1 /* 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. 3 * 4 * Use of this source code is governed by a BSD-style license 5 * that can be found in the LICENSE file in the root of the source 6 * tree. An additional intellectual property rights grant can be found 7 * in the file PATENTS. All contributing project authors may 8 * be found in the AUTHORS file in the root of the source tree. 9 */ 10 11 #ifndef WEBRTC_BASE_OPENSSLADAPTER_H__ 12 #define WEBRTC_BASE_OPENSSLADAPTER_H__ 13 14 #include <string> 15 #include "webrtc/base/ssladapter.h" 16 17 typedef struct ssl_st SSL; 18 typedef struct ssl_ctx_st SSL_CTX; 19 typedef struct x509_store_ctx_st X509_STORE_CTX; 20 21 namespace rtc { 22 23 /////////////////////////////////////////////////////////////////////////////// 24 25 class OpenSSLAdapter : public SSLAdapter { 26 public: 27 static bool InitializeSSL(VerificationCallback callback); 28 static bool InitializeSSLThread(); 29 static bool CleanupSSL(); 30 31 OpenSSLAdapter(AsyncSocket* socket); 32 virtual ~OpenSSLAdapter(); 33 34 virtual int StartSSL(const char* hostname, bool restartable); 35 virtual int Send(const void* pv, size_t cb); 36 virtual int Recv(void* pv, size_t cb); 37 virtual int Close(); 38 39 // Note that the socket returns ST_CONNECTING while SSL is being negotiated. 40 virtual ConnState GetState() const; 41 42 protected: 43 virtual void OnConnectEvent(AsyncSocket* socket); 44 virtual void OnReadEvent(AsyncSocket* socket); 45 virtual void OnWriteEvent(AsyncSocket* socket); 46 virtual void OnCloseEvent(AsyncSocket* socket, int err); 47 48 private: 49 enum SSLState { 50 SSL_NONE, SSL_WAIT, SSL_CONNECTING, SSL_CONNECTED, SSL_ERROR 51 }; 52 53 int BeginSSL(); 54 int ContinueSSL(); 55 void Error(const char* context, int err, bool signal = true); 56 void Cleanup(); 57 58 static bool VerifyServerName(SSL* ssl, const char* host, 59 bool ignore_bad_cert); 60 bool SSLPostConnectionCheck(SSL* ssl, const char* host); 61 #if _DEBUG 62 static void SSLInfoCallback(const SSL* s, int where, int ret); 63 #endif // !_DEBUG 64 static int SSLVerifyCallback(int ok, X509_STORE_CTX* store); 65 static VerificationCallback custom_verify_callback_; 66 friend class OpenSSLStreamAdapter; // for custom_verify_callback_; 67 68 static bool ConfigureTrustedRootCertificates(SSL_CTX* ctx); 69 static SSL_CTX* SetupSSLContext(); 70 71 SSLState state_; 72 bool ssl_read_needs_write_; 73 bool ssl_write_needs_read_; 74 // If true, socket will retain SSL configuration after Close. 75 bool restartable_; 76 77 SSL* ssl_; 78 SSL_CTX* ssl_ctx_; 79 std::string ssl_host_name_; 80 81 bool custom_verification_succeeded_; 82 }; 83 84 ///////////////////////////////////////////////////////////////////////////// 85 86 } // namespace rtc 87 88 #endif // WEBRTC_BASE_OPENSSLADAPTER_H__ 89