Only use BoringSSL time callback in unit tests.

The actual time used in production code should honor the epoch time.

BUG=webrtc:6737

Review-Url: https://codereview.webrtc.org/2526433002
Cr-Commit-Position: refs/heads/master@{#15282}

webrtc/base/opensslstreamadapter.cc

@@ -38,6 +38,10 @@
 #include "webrtc/base/timeutils.h"
 #include "webrtc/base/thread.h"
 
+namespace {
+  bool g_use_time_callback_for_testing = false;
+}
+
 namespace rtc {
 
 #if (OPENSSL_VERSION_NUMBER >= 0x10001000L)
@@ -63,7 +67,8 @@ static SrtpCipherMapEntry SrtpCipherMap[] = {
 #endif
 
 #ifdef OPENSSL_IS_BORINGSSL
-static void TimeCallback(const SSL* ssl, struct timeval* out_clock) {
+// Not used in production code. Actual time should be relative to Jan 1, 1970.
+static void TimeCallbackForTesting(const SSL* ssl, struct timeval* out_clock) {
   int64_t time = TimeNanos();
   out_clock->tv_sec = time / kNumNanosecsPerSec;
   out_clock->tv_usec = (time % kNumNanosecsPerSec) / kNumNanosecsPerMicrosec;
@@ -1059,10 +1064,9 @@ SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() {
           DTLS1_2_VERSION : TLS1_2_VERSION);
       break;
   }
-  // Set a time callback for BoringSSL because:
-  // 1. Our time function is more accurate (doesn't just use gettimeofday).
-  // 2. This allows us to inject a fake clock for testing.
-  SSL_CTX_set_current_time_cb(ctx, &TimeCallback);
+  if (g_use_time_callback_for_testing) {
+    SSL_CTX_set_current_time_cb(ctx, &TimeCallbackForTesting);
+  }
 #endif
 
   if (identity_ && !identity_->ConfigureIdentity(ctx)) {
@@ -1263,6 +1267,10 @@ bool OpenSSLStreamAdapter::IsAcceptableCipher(const std::string& cipher,
   return false;
 }
 
+void OpenSSLStreamAdapter::enable_time_callback_for_testing() {
+  g_use_time_callback_for_testing = true;
+}
+
 }  // namespace rtc
 
 #endif  // HAVE_OPENSSL_SSL_H

webrtc/base/opensslstreamadapter.h

@@ -118,6 +118,10 @@ class OpenSSLStreamAdapter : public SSLStreamAdapter {
   static bool IsAcceptableCipher(int cipher, KeyType key_type);
   static bool IsAcceptableCipher(const std::string& cipher, KeyType key_type);
 
+  // Use our timeutils.h source of timing in BoringSSL, allowing us to test
+  // using a fake clock.
+  static void enable_time_callback_for_testing();
+
  protected:
   void OnEvent(StreamInterface* stream, int events, int err) override;
 

webrtc/base/sslstreamadapter.cc

@@ -160,6 +160,9 @@ bool SSLStreamAdapter::IsAcceptableCipher(const std::string& cipher,
 std::string SSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) {
   return OpenSSLStreamAdapter::SslCipherSuiteToName(cipher_suite);
 }
+void SSLStreamAdapter::enable_time_callback_for_testing() {
+  OpenSSLStreamAdapter::enable_time_callback_for_testing();
+}
 #endif  // SSL_USE_OPENSSL
 
 ///////////////////////////////////////////////////////////////////////////////

webrtc/base/sslstreamadapter.h

@@ -244,6 +244,10 @@ class SSLStreamAdapter : public StreamAdapterInterface {
   // depending on specific SSL implementation.
   static std::string SslCipherSuiteToName(int cipher_suite);
 
+  // Use our timeutils.h source of timing in BoringSSL, allowing us to test
+  // using a fake clock.
+  static void enable_time_callback_for_testing();
+
   sigslot::signal1<SSLHandshakeError> SignalSSLHandshakeError;
 
  private:

webrtc/base/unittest_main.cc

@@ -19,6 +19,7 @@
 #include "webrtc/base/gunit.h"
 #include "webrtc/base/logging.h"
 #include "webrtc/base/ssladapter.h"
+#include "webrtc/base/sslstreamadapter.h"
 #include "webrtc/test/field_trial.h"
 #include "webrtc/test/testsupport/fileutils.h"
 
@@ -103,6 +104,7 @@ int main(int argc, char** argv) {
 
   // Initialize SSL which are used by several tests.
   rtc::InitializeSSL();
+  rtc::SSLStreamAdapter::enable_time_callback_for_testing();
 
   int res = RUN_ALL_TESTS();