In its stead, there's now a SetEventCallback() method.
Bug: webrtc:11943
Change-Id: If936d6e1e23e8a584f06feb123ecf2d450ea4145
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/319040
Commit-Queue: Tomas Gunnarsson <tommi@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#42187}
This is a follow-up to:
https://webrtc-review.googlesource.com/c/src/+/318640
The problem was that the scoped field trials in the tests only
applied to the construction of the streams, not the handshake.
Note, although the changes are in OpenSSLStreamAdapter, this CL
actually fixes the SSLStreamAdapterTestDTLSExtensionPermutation tests
in rtc_base/ssl_stream_adapter_unittest.cc.
Bug: webrtc:15467
Change-Id: I25cdd758aab1bc67fd7a6a61c956c6d52f82e3d1
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/344762
Commit-Queue: Tomas Gunnarsson <tommi@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#41976}
which has been enabled by default since M84. This was still available
under an enterprise policy which is gone since M121:
https://chromiumdash.appspot.com/commit/39d28bb7657b482f1fdcab81ca88371d8914809b
BUG=webrtc:10261,chromium:1132854
Change-Id: Icd534342b60799b7862bc3e7edda6825de7ae976
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/317360
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Guido Urdaneta <guidou@webrtc.org>
Commit-Queue: Philipp Hancke <phancke@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#41145}
Also removing has_slots depdency from OpenSSLStreamAdapter and moving
it to the OpenSSLStreamAdapter subclass where it's still needed.
Bug: webrtc:11943
Change-Id: Ibcae5ea1efff146d78b32bb0eca63d7f44ed08c1
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/318885
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Tomas Gunnarsson <tommi@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#40702}
Remove internal use of SignalSSLHandshakeError and prepare removal of
sigslot dependency from SSLStreamAdapter.
Bug: webrtc:11943
Change-Id: I9768e2e31529945620bdd8d0d285042bb2388b7b
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/318881
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Tomas Gunnarsson <tommi@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#40695}
This cleans up the last vestiges of the old interface for rtc::StreamInterface
and will cause builds to refer to the old functions to fail.
Bug: webrtc:14632
Change-Id: I569b16677754d7f9e08449e273672a59a86e6498
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/283844
Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Tomas Gunnarsson <tommi@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#38784}
After changing base functions to a CHECK instead of an =0, these
are no longer needed.
Bug: webrtc:14632
Change-Id: If3f1a62905cf433486f4974b2153c9210d1e045b
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/283542
Reviewed-by: Tomas Gunnarsson <tommi@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#38643}
Updates the code to use the new interfaces
Bug: webrtc:14632
Change-Id: I33b2a25b5968de0251e3cbc84076afc013ecef6e
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/282680
Reviewed-by: Tomas Gunnarsson <tommi@webrtc.org>
Reviewed-by: Danil Chapovalov <danilchap@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#38601}
This is part of a large-scale effort to increase adoption of
absl::string_view across the WebRTC code base.
This CL converts the majority of "const std::string&"s in function
parameters under rtc_base/ to absl::string_view.
Bug: webrtc:13579
Change-Id: I2b1e3776aa42326aa405f76bb324a2d233b21dca
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/254081
Reviewed-by: Niels Moller <nisse@webrtc.org>
Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
Reviewed-by: Xavier Lepaul <xalep@webrtc.org>
Reviewed-by: Anders Lilienthal <andersc@webrtc.org>
Reviewed-by: Per Kjellander <perkj@webrtc.org>
Commit-Queue: Ali Tofigh <alito@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#36239}
Using CRYPTO_BUFFERs instead of legacy X509 objects offers memory and
security gains, and will provide binary size improvements as well once
the default list of built-in certificates can be removed; the code
dealing with them still depends on the X509 API.
Implemented by splitting openssl_identity and openssl_certificate
into BoringSSL and vanilla OpenSSL implementations.
No-Try: True
Bug: webrtc:11410
Change-Id: I86ddb361b94ad85b15ebb8743490de83632ca53f
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/196941
Commit-Queue: Mirko Bonadei <mbonadei@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#32818}
This reverts commit 72f638a9a2.
Reason for revert: downstream build failures
Original change's description:
> Use CRYPTO_BUFFER APIs instead of X509 when building with BoringSSL.
>
> Using CRYPTO_BUFFERs instead of legacy X509 objects offers memory and
> security gains, and will provide binary size improvements as well once
> the default list of built-in certificates can be removed; the code
> dealing with them still depends on the X509 API.
>
> Implemented by splitting openssl_identity and openssl_certificate
> into BoringSSL and vanilla OpenSSL implementations.
>
> Bug: webrtc:11410
> Change-Id: Idc043462faac5e4ab1b75bedab2057197f80aba6
> Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/174120
> Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
> Reviewed-by: David Benjamin <davidben@webrtc.org>
> Reviewed-by: Harald Alvestrand <hta@webrtc.org>
> Commit-Queue: Taylor <deadbeef@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#32811}
TBR=deadbeef@webrtc.org,mbonadei@webrtc.org,davidben@webrtc.org,hta@webrtc.org
Change-Id: Ib5e55cb5798a2f3d25a4460f5311d2e650d3fa82
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: webrtc:11410
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/196742
Reviewed-by: Sam Zackrisson <saza@webrtc.org>
Commit-Queue: Sam Zackrisson <saza@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#32812}
Using CRYPTO_BUFFERs instead of legacy X509 objects offers memory and
security gains, and will provide binary size improvements as well once
the default list of built-in certificates can be removed; the code
dealing with them still depends on the X509 API.
Implemented by splitting openssl_identity and openssl_certificate
into BoringSSL and vanilla OpenSSL implementations.
Bug: webrtc:11410
Change-Id: Idc043462faac5e4ab1b75bedab2057197f80aba6
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/174120
Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
Reviewed-by: David Benjamin <davidben@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Taylor <deadbeef@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#32811}
This includes relying on related types such as MessageData and
PostEvent functionality inside the StreamInterface itself.
This affects mostly tests but OpenSSLStreamAdapter
requires special attention.
Bug: webrtc:11988
Change-Id: Ib5c895f1bdf77bb49e3162bd49718f8a98812d91
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/185505
Commit-Queue: Tommi <tommi@webrtc.org>
Reviewed-by: Karl Wiberg <kwiberg@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#32290}
This reverts commit af1f8655b2
Landing the change with default set to
"enabled" (DTLS 1.0 will continue to work by default),
so that flipping the default can be a separate CL.
Original change's description:
> Revert "Disable DTLS 1.0, TLS 1.0 and TLS 1.1 downgrade in WebRTC."
>
> This reverts commit 7276b974b7.
>
> Reason for revert: Changing to a later Chrome release.
>
> Original change's description:
> > Disable DTLS 1.0, TLS 1.0 and TLS 1.1 downgrade in WebRTC.
> >
> > This change disables DTLS 1.0, TLS 1.0 and TLS 1.1 in WebRTC by default. This
> > is part of a larger effort at Google to remove old TLS protocols:
> > https://security.googleblog.com/2018/10/modernizing-transport-security.html
> >
> > For the M74 timeline I have added a disabled by default field trial
> > WebRTC-LegacyTlsProtocols which can be enabled to support these cipher suites
> > as consumers move away from these legacy cipher protocols but it will be off
> > in Chrome.
> >
> > This is compliant with the webrtc-security-arch specification which states:
> >
> > All Implementations MUST implement DTLS 1.2 with the
> > TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite and the P-256
> > curve [FIPS186]. Earlier drafts of this specification required DTLS
> > 1.0 with the cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, and
> > at the time of this writing some implementations do not support DTLS
> > 1.2; endpoints which support only DTLS 1.2 might encounter
> > interoperability issues. The DTLS-SRTP protection profile
> > SRTP_AES128_CM_HMAC_SHA1_80 MUST be supported for SRTP.
> > Implementations MUST favor cipher suites which support (Perfect
> > Forward Secrecy) PFS over non-PFS cipher suites and SHOULD favor AEAD
> > over non-AEAD cipher suites.
> >
> > Bug: webrtc:10261
> > Change-Id: I847c567592911cc437f095376ad67585b4355fc0
> > Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/125141
> > Commit-Queue: Benjamin Wright <benwright@webrtc.org>
> > Reviewed-by: David Benjamin <davidben@webrtc.org>
> > Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
> > Cr-Commit-Position: refs/heads/master@{#27006}
>
> TBR=steveanton@webrtc.org,davidben@webrtc.org,qingsi@webrtc.org,benwright@webrtc.org
>
> # Not skipping CQ checks because original CL landed > 1 day ago.
>
> Bug: webrtc:10261
> Change-Id: I34727e65c069e1fb2ad71838828ad0a22b5fe811
> Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/130367
> Commit-Queue: Benjamin Wright <benwright@webrtc.org>
> Reviewed-by: Benjamin Wright <benwright@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#27403}
Bug: webrtc:10261
Change-Id: I28c6819d37665976e396df280b4abf48fb91d533
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/169851
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#30733}
This is part of a CL series merging rtc::MessageQueue into rtc::Thread.
Bug: webrtc:9883
Change-Id: I3cb857cc707d5e897759366d1478cc1ec19bce9a
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/165344
Reviewed-by: Stefan Holmer <stefan@webrtc.org>
Commit-Queue: Sebastian Jansson <srte@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#30180}
Bug: chromium:1018077
Change-Id: I585d4064f39e5f9d268b408ebf6ae13a056c778a
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/158403
Reviewed-by: Henrik Boström <hbos@webrtc.org>
Reviewed-by: Steve Anton <steveanton@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#29628}
This reverts commit 7276b974b7.
Reason for revert: Changing to a later Chrome release.
Original change's description:
> Disable DTLS 1.0, TLS 1.0 and TLS 1.1 downgrade in WebRTC.
>
> This change disables DTLS 1.0, TLS 1.0 and TLS 1.1 in WebRTC by default. This
> is part of a larger effort at Google to remove old TLS protocols:
> https://security.googleblog.com/2018/10/modernizing-transport-security.html
>
> For the M74 timeline I have added a disabled by default field trial
> WebRTC-LegacyTlsProtocols which can be enabled to support these cipher suites
> as consumers move away from these legacy cipher protocols but it will be off
> in Chrome.
>
> This is compliant with the webrtc-security-arch specification which states:
>
> All Implementations MUST implement DTLS 1.2 with the
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite and the P-256
> curve [FIPS186]. Earlier drafts of this specification required DTLS
> 1.0 with the cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, and
> at the time of this writing some implementations do not support DTLS
> 1.2; endpoints which support only DTLS 1.2 might encounter
> interoperability issues. The DTLS-SRTP protection profile
> SRTP_AES128_CM_HMAC_SHA1_80 MUST be supported for SRTP.
> Implementations MUST favor cipher suites which support (Perfect
> Forward Secrecy) PFS over non-PFS cipher suites and SHOULD favor AEAD
> over non-AEAD cipher suites.
>
> Bug: webrtc:10261
> Change-Id: I847c567592911cc437f095376ad67585b4355fc0
> Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/125141
> Commit-Queue: Benjamin Wright <benwright@webrtc.org>
> Reviewed-by: David Benjamin <davidben@webrtc.org>
> Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#27006}
TBR=steveanton@webrtc.org,davidben@webrtc.org,qingsi@webrtc.org,benwright@webrtc.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: webrtc:10261
Change-Id: I34727e65c069e1fb2ad71838828ad0a22b5fe811
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/130367
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Benjamin Wright <benwright@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#27403}
This change disables DTLS 1.0, TLS 1.0 and TLS 1.1 in WebRTC by default. This
is part of a larger effort at Google to remove old TLS protocols:
https://security.googleblog.com/2018/10/modernizing-transport-security.html
For the M74 timeline I have added a disabled by default field trial
WebRTC-LegacyTlsProtocols which can be enabled to support these cipher suites
as consumers move away from these legacy cipher protocols but it will be off
in Chrome.
This is compliant with the webrtc-security-arch specification which states:
All Implementations MUST implement DTLS 1.2 with the
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite and the P-256
curve [FIPS186]. Earlier drafts of this specification required DTLS
1.0 with the cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, and
at the time of this writing some implementations do not support DTLS
1.2; endpoints which support only DTLS 1.2 might encounter
interoperability issues. The DTLS-SRTP protection profile
SRTP_AES128_CM_HMAC_SHA1_80 MUST be supported for SRTP.
Implementations MUST favor cipher suites which support (Perfect
Forward Secrecy) PFS over non-PFS cipher suites and SHOULD favor AEAD
over non-AEAD cipher suites.
Bug: webrtc:10261
Change-Id: I847c567592911cc437f095376ad67585b4355fc0
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/125141
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: David Benjamin <davidben@webrtc.org>
Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#27006}
