88 // does not require defining it.
89 bool IsDtlsActive() const override { return true; }
90 // Sends a RTP packet if the PF_SRTP_BYPASS flag is set.
91 int SendPacket(const char* data,
92 size_t size,
93 const rtc::PacketOptions& options,
94 int flags) override;
95 // Sets up the ciphers to use for SRTP.
96 // TODO(mikescarlett): Use SRTP ciphers for negotiation.
97 bool SetSrtpCryptoSuites(const std::vector<int>& ciphers) override {
98 return true;
99 }
100 // Determines which SRTP cipher was negotiated.
101 // TODO(mikescarlett): Implement QUIC cipher negotiation. This currently
102 // returns SRTP_AES128_CM_SHA1_80.
103 bool GetSrtpCryptoSuite(int* cipher) override;
104 bool SetSslRole(rtc::SSLRole role) override;
105 bool GetSslRole(rtc::SSLRole* role) const override;
106 // Determines which SSL cipher was negotiated.
107 // TODO(mikescarlett): Implement QUIC cipher negotiation.
108 bool GetSslCipherSuite(int* cipher) override { return false; }
109 // Once QUIC is established (i.e., |quic_state_| is QUIC_TRANSPORT_CONNECTED),
110 // this extracts the keys negotiated during the QUIC handshake, for use
111 // in external encryption such as for extracting SRTP keys.
112 bool ExportKeyingMaterial(const std::string& label,
113 const uint8_t* context,
114 size_t context_len,
115 bool use_context,
116 uint8_t* result,
117 size_t result_len) override;
118 // TODO(mikescarlett): Remove this method once TransportChannel does not
119 // require defining it.
kwiberg3ec46792016-04-27 07:22:53 -0700120 std::unique_ptr<rtc::SSLCertificate> GetRemoteSSLCertificate()
mikescarlett18b67a52016-04-11 16:56:23 -0700121 const override {
122 return nullptr;
mikescarlett6459f842016-03-04 09:55:02 -0800123 }
124
125 // TransportChannelImpl overrides that we forward to the wrapped transport.
126 void SetIceRole(IceRole role) override { channel_->SetIceRole(role); }
127 IceRole GetIceRole() const override { return channel_->GetIceRole(); }
128 int SetOption(rtc::Socket::Option opt, int value) override {
129 return channel_->SetOption(opt, value);
130 }
131 bool GetOption(rtc::Socket::Option opt, int* value) override {
132 return channel_->GetOption(opt, value);
133 }
134 int GetError() override { return channel_->GetError(); }
135 bool GetStats(ConnectionInfos* infos) override {
136 return channel_->GetStats(infos);
137 }
138 const std::string SessionId() const override { return channel_->SessionId(); }
139 TransportChannelState GetState() const override {
140 return channel_->GetState();
141 }
142 void SetIceTiebreaker(uint64_t tiebreaker) override {
143 channel_->SetIceTiebreaker(tiebreaker);
144 }
Honghai Zhang4cedf2b2016-08-31 08:18:11 -0700145 void SetIceParameters(const IceParameters& ice_params) override {
146 channel_->SetIceParameters(ice_params);
mikescarlett6459f842016-03-04 09:55:02 -0800147 }
Honghai Zhang4cedf2b2016-08-31 08:18:11 -0700148 void SetRemoteIceParameters(const IceParameters& ice_params) override {
149 channel_->SetRemoteIceParameters(ice_params);
mikescarlett6459f842016-03-04 09:55:02 -0800150 }
151 void SetRemoteIceMode(IceMode mode) override {
152 channel_->SetRemoteIceMode(mode);
153 }
154 void MaybeStartGathering() override { channel_->MaybeStartGathering(); }
155 IceGatheringState gathering_state() const override {
156 return channel_->gathering_state();
157 }
158 void AddRemoteCandidate(const Candidate& candidate) override {
159 channel_->AddRemoteCandidate(candidate);
160 }
mikescarlettf5377682016-03-29 12:14:55 -0700161 void RemoveRemoteCandidate(const Candidate& candidate) override {
162 channel_->RemoveRemoteCandidate(candidate);
163 }
mikescarlett6459f842016-03-04 09:55:02 -0800164 void SetIceConfig(const IceConfig& config) override {
165 channel_->SetIceConfig(config);
166 }
mikescarlett6459f842016-03-04 09:55:02 -0800167
168 // QuicPacketWriter overrides.
169 // Called from net::QuicConnection when |quic_| has packets to write.
170 net::WriteResult WritePacket(const char* buffer,
171 size_t buf_len,
mikescarlettf5377682016-03-29 12:14:55 -0700172 const net::IPAddress& self_address,
173 const net::IPEndPoint& peer_address,
174 net::PerPacketOptions* options) override;
mikescarlett6459f842016-03-04 09:55:02 -0800175 // Whether QuicTransportChannel buffers data when unable to write. If this is
176 // set to false, then net::QuicConnection buffers unsent packets.
177 bool IsWriteBlockedDataBuffered() const override { return false; }
178 // Whether QuicTransportChannel is write blocked. If this returns true,
179 // outgoing QUIC packets are queued by net::QuicConnection until
180 // QuicTransportChannel::OnCanWrite() is called.
181 bool IsWriteBlocked() const override;
182 // Maximum size of the QUIC packet which can be written.
183 net::QuicByteCount GetMaxPacketSize(
184 const net::IPEndPoint& peer_address) const override {
185 return net::kMaxPacketSize;
186 }
187 // This method is not used -- call set_writable(bool writable) instead.
188 // TODO(miekscarlett): Remove this method once QuicPacketWriter does not
189 // require defining it.
190 void SetWritable() override {}
191
192 // QuicCryptoClientStream::ProofHandler overrides.
193 // Called by client crypto handshake when cached proof is marked valid.
194 void OnProofValid(
195 const net::QuicCryptoClientConfig::CachedState& cached) override;
196 // Called by the client crypto handshake when proof verification details
197 // become available, either because proof verification is complete, or when
198 // cached details are used.
199 void OnProofVerifyDetailsAvailable(
200 const net::ProofVerifyDetails& verify_details) override;
201
Honghai Zhangd93f50c2016-10-05 11:47:22 -0700202 void SetMetricsObserver(webrtc::MetricsObserverInterface* observer) override {
203 channel_->SetMetricsObserver(observer);
204 }
205
mikescarlett6459f842016-03-04 09:55:02 -0800206 // Returns true if |quic_| has queued data which wasn't written due
207 // to |channel_| being write blocked.
208 bool HasDataToWrite() const;
209 // Writes queued data for |quic_| when |channel_| is no longer write blocked.
210 void OnCanWrite();
211 // Connectivity state of QuicTransportChannel.
212 QuicTransportState quic_state() const { return quic_state_; }
mikescarlett18b67a52016-04-11 16:56:23 -0700213 // Creates a new QUIC stream that can send data.
214 ReliableQuicStream* CreateQuicStream();
215
zhihuang9763d562016-08-05 11:14:50 -0700216 TransportChannelImpl* ice_transport_channel() { return channel_.get(); }
217
mikescarlett18b67a52016-04-11 16:56:23 -0700218 // Emitted when |quic_| creates a QUIC stream to receive data from the remote
219 // peer, when the stream did not exist previously.
220 sigslot::signal1<ReliableQuicStream*> SignalIncomingStream;
221 // Emitted when the QuicTransportChannel state becomes QUIC_TRANSPORT_CLOSED.
222 sigslot::signal0<> SignalClosed;
mikescarlett6459f842016-03-04 09:55:02 -0800223
224 private:
225 // Fingerprint of remote peer.
226 struct RemoteFingerprint {
227 std::string value;
228 std::string algorithm;
229 };
230
231 // Callbacks for |channel_|.
232 void OnReadableState(TransportChannel* channel);
233 void OnWritableState(TransportChannel* channel);
234 void OnReadPacket(TransportChannel* channel,
235 const char* data,
236 size_t size,
237 const rtc::PacketTime& packet_time,
238 int flags);
239 void OnSentPacket(TransportChannel* channel,
240 const rtc::SentPacket& sent_packet);
241 void OnReadyToSend(TransportChannel* channel);
242 void OnReceivingState(TransportChannel* channel);
243 void OnGatheringState(TransportChannelImpl* channel);
244 void OnCandidateGathered(TransportChannelImpl* channel, const Candidate& c);
245 void OnRoleConflict(TransportChannelImpl* channel);
246 void OnRouteChange(TransportChannel* channel, const Candidate& candidate);
Honghai Zhangcc411c02016-03-29 17:27:21 -0700247 void OnSelectedCandidatePairChanged(
248 TransportChannel* channel,
Honghai Zhang52dce732016-03-31 12:37:31 -0700249 CandidatePairInterface* selected_candidate_pair,
Taylor Brandstetter6bb1ef22016-06-27 18:09:03 -0700250 int last_sent_packet_id,
251 bool ready_to_send);
Honghai Zhang1590c392016-05-24 13:15:02 -0700252 void OnChannelStateChanged(TransportChannelImpl* channel);
mikescarlett6459f842016-03-04 09:55:02 -0800253
254 // Callbacks for |quic_|.
255 // Called when |quic_| has established the crypto handshake.
256 void OnHandshakeComplete();
257 // Called when |quic_| has closed the connection.
258 void OnConnectionClosed(net::QuicErrorCode error, bool from_peer);
mikescarlett18b67a52016-04-11 16:56:23 -0700259 // Called when |quic_| has created a new QUIC stream for incoming data.
260 void OnIncomingStream(ReliableQuicStream* stream);
mikescarlett6459f842016-03-04 09:55:02 -0800261
262 // Called by OnReadPacket() when a QUIC packet is received.
263 bool HandleQuicPacket(const char* data, size_t size);
264 // Sets up the QUIC handshake.
265 bool MaybeStartQuic();
266 // Creates the QUIC connection and |quic_|.
267 bool CreateQuicSession();
268 // Creates the crypto stream and initializes the handshake.
269 bool StartQuicHandshake();
270 // Sets the QuicTransportChannel connectivity state.
271 void set_quic_state(QuicTransportState state);
272
273 // Everything should occur on this thread.
johan27c3d5b2016-10-17 00:54:57 -0700274 rtc::Thread* network_thread_;
mikescarlett6459f842016-03-04 09:55:02 -0800275 // Underlying channel which is responsible for connecting with the remote peer
276 // and sending/receiving packets across the network.
mikescarlette7748672016-04-29 20:20:54 -0700277 std::unique_ptr<TransportChannelImpl> channel_;
mikescarlett6459f842016-03-04 09:55:02 -0800278 // Connectivity state of QuicTransportChannel.
279 QuicTransportState quic_state_ = QUIC_TRANSPORT_NEW;
280 // QUIC session which establishes the crypto handshake and converts data
281 // to/from QUIC packets.
kwiberg3ec46792016-04-27 07:22:53 -0700282 std::unique_ptr<QuicSession> quic_;
mikescarlett6459f842016-03-04 09:55:02 -0800283 // Non-crypto config for |quic_|.
284 net::QuicConfig config_;
285 // Helper for net::QuicConnection that provides timing and
286 // random number generation.
287 QuicConnectionHelper helper_;
288 // This peer's role in the QUIC crypto handshake. SSL_CLIENT implies this peer
289 // initiates the handshake, while SSL_SERVER implies the remote peer initiates
290 // the handshake. This must be set before we start QUIC.
291 rtc::Optional<rtc::SSLRole> ssl_role_;
292 // Config for QUIC crypto client stream, used when |ssl_role_| is SSL_CLIENT.
kwiberg3ec46792016-04-27 07:22:53 -0700293 std::unique_ptr<net::QuicCryptoClientConfig> quic_crypto_client_config_;
mikescarlett6459f842016-03-04 09:55:02 -0800294 // Config for QUIC crypto server stream, used when |ssl_role_| is SSL_SERVER.
kwiberg3ec46792016-04-27 07:22:53 -0700295 std::unique_ptr<net::QuicCryptoServerConfig> quic_crypto_server_config_;
mikescarlett8d37d292016-04-29 15:35:00 -0700296 // Used by QUIC crypto server stream to track most recently compressed certs.
297 std::unique_ptr<net::QuicCompressedCertsCache> quic_compressed_certs_cache_;
mikescarlett6459f842016-03-04 09:55:02 -0800298 // This peer's certificate.
299 rtc::scoped_refptr<rtc::RTCCertificate> local_certificate_;
300 // Fingerprint of the remote peer. This must be set before we start QUIC.
301 rtc::Optional<RemoteFingerprint> remote_fingerprint_;
302
303 RTC_DISALLOW_COPY_AND_ASSIGN(QuicTransportChannel);
304};
305
306} // namespace cricket
307
308#endif // WEBRTC_P2P_QUIC_QUICTRANSPORTCHANNEL_H_