admin/webrtc_m130
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove code interfacing legacy openssl.

Browse Source 
BUG=

Review URL: https://codereview.webrtc.org/1808763002

Cr-Commit-Position: refs/heads/master@{#12041}
This commit is contained in:
torbjorng 2016-03-17 11:53:14 -07:00 committed by Commit bot
parent e0897c043b
commit 4cd331bead
6 changed files with 3 additions and 333 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
webrtc/base/openssl.h
View File

@ -13,8 +13,4 @@
#include <openssl/ssl.h> #include <openssl/ssl.h>
#if (OPENSSL_VERSION_NUMBER < 0x10000000L)
#error OpenSSL is older than 1.0.0, which is the minimum supported version.
#endif
#endif // WEBRTC_BASE_OPENSSL_H_ #endif // WEBRTC_BASE_OPENSSL_H_

121
webrtc/base/openssladapter.cc
View File

@ -40,34 +40,6 @@
#include "webrtc/base/stringutils.h" #include "webrtc/base/stringutils.h"
#include "webrtc/base/thread.h" #include "webrtc/base/thread.h"
#ifndef OPENSSL_IS_BORINGSSL
// TODO: Use a nicer abstraction for mutex.
#if defined(WEBRTC_WIN)
#define MUTEX_TYPE HANDLE
#define MUTEX_SETUP(x) (x) = CreateMutex(NULL, FALSE, NULL)
#define MUTEX_CLEANUP(x) CloseHandle(x)
#define MUTEX_LOCK(x) WaitForSingleObject((x), INFINITE)
#define MUTEX_UNLOCK(x) ReleaseMutex(x)
#define THREAD_ID GetCurrentThreadId()
#elif defined(WEBRTC_POSIX)
#define MUTEX_TYPE pthread_mutex_t
#define MUTEX_SETUP(x) pthread_mutex_init(&(x), NULL)
#define MUTEX_CLEANUP(x) pthread_mutex_destroy(&(x))
#define MUTEX_LOCK(x) pthread_mutex_lock(&(x))
#define MUTEX_UNLOCK(x) pthread_mutex_unlock(&(x))
#define THREAD_ID pthread_self()
#else
#error You must define mutex operations appropriate for your platform!
#endif
struct CRYPTO_dynlock_value {
MUTEX_TYPE mutex;
};
#endif // #ifndef OPENSSL_IS_BORINGSSL
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
// SocketBIO // SocketBIO
////////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////////
@ -177,105 +149,14 @@ static long socket_ctrl(BIO* b, int cmd, long num, void* ptr) {
namespace rtc { namespace rtc {
#ifndef OPENSSL_IS_BORINGSSL
// This array will store all of the mutexes available to OpenSSL.
static MUTEX_TYPE* mutex_buf = NULL;
static void locking_function(int mode, int n, const char * file, int line) {
if (mode & CRYPTO_LOCK) {
MUTEX_LOCK(mutex_buf[n]);
} else {
MUTEX_UNLOCK(mutex_buf[n]);
}
}
static unsigned long id_function() { // NOLINT
// Use old-style C cast because THREAD_ID's type varies with the platform,
// in some cases requiring static_cast, and in others requiring
// reinterpret_cast.
return (unsigned long)THREAD_ID; // NOLINT
}
static CRYPTO_dynlock_value* dyn_create_function(const char* file, int line) {
CRYPTO_dynlock_value* value = new CRYPTO_dynlock_value;
if (!value)
return NULL;
MUTEX_SETUP(value->mutex);
return value;
}
static void dyn_lock_function(int mode, CRYPTO_dynlock_value* l,
const char* file, int line) {
if (mode & CRYPTO_LOCK) {
MUTEX_LOCK(l->mutex);
} else {
MUTEX_UNLOCK(l->mutex);
}
}
static void dyn_destroy_function(CRYPTO_dynlock_value* l,
const char* file, int line) {
MUTEX_CLEANUP(l->mutex);
delete l;
}
#endif // #ifndef OPENSSL_IS_BORINGSSL
VerificationCallback OpenSSLAdapter::custom_verify_callback_ = NULL; VerificationCallback OpenSSLAdapter::custom_verify_callback_ = NULL;
bool OpenSSLAdapter::InitializeSSL(VerificationCallback callback) { bool OpenSSLAdapter::InitializeSSL(VerificationCallback callback) {
if (!InitializeSSLThread() || !SSL_library_init()) CRYPTO_library_init();
return false;
#if !defined(ADDRESS_SANITIZER) || !defined(WEBRTC_MAC) || defined(WEBRTC_IOS)
// Loading the error strings crashes mac_asan. Omit this debugging aid there.
SSL_load_error_strings();
#endif
ERR_load_BIO_strings();
OpenSSL_add_all_algorithms();
RAND_poll();
custom_verify_callback_ = callback; custom_verify_callback_ = callback;
return true; return true;
} }
bool OpenSSLAdapter::InitializeSSLThread() {
// BoringSSL is doing the locking internally, so the callbacks are not used
// in this case (and are no-ops anyways).
#ifndef OPENSSL_IS_BORINGSSL
mutex_buf = new MUTEX_TYPE[CRYPTO_num_locks()];
if (!mutex_buf)
return false;
for (int i = 0; i < CRYPTO_num_locks(); ++i)
MUTEX_SETUP(mutex_buf[i]);
// we need to cast our id_function to return an unsigned long -- pthread_t is
// a pointer
CRYPTO_set_id_callback(id_function);
CRYPTO_set_locking_callback(locking_function);
CRYPTO_set_dynlock_create_callback(dyn_create_function);
CRYPTO_set_dynlock_lock_callback(dyn_lock_function);
CRYPTO_set_dynlock_destroy_callback(dyn_destroy_function);
#endif // #ifndef OPENSSL_IS_BORINGSSL
return true;
}
bool OpenSSLAdapter::CleanupSSL() {
#ifndef OPENSSL_IS_BORINGSSL
if (!mutex_buf)
return false;
CRYPTO_set_id_callback(NULL);
CRYPTO_set_locking_callback(NULL);
CRYPTO_set_dynlock_create_callback(NULL);
CRYPTO_set_dynlock_lock_callback(NULL);
CRYPTO_set_dynlock_destroy_callback(NULL);
for (int i = 0; i < CRYPTO_num_locks(); ++i)
MUTEX_CLEANUP(mutex_buf[i]);
delete [] mutex_buf;
mutex_buf = NULL;
#endif // #ifndef OPENSSL_IS_BORINGSSL
return true;
}
OpenSSLAdapter::OpenSSLAdapter(AsyncSocket* socket) OpenSSLAdapter::OpenSSLAdapter(AsyncSocket* socket)
: SSLAdapter(socket), : SSLAdapter(socket),
state_(SSL_NONE), state_(SSL_NONE),

2
webrtc/base/openssladapter.h
View File

@ -27,8 +27,6 @@ namespace rtc {
class OpenSSLAdapter : public SSLAdapter, public MessageHandler { class OpenSSLAdapter : public SSLAdapter, public MessageHandler {
public: public:
static bool InitializeSSL(VerificationCallback callback); static bool InitializeSSL(VerificationCallback callback);
static bool InitializeSSLThread();
static bool CleanupSSL();
OpenSSLAdapter(AsyncSocket* socket); OpenSSLAdapter(AsyncSocket* socket);
~OpenSSLAdapter() override; ~OpenSSLAdapter() override;

8
webrtc/base/opensslidentity.cc
View File

@ -174,11 +174,7 @@ OpenSSLKeyPair* OpenSSLKeyPair::GetReference() {
} }
void OpenSSLKeyPair::AddReference() { void OpenSSLKeyPair::AddReference() {
#if defined(OPENSSL_IS_BORINGSSL)
EVP_PKEY_up_ref(pkey_); EVP_PKEY_up_ref(pkey_);
#else
CRYPTO_add(&pkey_->references, 1, CRYPTO_LOCK_EVP_PKEY);
#endif
} }
#if !defined(NDEBUG) #if !defined(NDEBUG)
@ -361,11 +357,7 @@ void OpenSSLCertificate::ToDER(Buffer* der_buffer) const {
void OpenSSLCertificate::AddReference() const { void OpenSSLCertificate::AddReference() const {
ASSERT(x509_ != NULL); ASSERT(x509_ != NULL);
#if defined(OPENSSL_IS_BORINGSSL)
X509_up_ref(x509_); X509_up_ref(x509_);
#else
CRYPTO_add(&x509_->references, 1, CRYPTO_LOCK_X509);
#endif
} }
// Documented in sslidentity.h. // Documented in sslidentity.h.

189
webrtc/base/opensslstreamadapter.cc
View File

@ -38,11 +38,6 @@
namespace rtc { namespace rtc {
#if (OPENSSL_VERSION_NUMBER >= 0x10001000L)
#define HAVE_DTLS_SRTP
#endif
#ifdef HAVE_DTLS_SRTP
// SRTP cipher suite table. |internal_name| is used to construct a // SRTP cipher suite table. |internal_name| is used to construct a
// colon-separated profile strings which is needed by // colon-separated profile strings which is needed by
// SSL_CTX_set_tlsext_use_srtp(). // SSL_CTX_set_tlsext_use_srtp().
@ -56,90 +51,6 @@ static SrtpCipherMapEntry SrtpCipherMap[] = {
{"SRTP_AES128_CM_SHA1_80", SRTP_AES128_CM_SHA1_80}, {"SRTP_AES128_CM_SHA1_80", SRTP_AES128_CM_SHA1_80},
{"SRTP_AES128_CM_SHA1_32", SRTP_AES128_CM_SHA1_32}, {"SRTP_AES128_CM_SHA1_32", SRTP_AES128_CM_SHA1_32},
{nullptr, 0}}; {nullptr, 0}};
#endif
#ifndef OPENSSL_IS_BORINGSSL
// Cipher name table. Maps internal OpenSSL cipher ids to the RFC name.
struct SslCipherMapEntry {
uint32_t openssl_id;
const char* rfc_name;
};
#define DEFINE_CIPHER_ENTRY_SSL3(name) {SSL3_CK_##name, "TLS_"#name}
#define DEFINE_CIPHER_ENTRY_TLS1(name) {TLS1_CK_##name, "TLS_"#name}
// There currently is no method available to get a RFC-compliant name for a
// cipher suite from BoringSSL, so we need to define the mapping manually here.
// This should go away once BoringSSL supports "SSL_CIPHER_standard_name"
// (as available in OpenSSL if compiled with tracing enabled) or a similar
// method.
static const SslCipherMapEntry kSslCipherMap[] = {
// TLS v1.0 ciphersuites from RFC2246.
DEFINE_CIPHER_ENTRY_SSL3(RSA_RC4_128_SHA),
{SSL3_CK_RSA_DES_192_CBC3_SHA,
"TLS_RSA_WITH_3DES_EDE_CBC_SHA"},
// AES ciphersuites from RFC3268.
{TLS1_CK_RSA_WITH_AES_128_SHA,
"TLS_RSA_WITH_AES_128_CBC_SHA"},
{TLS1_CK_DHE_RSA_WITH_AES_128_SHA,
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA"},
{TLS1_CK_RSA_WITH_AES_256_SHA,
"TLS_RSA_WITH_AES_256_CBC_SHA"},
{TLS1_CK_DHE_RSA_WITH_AES_256_SHA,
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA"},
// ECC ciphersuites from RFC4492.
DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_RC4_128_SHA),
{TLS1_CK_ECDHE_ECDSA_WITH_DES_192_CBC3_SHA,
"TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"},
DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_128_CBC_SHA),
DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_256_CBC_SHA),
DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_RC4_128_SHA),
{TLS1_CK_ECDHE_RSA_WITH_DES_192_CBC3_SHA,
"TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"},
DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_128_CBC_SHA),
DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_256_CBC_SHA),
// TLS v1.2 ciphersuites.
{TLS1_CK_RSA_WITH_AES_128_SHA256,
"TLS_RSA_WITH_AES_128_CBC_SHA256"},
{TLS1_CK_RSA_WITH_AES_256_SHA256,
"TLS_RSA_WITH_AES_256_CBC_SHA256"},
{TLS1_CK_DHE_RSA_WITH_AES_128_SHA256,
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"},
{TLS1_CK_DHE_RSA_WITH_AES_256_SHA256,
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"},
// TLS v1.2 GCM ciphersuites from RFC5288.
DEFINE_CIPHER_ENTRY_TLS1(RSA_WITH_AES_128_GCM_SHA256),
DEFINE_CIPHER_ENTRY_TLS1(RSA_WITH_AES_256_GCM_SHA384),
DEFINE_CIPHER_ENTRY_TLS1(DHE_RSA_WITH_AES_128_GCM_SHA256),
DEFINE_CIPHER_ENTRY_TLS1(DHE_RSA_WITH_AES_256_GCM_SHA384),
DEFINE_CIPHER_ENTRY_TLS1(DH_RSA_WITH_AES_128_GCM_SHA256),
DEFINE_CIPHER_ENTRY_TLS1(DH_RSA_WITH_AES_256_GCM_SHA384),
// ECDH HMAC based ciphersuites from RFC5289.
{TLS1_CK_ECDHE_ECDSA_WITH_AES_128_SHA256,
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"},
{TLS1_CK_ECDHE_ECDSA_WITH_AES_256_SHA384,
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"},
{TLS1_CK_ECDHE_RSA_WITH_AES_128_SHA256,
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"},
{TLS1_CK_ECDHE_RSA_WITH_AES_256_SHA384,
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"},
// ECDH GCM based ciphersuites from RFC5289.
DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_128_GCM_SHA256),
DEFINE_CIPHER_ENTRY_TLS1(ECDHE_ECDSA_WITH_AES_256_GCM_SHA384),
DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_128_GCM_SHA256),
DEFINE_CIPHER_ENTRY_TLS1(ECDHE_RSA_WITH_AES_256_GCM_SHA384),
{0, NULL}
};
#endif // #ifndef OPENSSL_IS_BORINGSSL
#if defined(_MSC_VER) #if defined(_MSC_VER)
#pragma warning(push) #pragma warning(push)
@ -326,7 +237,6 @@ bool OpenSSLStreamAdapter::SetPeerCertificateDigest(const std::string
} }
std::string OpenSSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) { std::string OpenSSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) {
#ifdef OPENSSL_IS_BORINGSSL
const SSL_CIPHER* ssl_cipher = SSL_get_cipher_by_value(cipher_suite); const SSL_CIPHER* ssl_cipher = SSL_get_cipher_by_value(cipher_suite);
if (!ssl_cipher) { if (!ssl_cipher) {
return std::string(); return std::string();
@ -335,15 +245,6 @@ std::string OpenSSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) {
std::string rfc_name = std::string(cipher_name); std::string rfc_name = std::string(cipher_name);
OPENSSL_free(cipher_name); OPENSSL_free(cipher_name);
return rfc_name; return rfc_name;
#else
for (const SslCipherMapEntry* entry = kSslCipherMap; entry->rfc_name;
++entry) {
if (cipher_suite == static_cast<int>(entry->openssl_id)) {
return entry->rfc_name;
}
}
return std::string();
#endif
} }
bool OpenSSLStreamAdapter::GetSslCipherSuite(int* cipher_suite) { bool OpenSSLStreamAdapter::GetSslCipherSuite(int* cipher_suite) {
@ -388,7 +289,6 @@ bool OpenSSLStreamAdapter::ExportKeyingMaterial(const std::string& label,
bool use_context, bool use_context,
uint8_t* result, uint8_t* result,
size_t result_len) { size_t result_len) {
#ifdef HAVE_DTLS_SRTP
int i; int i;
i = SSL_export_keying_material(ssl_, result, result_len, label.c_str(), i = SSL_export_keying_material(ssl_, result, result_len, label.c_str(),
@ -399,14 +299,10 @@ bool OpenSSLStreamAdapter::ExportKeyingMaterial(const std::string& label,
return false; return false;
return true; return true;
#else
return false;
#endif
} }
bool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites( bool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites(
const std::vector<int>& ciphers) { const std::vector<int>& ciphers) {
#ifdef HAVE_DTLS_SRTP
std::string internal_ciphers; std::string internal_ciphers;
if (state_ != SSL_NONE) if (state_ != SSL_NONE)
@ -437,13 +333,9 @@ bool OpenSSLStreamAdapter::SetDtlsSrtpCryptoSuites(
srtp_ciphers_ = internal_ciphers; srtp_ciphers_ = internal_ciphers;
return true; return true;
#else
return false;
#endif
} }
bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) { bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) {
#ifdef HAVE_DTLS_SRTP
ASSERT(state_ == SSL_CONNECTED); ASSERT(state_ == SSL_CONNECTED);
if (state_ != SSL_CONNECTED) if (state_ != SSL_CONNECTED)
return false; return false;
@ -457,9 +349,6 @@ bool OpenSSLStreamAdapter::GetDtlsSrtpCryptoSuite(int* crypto_suite) {
*crypto_suite = srtp_profile->id; *crypto_suite = srtp_profile->id;
ASSERT(!SrtpCryptoSuiteToName(*crypto_suite).empty()); ASSERT(!SrtpCryptoSuiteToName(*crypto_suite).empty());
return true; return true;
#else
return false;
#endif
} }
int OpenSSLStreamAdapter::StartSSLWithServer(const char* server_name) { int OpenSSLStreamAdapter::StartSSLWithServer(const char* server_name) {
@ -772,13 +661,6 @@ int OpenSSLStreamAdapter::BeginSSL() {
SSL_set_app_data(ssl_, this); SSL_set_app_data(ssl_, this);
SSL_set_bio(ssl_, bio, bio); // the SSL object owns the bio now. SSL_set_bio(ssl_, bio, bio); // the SSL object owns the bio now.
#ifndef OPENSSL_IS_BORINGSSL
if (ssl_mode_ == SSL_MODE_DTLS) {
// Enable read-ahead for DTLS so whole packets are read from internal BIO
// before parsing. This is done internally by BoringSSL for DTLS.
SSL_set_read_ahead(ssl_, 1);
}
#endif
SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_set_mode(ssl_, SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
@ -898,73 +780,13 @@ void OpenSSLStreamAdapter::OnMessage(Message* msg) {
SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() { SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() {
SSL_CTX *ctx = NULL; SSL_CTX *ctx = NULL;
#ifdef OPENSSL_IS_BORINGSSL
ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? ctx = SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ?
DTLS_method() : TLS_method()); DTLS_method() : TLS_method());
// Version limiting for BoringSSL will be done below. // Version limiting for BoringSSL will be done below.
#else
const SSL_METHOD* method;
switch (ssl_max_version_) {
case SSL_PROTOCOL_TLS_10:
case SSL_PROTOCOL_TLS_11:
// OpenSSL doesn't support setting min/max versions, so we always use
// (D)TLS 1.0 if a max. version below the max. available is requested.
if (ssl_mode_ == SSL_MODE_DTLS) {
if (role_ == SSL_CLIENT) {
method = DTLSv1_client_method();
} else {
method = DTLSv1_server_method();
}
} else {
if (role_ == SSL_CLIENT) {
method = TLSv1_client_method();
} else {
method = TLSv1_server_method();
}
}
break;
case SSL_PROTOCOL_TLS_12:
default:
if (ssl_mode_ == SSL_MODE_DTLS) {
#if (OPENSSL_VERSION_NUMBER >= 0x10002000L)
// DTLS 1.2 only available starting from OpenSSL 1.0.2
if (role_ == SSL_CLIENT) {
method = DTLS_client_method();
} else {
method = DTLS_server_method();
}
#else
if (role_ == SSL_CLIENT) {
method = DTLSv1_client_method();
} else {
method = DTLSv1_server_method();
}
#endif
} else {
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
// New API only available starting from OpenSSL 1.1.0
if (role_ == SSL_CLIENT) {
method = TLS_client_method();
} else {
method = TLS_server_method();
}
#else
if (role_ == SSL_CLIENT) {
method = SSLv23_client_method();
} else {
method = SSLv23_server_method();
}
#endif
}
break;
}
ctx = SSL_CTX_new(method);
#endif // OPENSSL_IS_BORINGSSL
if (ctx == NULL) if (ctx == NULL)
return NULL; return NULL;
#ifdef OPENSSL_IS_BORINGSSL
SSL_CTX_set_min_version(ctx, ssl_mode_ == SSL_MODE_DTLS ? SSL_CTX_set_min_version(ctx, ssl_mode_ == SSL_MODE_DTLS ?
DTLS1_VERSION : TLS1_VERSION); DTLS1_VERSION : TLS1_VERSION);
switch (ssl_max_version_) { switch (ssl_max_version_) {
@ -982,7 +804,6 @@ SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() {
DTLS1_2_VERSION : TLS1_2_VERSION); DTLS1_2_VERSION : TLS1_2_VERSION);
break; break;
} }
#endif
if (identity_ && !identity_->ConfigureIdentity(ctx)) { if (identity_ && !identity_->ConfigureIdentity(ctx)) {
SSL_CTX_free(ctx); SSL_CTX_free(ctx);
@ -1010,14 +831,12 @@ SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() {
SSL_CTX_set_cipher_list(ctx, SSL_CTX_set_cipher_list(ctx,
"DEFAULT:!NULL:!aNULL:!SHA256:!SHA384:!aECDH:!AESGCM+AES256:!aPSK"); "DEFAULT:!NULL:!aNULL:!SHA256:!SHA384:!aECDH:!AESGCM+AES256:!aPSK");
#ifdef HAVE_DTLS_SRTP
if (!srtp_ciphers_.empty()) { if (!srtp_ciphers_.empty()) {
if (SSL_CTX_set_tlsext_use_srtp(ctx, srtp_ciphers_.c_str())) { if (SSL_CTX_set_tlsext_use_srtp(ctx, srtp_ciphers_.c_str())) {
SSL_CTX_free(ctx); SSL_CTX_free(ctx);
return NULL; return NULL;
} }
} }
#endif
return ctx; return ctx;
} }
@ -1109,19 +928,11 @@ bool OpenSSLStreamAdapter::HaveDtls() {
} }
bool OpenSSLStreamAdapter::HaveDtlsSrtp() { bool OpenSSLStreamAdapter::HaveDtlsSrtp() {
#ifdef HAVE_DTLS_SRTP
return true; return true;
#else
return false;
#endif
} }
bool OpenSSLStreamAdapter::HaveExporter() { bool OpenSSLStreamAdapter::HaveExporter() {
#ifdef HAVE_DTLS_SRTP
return true; return true;
#else
return false;
#endif
} }
#define CDEF(X) \ #define CDEF(X) \

12
webrtc/base/ssladapter.cc
View File

@ -44,20 +44,14 @@ bool InitializeSSL(VerificationCallback callback) {
return OpenSSLAdapter::InitializeSSL(callback); return OpenSSLAdapter::InitializeSSL(callback);
} }
bool InitializeSSLThread() {
return OpenSSLAdapter::InitializeSSLThread();
}
bool CleanupSSL() {
return OpenSSLAdapter::CleanupSSL();
}
#else // !SSL_USE_OPENSSL #else // !SSL_USE_OPENSSL
bool InitializeSSL(VerificationCallback callback) { bool InitializeSSL(VerificationCallback callback) {
return true; return true;
} }
#endif // SSL_USE_OPENSSL
bool InitializeSSLThread() { bool InitializeSSLThread() {
return true; return true;
} }
@ -66,8 +60,6 @@ bool CleanupSSL() {
return true; return true;
} }
#endif // SSL_USE_OPENSSL
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
} // namespace rtc } // namespace rtc