Home | History | Annotate | Download | only in base 
      1 /*
      2  *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
      3  *
      4  *  Use of this source code is governed by a BSD-style license
      5  *  that can be found in the LICENSE file in the root of the source
      6  *  tree. An additional intellectual property rights grant can be found
      7  *  in the file PATENTS.  All contributing project authors may
      8  *  be found in the AUTHORS file in the root of the source tree.
      9  */
     10 
     11 #ifndef WEBRTC_BASE_OPENSSLADAPTER_H__
     12 #define WEBRTC_BASE_OPENSSLADAPTER_H__
     13 
     14 #include <string>
     15 #include "webrtc/base/ssladapter.h"
     16 
     17 typedef struct ssl_st SSL;
     18 typedef struct ssl_ctx_st SSL_CTX;
     19 typedef struct x509_store_ctx_st X509_STORE_CTX;
     20 
     21 namespace rtc {
     22 
     23 ///////////////////////////////////////////////////////////////////////////////
     24 
     25 class OpenSSLAdapter : public SSLAdapter {
     26 public:
     27   static bool InitializeSSL(VerificationCallback callback);
     28   static bool InitializeSSLThread();
     29   static bool CleanupSSL();
     30 
     31   OpenSSLAdapter(AsyncSocket* socket);
     32   virtual ~OpenSSLAdapter();
     33 
     34   virtual int StartSSL(const char* hostname, bool restartable);
     35   virtual int Send(const void* pv, size_t cb);
     36   virtual int Recv(void* pv, size_t cb);
     37   virtual int Close();
     38 
     39   // Note that the socket returns ST_CONNECTING while SSL is being negotiated.
     40   virtual ConnState GetState() const;
     41 
     42 protected:
     43   virtual void OnConnectEvent(AsyncSocket* socket);
     44   virtual void OnReadEvent(AsyncSocket* socket);
     45   virtual void OnWriteEvent(AsyncSocket* socket);
     46   virtual void OnCloseEvent(AsyncSocket* socket, int err);
     47 
     48 private:
     49   enum SSLState {
     50     SSL_NONE, SSL_WAIT, SSL_CONNECTING, SSL_CONNECTED, SSL_ERROR
     51   };
     52 
     53   int BeginSSL();
     54   int ContinueSSL();
     55   void Error(const char* context, int err, bool signal = true);
     56   void Cleanup();
     57 
     58   static bool VerifyServerName(SSL* ssl, const char* host,
     59                                bool ignore_bad_cert);
     60   bool SSLPostConnectionCheck(SSL* ssl, const char* host);
     61 #if _DEBUG
     62   static void SSLInfoCallback(const SSL* s, int where, int ret);
     63 #endif  // !_DEBUG
     64   static int SSLVerifyCallback(int ok, X509_STORE_CTX* store);
     65   static VerificationCallback custom_verify_callback_;
     66   friend class OpenSSLStreamAdapter;  // for custom_verify_callback_;
     67 
     68   static bool ConfigureTrustedRootCertificates(SSL_CTX* ctx);
     69   static SSL_CTX* SetupSSLContext();
     70 
     71   SSLState state_;
     72   bool ssl_read_needs_write_;
     73   bool ssl_write_needs_read_;
     74   // If true, socket will retain SSL configuration after Close.
     75   bool restartable_;
     76 
     77   SSL* ssl_;
     78   SSL_CTX* ssl_ctx_;
     79   std::string ssl_host_name_;
     80 
     81   bool custom_verification_succeeded_;
     82 };
     83 
     84 /////////////////////////////////////////////////////////////////////////////
     85 
     86 } // namespace rtc
     87 
     88 #endif // WEBRTC_BASE_OPENSSLADAPTER_H__
     89