OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 29 matching lines...) Expand all Loading... |
40 // same factory. | 40 // same factory. |
41 // After creation, call StartSSL to initiate the SSL handshake to the server. | 41 // After creation, call StartSSL to initiate the SSL handshake to the server. |
42 class SSLAdapter : public AsyncSocketAdapter { | 42 class SSLAdapter : public AsyncSocketAdapter { |
43 public: | 43 public: |
44 explicit SSLAdapter(AsyncSocket* socket) : AsyncSocketAdapter(socket) {} | 44 explicit SSLAdapter(AsyncSocket* socket) : AsyncSocketAdapter(socket) {} |
45 | 45 |
46 // Methods that control server certificate verification, used in unit tests. | 46 // Methods that control server certificate verification, used in unit tests. |
47 // Do not call these methods in production code. | 47 // Do not call these methods in production code. |
48 // TODO(juberti): Remove the opportunistic encryption mechanism in | 48 // TODO(juberti): Remove the opportunistic encryption mechanism in |
49 // BasicPacketSocketFactory that uses this function. | 49 // BasicPacketSocketFactory that uses this function. |
50 bool ignore_bad_cert() const { return ignore_bad_cert_; } | 50 virtual void SetIgnoreBadCert(bool ignore) = 0; |
51 void set_ignore_bad_cert(bool ignore) { ignore_bad_cert_ = ignore; } | 51 virtual void SetAlpnProtocols(const std::vector<std::string>& protos) = 0; |
52 | 52 |
53 // Do DTLS or TLS (default is TLS, if unspecified) | 53 // Do DTLS or TLS (default is TLS, if unspecified) |
54 virtual void SetMode(SSLMode mode) = 0; | 54 virtual void SetMode(SSLMode mode) = 0; |
55 | 55 |
56 // Set the certificate this socket will present to incoming clients. | 56 // Set the certificate this socket will present to incoming clients. |
57 virtual void SetIdentity(SSLIdentity* identity) = 0; | 57 virtual void SetIdentity(SSLIdentity* identity) = 0; |
58 | 58 |
59 // Choose whether the socket acts as a server socket or client socket. | 59 // Choose whether the socket acts as a server socket or client socket. |
60 virtual void SetRole(SSLRole role) = 0; | 60 virtual void SetRole(SSLRole role) = 0; |
61 | 61 |
62 // StartSSL returns 0 if successful. | 62 // StartSSL returns 0 if successful. |
63 // If StartSSL is called while the socket is closed or connecting, the SSL | 63 // If StartSSL is called while the socket is closed or connecting, the SSL |
64 // negotiation will begin as soon as the socket connects. | 64 // negotiation will begin as soon as the socket connects. |
65 // TODO(juberti): Remove |restartable|. | 65 // TODO(juberti): Remove |restartable|. |
66 virtual int StartSSL(const char* hostname, bool restartable = false) = 0; | 66 virtual int StartSSL(const char* hostname, bool restartable = false) = 0; |
67 | 67 |
68 // When an SSLAdapterFactory is used, an SSLAdapter may be used to resume | 68 // When an SSLAdapterFactory is used, an SSLAdapter may be used to resume |
69 // a previous SSL session, which results in an abbreviated handshake. | 69 // a previous SSL session, which results in an abbreviated handshake. |
70 // This method, if called after SSL has been established for this adapter, | 70 // This method, if called after SSL has been established for this adapter, |
71 // indicates whether the current session is a resumption of a previous | 71 // indicates whether the current session is a resumption of a previous |
72 // session. | 72 // session. |
73 virtual bool IsResumedSession() = 0; | 73 virtual bool IsResumedSession() = 0; |
74 | 74 |
75 // Create the default SSL adapter for this platform. On failure, returns null | 75 // Create the default SSL adapter for this platform. On failure, returns null |
76 // and deletes |socket|. Otherwise, the returned SSLAdapter takes ownership | 76 // and deletes |socket|. Otherwise, the returned SSLAdapter takes ownership |
77 // of |socket|. | 77 // of |socket|. |
78 static SSLAdapter* Create(AsyncSocket* socket); | 78 static SSLAdapter* Create(AsyncSocket* socket); |
79 | |
80 private: | |
81 // If true, the server certificate need not match the configured hostname. | |
82 bool ignore_bad_cert_ = false; | |
83 }; | 79 }; |
84 | 80 |
85 /////////////////////////////////////////////////////////////////////////////// | 81 /////////////////////////////////////////////////////////////////////////////// |
86 | 82 |
87 typedef bool (*VerificationCallback)(void* cert); | 83 typedef bool (*VerificationCallback)(void* cert); |
88 | 84 |
89 // Call this on the main thread, before using SSL. | 85 // Call this on the main thread, before using SSL. |
90 // Call CleanupSSLThread when finished with SSL. | 86 // Call CleanupSSLThread when finished with SSL. |
91 bool InitializeSSL(VerificationCallback callback = nullptr); | 87 bool InitializeSSL(VerificationCallback callback = nullptr); |
92 | 88 |
93 // Call to initialize additional threads. | 89 // Call to initialize additional threads. |
94 bool InitializeSSLThread(); | 90 bool InitializeSSLThread(); |
95 | 91 |
96 // Call to cleanup additional threads, and also the main thread. | 92 // Call to cleanup additional threads, and also the main thread. |
97 bool CleanupSSL(); | 93 bool CleanupSSL(); |
98 | 94 |
99 } // namespace rtc | 95 } // namespace rtc |
100 | 96 |
101 #endif // WEBRTC_RTC_BASE_SSLADAPTER_H_ | 97 #endif // WEBRTC_RTC_BASE_SSLADAPTER_H_ |
OLD | NEW |