admin/webrtc_m130
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Measure usage of fingerprints with SHA-1 certificates

Browse Source 
at time of connect. This may allow deprecating SHA-1 which
is no longer used by browsers and not supported by the JS
API.

BUG=None

Change-Id: Iae1d800a61d46e0dcdb622ccb009acc6fb7db53f
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/327540
Commit-Queue: Philipp Hancke <phancke@microsoft.com>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Johannes Kron <kron@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#41187}
This commit is contained in:
Philipp Hancke 2023-11-15 15:23:06 +01:00 committed by WebRTC LUCI CQ
parent 4e1e5eae9e
commit 0967247662
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
pc/peer_connection.cc
View File

@ -2032,13 +2032,13 @@ void PeerConnection::ReportFirstConnectUsageMetrics() {
RTC_HISTOGRAM_ENUMERATION("WebRTC.PeerConnection.ProvisionalAnswer", pranswer, RTC_HISTOGRAM_ENUMERATION("WebRTC.PeerConnection.ProvisionalAnswer", pranswer,
kProvisionalAnswerMax); kProvisionalAnswerMax);
// Record the number of valid / invalid ice-ufrag. We do allow certain
// non-spec ice-char for backward-compat reasons. At this point we know
// that the ufrag/pwd consists of a valid ice-char or one of the four
// not allowed characters since we have passed the IsIceChar check done
// by the p2p transport description on setRemoteDescription calls.
auto transport_infos = remote_description()->description()->transport_infos(); auto transport_infos = remote_description()->description()->transport_infos();
if (transport_infos.size() > 0) { if (!transport_infos.empty()) {
// Record the number of valid / invalid ice-ufrag. We do allow certain
// non-spec ice-char for backward-compat reasons. At this point we know
// that the ufrag/pwd consists of a valid ice-char or one of the four
// not allowed characters since we have passed the IsIceChar check done
// by the p2p transport description on setRemoteDescription calls.
auto ice_parameters = transport_infos[0].description.GetIceParameters(); auto ice_parameters = transport_infos[0].description.GetIceParameters();
auto is_invalid_char = [](char c) { auto is_invalid_char = [](char c) {
return c == '-' || c == '=' || c == '#' || c == '_'; return c == '-' || c == '=' || c == '#' || c == '_';
@ -2050,6 +2050,16 @@ void PeerConnection::ReportFirstConnectUsageMetrics() {
RTC_HISTOGRAM_BOOLEAN( RTC_HISTOGRAM_BOOLEAN(
"WebRTC.PeerConnection.ValidIceChars", "WebRTC.PeerConnection.ValidIceChars",
!(isUsingInvalidIceCharInUfrag || isUsingInvalidIceCharInPwd)); !(isUsingInvalidIceCharInUfrag || isUsingInvalidIceCharInPwd));
// Record whether the hash algorithm of the first transport's
// DTLS fingerprint is still using SHA-1.
if (transport_infos[0].description.identity_fingerprint) {
RTC_HISTOGRAM_BOOLEAN(
"WebRTC.PeerConnection.DtlsFingerprintLegacySha1",
absl::EqualsIgnoreCase(
transport_infos[0].description.identity_fingerprint->algorithm,
"sha-1"));
}
} }
// Record RtcpMuxPolicy setting. // Record RtcpMuxPolicy setting.