Only use BoringSSL time callback in unit tests.

The actual time used in production code should honor the epoch time.

BUG=webrtc:6737

Review-Url: https://codereview.webrtc.org/2526433002
Cr-Commit-Position: refs/heads/master@{#15282}
This commit is contained in:
deadbeef 2016-11-28 17:38:34 -08:00 committed by Commit bot
parent 352444fcac
commit 6cf94a0118
5 changed files with 26 additions and 5 deletions

View File

@ -38,6 +38,10 @@
#include "webrtc/base/timeutils.h"
#include "webrtc/base/thread.h"
namespace {
bool g_use_time_callback_for_testing = false;
}
namespace rtc {
#if (OPENSSL_VERSION_NUMBER >= 0x10001000L)
@ -63,7 +67,8 @@ static SrtpCipherMapEntry SrtpCipherMap[] = {
#endif
#ifdef OPENSSL_IS_BORINGSSL
static void TimeCallback(const SSL* ssl, struct timeval* out_clock) {
// Not used in production code. Actual time should be relative to Jan 1, 1970.
static void TimeCallbackForTesting(const SSL* ssl, struct timeval* out_clock) {
int64_t time = TimeNanos();
out_clock->tv_sec = time / kNumNanosecsPerSec;
out_clock->tv_usec = (time % kNumNanosecsPerSec) / kNumNanosecsPerMicrosec;
@ -1059,10 +1064,9 @@ SSL_CTX* OpenSSLStreamAdapter::SetupSSLContext() {
DTLS1_2_VERSION : TLS1_2_VERSION);
break;
}
// Set a time callback for BoringSSL because:
// 1. Our time function is more accurate (doesn't just use gettimeofday).
// 2. This allows us to inject a fake clock for testing.
SSL_CTX_set_current_time_cb(ctx, &TimeCallback);
if (g_use_time_callback_for_testing) {
SSL_CTX_set_current_time_cb(ctx, &TimeCallbackForTesting);
}
#endif
if (identity_ && !identity_->ConfigureIdentity(ctx)) {
@ -1263,6 +1267,10 @@ bool OpenSSLStreamAdapter::IsAcceptableCipher(const std::string& cipher,
return false;
}
void OpenSSLStreamAdapter::enable_time_callback_for_testing() {
g_use_time_callback_for_testing = true;
}
} // namespace rtc
#endif // HAVE_OPENSSL_SSL_H

View File

@ -118,6 +118,10 @@ class OpenSSLStreamAdapter : public SSLStreamAdapter {
static bool IsAcceptableCipher(int cipher, KeyType key_type);
static bool IsAcceptableCipher(const std::string& cipher, KeyType key_type);
// Use our timeutils.h source of timing in BoringSSL, allowing us to test
// using a fake clock.
static void enable_time_callback_for_testing();
protected:
void OnEvent(StreamInterface* stream, int events, int err) override;

View File

@ -160,6 +160,9 @@ bool SSLStreamAdapter::IsAcceptableCipher(const std::string& cipher,
std::string SSLStreamAdapter::SslCipherSuiteToName(int cipher_suite) {
return OpenSSLStreamAdapter::SslCipherSuiteToName(cipher_suite);
}
void SSLStreamAdapter::enable_time_callback_for_testing() {
OpenSSLStreamAdapter::enable_time_callback_for_testing();
}
#endif // SSL_USE_OPENSSL
///////////////////////////////////////////////////////////////////////////////

View File

@ -244,6 +244,10 @@ class SSLStreamAdapter : public StreamAdapterInterface {
// depending on specific SSL implementation.
static std::string SslCipherSuiteToName(int cipher_suite);
// Use our timeutils.h source of timing in BoringSSL, allowing us to test
// using a fake clock.
static void enable_time_callback_for_testing();
sigslot::signal1<SSLHandshakeError> SignalSSLHandshakeError;
private:

View File

@ -19,6 +19,7 @@
#include "webrtc/base/gunit.h"
#include "webrtc/base/logging.h"
#include "webrtc/base/ssladapter.h"
#include "webrtc/base/sslstreamadapter.h"
#include "webrtc/test/field_trial.h"
#include "webrtc/test/testsupport/fileutils.h"
@ -103,6 +104,7 @@ int main(int argc, char** argv) {
// Initialize SSL which are used by several tests.
rtc::InitializeSSL();
rtc::SSLStreamAdapter::enable_time_callback_for_testing();
int res = RUN_ALL_TESTS();