admin/webrtc_m130
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert of Replacing DtlsIdentityStoreInterface with RTCCertificateGeneratorInterface. (patchset #2 id:20001 of https://codereview.webrtc.org/2013523002/ )

Browse Source 
Reason for revert:
There are more CreatePeerConnection calls than I anticipated/had found in Chromium, like remoting/protocol/webrtc_transport.cc. Reverting due to broken Chromium FYI bots.

Original issue's description:
> Replacing DtlsIdentityStoreInterface with RTCCertificateGeneratorInterface.
>
> The store was used in WebRtcSessionDescriptionFactory to generate certificates,
> now a generator is used instead (new API). PeerConnection[Factory][Interface],
> and WebRtcSession are updated to pass generators all the way down to the
> WebRtcSessionDescriptionFactory instead of stores.
>
> The webrtc implementation of a generator, RTCCertificateGenerator, is used as
> the default generator (peerconnectionfactory.cc:189) instead of the webrtc
> implementation of a store, DtlsIdentityStoreImpl.
>   The generator is fully parameterized and does not generate RSA-1024 unless you
> ask for it (which makes sense not to do beforehand since ECDSA is now default).
> The store was not fully parameterized (known filed bug).
>
> The "top" layer, PeerConnectionFactoryInterface::CreatePeerConnection, is
> updated to take a generator instead of a store. But as to not break Chromium,
> the old function signature taking a store is kept. It is implemented to invoke
> the generator version by wrapping the store in an
> RTCCertificateGeneratorStoreWrapper. As soon as Chromium is updated to use the
> new function signature we can remove the old CreatePeerConnection.
>   Due to having multiple CreatePeerConnection signatures, some calling places
> are updated to resolve the ambiguity introduced.
>
> BUG=webrtc:5707, webrtc:5708
> R=phoglund@webrtc.org, tommi@webrtc.org
> TBR=tkchin@webrc.org
>
> Committed: 400781a209

TBR=tkchin@webrtc.org,tommi@webrtc.org,phoglund@webrtc.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=webrtc:5707, webrtc:5708

Review-Url: https://codereview.webrtc.org/2020633002
Cr-Commit-Position: refs/heads/master@{#12948}
This commit is contained in:
hbos 2016-05-27 06:08:53 -07:00 committed by Commit bot
parent 400781a209
commit d7973ccdb5
16 changed files with 183 additions and 208 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
talk/app/webrtc/objc/RTCPeerConnection.mm
View File

@ -279,11 +279,7 @@ class RTCStatsObserver : public StatsObserver {
config.servers = iceServers;
_observer.reset(new webrtc::RTCPeerConnectionObserver(self));
_peerConnection = factory->CreatePeerConnection(
config,
constraints,
nullptr,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface>(),
_observer.get());
config, constraints, nullptr, nullptr, _observer.get());
_localStreams = [[NSMutableArray alloc] init];
}
return self;
@ -297,12 +293,7 @@ class RTCStatsObserver : public StatsObserver {
if (self = [super init]) {
_observer.reset(new webrtc::RTCPeerConnectionObserver(self));
_peerConnection =
factory->CreatePeerConnection(
config,
constraints,
nullptr,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface>(),
_observer.get());
factory->CreatePeerConnection(config, constraints, nullptr, nullptr, _observer.get());
_localStreams = [[NSMutableArray alloc] init];
_delegate = delegate;
}

6
webrtc/api/java/jni/peerconnection_jni.cc
View File

@ -1603,11 +1603,7 @@ JOW(jlong, PeerConnectionFactory_nativeCreatePeerConnection)(
PCOJava* observer = reinterpret_cast<PCOJava*>(observer_p);
observer->SetConstraints(new ConstraintsWrapper(jni, j_constraints));
rtc::scoped_refptr<PeerConnectionInterface> pc(f->CreatePeerConnection(
rtc_config,
observer->constraints(),
nullptr,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface>(),
observer));
rtc_config, observer->constraints(), NULL, NULL, observer));
return (jlong)pc.release();
}

4
webrtc/api/peerconnection.cc
View File

@ -566,7 +566,7 @@ PeerConnection::~PeerConnection() {
bool PeerConnection::Initialize(
const PeerConnectionInterface::RTCConfiguration& configuration,
std::unique_ptr<cricket::PortAllocator> allocator,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
PeerConnectionObserver* observer) {
TRACE_EVENT0("webrtc", "PeerConnection::Initialize");
RTC_DCHECK(observer != nullptr);
@ -594,7 +594,7 @@ bool PeerConnection::Initialize(
stats_.reset(new StatsCollector(this));
// Initialize the WebRtcSession. It creates transport channels etc.
if (!session_->Initialize(factory_->options(), std::move(cert_generator),
if (!session_->Initialize(factory_->options(), std::move(dtls_identity_store),
configuration)) {
return false;
}

3
webrtc/api/peerconnection.h
View File

@ -16,6 +16,7 @@
#include <memory>
#include <vector>
#include "webrtc/api/dtlsidentitystore.h"
#include "webrtc/api/peerconnectionfactory.h"
#include "webrtc/api/peerconnectioninterface.h"
#include "webrtc/api/rtpreceiverinterface.h"
@ -69,7 +70,7 @@ class PeerConnection : public PeerConnectionInterface,
bool Initialize(
const PeerConnectionInterface::RTCConfiguration& configuration,
std::unique_ptr<cricket::PortAllocator> allocator,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
PeerConnectionObserver* observer);
rtc::scoped_refptr<StreamCollectionInterface> local_streams() override;

50
webrtc/api/peerconnectionfactory.cc
View File

@ -36,27 +36,25 @@ namespace webrtc {
namespace {
// Passes down the calls to |cert_generator_|. See usage in
// |CreatePeerConnection|.
class RTCCertificateGeneratorWrapper
: public rtc::RTCCertificateGeneratorInterface {
// Passes down the calls to |store_|. See usage in CreatePeerConnection.
class DtlsIdentityStoreWrapper : public DtlsIdentityStoreInterface {
public:
RTCCertificateGeneratorWrapper(
const rtc::scoped_refptr<RefCountedRTCCertificateGenerator>& cert_gen)
: cert_generator_(cert_gen) {
RTC_DCHECK(cert_generator_);
DtlsIdentityStoreWrapper(
const rtc::scoped_refptr<RefCountedDtlsIdentityStore>& store)
: store_(store) {
RTC_DCHECK(store_);
}
void GenerateCertificateAsync(
void RequestIdentity(
const rtc::KeyParams& key_params,
const rtc::Optional<uint64_t>& expires_ms,
const rtc::scoped_refptr<rtc::RTCCertificateGeneratorCallback>& callback)
override {
cert_generator_->GenerateCertificateAsync(key_params, expires_ms, callback);
const rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>&
observer) override {
store_->RequestIdentity(key_params, expires_ms, observer);
}
private:
rtc::scoped_refptr<RefCountedRTCCertificateGenerator> cert_generator_;
rtc::scoped_refptr<RefCountedDtlsIdentityStore> store_;
};
} // anonymous namespace
@ -143,9 +141,9 @@ PeerConnectionFactory::~PeerConnectionFactory() {
channel_manager_.reset(nullptr);
// Make sure |worker_thread_| and |signaling_thread_| outlive
// |cert_generator_|, |default_socket_factory_| and
// |dtls_identity_store_|, |default_socket_factory_| and
// |default_network_manager_|.
cert_generator_ = nullptr;
dtls_identity_store_ = nullptr;
default_socket_factory_ = nullptr;
default_network_manager_ = nullptr;
@ -186,8 +184,8 @@ bool PeerConnectionFactory::Initialize() {
return false;
}
cert_generator_ =
new RefCountedRTCCertificateGenerator(signaling_thread_, network_thread_);
dtls_identity_store_ =
new RefCountedDtlsIdentityStore(signaling_thread_, network_thread_);
return true;
}
@ -257,7 +255,7 @@ PeerConnectionFactory::CreatePeerConnection(
const PeerConnectionInterface::RTCConfiguration& configuration_in,
const MediaConstraintsInterface* constraints,
std::unique_ptr<cricket::PortAllocator> allocator,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
PeerConnectionObserver* observer) {
RTC_DCHECK(signaling_thread_->IsCurrent());
@ -266,23 +264,23 @@ PeerConnectionFactory::CreatePeerConnection(
CopyConstraintsIntoRtcConfiguration(constraints, &configuration);
return CreatePeerConnection(configuration, std::move(allocator),
std::move(cert_generator), observer);
std::move(dtls_identity_store), observer);
}
rtc::scoped_refptr<PeerConnectionInterface>
PeerConnectionFactory::CreatePeerConnection(
const PeerConnectionInterface::RTCConfiguration& configuration,
std::unique_ptr<cricket::PortAllocator> allocator,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
PeerConnectionObserver* observer) {
RTC_DCHECK(signaling_thread_->IsCurrent());
if (!cert_generator.get()) {
// Because |pc|->Initialize takes ownership of the generator we need a new
if (!dtls_identity_store.get()) {
// Because |pc|->Initialize takes ownership of the store we need a new
// wrapper object that can be deleted without deleting the underlying
// |cert_generator_|, protecting it from being deleted multiple times.
cert_generator.reset(
new RTCCertificateGeneratorWrapper(cert_generator_));
// |dtls_identity_store_|, protecting it from being deleted multiple times.
dtls_identity_store.reset(
new DtlsIdentityStoreWrapper(dtls_identity_store_));
}
if (!allocator) {
@ -297,7 +295,7 @@ PeerConnectionFactory::CreatePeerConnection(
new rtc::RefCountedObject<PeerConnection>(this));
if (!pc->Initialize(configuration, std::move(allocator),
std::move(cert_generator), observer)) {
std::move(dtls_identity_store), observer)) {
return nullptr;
}
return PeerConnectionProxy::Create(signaling_thread(), pc);

12
webrtc/api/peerconnectionfactory.h
View File

@ -14,12 +14,12 @@
#include <memory>
#include <string>
#include "webrtc/api/dtlsidentitystore.h"
#include "webrtc/api/mediacontroller.h"
#include "webrtc/api/mediastreaminterface.h"
#include "webrtc/api/peerconnectioninterface.h"
#include "webrtc/base/scoped_ref_ptr.h"
#include "webrtc/base/thread.h"
#include "webrtc/base/rtccertificategenerator.h"
#include "webrtc/pc/channelmanager.h"
namespace rtc {
@ -29,8 +29,8 @@ class BasicPacketSocketFactory;
namespace webrtc {
typedef rtc::RefCountedObject<rtc::RTCCertificateGenerator>
RefCountedRTCCertificateGenerator;
typedef rtc::RefCountedObject<DtlsIdentityStoreImpl>
RefCountedDtlsIdentityStore;
class PeerConnectionFactory : public PeerConnectionFactoryInterface {
public:
@ -43,13 +43,13 @@ class PeerConnectionFactory : public PeerConnectionFactoryInterface {
const PeerConnectionInterface::RTCConfiguration& configuration,
const MediaConstraintsInterface* constraints,
std::unique_ptr<cricket::PortAllocator> allocator,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
PeerConnectionObserver* observer) override;
virtual rtc::scoped_refptr<PeerConnectionInterface> CreatePeerConnection(
const PeerConnectionInterface::RTCConfiguration& configuration,
std::unique_ptr<cricket::PortAllocator> allocator,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
PeerConnectionObserver* observer) override;
bool Initialize();
@ -129,7 +129,7 @@ class PeerConnectionFactory : public PeerConnectionFactoryInterface {
std::unique_ptr<rtc::BasicNetworkManager> default_network_manager_;
std::unique_ptr<rtc::BasicPacketSocketFactory> default_socket_factory_;
rtc::scoped_refptr<RefCountedRTCCertificateGenerator> cert_generator_;
rtc::scoped_refptr<RefCountedDtlsIdentityStore> dtls_identity_store_;
};
} // namespace webrtc

12
webrtc/api/peerconnectionfactoryproxy.h
View File

@ -29,7 +29,7 @@ BEGIN_SIGNALING_PROXY_MAP(PeerConnectionFactory)
const PeerConnectionInterface::RTCConfiguration& a1,
const MediaConstraintsInterface* a2,
std::unique_ptr<cricket::PortAllocator> a3,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> a4,
std::unique_ptr<DtlsIdentityStoreInterface> a4,
PeerConnectionObserver* a5) override {
return signaling_thread_
->Invoke<rtc::scoped_refptr<PeerConnectionInterface>>(
@ -39,7 +39,7 @@ BEGIN_SIGNALING_PROXY_MAP(PeerConnectionFactory)
rtc::scoped_refptr<PeerConnectionInterface> CreatePeerConnection(
const PeerConnectionInterface::RTCConfiguration& a1,
std::unique_ptr<cricket::PortAllocator> a3,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> a4,
std::unique_ptr<DtlsIdentityStoreInterface> a4,
PeerConnectionObserver* a5) override {
return signaling_thread_
->Invoke<rtc::scoped_refptr<PeerConnectionInterface>>(
@ -77,10 +77,10 @@ BEGIN_SIGNALING_PROXY_MAP(PeerConnectionFactory)
const PeerConnectionInterface::RTCConfiguration& a1,
const MediaConstraintsInterface* a2,
cricket::PortAllocator* a3,
rtc::RTCCertificateGeneratorInterface* a4,
DtlsIdentityStoreInterface* a4,
PeerConnectionObserver* a5) {
std::unique_ptr<cricket::PortAllocator> ptr_a3(a3);
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> ptr_a4(a4);
std::unique_ptr<DtlsIdentityStoreInterface> ptr_a4(a4);
return c_->CreatePeerConnection(a1, a2, std::move(ptr_a3),
std::move(ptr_a4), a5);
}
@ -88,10 +88,10 @@ BEGIN_SIGNALING_PROXY_MAP(PeerConnectionFactory)
rtc::scoped_refptr<PeerConnectionInterface> CreatePeerConnection_ot(
const PeerConnectionInterface::RTCConfiguration& a1,
cricket::PortAllocator* a3,
rtc::RTCCertificateGeneratorInterface* a4,
DtlsIdentityStoreInterface* a4,
PeerConnectionObserver* a5) {
std::unique_ptr<cricket::PortAllocator> ptr_a3(a3);
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> ptr_a4(a4);
std::unique_ptr<DtlsIdentityStoreInterface> ptr_a4(a4);
return c_->CreatePeerConnection(a1, std::move(ptr_a3), std::move(ptr_a4),
a5);
}

39
webrtc/api/peerconnectioninterface.h
View File

@ -68,7 +68,6 @@
#include "webrtc/base/fileutils.h"
#include "webrtc/base/network.h"
#include "webrtc/base/rtccertificate.h"
#include "webrtc/base/rtccertificategenerator.h"
#include "webrtc/base/socketaddress.h"
#include "webrtc/base/sslstreamadapter.h"
#include "webrtc/media/base/mediachannel.h"
@ -578,51 +577,17 @@ class PeerConnectionFactoryInterface : public rtc::RefCountInterface {
virtual void SetOptions(const Options& options) = 0;
virtual rtc::scoped_refptr<PeerConnectionInterface> CreatePeerConnection(
const PeerConnectionInterface::RTCConfiguration& configuration,
const MediaConstraintsInterface* constraints,
std::unique_ptr<cricket::PortAllocator> allocator,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
PeerConnectionObserver* observer) = 0;
// TODO(hbos): To be removed in favor of the |cert_generator| version as soon
// as Chromium stops using this version. See bugs.webrtc.org/5707,
// bugs.webrtc.org/5708.
rtc::scoped_refptr<PeerConnectionInterface> CreatePeerConnection(
const PeerConnectionInterface::RTCConfiguration& configuration,
const MediaConstraintsInterface* constraints,
std::unique_ptr<cricket::PortAllocator> allocator,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
PeerConnectionObserver* observer) {
return CreatePeerConnection(
configuration,
constraints,
std::move(allocator),
std::unique_ptr<rtc::RTCCertificateGeneratorInterface>(
dtls_identity_store ? new RTCCertificateGeneratorStoreWrapper(
std::move(dtls_identity_store)) : nullptr),
observer);
}
PeerConnectionObserver* observer) = 0;
virtual rtc::scoped_refptr<PeerConnectionInterface> CreatePeerConnection(
const PeerConnectionInterface::RTCConfiguration& configuration,
std::unique_ptr<cricket::PortAllocator> allocator,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
PeerConnectionObserver* observer) = 0;
// TODO(hbos): To be removed in favor of the |cert_generator| version as soon
// as Chromium stops using this version. See bugs.webrtc.org/5707,
// bugs.webrtc.org/5708.
rtc::scoped_refptr<PeerConnectionInterface> CreatePeerConnection(
const PeerConnectionInterface::RTCConfiguration& configuration,
std::unique_ptr<cricket::PortAllocator> allocator,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
PeerConnectionObserver* observer) {
return CreatePeerConnection(
configuration,
std::move(allocator),
std::unique_ptr<rtc::RTCCertificateGeneratorInterface>(
dtls_identity_store ? new RTCCertificateGeneratorStoreWrapper(
std::move(dtls_identity_store)) : nullptr),
observer);
}
PeerConnectionObserver* observer) = 0;
virtual rtc::scoped_refptr<MediaStreamInterface>
CreateLocalMediaStream(const std::string& label) = 0;

8
webrtc/api/peerconnectioninterface_unittest.cc
View File

@ -616,12 +616,8 @@ class PeerConnectionInterfaceTest : public testing::Test {
config.servers.push_back(server);
scoped_refptr<PeerConnectionInterface> pc;
pc = pc_factory_->CreatePeerConnection(
config,
nullptr,
nullptr,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface>(),
&observer_);
pc = pc_factory_->CreatePeerConnection(config, nullptr, nullptr, nullptr,
&observer_);
EXPECT_EQ(nullptr, pc);
}

15
webrtc/api/webrtcsession.cc
View File

@ -512,7 +512,7 @@ WebRtcSession::~WebRtcSession() {
bool WebRtcSession::Initialize(
const PeerConnectionFactoryInterface::Options& options,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
const PeerConnectionInterface::RTCConfiguration& rtc_configuration) {
bundle_policy_ = rtc_configuration.bundle_policy;
rtcp_mux_policy_ = rtc_configuration.rtcp_mux_policy;
@ -533,7 +533,7 @@ bool WebRtcSession::Initialize(
dtls_enabled_ = false;
} else {
// Enable DTLS by default if we have an identity store or a certificate.
dtls_enabled_ = (cert_generator || certificate);
dtls_enabled_ = (dtls_identity_store || certificate);
// |rtc_configuration| can override the default |dtls_enabled_| value.
if (rtc_configuration.enable_dtls_srtp) {
dtls_enabled_ = *(rtc_configuration.enable_dtls_srtp);
@ -566,18 +566,19 @@ bool WebRtcSession::Initialize(
if (!dtls_enabled_) {
// Construct with DTLS disabled.
webrtc_session_desc_factory_.reset(new WebRtcSessionDescriptionFactory(
signaling_thread(), channel_manager_, this, id(),
std::unique_ptr<rtc::RTCCertificateGeneratorInterface>()));
signaling_thread(), channel_manager_, this, id()));
} else {
// Construct with DTLS enabled.
if (!certificate) {
// Use the |dtls_identity_store| to generate a certificate.
RTC_DCHECK(dtls_identity_store);
webrtc_session_desc_factory_.reset(new WebRtcSessionDescriptionFactory(
signaling_thread(), channel_manager_, this, id(),
std::move(cert_generator)));
signaling_thread(), channel_manager_, std::move(dtls_identity_store),
this, id()));
} else {
// Use the already generated certificate.
webrtc_session_desc_factory_.reset(new WebRtcSessionDescriptionFactory(
signaling_thread(), channel_manager_, this, id(), certificate));
signaling_thread(), channel_manager_, certificate, this, id()));
}
}

2
webrtc/api/webrtcsession.h
View File

@ -153,7 +153,7 @@ class WebRtcSession : public AudioProviderInterface,
bool Initialize(
const PeerConnectionFactoryInterface::Options& options,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
const PeerConnectionInterface::RTCConfiguration& rtc_configuration);
// Deletes the voice, video and data channel and changes the session state
// to STATE_CLOSED.

5
webrtc/api/webrtcsession_unittest.cc
View File

@ -397,10 +397,7 @@ class WebRtcSessionTest
EXPECT_EQ(PeerConnectionInterface::kIceGatheringNew,
observer_.ice_gathering_state_);
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator(
dtls_identity_store ? new webrtc::RTCCertificateGeneratorStoreWrapper(
std::move(dtls_identity_store)) : nullptr);
EXPECT_TRUE(session_->Initialize(options_, std::move(cert_generator),
EXPECT_TRUE(session_->Initialize(options_, std::move(dtls_identity_store),
configuration_));
session_->set_metrics_observer(metrics_observer_);
}

140
webrtc/api/webrtcsessiondescriptionfactory.cc
View File

@ -12,6 +12,7 @@
#include <utility>
#include "webrtc/api/dtlsidentitystore.h"
#include "webrtc/api/jsep.h"
#include "webrtc/api/jsepsessiondescription.h"
#include "webrtc/api/mediaconstraintsinterface.h"
@ -67,13 +68,28 @@ struct CreateSessionDescriptionMsg : public rtc::MessageData {
};
} // namespace
void WebRtcCertificateGeneratorCallback::OnFailure() {
SignalRequestFailed();
void WebRtcIdentityRequestObserver::OnFailure(int error) {
SignalRequestFailed(error);
}
void WebRtcCertificateGeneratorCallback::OnSuccess(
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) {
SignalCertificateReady(certificate);
void WebRtcIdentityRequestObserver::OnSuccess(
const std::string& der_cert, const std::string& der_private_key) {
std::string pem_cert = rtc::SSLIdentity::DerToPem(
rtc::kPemTypeCertificate,
reinterpret_cast<const unsigned char*>(der_cert.data()),
der_cert.length());
std::string pem_key = rtc::SSLIdentity::DerToPem(
rtc::kPemTypeRsaPrivateKey,
reinterpret_cast<const unsigned char*>(der_private_key.data()),
der_private_key.length());
std::unique_ptr<rtc::SSLIdentity> identity(
rtc::SSLIdentity::FromPEMStrings(pem_key, pem_cert));
SignalCertificateReady(rtc::RTCCertificate::Create(std::move(identity)));
}
void WebRtcIdentityRequestObserver::OnSuccess(
std::unique_ptr<rtc::SSLIdentity> identity) {
SignalCertificateReady(rtc::RTCCertificate::Create(std::move(identity)));
}
// static
@ -111,10 +127,12 @@ void WebRtcSessionDescriptionFactory::CopyCandidatesFromSessionDescription(
WebRtcSessionDescriptionFactory::WebRtcSessionDescriptionFactory(
rtc::Thread* signaling_thread,
cricket::ChannelManager* channel_manager,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
const rtc::scoped_refptr<WebRtcIdentityRequestObserver>&
identity_request_observer,
WebRtcSession* session,
const std::string& session_id,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate)
bool dtls_enabled)
: signaling_thread_(signaling_thread),
session_desc_factory_(channel_manager, &transport_desc_factory_),
// RFC 4566 suggested a Network Time Protocol (NTP) format timestamp
@ -122,81 +140,89 @@ WebRtcSessionDescriptionFactory::WebRtcSessionDescriptionFactory(
// to just use a random number as session id and start version from
// |kInitSessionVersion|.
session_version_(kInitSessionVersion),
cert_generator_(std::move(cert_generator)),
dtls_identity_store_(std::move(dtls_identity_store)),
identity_request_observer_(identity_request_observer),
session_(session),
session_id_(session_id),
certificate_request_state_(CERTIFICATE_NOT_NEEDED) {
RTC_DCHECK(signaling_thread_);
session_desc_factory_.set_add_legacy_streams(false);
bool dtls_enabled = cert_generator_ || certificate;
// SRTP-SDES is disabled if DTLS is on.
SetSdesPolicy(dtls_enabled ? cricket::SEC_DISABLED : cricket::SEC_REQUIRED);
if (!dtls_enabled) {
LOG(LS_VERBOSE) << "DTLS-SRTP disabled.";
return;
}
if (certificate) {
// Use |certificate|.
certificate_request_state_ = CERTIFICATE_WAITING;
LOG(LS_VERBOSE) << "DTLS-SRTP enabled; has certificate parameter.";
// We already have a certificate but we wait to do |SetIdentity|; if we do
// it in the constructor then the caller has not had a chance to connect to
// |SignalCertificateReady|.
signaling_thread_->Post(
this, MSG_USE_CONSTRUCTOR_CERTIFICATE,
new rtc::ScopedRefMessageData<rtc::RTCCertificate>(certificate));
} else {
// Generate certificate.
certificate_request_state_ = CERTIFICATE_WAITING;
rtc::scoped_refptr<WebRtcCertificateGeneratorCallback> callback(
new rtc::RefCountedObject<WebRtcCertificateGeneratorCallback>());
callback->SignalRequestFailed.connect(
this, &WebRtcSessionDescriptionFactory::OnCertificateRequestFailed);
callback->SignalCertificateReady.connect(
this, &WebRtcSessionDescriptionFactory::SetCertificate);
rtc::KeyParams key_params = rtc::KeyParams();
LOG(LS_VERBOSE) << "DTLS-SRTP enabled; sending DTLS identity request (key "
<< "type: " << key_params.type() << ").";
// Request certificate. This happens asynchronously, so that the caller gets
// a chance to connect to |SignalCertificateReady|.
cert_generator_->GenerateCertificateAsync(
key_params, rtc::Optional<uint64_t>(), callback);
}
}
WebRtcSessionDescriptionFactory::WebRtcSessionDescriptionFactory(
rtc::Thread* signaling_thread,
cricket::ChannelManager* channel_manager,
WebRtcSession* session,
const std::string& session_id,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator)
const std::string& session_id)
: WebRtcSessionDescriptionFactory(signaling_thread,
channel_manager,
nullptr,
nullptr,
session,
session_id,
false) {
LOG(LS_VERBOSE) << "DTLS-SRTP disabled.";
}
WebRtcSessionDescriptionFactory::WebRtcSessionDescriptionFactory(
rtc::Thread* signaling_thread,
cricket::ChannelManager* channel_manager,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
WebRtcSession* session,
const std::string& session_id)
: WebRtcSessionDescriptionFactory(
signaling_thread,
channel_manager,
std::move(dtls_identity_store),
new rtc::RefCountedObject<WebRtcIdentityRequestObserver>(),
session,
session_id,
std::move(cert_generator),
nullptr) {
true) {
RTC_DCHECK(dtls_identity_store_);
certificate_request_state_ = CERTIFICATE_WAITING;
identity_request_observer_->SignalRequestFailed.connect(
this, &WebRtcSessionDescriptionFactory::OnIdentityRequestFailed);
identity_request_observer_->SignalCertificateReady.connect(
this, &WebRtcSessionDescriptionFactory::SetCertificate);
rtc::KeyParams key_params = rtc::KeyParams();
LOG(LS_VERBOSE) << "DTLS-SRTP enabled; sending DTLS identity request (key "
<< "type: " << key_params.type() << ").";
// Request identity. This happens asynchronously, so the caller will have a
// chance to connect to SignalIdentityReady.
dtls_identity_store_->RequestIdentity(key_params,
rtc::Optional<uint64_t>(),
identity_request_observer_);
}
WebRtcSessionDescriptionFactory::WebRtcSessionDescriptionFactory(
rtc::Thread* signaling_thread,
cricket::ChannelManager* channel_manager,
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate,
WebRtcSession* session,
const std::string& session_id,
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate)
const std::string& session_id)
: WebRtcSessionDescriptionFactory(signaling_thread,
channel_manager,
nullptr,
nullptr,
session,
session_id,
nullptr,
certificate) {
true) {
RTC_DCHECK(certificate);
certificate_request_state_ = CERTIFICATE_WAITING;
LOG(LS_VERBOSE) << "DTLS-SRTP enabled; has certificate parameter.";
// We already have a certificate but we wait to do SetIdentity; if we do
// it in the constructor then the caller has not had a chance to connect to
// SignalIdentityReady.
signaling_thread_->Post(
this, MSG_USE_CONSTRUCTOR_CERTIFICATE,
new rtc::ScopedRefMessageData<rtc::RTCCertificate>(certificate));
}
WebRtcSessionDescriptionFactory::~WebRtcSessionDescriptionFactory() {
@ -462,10 +488,10 @@ void WebRtcSessionDescriptionFactory::PostCreateSessionDescriptionSucceeded(
signaling_thread_->Post(this, MSG_CREATE_SESSIONDESCRIPTION_SUCCESS, msg);
}
void WebRtcSessionDescriptionFactory::OnCertificateRequestFailed() {
void WebRtcSessionDescriptionFactory::OnIdentityRequestFailed(int error) {
ASSERT(signaling_thread_->IsCurrent());
LOG(LS_ERROR) << "Asynchronous certificate generation request failed.";
LOG(LS_ERROR) << "Async identity request failed: error = " << error;
certificate_request_state_ = CERTIFICATE_FAILED;
FailPendingRequests(kFailedDueToIdentityFailed);
@ -474,7 +500,7 @@ void WebRtcSessionDescriptionFactory::OnCertificateRequestFailed() {
void WebRtcSessionDescriptionFactory::SetCertificate(
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) {
RTC_DCHECK(certificate);
LOG(LS_VERBOSE) << "Setting new certificate.";
LOG(LS_VERBOSE) << "Setting new certificate";
certificate_request_state_ = CERTIFICATE_SUCCEEDED;
SignalCertificateReady(certificate);

65
webrtc/api/webrtcsessiondescriptionfactory.h
View File

@ -18,7 +18,6 @@
#include "webrtc/base/constructormagic.h"
#include "webrtc/base/messagehandler.h"
#include "webrtc/base/rtccertificate.h"
#include "webrtc/base/rtccertificategenerator.h"
#include "webrtc/p2p/base/transportdescriptionfactory.h"
#include "webrtc/pc/mediasession.h"
@ -33,17 +32,17 @@ class MediaConstraintsInterface;
class SessionDescriptionInterface;
class WebRtcSession;
// DTLS certificate request callback class.
class WebRtcCertificateGeneratorCallback
: public rtc::RTCCertificateGeneratorCallback,
public sigslot::has_slots<> {
// DTLS identity request callback class.
class WebRtcIdentityRequestObserver : public DtlsIdentityRequestObserver,
public sigslot::has_slots<> {
public:
// |rtc::RTCCertificateGeneratorCallback| overrides.
void OnSuccess(
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate) override;
void OnFailure() override;
// DtlsIdentityRequestObserver overrides.
void OnFailure(int error) override;
void OnSuccess(const std::string& der_cert,
const std::string& der_private_key) override;
void OnSuccess(std::unique_ptr<rtc::SSLIdentity> identity) override;
sigslot::signal0<> SignalRequestFailed;
sigslot::signal1<int> SignalRequestFailed;
sigslot::signal1<const rtc::scoped_refptr<rtc::RTCCertificate>&>
SignalCertificateReady;
};
@ -67,29 +66,37 @@ struct CreateSessionDescriptionRequest {
cricket::MediaSessionOptions options;
};
// This class is used to create offer/answer session description. Certificates
// for WebRtcSession/DTLS are either supplied at construction or generated
// asynchronously. It queues the create offer/answer request until the
// certificate generation has completed, i.e. when OnCertificateRequestFailed or
// OnCertificateReady is called.
// This class is used to create offer/answer session description with regards to
// the async DTLS identity generation for WebRtcSession.
// It queues the create offer/answer request until the DTLS identity
// request has completed, i.e. when OnIdentityRequestFailed or OnIdentityReady
// is called.
class WebRtcSessionDescriptionFactory : public rtc::MessageHandler,
public sigslot::has_slots<> {
public:
// If |certificate_generator| is not null, DTLS is enabled and a default
// certificate is generated asynchronously; otherwise DTLS is disabled.
// Construct with DTLS disabled.
WebRtcSessionDescriptionFactory(rtc::Thread* signaling_thread,
cricket::ChannelManager* channel_manager,
WebRtcSession* session,
const std::string& session_id);
// Construct with DTLS enabled using the specified |dtls_identity_store| to
// generate a certificate.
WebRtcSessionDescriptionFactory(
rtc::Thread* signaling_thread,
cricket::ChannelManager* channel_manager,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
WebRtcSession* session,
const std::string& session_id,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator);
// Construct with DTLS enabled using the specified |certificate|.
const std::string& session_id);
// Construct with DTLS enabled using the specified (already generated)
// |certificate|.
WebRtcSessionDescriptionFactory(
rtc::Thread* signaling_thread,
cricket::ChannelManager* channel_manager,
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate,
WebRtcSession* session,
const std::string& session_id,
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate);
const std::string& session_id);
virtual ~WebRtcSessionDescriptionFactory();
static void CopyCandidatesFromSessionDescription(
@ -123,15 +130,15 @@ class WebRtcSessionDescriptionFactory : public rtc::MessageHandler,
CERTIFICATE_FAILED,
};
// If |certificate_generator| or |certificate| is not null DTLS is enabled,
// otherwise DTLS is disabled.
WebRtcSessionDescriptionFactory(
rtc::Thread* signaling_thread,
cricket::ChannelManager* channel_manager,
std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store,
const rtc::scoped_refptr<WebRtcIdentityRequestObserver>&
identity_request_observer,
WebRtcSession* session,
const std::string& session_id,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator,
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate);
bool dtls_enabled);
// MessageHandler implementation.
virtual void OnMessage(rtc::Message* msg);
@ -147,7 +154,7 @@ class WebRtcSessionDescriptionFactory : public rtc::MessageHandler,
CreateSessionDescriptionObserver* observer,
SessionDescriptionInterface* description);
void OnCertificateRequestFailed();
void OnIdentityRequestFailed(int error);
void SetCertificate(
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate);
@ -157,7 +164,9 @@ class WebRtcSessionDescriptionFactory : public rtc::MessageHandler,
cricket::TransportDescriptionFactory transport_desc_factory_;
cricket::MediaSessionDescriptionFactory session_desc_factory_;
uint64_t session_version_;
const std::unique_ptr<rtc::RTCCertificateGeneratorInterface> cert_generator_;
const std::unique_ptr<DtlsIdentityStoreInterface> dtls_identity_store_;
const rtc::scoped_refptr<WebRtcIdentityRequestObserver>
identity_request_observer_;
// TODO(jiayl): remove the dependency on session once bug 2264 is fixed.
WebRtcSession* const session_;
const std::string session_id_;

6
webrtc/examples/peerconnection/client/conductor.cc
View File

@ -129,11 +129,7 @@ bool Conductor::CreatePeerConnection(bool dtls) {
}
peer_connection_ = peer_connection_factory_->CreatePeerConnection(
config,
&constraints,
nullptr,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface>(),
this);
config, &constraints, NULL, NULL, this);
return peer_connection_.get() != NULL;
}

11
webrtc/sdk/objc/Framework/Classes/RTCPeerConnection.mm
View File

@ -226,12 +226,11 @@ void PeerConnectionDelegateAdapter::OnIceCandidatesRemoved(
std::unique_ptr<webrtc::MediaConstraints> nativeConstraints =
constraints.nativeConstraints;
_peerConnection =
factory.nativeFactory->CreatePeerConnection(
*config,
nativeConstraints.get(),
nullptr,
std::unique_ptr<rtc::RTCCertificateGeneratorInterface>(),
_observer.get());
factory.nativeFactory->CreatePeerConnection(*config,
nativeConstraints.get(),
nullptr,
nullptr,
_observer.get());
_localStreams = [[NSMutableArray alloc] init];
_delegate = delegate;
}