1 /* 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. 3 * 4 * Use of this source code is governed by a BSD-style license 5 * that can be found in the LICENSE file in the root of the source 6 * tree. An additional intellectual property rights grant can be found 7 * in the file PATENTS. All contributing project authors may 8 * be found in the AUTHORS file in the root of the source tree. 9 */ 10 11 #ifndef WEBRTC_BASE_OPENSSLADAPTER_H__ 12 #define WEBRTC_BASE_OPENSSLADAPTER_H__ 13 14 #include <string> 15 #include "webrtc/base/messagehandler.h" 16 #include "webrtc/base/messagequeue.h" 17 #include "webrtc/base/ssladapter.h" 18 19 typedef struct ssl_st SSL; 20 typedef struct ssl_ctx_st SSL_CTX; 21 typedef struct x509_store_ctx_st X509_STORE_CTX; 22 23 namespace rtc { 24 25 /////////////////////////////////////////////////////////////////////////////// 26 27 class OpenSSLAdapter : public SSLAdapter, public MessageHandler { 28 public: 29 static bool InitializeSSL(VerificationCallback callback); 30 static bool InitializeSSLThread(); 31 static bool CleanupSSL(); 32 33 OpenSSLAdapter(AsyncSocket* socket); 34 ~OpenSSLAdapter() override; 35 36 void SetMode(SSLMode mode) override; 37 int StartSSL(const char* hostname, bool restartable) override; 38 int Send(const void* pv, size_t cb) override; 39 int SendTo(const void* pv, size_t cb, const SocketAddress& addr) override; 40 int Recv(void* pv, size_t cb) override; 41 int RecvFrom(void* pv, size_t cb, SocketAddress* paddr) override; 42 int Close() override; 43 44 // Note that the socket returns ST_CONNECTING while SSL is being negotiated. 45 ConnState GetState() const override; 46 47 protected: 48 void OnConnectEvent(AsyncSocket* socket) override; 49 void OnReadEvent(AsyncSocket* socket) override; 50 void OnWriteEvent(AsyncSocket* socket) override; 51 void OnCloseEvent(AsyncSocket* socket, int err) override; 52 53 private: 54 enum SSLState { 55 SSL_NONE, SSL_WAIT, SSL_CONNECTING, SSL_CONNECTED, SSL_ERROR 56 }; 57 58 enum { MSG_TIMEOUT }; 59 60 int BeginSSL(); 61 int ContinueSSL(); 62 void Error(const char* context, int err, bool signal = true); 63 void Cleanup(); 64 65 void OnMessage(Message* msg) override; 66 67 static bool VerifyServerName(SSL* ssl, const char* host, 68 bool ignore_bad_cert); 69 bool SSLPostConnectionCheck(SSL* ssl, const char* host); 70 #if !defined(NDEBUG) 71 static void SSLInfoCallback(const SSL* s, int where, int ret); 72 #endif 73 static int SSLVerifyCallback(int ok, X509_STORE_CTX* store); 74 static VerificationCallback custom_verify_callback_; 75 friend class OpenSSLStreamAdapter; // for custom_verify_callback_; 76 77 static bool ConfigureTrustedRootCertificates(SSL_CTX* ctx); 78 SSL_CTX* SetupSSLContext(); 79 80 SSLState state_; 81 bool ssl_read_needs_write_; 82 bool ssl_write_needs_read_; 83 // If true, socket will retain SSL configuration after Close. 84 bool restartable_; 85 86 SSL* ssl_; 87 SSL_CTX* ssl_ctx_; 88 std::string ssl_host_name_; 89 // Do DTLS or not 90 SSLMode ssl_mode_; 91 92 bool custom_verification_succeeded_; 93 }; 94 95 ///////////////////////////////////////////////////////////////////////////// 96 97 } // namespace rtc 98 99 #endif // WEBRTC_BASE_OPENSSLADAPTER_H__ 100