This reverts commit 4f085434b9.
Reason for revert: breaks downstream projects.
Original change's description:
> Add SSLConfig object to IceServer.
>
> This is a rollforward of https://webrtc-review.googlesource.com/c/src/+/96020,
> with the addition of setting the old tlsCertPolicy, tlsAlpnProtocols and
> tlsEllipticCurves in the RTCIceServer initializer, for backwards compatibility.
>
> Bug: webrtc:9662
> Change-Id: I28706ed4ff5abe3f7f913f105779f0e5412aeac5
> Reviewed-on: https://webrtc-review.googlesource.com/98762
> Commit-Queue: Diogo Real <diogor@google.com>
> Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
> Reviewed-by: Kári Helgason <kthelgason@webrtc.org>
> Reviewed-by: Steve Anton <steveanton@webrtc.org>
> Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#24696}
TBR=steveanton@webrtc.org,sakal@webrtc.org,kwiberg@webrtc.org,kthelgason@webrtc.org,qingsi@webrtc.org,benwright@webrtc.org,diogor@google.com
Change-Id: I1cb64b63fec688b4ac90c2fa368eaf0bc11046af
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: webrtc:9662
Reviewed-on: https://webrtc-review.googlesource.com/99880
Reviewed-by: Sergey Silkin <ssilkin@webrtc.org>
Commit-Queue: Sergey Silkin <ssilkin@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24701}
This is a rollforward of https://webrtc-review.googlesource.com/c/src/+/96020,
with the addition of setting the old tlsCertPolicy, tlsAlpnProtocols and
tlsEllipticCurves in the RTCIceServer initializer, for backwards compatibility.
Bug: webrtc:9662
Change-Id: I28706ed4ff5abe3f7f913f105779f0e5412aeac5
Reviewed-on: https://webrtc-review.googlesource.com/98762
Commit-Queue: Diogo Real <diogor@google.com>
Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
Reviewed-by: Kári Helgason <kthelgason@webrtc.org>
Reviewed-by: Steve Anton <steveanton@webrtc.org>
Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24696}
This reverts commit 7f1ffcccce.
Reason for revert: Speculative revert
Original change's description:
> Add SSLConfig object to IceServer.
>
> This is being added to allow greater configurability to TLS connections.
> tlsAlpnProtocols, tlsEllipticCurves and tlsCertPolicy will be removed from IceServer in a
> follow-up CL.
>
> Bug: webrtc:9662
> Change-Id: I33cb804b02c26c662ed2a28c76f9a9dc2df40f36
> Reviewed-on: https://webrtc-review.googlesource.com/96020
> Commit-Queue: Diogo Real <diogor@google.com>
> Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
> Reviewed-by: Benjamin Wright <benwright@webrtc.org>
> Reviewed-by: Steve Anton <steveanton@webrtc.org>
> Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
> Reviewed-by: Kári Helgason <kthelgason@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#24559}
TBR=steveanton@webrtc.org,sakal@webrtc.org,kthelgason@webrtc.org,juberti@webrtc.org,emadomara@webrtc.org,qingsi@webrtc.org,benwright@webrtc.org,diogor@google.com
Change-Id: Iae9fc68b77f743876bda36fc2a04f6d791aae8e2
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: webrtc:9662
Reviewed-on: https://webrtc-review.googlesource.com/98000
Reviewed-by: Ying Wang <yinwa@webrtc.org>
Commit-Queue: Ying Wang <yinwa@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24563}
This is being added to allow greater configurability to TLS connections.
tlsAlpnProtocols, tlsEllipticCurves and tlsCertPolicy will be removed from IceServer in a
follow-up CL.
Bug: webrtc:9662
Change-Id: I33cb804b02c26c662ed2a28c76f9a9dc2df40f36
Reviewed-on: https://webrtc-review.googlesource.com/96020
Commit-Queue: Diogo Real <diogor@google.com>
Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
Reviewed-by: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Steve Anton <steveanton@webrtc.org>
Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
Reviewed-by: Kári Helgason <kthelgason@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24559}
Running clang-format with chromium's style guide.
The goal is n-fold:
* providing consistency and readability (that's what code guidelines are for)
* preventing noise with presubmit checks and git cl format
* building on the previous point: making it easier to automatically fix format issues
* you name it
Please consider using git-hyper-blame to ignore this commit.
Bug: webrtc:9340
Change-Id: I694567c4cdf8cee2860958cfe82bfaf25848bb87
Reviewed-on: https://webrtc-review.googlesource.com/81185
Reviewed-by: Patrik Höglund <phoglund@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#23660}
This extends the API surface so that
custom certificates can be provided by an API user in both the standalone and
factory creation paths for the OpenSSLAdapter. Prior to this change the SSL
roots were hardcoded in a header file and directly included into
openssladapter.cc. This forces the 100 kilobytes of certificates to always be
compiled into the library. This is undesirable in certain linking cases where
these certificates can be shared from another binary that already has an
equivalent set of trusted roots hard coded into the binary.
Support for removing the hard coded SSL roots has also been added through a new
build flag. By default the hard coded SSL roots will be included and will be
used if no other trusted root certificates are provided.
The main goal of this CL is to reduce total binary size requirements of WebRTC
by about 100kb in certain applications where adding these certificates is
redundant.
Change-Id: Ifd36d92b5cb32d1b3098a61ddfc244d76df8f30f
Bug: chromium:526260
Change-Id: Ifd36d92b5cb32d1b3098a61ddfc244d76df8f30f
Reviewed-on: https://webrtc-review.googlesource.com/64841
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Karl Wiberg <kwiberg@webrtc.org>
Reviewed-by: Taylor Brandstetter <deadbeef@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#23180}
This changeset refactors the OpenSSLSessionCache out of the Factory. Instead of
directly injecting a pointer to the factory to each OpenSSLAdapter instead just
a pointer to the OpenSSLSessionCache is submitted which the Factory is the sole
owner of. This provides a cleaner dependency injection interface and allows the
OpenSSLSessionCache to be tested independently of the factory that uses it. It
also allows for the factories role to be more clearly defined allowing for
additional dependency injection in future updates.
This change also removes the habit of having OpenSSL typedefs around certain
functions and instead uses the standardised ossl_typ.h header which contains
these typedefs. This makes the headers more directly tied to just what they are
responsible for doing.
Bug: webrtc:9085
Change-Id: I7938178b70acc613856139d387a1b46928dca6ad
Reviewed-on: https://webrtc-review.googlesource.com/66941
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Taylor Brandstetter <deadbeef@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#22758}
This changeset addresses concerns about how the OpenSSLAdapter does certificate
name matching. The current approach has a number of issues which are outlined
in the bug description. The approach taken in this changeset is to use the
standard function X509_check_host which should correctly parse the wildcard
expansions and is directly supported in OpenSSL instead of attempting my own
implementation. This changeset uses this as an opportunity to add additional
parameter checking and refactoring logging code out of the main code path.
Bug: webrtc:8888
Change-Id: Iaffe1daddcd52193ba674489f613ce8515b81e91
Reviewed-on: https://webrtc-review.googlesource.com/65022
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Taylor Brandstetter <deadbeef@webrtc.org>
Reviewed-by: Emad Omara <emadomara@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#22755}
OpenSSL is making a lot of data structure opaque, so we can no longer directly access internal data structure. Fortunately, API methods are provided for this purpose.
BoringSSL is sharing the same API.
Bug: webrtc:8817
Change-Id: Ia5090200f0e7c352f82e8191720ac4c14fbb5a85
Reviewed-on: https://webrtc-review.googlesource.com/47321
Commit-Queue: Tommi <tommi@webrtc.org>
Reviewed-by: Justin Uberti <juberti@webrtc.org>
Reviewed-by: Emad Omara <emadomara@webrtc.org>
Reviewed-by: Tommi <tommi@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#21895}
In https://webrtc-review.googlesource.com/c/src/+/1560 we moved WebRTC
from src/webrtc to src/ (in order to preserve an healthy git history).
This CL takes care of fixing header guards, #include paths, etc...
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
TBR=tommi@webrtc.org
Bug: chromium:611808
Change-Id: Iea91618212bee0af16aa3f05071eab8f93706578
Reviewed-on: https://webrtc-review.googlesource.com/1561
Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
Reviewed-by: Henrik Kjellander <kjellander@webrtc.org>
Commit-Queue: Mirko Bonadei <mbonadei@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#19846}
In order to eliminate the WebRTC Subtree mirror in Chromium,
WebRTC is moving the content of the src/webrtc directory up
to the src/ directory.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
TBR=tommi@webrtc.org
Bug: chromium:611808
Change-Id: Iac59c5b51b950f174119565bac87955a7994bc38
Reviewed-on: https://webrtc-review.googlesource.com/1560
Commit-Queue: Mirko Bonadei <mbonadei@webrtc.org>
Reviewed-by: Henrik Kjellander <kjellander@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#19845}
2017-09-15 04:25:06 +00:00
Renamed from webrtc/rtc_base/openssladapter.h (Browse further)
