mollyim/webrtc
1
0
Fork 0
mirror of https://github.com/mollyim/webrtc.git synced 2025-05-20 00:57:49 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
webrtc/rtc_base/ssladapter.h
Sergey Silkin 9c147ddc91 Revert "Add SSLConfig object to IceServer." 
This reverts commit 4f085434b9.

Reason for revert: breaks downstream projects.

Original change's description:
> Add SSLConfig object to IceServer.
> 
> This is a rollforward of https://webrtc-review.googlesource.com/c/src/+/96020,
> with the addition of setting the old tlsCertPolicy, tlsAlpnProtocols and
> tlsEllipticCurves in the RTCIceServer initializer, for backwards compatibility.
> 
> Bug: webrtc:9662
> Change-Id: I28706ed4ff5abe3f7f913f105779f0e5412aeac5
> Reviewed-on: https://webrtc-review.googlesource.com/98762
> Commit-Queue: Diogo Real <diogor@google.com>
> Reviewed-by: Sami Kalliomäki <sakal@webrtc.org>
> Reviewed-by: Kári Helgason <kthelgason@webrtc.org>
> Reviewed-by: Steve Anton <steveanton@webrtc.org>
> Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#24696}

TBR=steveanton@webrtc.org,sakal@webrtc.org,kwiberg@webrtc.org,kthelgason@webrtc.org,qingsi@webrtc.org,benwright@webrtc.org,diogor@google.com

Change-Id: I1cb64b63fec688b4ac90c2fa368eaf0bc11046af
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: webrtc:9662
Reviewed-on: https://webrtc-review.googlesource.com/99880
Reviewed-by: Sergey Silkin <ssilkin@webrtc.org>
Commit-Queue: Sergey Silkin <ssilkin@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#24701}
2018-09-12 10:46:04 +00:00

105 lines
4 KiB
C++
Raw Blame History

/*
* Copyright 2004 The WebRTC Project Authors. All rights reserved.
*
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
*/
#ifndef RTC_BASE_SSLADAPTER_H_
#define RTC_BASE_SSLADAPTER_H_
#include <string>
#include <vector>
#include "rtc_base/asyncsocket.h"
#include "rtc_base/sslcertificate.h"
#include "rtc_base/sslstreamadapter.h"
namespace rtc {
class SSLAdapter;
// Class for creating SSL adapters with shared state, e.g., a session cache,
// which allows clients to resume SSL sessions to previously-contacted hosts.
// Clients should create the factory using Create(), set up the factory as
// needed using SetMode, and then call CreateAdapter to create adapters when
// needed.
class SSLAdapterFactory {
public:
virtual ~SSLAdapterFactory() {}
// Specifies whether TLS or DTLS is to be used for the SSL adapters.
virtual void SetMode(SSLMode mode) = 0;
// Specify a custom certificate verifier for SSL.
virtual void SetCertVerifier(SSLCertificateVerifier* ssl_cert_verifier) = 0;
// Creates a new SSL adapter, but from a shared context.
virtual SSLAdapter* CreateAdapter(AsyncSocket* socket) = 0;
static SSLAdapterFactory* Create();
};
// Class that abstracts a client-to-server SSL session. It can be created
// standalone, via SSLAdapter::Create, or through a factory as described above,
// in which case it will share state with other SSLAdapters created from the
// same factory.
// After creation, call StartSSL to initiate the SSL handshake to the server.
class SSLAdapter : public AsyncSocketAdapter {
public:
explicit SSLAdapter(AsyncSocket* socket) : AsyncSocketAdapter(socket) {}
// Methods that control server certificate verification, used in unit tests.
// Do not call these methods in production code.
// TODO(juberti): Remove the opportunistic encryption mechanism in
// BasicPacketSocketFactory that uses this function.
virtual void SetIgnoreBadCert(bool ignore) = 0;
virtual void SetAlpnProtocols(const std::vector<std::string>& protos) = 0;
virtual void SetEllipticCurves(const std::vector<std::string>& curves) = 0;
// Do DTLS or TLS (default is TLS, if unspecified)
virtual void SetMode(SSLMode mode) = 0;
// Specify a custom certificate verifier for SSL.
virtual void SetCertVerifier(SSLCertificateVerifier* ssl_cert_verifier) = 0;
// Set the certificate this socket will present to incoming clients.
virtual void SetIdentity(SSLIdentity* identity) = 0;
// Choose whether the socket acts as a server socket or client socket.
virtual void SetRole(SSLRole role) = 0;
// StartSSL returns 0 if successful.
// If StartSSL is called while the socket is closed or connecting, the SSL
// negotiation will begin as soon as the socket connects.
// TODO(juberti): Remove |restartable|.
virtual int StartSSL(const char* hostname, bool restartable = false) = 0;
// When an SSLAdapterFactory is used, an SSLAdapter may be used to resume
// a previous SSL session, which results in an abbreviated handshake.
// This method, if called after SSL has been established for this adapter,
// indicates whether the current session is a resumption of a previous
// session.
virtual bool IsResumedSession() = 0;
// Create the default SSL adapter for this platform. On failure, returns null
// and deletes |socket|. Otherwise, the returned SSLAdapter takes ownership
// of |socket|.
static SSLAdapter* Create(AsyncSocket* socket);
};
///////////////////////////////////////////////////////////////////////////////
// Call this on the main thread, before using SSL.
// Call CleanupSSL when finished with SSL.
bool InitializeSSL();
// Call to cleanup additional threads, and also the main thread.
bool CleanupSSL();
} // namespace rtc
#endif // RTC_BASE_SSLADAPTER_H_
Reference in a new issue View git blame Copy permalink