This is a reland of 40261c3663
Note: Instead of changing the type of JsepTransportController->SignalSSLHandshakeError
added a new member with a different name and used it in webrtc code.
After this change do two more follow up CLs to completely remove the old code
from google3.
Original change's description:
> Replace sigslot usages with robocaller library.
>
> - Replace all the top level signals from jsep_transport_controller.
> - There are still sigslot usages in this file so keep the inheritance
> and that is the reason for not having a binary size gain in this CL.
>
> Bug: webrtc:11943
> Change-Id: I249d3b9710783aef70ba273e082ceeafe3056898
> Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/185540
> Commit-Queue: Lahiru Ginnaliya Gamathige <glahiru@webrtc.org>
> Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
> Reviewed-by: Karl Wiberg <kwiberg@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#32321}
Bug: webrtc:11943
Change-Id: Ia07394ee395f94836f6b576c3a97d119a7678e1a
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/186946
Commit-Queue: Lahiru Ginnaliya Gamathige <glahiru@webrtc.org>
Reviewed-by: Karl Wiberg <kwiberg@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#32359}
This reverts commit 40261c3663.
Reason for revert: Breaks downstream project
Original change's description:
> Replace sigslot usages with robocaller library.
>
> - Replace all the top level signals from jsep_transport_controller.
> - There are still sigslot usages in this file so keep the inheritance
> and that is the reason for not having a binary size gain in this CL.
>
> Bug: webrtc:11943
> Change-Id: I249d3b9710783aef70ba273e082ceeafe3056898
> Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/185540
> Commit-Queue: Lahiru Ginnaliya Gamathige <glahiru@webrtc.org>
> Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
> Reviewed-by: Karl Wiberg <kwiberg@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#32321}
TBR=mbonadei@webrtc.org,kwiberg@webrtc.org,glahiru@webrtc.org
Change-Id: Icf438f87c3d95940d858db3cc5848b23abb82fc4
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: webrtc:11943
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/186844
Reviewed-by: Sam Zackrisson <saza@webrtc.org>
Commit-Queue: Sam Zackrisson <saza@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#32324}
- Replace all the top level signals from jsep_transport_controller.
- There are still sigslot usages in this file so keep the inheritance
and that is the reason for not having a binary size gain in this CL.
Bug: webrtc:11943
Change-Id: I249d3b9710783aef70ba273e082ceeafe3056898
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/185540
Commit-Queue: Lahiru Ginnaliya Gamathige <glahiru@webrtc.org>
Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
Reviewed-by: Karl Wiberg <kwiberg@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#32321}
This reverts commit af1f8655b2
Landing the change with default set to
"enabled" (DTLS 1.0 will continue to work by default),
so that flipping the default can be a separate CL.
Original change's description:
> Revert "Disable DTLS 1.0, TLS 1.0 and TLS 1.1 downgrade in WebRTC."
>
> This reverts commit 7276b974b7.
>
> Reason for revert: Changing to a later Chrome release.
>
> Original change's description:
> > Disable DTLS 1.0, TLS 1.0 and TLS 1.1 downgrade in WebRTC.
> >
> > This change disables DTLS 1.0, TLS 1.0 and TLS 1.1 in WebRTC by default. This
> > is part of a larger effort at Google to remove old TLS protocols:
> > https://security.googleblog.com/2018/10/modernizing-transport-security.html
> >
> > For the M74 timeline I have added a disabled by default field trial
> > WebRTC-LegacyTlsProtocols which can be enabled to support these cipher suites
> > as consumers move away from these legacy cipher protocols but it will be off
> > in Chrome.
> >
> > This is compliant with the webrtc-security-arch specification which states:
> >
> > All Implementations MUST implement DTLS 1.2 with the
> > TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite and the P-256
> > curve [FIPS186]. Earlier drafts of this specification required DTLS
> > 1.0 with the cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, and
> > at the time of this writing some implementations do not support DTLS
> > 1.2; endpoints which support only DTLS 1.2 might encounter
> > interoperability issues. The DTLS-SRTP protection profile
> > SRTP_AES128_CM_HMAC_SHA1_80 MUST be supported for SRTP.
> > Implementations MUST favor cipher suites which support (Perfect
> > Forward Secrecy) PFS over non-PFS cipher suites and SHOULD favor AEAD
> > over non-AEAD cipher suites.
> >
> > Bug: webrtc:10261
> > Change-Id: I847c567592911cc437f095376ad67585b4355fc0
> > Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/125141
> > Commit-Queue: Benjamin Wright <benwright@webrtc.org>
> > Reviewed-by: David Benjamin <davidben@webrtc.org>
> > Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
> > Cr-Commit-Position: refs/heads/master@{#27006}
>
> TBR=steveanton@webrtc.org,davidben@webrtc.org,qingsi@webrtc.org,benwright@webrtc.org
>
> # Not skipping CQ checks because original CL landed > 1 day ago.
>
> Bug: webrtc:10261
> Change-Id: I34727e65c069e1fb2ad71838828ad0a22b5fe811
> Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/130367
> Commit-Queue: Benjamin Wright <benwright@webrtc.org>
> Reviewed-by: Benjamin Wright <benwright@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#27403}
Bug: webrtc:10261
Change-Id: I28c6819d37665976e396df280b4abf48fb91d533
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/169851
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#30733}
Bug: chromium:1018077
Change-Id: I585d4064f39e5f9d268b408ebf6ae13a056c778a
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/158403
Reviewed-by: Henrik Boström <hbos@webrtc.org>
Reviewed-by: Steve Anton <steveanton@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#29628}
This reverts commit 7276b974b7.
Reason for revert: Changing to a later Chrome release.
Original change's description:
> Disable DTLS 1.0, TLS 1.0 and TLS 1.1 downgrade in WebRTC.
>
> This change disables DTLS 1.0, TLS 1.0 and TLS 1.1 in WebRTC by default. This
> is part of a larger effort at Google to remove old TLS protocols:
> https://security.googleblog.com/2018/10/modernizing-transport-security.html
>
> For the M74 timeline I have added a disabled by default field trial
> WebRTC-LegacyTlsProtocols which can be enabled to support these cipher suites
> as consumers move away from these legacy cipher protocols but it will be off
> in Chrome.
>
> This is compliant with the webrtc-security-arch specification which states:
>
> All Implementations MUST implement DTLS 1.2 with the
> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite and the P-256
> curve [FIPS186]. Earlier drafts of this specification required DTLS
> 1.0 with the cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, and
> at the time of this writing some implementations do not support DTLS
> 1.2; endpoints which support only DTLS 1.2 might encounter
> interoperability issues. The DTLS-SRTP protection profile
> SRTP_AES128_CM_HMAC_SHA1_80 MUST be supported for SRTP.
> Implementations MUST favor cipher suites which support (Perfect
> Forward Secrecy) PFS over non-PFS cipher suites and SHOULD favor AEAD
> over non-AEAD cipher suites.
>
> Bug: webrtc:10261
> Change-Id: I847c567592911cc437f095376ad67585b4355fc0
> Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/125141
> Commit-Queue: Benjamin Wright <benwright@webrtc.org>
> Reviewed-by: David Benjamin <davidben@webrtc.org>
> Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#27006}
TBR=steveanton@webrtc.org,davidben@webrtc.org,qingsi@webrtc.org,benwright@webrtc.org
# Not skipping CQ checks because original CL landed > 1 day ago.
Bug: webrtc:10261
Change-Id: I34727e65c069e1fb2ad71838828ad0a22b5fe811
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/130367
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Benjamin Wright <benwright@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#27403}
This change disables DTLS 1.0, TLS 1.0 and TLS 1.1 in WebRTC by default. This
is part of a larger effort at Google to remove old TLS protocols:
https://security.googleblog.com/2018/10/modernizing-transport-security.html
For the M74 timeline I have added a disabled by default field trial
WebRTC-LegacyTlsProtocols which can be enabled to support these cipher suites
as consumers move away from these legacy cipher protocols but it will be off
in Chrome.
This is compliant with the webrtc-security-arch specification which states:
All Implementations MUST implement DTLS 1.2 with the
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite and the P-256
curve [FIPS186]. Earlier drafts of this specification required DTLS
1.0 with the cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, and
at the time of this writing some implementations do not support DTLS
1.2; endpoints which support only DTLS 1.2 might encounter
interoperability issues. The DTLS-SRTP protection profile
SRTP_AES128_CM_HMAC_SHA1_80 MUST be supported for SRTP.
Implementations MUST favor cipher suites which support (Perfect
Forward Secrecy) PFS over non-PFS cipher suites and SHOULD favor AEAD
over non-AEAD cipher suites.
Bug: webrtc:10261
Change-Id: I847c567592911cc437f095376ad67585b4355fc0
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/125141
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: David Benjamin <davidben@webrtc.org>
Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#27006}
