Move ssl_stream_adapter.h to webrtc namespace
Bug: webrtc:42232595
Change-Id: Ic676abe4e20bd9a2d26d16ac71f868cb295aeb1d
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/380843
Commit-Queue: Evan Shrubsole <eshr@webrtc.org>
Auto-Submit: Evan Shrubsole <eshr@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#44098}
diff --git a/api/crypto/crypto_options.cc b/api/crypto/crypto_options.cc
index 37df0d5..2923833 100644
--- a/api/crypto/crypto_options.cc
+++ b/api/crypto/crypto_options.cc
@@ -41,18 +41,18 @@
// As the cipher suite is potentially insecure, it will only be used if
// enabled by both peers.
if (srtp.enable_aes128_sha1_32_crypto_cipher) {
- crypto_suites.push_back(rtc::kSrtpAes128CmSha1_32);
+ crypto_suites.push_back(kSrtpAes128CmSha1_32);
}
if (srtp.enable_aes128_sha1_80_crypto_cipher) {
- crypto_suites.push_back(rtc::kSrtpAes128CmSha1_80);
+ crypto_suites.push_back(kSrtpAes128CmSha1_80);
}
// Note: GCM cipher suites are not the top choice since they increase the
// packet size. In order to negotiate them the other side must not support
// kSrtpAes128CmSha1_80.
if (srtp.enable_gcm_crypto_suites) {
- crypto_suites.push_back(rtc::kSrtpAeadAes256Gcm);
- crypto_suites.push_back(rtc::kSrtpAeadAes128Gcm);
+ crypto_suites.push_back(kSrtpAeadAes256Gcm);
+ crypto_suites.push_back(kSrtpAeadAes128Gcm);
}
RTC_CHECK(!crypto_suites.empty());
return crypto_suites;
diff --git a/api/peer_connection_interface.h b/api/peer_connection_interface.h
index 4b9d6e1..2633683 100644
--- a/api/peer_connection_interface.h
+++ b/api/peer_connection_interface.h
@@ -1528,7 +1528,7 @@
// Sets the maximum supported protocol version. The highest version
// supported by both ends will be used for the connection, i.e. if one
// party supports DTLS 1.0 and the other DTLS 1.2, DTLS 1.0 will be used.
- rtc::SSLProtocolVersion ssl_max_version = rtc::SSL_PROTOCOL_DTLS_12;
+ SSLProtocolVersion ssl_max_version = SSL_PROTOCOL_DTLS_12;
// Sets crypto related options, e.g. enabled cipher suites.
CryptoOptions crypto_options = {};
diff --git a/p2p/dtls/dtls_ice_integrationtest.cc b/p2p/dtls/dtls_ice_integrationtest.cc
index 095da6f..78844e0 100644
--- a/p2p/dtls/dtls_ice_integrationtest.cc
+++ b/p2p/dtls/dtls_ice_integrationtest.cc
@@ -74,7 +74,7 @@
class DtlsIceIntegrationTest : public ::testing::TestWithParam<std::tuple<
/* client_piggyback= */ bool,
/* server_piggyback= */ bool,
- rtc::SSLProtocolVersion,
+ webrtc::SSLProtocolVersion,
/* client_dtls_is_ice_controlling= */ bool>>,
public sigslot::has_slots<> {
public:
@@ -190,7 +190,7 @@
// Setup DTLS.
ep.dtls->SetLocalCertificate(client ? client_certificate
: server_certificate);
- ep.dtls->SetDtlsRole(client ? rtc::SSL_SERVER : rtc::SSL_CLIENT);
+ ep.dtls->SetDtlsRole(client ? webrtc::SSL_SERVER : webrtc::SSL_CLIENT);
SetRemoteFingerprintFromCert(
*ep.dtls.get(), client ? server_certificate : client_certificate);
});
@@ -361,8 +361,8 @@
DtlsIceIntegrationTest,
::testing::Combine(testing::Bool(),
testing::Bool(),
- testing::Values(rtc::SSL_PROTOCOL_DTLS_12,
- rtc::SSL_PROTOCOL_DTLS_13),
+ testing::Values(webrtc::SSL_PROTOCOL_DTLS_12,
+ webrtc::SSL_PROTOCOL_DTLS_13),
testing::Bool()));
} // namespace cricket
diff --git a/p2p/dtls/dtls_transport.cc b/p2p/dtls/dtls_transport.cc
index 4b59be6..87e6a7c 100644
--- a/p2p/dtls/dtls_transport.cc
+++ b/p2p/dtls/dtls_transport.cc
@@ -152,7 +152,7 @@
DtlsTransport::DtlsTransport(IceTransportInternal* ice_transport,
const webrtc::CryptoOptions& crypto_options,
webrtc::RtcEventLog* event_log,
- rtc::SSLProtocolVersion max_version)
+ webrtc::SSLProtocolVersion max_version)
: component_(ice_transport->component()),
ice_transport_(ice_transport),
downward_(nullptr),
@@ -231,7 +231,7 @@
return local_certificate_;
}
-bool DtlsTransport::SetDtlsRole(rtc::SSLRole role) {
+bool DtlsTransport::SetDtlsRole(webrtc::SSLRole role) {
if (dtls_) {
RTC_DCHECK(dtls_role_);
if (*dtls_role_ != role) {
@@ -246,7 +246,7 @@
return true;
}
-bool DtlsTransport::GetDtlsRole(rtc::SSLRole* role) const {
+bool DtlsTransport::GetDtlsRole(webrtc::SSLRole* role) const {
if (!dtls_role_) {
return false;
}
@@ -273,7 +273,7 @@
absl::string_view digest_alg,
const uint8_t* digest,
size_t digest_len,
- std::optional<rtc::SSLRole> role) {
+ std::optional<webrtc::SSLRole> role) {
rtc::Buffer remote_fingerprint_value(digest, digest_len);
bool is_dtls_restart =
dtls_active_ && remote_fingerprint_value_ != remote_fingerprint_value;
@@ -341,9 +341,9 @@
// This can occur if DTLS is set up before a remote fingerprint is
// received. For instance, if we set up DTLS due to receiving an early
// ClientHello.
- rtc::SSLPeerCertificateDigestError err = dtls_->SetPeerCertificateDigest(
+ webrtc::SSLPeerCertificateDigestError err = dtls_->SetPeerCertificateDigest(
remote_fingerprint_algorithm_, remote_fingerprint_value_);
- if (err != rtc::SSLPeerCertificateDigestError::NONE) {
+ if (err != webrtc::SSLPeerCertificateDigestError::NONE) {
RTC_LOG(LS_ERROR) << ToString()
<< ": Couldn't set DTLS certificate digest.";
set_dtls_state(webrtc::DtlsTransportState::kFailed);
@@ -351,7 +351,7 @@
// this means the fingerprint was formatted correctly but didn't match
// the certificate from the DTLS handshake. Thus the DTLS state should go
// to "failed", but SetRemoteDescription shouldn't fail.
- return err == rtc::SSLPeerCertificateDigestError::VERIFICATION_FAILED;
+ return err == webrtc::SSLPeerCertificateDigestError::VERIFICATION_FAILED;
}
return true;
}
@@ -400,7 +400,7 @@
downward_ptr->SetDtlsStunPiggybackController(
&dtls_stun_piggyback_controller_);
}
- dtls_ = rtc::SSLStreamAdapter::Create(
+ dtls_ = webrtc::SSLStreamAdapter::Create(
std::move(downward),
[this](rtc::SSLHandshakeError error) { OnDtlsHandshakeError(error); },
ice_transport_->field_trials());
@@ -424,7 +424,7 @@
if (remote_fingerprint_value_.size() &&
dtls_->SetPeerCertificateDigest(remote_fingerprint_algorithm_,
remote_fingerprint_value_) !=
- rtc::SSLPeerCertificateDigestError::NONE) {
+ webrtc::SSLPeerCertificateDigestError::NONE) {
RTC_LOG(LS_ERROR) << ToString()
<< ": Couldn't set DTLS certificate digest.";
return false;
@@ -466,7 +466,7 @@
uint16_t DtlsTransport::GetSslPeerSignatureAlgorithm() const {
if (dtls_state() != webrtc::DtlsTransportState::kConnected) {
- return rtc::kSslSignatureAlgorithmUnknown; // "not applicable"
+ return webrtc::kSslSignatureAlgorithmUnknown; // "not applicable"
}
return dtls_->GetPeerSignatureAlgorithm();
}
@@ -721,7 +721,7 @@
// the peer has chosen the client role, and proceed with the handshake.
// The fingerprint will be verified when it's set.
if (!dtls_ && local_certificate_) {
- SetDtlsRole(rtc::SSL_SERVER);
+ SetDtlsRole(webrtc::SSL_SERVER);
SetupDtls();
}
} else {
@@ -799,8 +799,8 @@
bool ret = dtls_->GetSslVersionBytes(&ssl_version_bytes);
RTC_DCHECK(ret);
dtls_stun_piggyback_controller_.SetDtlsHandshakeComplete(
- dtls_role_ == rtc::SSL_CLIENT,
- ssl_version_bytes == rtc::kDtls13VersionBytes);
+ dtls_role_ == webrtc::SSL_CLIENT,
+ ssl_version_bytes == webrtc::kDtls13VersionBytes);
downward_->SetDtlsStunPiggybackController(nullptr);
set_dtls_state(webrtc::DtlsTransportState::kConnected);
set_writable(true);
@@ -887,7 +887,7 @@
// Now that the handshake has started, we can process a cached ClientHello
// (if one exists).
if (cached_client_hello_.size()) {
- if (*dtls_role_ == rtc::SSL_SERVER) {
+ if (*dtls_role_ == webrtc::SSL_SERVER) {
RTC_LOG(LS_INFO) << ToString()
<< ": Handling cached DTLS ClientHello packet.";
if (!HandleDtlsPacket(cached_client_hello_)) {
@@ -950,7 +950,7 @@
SendDtlsState(this, state);
}
-void DtlsTransport::OnDtlsHandshakeError(rtc::SSLHandshakeError error) {
+void DtlsTransport::OnDtlsHandshakeError(webrtc::SSLHandshakeError error) {
SendDtlsHandshakeError(error);
}
diff --git a/p2p/dtls/dtls_transport.h b/p2p/dtls/dtls_transport.h
index 924278d..f7a0313 100644
--- a/p2p/dtls/dtls_transport.h
+++ b/p2p/dtls/dtls_transport.h
@@ -126,7 +126,7 @@
IceTransportInternal* ice_transport,
const webrtc::CryptoOptions& crypto_options,
webrtc::RtcEventLog* event_log,
- rtc::SSLProtocolVersion max_version = rtc::SSL_PROTOCOL_DTLS_12);
+ webrtc::SSLProtocolVersion max_version = webrtc::SSL_PROTOCOL_DTLS_12);
~DtlsTransport() override;
@@ -164,7 +164,7 @@
absl::string_view digest_alg,
const uint8_t* digest,
size_t digest_len,
- std::optional<rtc::SSLRole> role) override;
+ std::optional<webrtc::SSLRole> role) override;
// Called to send a packet (via DTLS, if turned on).
int SendPacket(const char* data,
@@ -185,8 +185,8 @@
// If not applicable, it returns zero.
uint16_t GetSslPeerSignatureAlgorithm() const override;
- bool GetDtlsRole(rtc::SSLRole* role) const override;
- bool SetDtlsRole(rtc::SSLRole role) override;
+ bool GetDtlsRole(webrtc::SSLRole* role) const override;
+ bool SetDtlsRole(webrtc::SSLRole role) override;
// Find out which DTLS cipher was negotiated
bool GetSslCipherSuite(int* cipher) const override;
@@ -246,7 +246,7 @@
bool SetupDtls(bool disable_piggybacking = false);
void MaybeStartDtls();
bool HandleDtlsPacket(rtc::ArrayView<const uint8_t> payload);
- void OnDtlsHandshakeError(rtc::SSLHandshakeError error);
+ void OnDtlsHandshakeError(webrtc::SSLHandshakeError error);
void ConfigureHandshakeTimeout();
void DisablePiggybackingAndRestart();
@@ -264,14 +264,14 @@
webrtc::DtlsTransportState dtls_state_ = webrtc::DtlsTransportState::kNew;
// Underlying ice_transport, not owned by this class.
IceTransportInternal* const ice_transport_;
- std::unique_ptr<rtc::SSLStreamAdapter> dtls_; // The DTLS stream
+ std::unique_ptr<webrtc::SSLStreamAdapter> dtls_; // The DTLS stream
StreamInterfaceChannel*
downward_; // Wrapper for ice_transport_, owned by dtls_.
const std::vector<int> srtp_ciphers_; // SRTP ciphers to use with DTLS.
bool dtls_active_ = false;
rtc::scoped_refptr<rtc::RTCCertificate> local_certificate_;
- std::optional<rtc::SSLRole> dtls_role_;
- const rtc::SSLProtocolVersion ssl_max_version_;
+ std::optional<webrtc::SSLRole> dtls_role_;
+ const webrtc::SSLProtocolVersion ssl_max_version_;
rtc::Buffer remote_fingerprint_value_;
std::string remote_fingerprint_algorithm_;
diff --git a/p2p/dtls/dtls_transport_factory.h b/p2p/dtls/dtls_transport_factory.h
index 509704c..10f3d08 100644
--- a/p2p/dtls/dtls_transport_factory.h
+++ b/p2p/dtls/dtls_transport_factory.h
@@ -33,7 +33,7 @@
virtual std::unique_ptr<DtlsTransportInternal> CreateDtlsTransport(
IceTransportInternal* ice,
const webrtc::CryptoOptions& crypto_options,
- rtc::SSLProtocolVersion max_version) = 0;
+ webrtc::SSLProtocolVersion max_version) = 0;
};
} // namespace cricket
diff --git a/p2p/dtls/dtls_transport_internal.h b/p2p/dtls/dtls_transport_internal.h
index a1314f1..134687d 100644
--- a/p2p/dtls/dtls_transport_internal.h
+++ b/p2p/dtls/dtls_transport_internal.h
@@ -58,9 +58,9 @@
virtual bool IsDtlsActive() const = 0;
- virtual bool GetDtlsRole(rtc::SSLRole* role) const = 0;
+ virtual bool GetDtlsRole(webrtc::SSLRole* role) const = 0;
- virtual bool SetDtlsRole(rtc::SSLRole role) = 0;
+ virtual bool SetDtlsRole(webrtc::SSLRole role) = 0;
// Finds out which TLS/DTLS version is running.
virtual bool GetSslVersionBytes(int* version) const = 0;
@@ -104,10 +104,10 @@
absl::string_view digest_alg,
const uint8_t* digest,
size_t digest_len,
- std::optional<rtc::SSLRole> role) = 0;
+ std::optional<webrtc::SSLRole> role) = 0;
ABSL_DEPRECATED("Set the max version via construction.")
- bool SetSslMaxProtocolVersion(rtc::SSLProtocolVersion /* version */) {
+ bool SetSslMaxProtocolVersion(webrtc::SSLProtocolVersion /* version */) {
return true;
}
@@ -142,7 +142,7 @@
dtls_handshake_error_callback_list_.AddReceiver(std::forward<F>(callback));
}
- void SendDtlsHandshakeError(rtc::SSLHandshakeError error) {
+ void SendDtlsHandshakeError(webrtc::SSLHandshakeError error) {
dtls_handshake_error_callback_list_.Send(error);
}
@@ -150,7 +150,7 @@
DtlsTransportInternal();
private:
- webrtc::CallbackList<const rtc::SSLHandshakeError>
+ webrtc::CallbackList<const webrtc::SSLHandshakeError>
dtls_handshake_error_callback_list_;
webrtc::CallbackList<DtlsTransportInternal*, const webrtc::DtlsTransportState>
dtls_transport_state_callback_list_;
diff --git a/p2p/dtls/dtls_transport_unittest.cc b/p2p/dtls/dtls_transport_unittest.cc
index a23cf5a..201b7ec 100644
--- a/p2p/dtls/dtls_transport_unittest.cc
+++ b/p2p/dtls/dtls_transport_unittest.cc
@@ -106,7 +106,7 @@
const rtc::scoped_refptr<rtc::RTCCertificate>& certificate() {
return certificate_;
}
- void SetupMaxProtocolVersion(rtc::SSLProtocolVersion version) {
+ void SetupMaxProtocolVersion(webrtc::SSLProtocolVersion version) {
ssl_max_version_ = version;
}
void set_async_delay(int async_delay_ms) { async_delay_ms_ = async_delay_ms; }
@@ -184,8 +184,8 @@
return std::nullopt;
}
- void CheckRole(rtc::SSLRole role) {
- if (role == rtc::SSL_CLIENT) {
+ void CheckRole(webrtc::SSLRole role) {
+ if (role == webrtc::SSL_CLIENT) {
ASSERT_EQ(0, received_dtls_client_hellos_);
ASSERT_GT(received_dtls_server_hellos_, 0);
} else {
@@ -210,8 +210,8 @@
bool rv = dtls_transport_->GetSslCipherSuite(&cipher);
if (dtls_transport_->IsDtlsActive()) {
ASSERT_TRUE(rv);
- EXPECT_TRUE(
- rtc::SSLStreamAdapter::IsAcceptableCipher(cipher, rtc::KT_DEFAULT));
+ EXPECT_TRUE(webrtc::SSLStreamAdapter::IsAcceptableCipher(
+ cipher, rtc::KT_DEFAULT));
} else {
ASSERT_FALSE(rv);
}
@@ -365,7 +365,7 @@
std::unique_ptr<DtlsTransport> dtls_transport_;
size_t packet_size_ = 0u;
std::set<int> received_;
- rtc::SSLProtocolVersion ssl_max_version_ = rtc::SSL_PROTOCOL_DTLS_12;
+ webrtc::SSLProtocolVersion ssl_max_version_ = webrtc::SSL_PROTOCOL_DTLS_12;
int received_dtls_client_hellos_ = 0;
int received_dtls_server_hellos_ = 0;
rtc::SentPacket sent_packet_;
@@ -384,8 +384,8 @@
start_time_ns_ = fake_clock_.TimeNanos();
}
- void SetMaxProtocolVersions(rtc::SSLProtocolVersion c1,
- rtc::SSLProtocolVersion c2) {
+ void SetMaxProtocolVersions(webrtc::SSLProtocolVersion c1,
+ webrtc::SSLProtocolVersion c2) {
client1_.SetupMaxProtocolVersion(c1);
client2_.SetupMaxProtocolVersion(c2);
}
@@ -418,20 +418,22 @@
// Check that we used the right roles.
if (use_dtls_) {
- client1_.CheckRole(client1_server ? rtc::SSL_SERVER : rtc::SSL_CLIENT);
- client2_.CheckRole(client1_server ? rtc::SSL_CLIENT : rtc::SSL_SERVER);
+ client1_.CheckRole(client1_server ? webrtc::SSL_SERVER
+ : webrtc::SSL_CLIENT);
+ client2_.CheckRole(client1_server ? webrtc::SSL_CLIENT
+ : webrtc::SSL_SERVER);
}
if (use_dtls_) {
// Check that we negotiated the right ciphers. Since GCM ciphers are not
// negotiated by default, we should end up with kSrtpAes128CmSha1_80.
- client1_.CheckSrtp(rtc::kSrtpAes128CmSha1_80);
- client2_.CheckSrtp(rtc::kSrtpAes128CmSha1_80);
+ client1_.CheckSrtp(webrtc::kSrtpAes128CmSha1_80);
+ client2_.CheckSrtp(webrtc::kSrtpAes128CmSha1_80);
} else {
// If DTLS isn't actually being used, GetSrtpCryptoSuite should return
// false.
- client1_.CheckSrtp(rtc::kSrtpInvalidCryptoSuite);
- client2_.CheckSrtp(rtc::kSrtpInvalidCryptoSuite);
+ client1_.CheckSrtp(webrtc::kSrtpInvalidCryptoSuite);
+ client2_.CheckSrtp(webrtc::kSrtpInvalidCryptoSuite);
}
client1_.CheckSsl();
@@ -443,10 +445,10 @@
void Negotiate(bool client1_server = true) {
client1_.SetupTransports(ICEROLE_CONTROLLING);
client2_.SetupTransports(ICEROLE_CONTROLLED);
- client1_.dtls_transport()->SetDtlsRole(client1_server ? rtc::SSL_SERVER
- : rtc::SSL_CLIENT);
- client2_.dtls_transport()->SetDtlsRole(client1_server ? rtc::SSL_CLIENT
- : rtc::SSL_SERVER);
+ client1_.dtls_transport()->SetDtlsRole(client1_server ? webrtc::SSL_SERVER
+ : webrtc::SSL_CLIENT);
+ client2_.dtls_transport()->SetDtlsRole(client1_server ? webrtc::SSL_CLIENT
+ : webrtc::SSL_SERVER);
if (client2_.certificate()) {
SetRemoteFingerprintFromCert(client1_.dtls_transport(),
client2_.certificate());
@@ -537,7 +539,7 @@
DtlsTestClient client2_;
bool use_dtls_;
uint64_t start_time_ns_;
- rtc::SSLProtocolVersion ssl_expected_version_;
+ webrtc::SSLProtocolVersion ssl_expected_version_;
};
class DtlsTransportTest : public DtlsTransportTestBase,
@@ -598,7 +600,8 @@
EXPECT_TRUE(client1_.dtls_transport()->GetSrtpCryptoSuite(&crypto_suite));
int key_len;
int salt_len;
- EXPECT_TRUE(rtc::GetSrtpKeyAndSaltLengths(crypto_suite, &key_len, &salt_len));
+ EXPECT_TRUE(
+ webrtc::GetSrtpKeyAndSaltLengths(crypto_suite, &key_len, &salt_len));
rtc::ZeroOnFreeBuffer<uint8_t> client1_out(2 * (key_len + salt_len));
rtc::ZeroOnFreeBuffer<uint8_t> client2_out(2 * (key_len + salt_len));
EXPECT_TRUE(client1_.dtls_transport()->ExportSrtpKeyingMaterial(client1_out));
@@ -653,28 +656,28 @@
int version_bytes;
const std::vector<HandshakeTestEvent>& events;
} kEventsPerVersion[] = {
- {rtc::kDtls12VersionBytes, dtls_12_handshake_events},
- {rtc::kDtls13VersionBytes, dtls_13_handshake_events},
+ {webrtc::kDtls12VersionBytes, dtls_12_handshake_events},
+ {webrtc::kDtls13VersionBytes, dtls_13_handshake_events},
};
struct EndpointConfig {
- rtc::SSLProtocolVersion max_protocol_version;
+ webrtc::SSLProtocolVersion max_protocol_version;
bool dtls_in_stun = false;
std::optional<IceRole> ice_role;
- std::optional<rtc::SSLRole> ssl_role;
+ std::optional<webrtc::SSLRole> ssl_role;
template <typename Sink>
friend void AbslStringify(Sink& sink, const EndpointConfig& config) {
sink.Append("[ dtls: ");
- sink.Append(config.ssl_role == rtc::SSL_SERVER ? "server/" : "client/");
+ sink.Append(config.ssl_role == webrtc::SSL_SERVER ? "server/" : "client/");
switch (config.max_protocol_version) {
- case rtc::SSL_PROTOCOL_DTLS_10:
+ case webrtc::SSL_PROTOCOL_DTLS_10:
sink.Append("1.0");
break;
- case rtc::SSL_PROTOCOL_DTLS_12:
+ case webrtc::SSL_PROTOCOL_DTLS_12:
sink.Append("1.2");
break;
- case rtc::SSL_PROTOCOL_DTLS_13:
+ case webrtc::SSL_PROTOCOL_DTLS_13:
sink.Append("1.3");
break;
default:
@@ -703,9 +706,9 @@
client1_.SetupTransports(config1.ice_role.value_or(ICEROLE_CONTROLLING));
client2_.SetupTransports(config2.ice_role.value_or(ICEROLE_CONTROLLED));
client1_.dtls_transport()->SetDtlsRole(
- config1.ssl_role.value_or(rtc::SSL_CLIENT));
+ config1.ssl_role.value_or(webrtc::SSL_CLIENT));
client2_.dtls_transport()->SetDtlsRole(
- config2.ssl_role.value_or(rtc::SSL_SERVER));
+ config2.ssl_role.value_or(webrtc::SSL_SERVER));
if (config1.dtls_in_stun) {
auto config = client1_.fake_ice_transport()->config();
@@ -806,10 +809,10 @@
int version = std::min(
static_cast<int>(std::get<0>(GetParam()).max_protocol_version),
static_cast<int>(std::get<1>(GetParam()).max_protocol_version));
- if (version == rtc::SSL_PROTOCOL_DTLS_13) {
- return rtc::kDtls13VersionBytes;
+ if (version == webrtc::SSL_PROTOCOL_DTLS_13) {
+ return webrtc::kDtls13VersionBytes;
} else {
- return rtc::kDtls12VersionBytes;
+ return webrtc::kDtls12VersionBytes;
}
}
@@ -825,27 +828,27 @@
static const EndpointConfig kEndpointVariants[] = {
{
- .max_protocol_version = rtc::SSL_PROTOCOL_DTLS_10,
+ .max_protocol_version = webrtc::SSL_PROTOCOL_DTLS_10,
.dtls_in_stun = false,
},
{
- .max_protocol_version = rtc::SSL_PROTOCOL_DTLS_12,
+ .max_protocol_version = webrtc::SSL_PROTOCOL_DTLS_12,
.dtls_in_stun = false,
},
{
- .max_protocol_version = rtc::SSL_PROTOCOL_DTLS_13,
+ .max_protocol_version = webrtc::SSL_PROTOCOL_DTLS_13,
.dtls_in_stun = false,
},
{
- .max_protocol_version = rtc::SSL_PROTOCOL_DTLS_10,
+ .max_protocol_version = webrtc::SSL_PROTOCOL_DTLS_10,
.dtls_in_stun = true,
},
{
- .max_protocol_version = rtc::SSL_PROTOCOL_DTLS_12,
+ .max_protocol_version = webrtc::SSL_PROTOCOL_DTLS_12,
.dtls_in_stun = true,
},
{
- .max_protocol_version = rtc::SSL_PROTOCOL_DTLS_13,
+ .max_protocol_version = webrtc::SSL_PROTOCOL_DTLS_13,
.dtls_in_stun = true,
},
};
@@ -912,7 +915,7 @@
std::vector<HandshakeTestEvent> expect;
switch (dtls_version_bytes) {
- case rtc::kDtls12VersionBytes:
+ case webrtc::kDtls12VersionBytes:
expect = {
// Flight 1
EV_CLIENT_SEND,
@@ -937,7 +940,7 @@
EV_CLIENT_WRITABLE,
};
break;
- case rtc::kDtls13VersionBytes:
+ case webrtc::kDtls13VersionBytes:
expect = {
// Flight 1
EV_CLIENT_SEND,
@@ -1144,8 +1147,8 @@
client1_.SetupTransports(ICEROLE_CONTROLLING);
client2_.SetupTransports(ICEROLE_CONTROLLED);
// Similar to how NegotiateOrdering works.
- client1_.dtls_transport()->SetDtlsRole(rtc::SSL_SERVER);
- client2_.dtls_transport()->SetDtlsRole(rtc::SSL_CLIENT);
+ client1_.dtls_transport()->SetDtlsRole(webrtc::SSL_SERVER);
+ client2_.dtls_transport()->SetDtlsRole(webrtc::SSL_CLIENT);
SetRemoteFingerprintFromCert(client2_.dtls_transport(),
client1_.certificate());
@@ -1258,14 +1261,14 @@
std::vector<std::tuple<EndpointConfig, EndpointConfig>> AllEndpointVariants() {
std::vector<std::tuple<EndpointConfig, EndpointConfig>> v;
for (auto ice_role : {ICEROLE_CONTROLLING, ICEROLE_CONTROLLED}) {
- for (auto ssl_role : {rtc::SSL_CLIENT, rtc::SSL_SERVER}) {
+ for (auto ssl_role : {webrtc::SSL_CLIENT, webrtc::SSL_SERVER}) {
for (auto version1 : {
- rtc::SSL_PROTOCOL_DTLS_12,
- rtc::SSL_PROTOCOL_DTLS_13,
+ webrtc::SSL_PROTOCOL_DTLS_12,
+ webrtc::SSL_PROTOCOL_DTLS_13,
}) {
for (auto version2 : {
- rtc::SSL_PROTOCOL_DTLS_12,
- rtc::SSL_PROTOCOL_DTLS_13,
+ webrtc::SSL_PROTOCOL_DTLS_12,
+ webrtc::SSL_PROTOCOL_DTLS_13,
}) {
for (auto dtls_in_stun1 : {false, true}) {
for (auto dtls_in_stun2 : {false, true}) {
@@ -1282,8 +1285,9 @@
.ice_role = ice_role == ICEROLE_CONTROLLING
? ICEROLE_CONTROLLED
: ICEROLE_CONTROLLING,
- .ssl_role = ssl_role == rtc::SSL_CLIENT ? rtc::SSL_SERVER
- : rtc::SSL_CLIENT,
+ .ssl_role = ssl_role == webrtc::SSL_CLIENT
+ ? webrtc::SSL_SERVER
+ : webrtc::SSL_CLIENT,
}));
}
}
diff --git a/p2p/dtls/fake_dtls_transport.h b/p2p/dtls/fake_dtls_transport.h
index 4d70b8c..46a4784 100644
--- a/p2p/dtls/fake_dtls_transport.h
+++ b/p2p/dtls/fake_dtls_transport.h
@@ -144,7 +144,7 @@
}
// If the `dtls_role_` is unset, set it to SSL_CLIENT by default.
if (!dtls_role_) {
- dtls_role_ = std::move(rtc::SSL_CLIENT);
+ dtls_role_ = std::move(webrtc::SSL_CLIENT);
}
SetDtlsState(webrtc::DtlsTransportState::kConnected);
ice_transport_->SetDestination(
@@ -167,7 +167,7 @@
webrtc::RTCError SetRemoteParameters(absl::string_view alg,
const uint8_t* digest,
size_t digest_len,
- std::optional<rtc::SSLRole> role) {
+ std::optional<webrtc::SSLRole> role) {
if (role) {
SetDtlsRole(*role);
}
@@ -181,11 +181,11 @@
rtc::SSLFingerprint(alg, rtc::MakeArrayView(digest, digest_len));
return true;
}
- bool SetDtlsRole(rtc::SSLRole role) override {
+ bool SetDtlsRole(webrtc::SSLRole role) override {
dtls_role_ = std::move(role);
return true;
}
- bool GetDtlsRole(rtc::SSLRole* role) const override {
+ bool GetDtlsRole(webrtc::SSLRole* role) const override {
if (!dtls_role_) {
return false;
}
@@ -249,10 +249,10 @@
}
return do_dtls_;
}
- void set_ssl_max_protocol_version(rtc::SSLProtocolVersion version) {
+ void set_ssl_max_protocol_version(webrtc::SSLProtocolVersion version) {
ssl_max_version_ = version;
}
- rtc::SSLProtocolVersion ssl_max_protocol_version() const {
+ webrtc::SSLProtocolVersion ssl_max_protocol_version() const {
return ssl_max_version_;
}
@@ -321,10 +321,10 @@
rtc::scoped_refptr<rtc::RTCCertificate> local_cert_;
rtc::FakeSSLCertificate* remote_cert_ = nullptr;
bool do_dtls_ = false;
- rtc::SSLProtocolVersion ssl_max_version_ = rtc::SSL_PROTOCOL_DTLS_12;
+ webrtc::SSLProtocolVersion ssl_max_version_ = webrtc::SSL_PROTOCOL_DTLS_12;
rtc::SSLFingerprint dtls_fingerprint_;
- std::optional<rtc::SSLRole> dtls_role_;
- int crypto_suite_ = rtc::kSrtpAes128CmSha1_80;
+ std::optional<webrtc::SSLRole> dtls_role_;
+ int crypto_suite_ = webrtc::kSrtpAes128CmSha1_80;
std::optional<int> ssl_cipher_suite_;
webrtc::DtlsTransportState dtls_state_ = webrtc::DtlsTransportState::kNew;
diff --git a/p2p/test/test_turn_server.h b/p2p/test/test_turn_server.h
index 09bb706..c3ffa8c 100644
--- a/p2p/test/test_turn_server.h
+++ b/p2p/test/test_turn_server.h
@@ -112,7 +112,7 @@
// must not fail when checking the peer's identity.
std::unique_ptr<rtc::SSLAdapterFactory> ssl_adapter_factory =
rtc::SSLAdapterFactory::Create();
- ssl_adapter_factory->SetRole(rtc::SSL_SERVER);
+ ssl_adapter_factory->SetRole(webrtc::SSL_SERVER);
ssl_adapter_factory->SetIdentity(
rtc::SSLIdentity::Create(common_name, rtc::KeyParams()));
ssl_adapter_factory->SetIgnoreBadCert(ignore_bad_cert);
diff --git a/pc/data_channel_controller.cc b/pc/data_channel_controller.cc
index 3445e89..5960040 100644
--- a/pc/data_channel_controller.cc
+++ b/pc/data_channel_controller.cc
@@ -301,7 +301,7 @@
// RTC_RUN_ON(network_thread())
RTCError DataChannelController::ReserveOrAllocateSid(
std::optional<StreamId>& sid,
- std::optional<rtc::SSLRole> fallback_ssl_role) {
+ std::optional<SSLRole> fallback_ssl_role) {
if (sid.has_value()) {
return sid_allocator_.ReserveSid(*sid)
? RTCError::OK()
@@ -309,7 +309,7 @@
}
// Attempt to allocate an ID based on the negotiated role.
- std::optional<rtc::SSLRole> role = pc_->GetSctpSslRole_n();
+ std::optional<SSLRole> role = pc_->GetSctpSslRole_n();
if (!role)
role = fallback_ssl_role;
if (role) {
@@ -402,7 +402,7 @@
signaling_safety_.flag());
}
-void DataChannelController::AllocateSctpSids(rtc::SSLRole role) {
+void DataChannelController::AllocateSctpSids(SSLRole role) {
RTC_DCHECK_RUN_ON(network_thread());
const bool ready_to_send =
diff --git a/pc/data_channel_controller.h b/pc/data_channel_controller.h
index 8dc9516..0fcd108 100644
--- a/pc/data_channel_controller.h
+++ b/pc/data_channel_controller.h
@@ -90,7 +90,7 @@
RTCErrorOr<rtc::scoped_refptr<DataChannelInterface>>
InternalCreateDataChannelWithProxy(const std::string& label,
const InternalDataChannelInit& config);
- void AllocateSctpSids(rtc::SSLRole role);
+ void AllocateSctpSids(SSLRole role);
// Check if data channels are currently tracked. Used to decide whether a
// rejected m=application section should be reoffered.
@@ -131,7 +131,7 @@
// If the pool has been exhausted or a sid has already been reserved, an
// error will be returned.
RTCError ReserveOrAllocateSid(std::optional<StreamId>& sid,
- std::optional<rtc::SSLRole> fallback_ssl_role)
+ std::optional<SSLRole> fallback_ssl_role)
RTC_RUN_ON(network_thread());
// Called when all data channels need to be notified of a transport channel
diff --git a/pc/data_channel_controller_unittest.cc b/pc/data_channel_controller_unittest.cc
index 78f914a..ef71182 100644
--- a/pc/data_channel_controller_unittest.cc
+++ b/pc/data_channel_controller_unittest.cc
@@ -159,8 +159,7 @@
int channel_id = 0;
ON_CALL(*pc_, GetSctpSslRole_n).WillByDefault([&]() {
- return std::optional<rtc::SSLRole>((channel_id & 1) ? rtc::SSL_SERVER
- : rtc::SSL_CLIENT);
+ return std::optional<SSLRole>((channel_id & 1) ? SSL_SERVER : SSL_CLIENT);
});
DataChannelControllerForTest dcc(pc_.get(), &transport);
@@ -183,9 +182,7 @@
TEST_F(DataChannelControllerTest, BufferedAmountIncludesFromTransport) {
NiceMock<MockDataChannelTransport> transport;
EXPECT_CALL(transport, buffered_amount(0)).WillOnce(Return(4711));
- ON_CALL(*pc_, GetSctpSslRole_n).WillByDefault([&]() {
- return rtc::SSL_CLIENT;
- });
+ ON_CALL(*pc_, GetSctpSslRole_n).WillByDefault([&]() { return SSL_CLIENT; });
DataChannelControllerForTest dcc(pc_.get(), &transport);
auto dc = dcc.InternalCreateDataChannelWithProxy(
@@ -198,9 +195,7 @@
// not get re-used for new channels. Only once the state reaches `kClosed`
// should a StreamId be available again for allocation.
TEST_F(DataChannelControllerTest, NoStreamIdReuseWhileClosing) {
- ON_CALL(*pc_, GetSctpSslRole_n).WillByDefault([&]() {
- return rtc::SSL_CLIENT;
- });
+ ON_CALL(*pc_, GetSctpSslRole_n).WillByDefault([&]() { return SSL_CLIENT; });
NiceMock<MockDataChannelTransport> transport; // Wider scope than `dcc`.
DataChannelControllerForTest dcc(pc_.get(), &transport);
diff --git a/pc/data_channel_integrationtest.cc b/pc/data_channel_integrationtest.cc
index 59bb3fa..e92b27a 100644
--- a/pc/data_channel_integrationtest.cc
+++ b/pc/data_channel_integrationtest.cc
@@ -520,8 +520,8 @@
WaitUntil([&] { return callee()->data_observer()->IsOpen(); }, IsTrue()),
IsRtcOk());
- if (caller()->tls_version() == rtc::kDtls13VersionBytes) {
- ASSERT_EQ(caller()->tls_version(), rtc::kDtls13VersionBytes);
+ if (caller()->tls_version() == kDtls13VersionBytes) {
+ ASSERT_EQ(caller()->tls_version(), kDtls13VersionBytes);
GTEST_SKIP() << "DTLS1.3 fragments packets larger than MTU";
}
diff --git a/pc/dtls_srtp_transport.cc b/pc/dtls_srtp_transport.cc
index 264f3af..e44fd40 100644
--- a/pc/dtls_srtp_transport.cc
+++ b/pc/dtls_srtp_transport.cc
@@ -214,8 +214,8 @@
int key_len;
int salt_len;
- if (!rtc::GetSrtpKeyAndSaltLengths((*selected_crypto_suite), &key_len,
- &salt_len)) {
+ if (!GetSrtpKeyAndSaltLengths((*selected_crypto_suite), &key_len,
+ &salt_len)) {
RTC_LOG(LS_ERROR) << "Unknown DTLS-SRTP crypto suite"
<< selected_crypto_suite;
return false;
@@ -243,13 +243,13 @@
server_write_key.AppendData(&dtls_buffer[key_len + key_len + salt_len],
salt_len);
- rtc::SSLRole role;
+ SSLRole role;
if (!dtls_transport->GetDtlsRole(&role)) {
RTC_LOG(LS_WARNING) << "Failed to get the DTLS role.";
return false;
}
- if (role == rtc::SSL_SERVER) {
+ if (role == SSL_SERVER) {
*send_key = std::move(server_write_key);
*recv_key = std::move(client_write_key);
} else {
diff --git a/pc/dtls_srtp_transport_integrationtest.cc b/pc/dtls_srtp_transport_integrationtest.cc
index 3839bdd..f032ad4 100644
--- a/pc/dtls_srtp_transport_integrationtest.cc
+++ b/pc/dtls_srtp_transport_integrationtest.cc
@@ -96,7 +96,7 @@
cricket::FakeIceTransport* ice_transport) {
return std::make_unique<cricket::DtlsTransport>(
ice_transport, webrtc::CryptoOptions(),
- /*event_log=*/nullptr, rtc::SSL_PROTOCOL_DTLS_12);
+ /*event_log=*/nullptr, webrtc::SSL_PROTOCOL_DTLS_12);
}
void SetRemoteFingerprintFromCert(
cricket::DtlsTransport* transport,
@@ -112,9 +112,9 @@
void Connect() {
client_dtls_transport_->SetLocalCertificate(client_certificate_);
- client_dtls_transport_->SetDtlsRole(rtc::SSL_SERVER);
+ client_dtls_transport_->SetDtlsRole(webrtc::SSL_SERVER);
server_dtls_transport_->SetLocalCertificate(server_certificate_);
- server_dtls_transport_->SetDtlsRole(rtc::SSL_CLIENT);
+ server_dtls_transport_->SetDtlsRole(webrtc::SSL_CLIENT);
SetRemoteFingerprintFromCert(server_dtls_transport_.get(),
client_certificate_);
@@ -147,8 +147,8 @@
server_dtls_transport_->GetSrtpCryptoSuite(&selected_crypto_suite));
int key_len;
int salt_len;
- ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths((selected_crypto_suite), &key_len,
- &salt_len));
+ ASSERT_TRUE(webrtc::GetSrtpKeyAndSaltLengths((selected_crypto_suite),
+ &key_len, &salt_len));
// Extract the keys. The order depends on the role!
rtc::ZeroOnFreeBuffer<uint8_t> dtls_buffer(key_len * 2 + salt_len * 2);
diff --git a/pc/dtls_transport.cc b/pc/dtls_transport.cc
index f14f51f..df06a0c 100644
--- a/pc/dtls_transport.cc
+++ b/pc/dtls_transport.cc
@@ -108,7 +108,7 @@
if (internal_dtls_transport_->dtls_state() ==
DtlsTransportState::kConnected) {
bool success = true;
- rtc::SSLRole internal_role;
+ SSLRole internal_role;
std::optional<DtlsTransportTlsRole> role;
int ssl_cipher_suite;
int tls_version;
@@ -116,10 +116,10 @@
success &= internal_dtls_transport_->GetDtlsRole(&internal_role);
if (success) {
switch (internal_role) {
- case rtc::SSL_CLIENT:
+ case SSL_CLIENT:
role = DtlsTransportTlsRole::kClient;
break;
- case rtc::SSL_SERVER:
+ case SSL_SERVER:
role = DtlsTransportTlsRole::kServer;
break;
}
diff --git a/pc/jsep_transport.cc b/pc/jsep_transport.cc
index a60ec29..f80f099 100644
--- a/pc/jsep_transport.cc
+++ b/pc/jsep_transport.cc
@@ -305,16 +305,16 @@
}
}
-std::optional<rtc::SSLRole> JsepTransport::GetDtlsRole() const {
+std::optional<webrtc::SSLRole> JsepTransport::GetDtlsRole() const {
RTC_DCHECK_RUN_ON(network_thread_);
RTC_DCHECK(rtp_dtls_transport_);
RTC_DCHECK(rtp_dtls_transport_->internal());
- rtc::SSLRole dtls_role;
+ webrtc::SSLRole dtls_role;
if (!rtp_dtls_transport_->internal()->GetDtlsRole(&dtls_role)) {
- return std::optional<rtc::SSLRole>();
+ return std::optional<webrtc::SSLRole>();
}
- return std::optional<rtc::SSLRole>(dtls_role);
+ return std::optional<webrtc::SSLRole>(dtls_role);
}
bool JsepTransport::GetStats(TransportStats* stats) const {
@@ -414,7 +414,7 @@
webrtc::RTCError JsepTransport::SetNegotiatedDtlsParameters(
DtlsTransportInternal* dtls_transport,
- std::optional<rtc::SSLRole> dtls_role,
+ std::optional<webrtc::SSLRole> dtls_role,
rtc::SSLFingerprint* remote_fingerprint) {
RTC_DCHECK(dtls_transport);
return dtls_transport->SetRemoteParameters(
@@ -485,7 +485,7 @@
"without applying any offer.");
}
std::unique_ptr<rtc::SSLFingerprint> remote_fingerprint;
- std::optional<rtc::SSLRole> negotiated_dtls_role;
+ std::optional<webrtc::SSLRole> negotiated_dtls_role;
rtc::SSLFingerprint* local_fp =
local_description_->transport_desc.identity_fingerprint.get();
@@ -533,7 +533,7 @@
SdpType local_description_type,
ConnectionRole local_connection_role,
ConnectionRole remote_connection_role,
- std::optional<rtc::SSLRole>* negotiated_dtls_role) {
+ std::optional<webrtc::SSLRole>* negotiated_dtls_role) {
// From RFC 4145, section-4.1, The following are the values that the
// 'setup' attribute can take in an offer/answer exchange:
// Offer Answer
@@ -612,9 +612,9 @@
break;
}
} else {
- if ((*current_dtls_role == rtc::SSL_CLIENT &&
+ if ((*current_dtls_role == webrtc::SSL_CLIENT &&
remote_connection_role == CONNECTIONROLE_ACTIVE) ||
- (*current_dtls_role == rtc::SSL_SERVER &&
+ (*current_dtls_role == webrtc::SSL_SERVER &&
remote_connection_role == CONNECTIONROLE_PASSIVE)) {
return webrtc::RTCError(
webrtc::RTCErrorType::INVALID_PARAMETER,
@@ -638,7 +638,7 @@
}
*negotiated_dtls_role =
- (is_remote_server ? rtc::SSL_CLIENT : rtc::SSL_SERVER);
+ (is_remote_server ? webrtc::SSL_CLIENT : webrtc::SSL_SERVER);
return webrtc::RTCError::OK();
}
@@ -654,7 +654,7 @@
dtls_transport->GetSslCipherSuite(&substats.ssl_cipher_suite);
substats.tls_cipher_suite_name = dtls_transport->GetTlsCipherSuiteName();
substats.dtls_state = dtls_transport->dtls_state();
- rtc::SSLRole dtls_role;
+ webrtc::SSLRole dtls_role;
if (dtls_transport->GetDtlsRole(&dtls_role)) {
substats.dtls_role = dtls_role;
}
diff --git a/pc/jsep_transport.h b/pc/jsep_transport.h
index 1486beb5..a7d64ff 100644
--- a/pc/jsep_transport.h
+++ b/pc/jsep_transport.h
@@ -145,7 +145,7 @@
// Returns role if negotiated, or empty std::optional if it hasn't been
// negotiated yet.
- std::optional<rtc::SSLRole> GetDtlsRole() const;
+ std::optional<webrtc::SSLRole> GetDtlsRole() const;
bool GetStats(TransportStats* stats) const;
@@ -270,7 +270,7 @@
webrtc::SdpType local_description_type,
ConnectionRole local_connection_role,
ConnectionRole remote_connection_role,
- std::optional<rtc::SSLRole>* negotiated_dtls_role);
+ std::optional<webrtc::SSLRole>* negotiated_dtls_role);
// Pushes down the ICE parameters from the remote description.
void SetRemoteIceParameters(const IceParameters& ice_parameters,
@@ -279,7 +279,7 @@
// Pushes down the DTLS parameters obtained via negotiation.
static webrtc::RTCError SetNegotiatedDtlsParameters(
DtlsTransportInternal* dtls_transport,
- std::optional<rtc::SSLRole> dtls_role,
+ std::optional<webrtc::SSLRole> dtls_role,
rtc::SSLFingerprint* remote_fingerprint);
bool GetTransportStats(DtlsTransportInternal* dtls_transport,
diff --git a/pc/jsep_transport_controller.cc b/pc/jsep_transport_controller.cc
index d4367c0..fb8d9a1 100644
--- a/pc/jsep_transport_controller.cc
+++ b/pc/jsep_transport_controller.cc
@@ -237,7 +237,7 @@
return transport->needs_ice_restart();
}
-std::optional<rtc::SSLRole> JsepTransportController::GetDtlsRole(
+std::optional<SSLRole> JsepTransportController::GetDtlsRole(
const std::string& mid) const {
// TODO(tommi): Remove this hop. Currently it's called from the signaling
// thread during negotiations, potentially multiple times.
@@ -250,7 +250,7 @@
const cricket::JsepTransport* t = GetJsepTransportForMid(mid);
if (!t) {
- return std::optional<rtc::SSLRole>();
+ return std::optional<SSLRole>();
}
return t->GetDtlsRole();
}
@@ -1543,8 +1543,7 @@
config_.un_demuxable_packet_handler(packet);
}
-void JsepTransportController::OnDtlsHandshakeError(
- rtc::SSLHandshakeError error) {
+void JsepTransportController::OnDtlsHandshakeError(SSLHandshakeError error) {
config_.on_dtls_handshake_error_(error);
}
diff --git a/pc/jsep_transport_controller.h b/pc/jsep_transport_controller.h
index 71d290d..723d1a7 100644
--- a/pc/jsep_transport_controller.h
+++ b/pc/jsep_transport_controller.h
@@ -112,7 +112,7 @@
// upon setting a local transport description that indicates an ICE
// restart.
bool redetermine_role_on_ice_restart = true;
- rtc::SSLProtocolVersion ssl_max_version = rtc::SSL_PROTOCOL_DTLS_12;
+ SSLProtocolVersion ssl_max_version = SSL_PROTOCOL_DTLS_12;
// `crypto_options` is used to determine if created DTLS transports
// negotiate GCM crypto suites or not.
CryptoOptions crypto_options;
@@ -140,7 +140,7 @@
// Factory for SCTP transports.
SctpTransportFactoryInterface* sctp_factory = nullptr;
- std::function<void(rtc::SSLHandshakeError)> on_dtls_handshake_error_;
+ std::function<void(webrtc::SSLHandshakeError)> on_dtls_handshake_error_;
};
// The ICE related events are fired on the `network_thread`.
@@ -235,7 +235,7 @@
std::unique_ptr<rtc::SSLCertChain> GetRemoteSSLCertChain(
const std::string& mid) const;
// Get negotiated role, if one has been negotiated.
- std::optional<rtc::SSLRole> GetDtlsRole(const std::string& mid) const;
+ std::optional<SSLRole> GetDtlsRole(const std::string& mid) const;
// Suggest a payload type for a given codec on a given media section.
// Media section is indicated by MID.
@@ -487,7 +487,7 @@
void OnUnDemuxableRtpPacketReceived_n(const RtpPacketReceived& packet)
RTC_RUN_ON(network_thread_);
- void OnDtlsHandshakeError(rtc::SSLHandshakeError error);
+ void OnDtlsHandshakeError(SSLHandshakeError error);
bool OnTransportChanged(const std::string& mid,
cricket::JsepTransport* transport);
diff --git a/pc/jsep_transport_controller_unittest.cc b/pc/jsep_transport_controller_unittest.cc
index e2eb9ca..fe53005 100644
--- a/pc/jsep_transport_controller_unittest.cc
+++ b/pc/jsep_transport_controller_unittest.cc
@@ -101,7 +101,7 @@
std::unique_ptr<cricket::DtlsTransportInternal> CreateDtlsTransport(
cricket::IceTransportInternal* ice,
const CryptoOptions& crypto_options,
- rtc::SSLProtocolVersion max_version) override {
+ SSLProtocolVersion max_version) override {
return std::make_unique<FakeDtlsTransport>(
static_cast<cricket::FakeIceTransport*>(ice));
}
@@ -674,8 +674,7 @@
->SetLocalDescription(SdpType::kOffer, offer_desc.get(), nullptr)
.ok());
- std::optional<rtc::SSLRole> role =
- transport_controller_->GetDtlsRole(kAudioMid1);
+ std::optional<SSLRole> role = transport_controller_->GetDtlsRole(kAudioMid1);
// The DTLS role is not decided yet.
EXPECT_FALSE(role);
EXPECT_TRUE(transport_controller_
@@ -685,7 +684,7 @@
role = transport_controller_->GetDtlsRole(kAudioMid1);
ASSERT_TRUE(role);
- EXPECT_EQ(rtc::SSL_CLIENT, *role);
+ EXPECT_EQ(SSL_CLIENT, *role);
}
TEST_F(JsepTransportControllerTest, GetStats) {
diff --git a/pc/jsep_transport_unittest.cc b/pc/jsep_transport_unittest.cc
index efad8e2..76a625c 100644
--- a/pc/jsep_transport_unittest.cc
+++ b/pc/jsep_transport_unittest.cc
@@ -287,7 +287,8 @@
// transport descriptions.
auto role = jsep_transport_->GetDtlsRole();
ASSERT_TRUE(role);
- EXPECT_EQ(rtc::SSL_SERVER, role); // Because remote description was "active".
+ EXPECT_EQ(webrtc::SSL_SERVER,
+ role); // Because remote description was "active".
auto fake_dtls =
static_cast<FakeDtlsTransport*>(jsep_transport_->rtp_dtls_transport());
EXPECT_EQ(remote_description.transport_desc.identity_fingerprint->ToString(),
@@ -338,7 +339,7 @@
// transport descriptions.
auto role = jsep_transport_->GetDtlsRole();
ASSERT_TRUE(role);
- EXPECT_EQ(rtc::SSL_CLIENT,
+ EXPECT_EQ(webrtc::SSL_CLIENT,
role); // Because remote description was "passive".
auto fake_dtls =
static_cast<FakeDtlsTransport*>(jsep_transport_->rtp_dtls_transport());
@@ -519,7 +520,7 @@
param.local_type)
.ok());
}
- EXPECT_EQ(rtc::SSL_CLIENT, *jsep_transport_->GetDtlsRole());
+ EXPECT_EQ(webrtc::SSL_CLIENT, *jsep_transport_->GetDtlsRole());
}
// Parameters which set the SSL role to SSL_SERVER.
@@ -564,7 +565,7 @@
param.local_type)
.ok());
}
- EXPECT_EQ(rtc::SSL_SERVER, *jsep_transport_->GetDtlsRole());
+ EXPECT_EQ(webrtc::SSL_SERVER, *jsep_transport_->GetDtlsRole());
}
}
@@ -820,9 +821,9 @@
.ok());
// Sanity check that role was actually negotiated.
- std::optional<rtc::SSLRole> role = jsep_transport_->GetDtlsRole();
+ std::optional<webrtc::SSLRole> role = jsep_transport_->GetDtlsRole();
ASSERT_TRUE(role);
- EXPECT_EQ(rtc::SSL_CLIENT, *role);
+ EXPECT_EQ(webrtc::SSL_CLIENT, *role);
// Subsequent offer with current negotiated role of "passive".
remote_desc.transport_desc.connection_role = CONNECTIONROLE_PASSIVE;
@@ -865,9 +866,9 @@
.ok());
// Sanity check that role was actually negotiated.
- std::optional<rtc::SSLRole> role = jsep_transport_->GetDtlsRole();
+ std::optional<webrtc::SSLRole> role = jsep_transport_->GetDtlsRole();
ASSERT_TRUE(role);
- EXPECT_EQ(rtc::SSL_CLIENT, *role);
+ EXPECT_EQ(webrtc::SSL_CLIENT, *role);
// Subsequent offer with current negotiated role of "passive".
remote_desc.transport_desc.connection_role = CONNECTIONROLE_ACTIVE;
@@ -916,9 +917,9 @@
.ok());
// Sanity check that role was actually negotiated.
- std::optional<rtc::SSLRole> role = jsep_transport_->GetDtlsRole();
+ std::optional<webrtc::SSLRole> role = jsep_transport_->GetDtlsRole();
ASSERT_TRUE(role);
- EXPECT_EQ(rtc::SSL_CLIENT, *role);
+ EXPECT_EQ(webrtc::SSL_CLIENT, *role);
// Subsequent exchange with new remote fingerprint and different role.
local_desc.transport_desc.connection_role = CONNECTIONROLE_PASSIVE;
@@ -933,7 +934,7 @@
role = jsep_transport_->GetDtlsRole();
ASSERT_TRUE(role);
- EXPECT_EQ(rtc::SSL_SERVER, *role);
+ EXPECT_EQ(webrtc::SSL_SERVER, *role);
}
// Testing that a legacy client that doesn't use the setup attribute will be
@@ -965,11 +966,11 @@
->SetRemoteJsepTransportDescription(remote_desc, SdpType::kAnswer)
.ok());
- std::optional<rtc::SSLRole> role = jsep_transport_->GetDtlsRole();
+ std::optional<webrtc::SSLRole> role = jsep_transport_->GetDtlsRole();
ASSERT_TRUE(role);
// Since legacy answer omitted setup atribute, and we offered actpass, we
// should act as passive (server).
- EXPECT_EQ(rtc::SSL_SERVER, *role);
+ EXPECT_EQ(webrtc::SSL_SERVER, *role);
}
// Tests that when the RTCP mux is successfully negotiated, the RTCP transport
@@ -1169,8 +1170,8 @@
auto fake_dtls2 =
static_cast<FakeDtlsTransport*>(jsep_transport2_->rtp_dtls_transport());
- fake_dtls1->SetSrtpCryptoSuite(rtc::kSrtpAeadAes256Gcm);
- fake_dtls2->SetSrtpCryptoSuite(rtc::kSrtpAeadAes256Gcm);
+ fake_dtls1->SetSrtpCryptoSuite(webrtc::kSrtpAeadAes256Gcm);
+ fake_dtls2->SetSrtpCryptoSuite(webrtc::kSrtpAeadAes256Gcm);
}
if (scenario == Scenario::kDtlsBeforeCallerSendOffer) {
diff --git a/pc/legacy_stats_collector.cc b/pc/legacy_stats_collector.cc
index 6c5e52f..d0eb5df 100644
--- a/pc/legacy_stats_collector.cc
+++ b/pc/legacy_stats_collector.cc
@@ -1006,11 +1006,10 @@
remote_cert_report_id);
}
int srtp_crypto_suite = channel_iter.srtp_crypto_suite;
- if (srtp_crypto_suite != rtc::kSrtpInvalidCryptoSuite &&
- rtc::SrtpCryptoSuiteToName(srtp_crypto_suite).length()) {
- channel_report->AddString(
- StatsReport::kStatsValueNameSrtpCipher,
- rtc::SrtpCryptoSuiteToName(srtp_crypto_suite));
+ if (srtp_crypto_suite != kSrtpInvalidCryptoSuite &&
+ SrtpCryptoSuiteToName(srtp_crypto_suite).length()) {
+ channel_report->AddString(StatsReport::kStatsValueNameSrtpCipher,
+ SrtpCryptoSuiteToName(srtp_crypto_suite));
}
if (channel_iter.tls_cipher_suite_name) {
channel_report->AddString(
diff --git a/pc/legacy_stats_collector_unittest.cc b/pc/legacy_stats_collector_unittest.cc
index 588225b..c02562f 100644
--- a/pc/legacy_stats_collector_unittest.cc
+++ b/pc/legacy_stats_collector_unittest.cc
@@ -668,7 +668,7 @@
// Fake stats to process.
TransportChannelStats channel_stats;
channel_stats.component = 1;
- channel_stats.srtp_crypto_suite = rtc::kSrtpAes128CmSha1_80;
+ channel_stats.srtp_crypto_suite = kSrtpAes128CmSha1_80;
channel_stats.tls_cipher_suite_name = "cipher_suite_for_test";
pc->SetTransportStats(kTransportName, channel_stats);
@@ -720,8 +720,7 @@
std::string srtp_crypto_suite =
ExtractStatsValue(StatsReport::kStatsReportTypeComponent, reports,
StatsReport::kStatsValueNameSrtpCipher);
- EXPECT_EQ(rtc::SrtpCryptoSuiteToName(rtc::kSrtpAes128CmSha1_80),
- srtp_crypto_suite);
+ EXPECT_EQ(SrtpCryptoSuiteToName(kSrtpAes128CmSha1_80), srtp_crypto_suite);
}
private:
diff --git a/pc/peer_connection.cc b/pc/peer_connection.cc
index 473b77d..beac30a 100644
--- a/pc/peer_connection.cc
+++ b/pc/peer_connection.cc
@@ -2241,14 +2241,14 @@
env_.event_log().StopLogging();
}
-std::optional<rtc::SSLRole> PeerConnection::GetSctpSslRole_n() {
+std::optional<SSLRole> PeerConnection::GetSctpSslRole_n() {
RTC_DCHECK_RUN_ON(network_thread());
return sctp_mid_n_ ? transport_controller_->GetDtlsRole(*sctp_mid_n_)
: std::nullopt;
}
bool PeerConnection::GetSslRole(const std::string& content_name,
- rtc::SSLRole* role) {
+ SSLRole* role) {
RTC_DCHECK_RUN_ON(signaling_thread());
if (!local_description() || !remote_description()) {
RTC_LOG(LS_INFO)
@@ -2478,10 +2478,10 @@
}
void PeerConnection::OnTransportControllerDtlsHandshakeError(
- rtc::SSLHandshakeError error) {
- RTC_HISTOGRAM_ENUMERATION(
- "WebRTC.PeerConnection.DtlsHandshakeError", static_cast<int>(error),
- static_cast<int>(rtc::SSLHandshakeError::MAX_VALUE));
+ SSLHandshakeError error) {
+ RTC_HISTOGRAM_ENUMERATION("WebRTC.PeerConnection.DtlsHandshakeError",
+ static_cast<int>(error),
+ static_cast<int>(SSLHandshakeError::MAX_VALUE));
}
// Returns the media index for a local ice candidate given the content name.
@@ -2845,28 +2845,28 @@
int srtp_crypto_suite = stats.channel_stats[0].srtp_crypto_suite;
int ssl_cipher_suite = stats.channel_stats[0].ssl_cipher_suite;
- if (srtp_crypto_suite == rtc::kSrtpInvalidCryptoSuite &&
- ssl_cipher_suite == rtc::kTlsNullWithNullNull) {
+ if (srtp_crypto_suite == kSrtpInvalidCryptoSuite &&
+ ssl_cipher_suite == kTlsNullWithNullNull) {
return;
}
- if (ssl_cipher_suite != rtc::kTlsNullWithNullNull) {
+ if (ssl_cipher_suite != kTlsNullWithNullNull) {
for (cricket::MediaType media_type : media_types) {
switch (media_type) {
case cricket::MEDIA_TYPE_AUDIO:
RTC_HISTOGRAM_ENUMERATION_SPARSE(
"WebRTC.PeerConnection.SslCipherSuite.Audio", ssl_cipher_suite,
- rtc::kSslCipherSuiteMaxValue);
+ kSslCipherSuiteMaxValue);
break;
case cricket::MEDIA_TYPE_VIDEO:
RTC_HISTOGRAM_ENUMERATION_SPARSE(
"WebRTC.PeerConnection.SslCipherSuite.Video", ssl_cipher_suite,
- rtc::kSslCipherSuiteMaxValue);
+ kSslCipherSuiteMaxValue);
break;
case cricket::MEDIA_TYPE_DATA:
RTC_HISTOGRAM_ENUMERATION_SPARSE(
"WebRTC.PeerConnection.SslCipherSuite.Data", ssl_cipher_suite,
- rtc::kSslCipherSuiteMaxValue);
+ kSslCipherSuiteMaxValue);
break;
default:
RTC_DCHECK_NOTREACHED();
@@ -2877,26 +2877,23 @@
uint16_t ssl_peer_signature_algorithm =
stats.channel_stats[0].ssl_peer_signature_algorithm;
- if (ssl_peer_signature_algorithm != rtc::kSslSignatureAlgorithmUnknown) {
+ if (ssl_peer_signature_algorithm != kSslSignatureAlgorithmUnknown) {
for (cricket::MediaType media_type : media_types) {
switch (media_type) {
case cricket::MEDIA_TYPE_AUDIO:
RTC_HISTOGRAM_ENUMERATION_SPARSE(
"WebRTC.PeerConnection.SslPeerSignatureAlgorithm.Audio",
- ssl_peer_signature_algorithm,
- rtc::kSslSignatureAlgorithmMaxValue);
+ ssl_peer_signature_algorithm, kSslSignatureAlgorithmMaxValue);
break;
case cricket::MEDIA_TYPE_VIDEO:
RTC_HISTOGRAM_ENUMERATION_SPARSE(
"WebRTC.PeerConnection.SslPeerSignatureAlgorithm.Video",
- ssl_peer_signature_algorithm,
- rtc::kSslSignatureAlgorithmMaxValue);
+ ssl_peer_signature_algorithm, kSslSignatureAlgorithmMaxValue);
break;
case cricket::MEDIA_TYPE_DATA:
RTC_HISTOGRAM_ENUMERATION_SPARSE(
"WebRTC.PeerConnection.SslPeerSignatureAlgorithm.Data",
- ssl_peer_signature_algorithm,
- rtc::kSslSignatureAlgorithmMaxValue);
+ ssl_peer_signature_algorithm, kSslSignatureAlgorithmMaxValue);
break;
default:
RTC_DCHECK_NOTREACHED();
diff --git a/pc/peer_connection.h b/pc/peer_connection.h
index 180b2ab..152e9c0 100644
--- a/pc/peer_connection.h
+++ b/pc/peer_connection.h
@@ -310,7 +310,7 @@
const std::string& transport_name) override;
bool IceRestartPending(const std::string& content_name) const override;
bool NeedsIceRestart(const std::string& content_name) const override;
- bool GetSslRole(const std::string& content_name, rtc::SSLRole* role) override;
+ bool GetSslRole(const std::string& content_name, SSLRole* role) override;
// Functions needed by DataChannelController
void NoteDataAddedEvent() override { NoteUsageEvent(UsageEvent::DATA_ADDED); }
@@ -322,7 +322,7 @@
sdp_handler_->signaling_state() == PeerConnectionInterface::kClosed;
}
// Get current SSL role used by SCTP's underlying transport.
- std::optional<rtc::SSLRole> GetSctpSslRole_n() override;
+ std::optional<SSLRole> GetSctpSslRole_n() override;
void OnSctpDataChannelStateChanged(
int channel_id,
@@ -585,7 +585,7 @@
void OnTransportControllerCandidateChanged(
const cricket::CandidatePairChangeEvent& event)
RTC_RUN_ON(signaling_thread());
- void OnTransportControllerDtlsHandshakeError(rtc::SSLHandshakeError error);
+ void OnTransportControllerDtlsHandshakeError(SSLHandshakeError error);
// Invoked when TransportController connection completion is signaled.
// Reports stats for all transports in use.
diff --git a/pc/peer_connection_integrationtest.cc b/pc/peer_connection_integrationtest.cc
index 34878cb..e791784 100644
--- a/pc/peer_connection_integrationtest.cc
+++ b/pc/peer_connection_integrationtest.cc
@@ -1647,7 +1647,7 @@
// Test that DTLS 1.0 is used if both sides only support DTLS 1.0.
TEST_P(PeerConnectionIntegrationTest, EndToEndCallWithDtls10) {
PeerConnectionFactory::Options dtls_10_options;
- dtls_10_options.ssl_max_version = rtc::SSL_PROTOCOL_DTLS_10;
+ dtls_10_options.ssl_max_version = SSL_PROTOCOL_DTLS_10;
ASSERT_TRUE(CreatePeerConnectionWrappersWithOptions(dtls_10_options,
dtls_10_options));
ConnectFakeSignaling();
@@ -1667,7 +1667,7 @@
// Test getting cipher stats and UMA metrics when DTLS 1.0 is negotiated.
TEST_P(PeerConnectionIntegrationTest, Dtls10CipherStatsAndUmaMetrics) {
PeerConnectionFactory::Options dtls_10_options;
- dtls_10_options.ssl_max_version = rtc::SSL_PROTOCOL_DTLS_10;
+ dtls_10_options.ssl_max_version = SSL_PROTOCOL_DTLS_10;
ASSERT_TRUE(CreatePeerConnectionWrappersWithOptions(dtls_10_options,
dtls_10_options));
ConnectFakeSignaling();
@@ -1678,22 +1678,21 @@
IsRtcOk());
EXPECT_THAT(WaitUntil(
[&] {
- return rtc::SSLStreamAdapter::IsAcceptableCipher(
+ return SSLStreamAdapter::IsAcceptableCipher(
caller()->OldGetStats()->DtlsCipher(), rtc::KT_DEFAULT);
},
::testing::IsTrue()),
IsRtcOk());
EXPECT_THAT(
- WaitUntil(
- [&] { return caller()->OldGetStats()->SrtpCipher(); },
- ::testing::Eq(rtc::SrtpCryptoSuiteToName(kDefaultSrtpCryptoSuite))),
+ WaitUntil([&] { return caller()->OldGetStats()->SrtpCipher(); },
+ ::testing::Eq(SrtpCryptoSuiteToName(kDefaultSrtpCryptoSuite))),
IsRtcOk());
}
// Test getting cipher stats and UMA metrics when DTLS 1.2 is negotiated.
TEST_P(PeerConnectionIntegrationTest, Dtls12CipherStatsAndUmaMetrics) {
PeerConnectionFactory::Options dtls_12_options;
- dtls_12_options.ssl_max_version = rtc::SSL_PROTOCOL_DTLS_12;
+ dtls_12_options.ssl_max_version = SSL_PROTOCOL_DTLS_12;
ASSERT_TRUE(CreatePeerConnectionWrappersWithOptions(dtls_12_options,
dtls_12_options));
ConnectFakeSignaling();
@@ -1704,15 +1703,14 @@
IsRtcOk());
EXPECT_THAT(WaitUntil(
[&] {
- return rtc::SSLStreamAdapter::IsAcceptableCipher(
+ return SSLStreamAdapter::IsAcceptableCipher(
caller()->OldGetStats()->DtlsCipher(), rtc::KT_DEFAULT);
},
::testing::IsTrue()),
IsRtcOk());
EXPECT_THAT(
- WaitUntil(
- [&] { return caller()->OldGetStats()->SrtpCipher(); },
- ::testing::Eq(rtc::SrtpCryptoSuiteToName(kDefaultSrtpCryptoSuite))),
+ WaitUntil([&] { return caller()->OldGetStats()->SrtpCipher(); },
+ ::testing::Eq(SrtpCryptoSuiteToName(kDefaultSrtpCryptoSuite))),
IsRtcOk());
}
@@ -1720,9 +1718,9 @@
// callee only supports 1.0.
TEST_P(PeerConnectionIntegrationTest, CallerDtls12ToCalleeDtls10) {
PeerConnectionFactory::Options caller_options;
- caller_options.ssl_max_version = rtc::SSL_PROTOCOL_DTLS_12;
+ caller_options.ssl_max_version = SSL_PROTOCOL_DTLS_12;
PeerConnectionFactory::Options callee_options;
- callee_options.ssl_max_version = rtc::SSL_PROTOCOL_DTLS_10;
+ callee_options.ssl_max_version = SSL_PROTOCOL_DTLS_10;
ASSERT_TRUE(
CreatePeerConnectionWrappersWithOptions(caller_options, callee_options));
ConnectFakeSignaling();
@@ -1743,9 +1741,9 @@
// callee supports 1.2.
TEST_P(PeerConnectionIntegrationTest, CallerDtls10ToCalleeDtls12) {
PeerConnectionFactory::Options caller_options;
- caller_options.ssl_max_version = rtc::SSL_PROTOCOL_DTLS_10;
+ caller_options.ssl_max_version = SSL_PROTOCOL_DTLS_10;
PeerConnectionFactory::Options callee_options;
- callee_options.ssl_max_version = rtc::SSL_PROTOCOL_DTLS_12;
+ callee_options.ssl_max_version = SSL_PROTOCOL_DTLS_12;
ASSERT_TRUE(
CreatePeerConnectionWrappersWithOptions(caller_options, callee_options));
ConnectFakeSignaling();
@@ -1771,7 +1769,7 @@
PeerConnectionFactory::Options callee_options;
callee_options.crypto_options.srtp.enable_aes128_sha1_32_crypto_cipher =
false;
- int expected_cipher_suite = rtc::kSrtpAes128CmSha1_80;
+ int expected_cipher_suite = kSrtpAes128CmSha1_80;
TestNegotiatedCipherSuite(caller_options, callee_options,
expected_cipher_suite);
}
@@ -1783,7 +1781,7 @@
false;
PeerConnectionFactory::Options callee_options;
callee_options.crypto_options.srtp.enable_aes128_sha1_32_crypto_cipher = true;
- int expected_cipher_suite = rtc::kSrtpAes128CmSha1_80;
+ int expected_cipher_suite = kSrtpAes128CmSha1_80;
TestNegotiatedCipherSuite(caller_options, callee_options,
expected_cipher_suite);
}
@@ -1793,7 +1791,7 @@
caller_options.crypto_options.srtp.enable_aes128_sha1_32_crypto_cipher = true;
PeerConnectionFactory::Options callee_options;
callee_options.crypto_options.srtp.enable_aes128_sha1_32_crypto_cipher = true;
- int expected_cipher_suite = rtc::kSrtpAes128CmSha1_32;
+ int expected_cipher_suite = kSrtpAes128CmSha1_32;
TestNegotiatedCipherSuite(caller_options, callee_options,
expected_cipher_suite);
}
diff --git a/pc/peer_connection_internal.h b/pc/peer_connection_internal.h
index 0026b3e..0b772d1 100644
--- a/pc/peer_connection_internal.h
+++ b/pc/peer_connection_internal.h
@@ -96,7 +96,7 @@
virtual LegacyStatsCollector* legacy_stats() = 0;
// Returns the observer. Will crash on CHECK if the observer is removed.
virtual PeerConnectionObserver* Observer() const = 0;
- virtual std::optional<rtc::SSLRole> GetSctpSslRole_n() = 0;
+ virtual std::optional<SSLRole> GetSctpSslRole_n() = 0;
virtual PeerConnectionInterface::IceConnectionState
ice_connection_state_internal() = 0;
virtual void SetIceConnectionState(
@@ -197,8 +197,7 @@
virtual bool IceRestartPending(const std::string& content_name) const = 0;
// Get SSL role for an arbitrary m= section (handles bundling correctly).
- virtual bool GetSslRole(const std::string& content_name,
- rtc::SSLRole* role) = 0;
+ virtual bool GetSslRole(const std::string& content_name, SSLRole* role) = 0;
// Functions needed by DataChannelController
virtual void NoteDataAddedEvent() {}
// Handler for sctp data channel state changes.
diff --git a/pc/rtc_stats_collector.cc b/pc/rtc_stats_collector.cc
index 8c2f1a4..a59654f 100644
--- a/pc/rtc_stats_collector.cc
+++ b/pc/rtc_stats_collector.cc
@@ -2006,17 +2006,16 @@
if (channel_stats.dtls_role) {
transport_stats->dtls_role =
- *channel_stats.dtls_role == rtc::SSL_CLIENT ? "client" : "server";
+ *channel_stats.dtls_role == SSL_CLIENT ? "client" : "server";
} else {
transport_stats->dtls_role = "unknown";
}
transport_stats->dtls_cipher = channel_stats.tls_cipher_suite_name;
- if (channel_stats.srtp_crypto_suite != rtc::kSrtpInvalidCryptoSuite &&
- rtc::SrtpCryptoSuiteToName(channel_stats.srtp_crypto_suite)
- .length()) {
+ if (channel_stats.srtp_crypto_suite != kSrtpInvalidCryptoSuite &&
+ SrtpCryptoSuiteToName(channel_stats.srtp_crypto_suite).length()) {
transport_stats->srtp_cipher =
- rtc::SrtpCryptoSuiteToName(channel_stats.srtp_crypto_suite);
+ SrtpCryptoSuiteToName(channel_stats.srtp_crypto_suite);
}
report->AddStats(std::move(transport_stats));
}
diff --git a/pc/rtc_stats_collector_unittest.cc b/pc/rtc_stats_collector_unittest.cc
index 6d9dab4..c22c5ea 100644
--- a/pc/rtc_stats_collector_unittest.cc
+++ b/pc/rtc_stats_collector_unittest.cc
@@ -2941,7 +2941,7 @@
rtp_transport_channel_stats.ice_transport_stats
.selected_candidate_pair_changes = 1;
rtp_transport_channel_stats.ssl_version_bytes = 0x0203;
- rtp_transport_channel_stats.dtls_role = rtc::SSL_CLIENT;
+ rtp_transport_channel_stats.dtls_role = SSL_CLIENT;
rtp_transport_channel_stats.ice_transport_stats.ice_role =
cricket::ICEROLE_CONTROLLING;
rtp_transport_channel_stats.ice_transport_stats.ice_local_username_fragment =
@@ -2950,7 +2950,7 @@
IceTransportState::kConnected;
rtp_transport_channel_stats.tls_cipher_suite_name =
"TLS_RSA_WITH_AES_128_CBC_SHA";
- rtp_transport_channel_stats.srtp_crypto_suite = rtc::kSrtpAes128CmSha1_80;
+ rtp_transport_channel_stats.srtp_crypto_suite = kSrtpAes128CmSha1_80;
pc_->SetTransportStats(kTransportName, {rtp_transport_channel_stats});
// Get stats
diff --git a/pc/sctp_data_channel.cc b/pc/sctp_data_channel.cc
index 98570c0..7cd6795 100644
--- a/pc/sctp_data_channel.cc
+++ b/pc/sctp_data_channel.cc
@@ -123,9 +123,9 @@
return true;
}
-std::optional<StreamId> SctpSidAllocator::AllocateSid(rtc::SSLRole role) {
+std::optional<StreamId> SctpSidAllocator::AllocateSid(SSLRole role) {
RTC_DCHECK_RUN_ON(&sequence_checker_);
- int potential_sid = (role == rtc::SSL_CLIENT) ? 0 : 1;
+ int potential_sid = (role == SSL_CLIENT) ? 0 : 1;
while (potential_sid <= static_cast<int>(cricket::kMaxSctpSid)) {
StreamId sid(potential_sid);
if (used_sids_.insert(sid).second)
diff --git a/pc/sctp_data_channel.h b/pc/sctp_data_channel.h
index 0a71d3e..3a35b4c 100644
--- a/pc/sctp_data_channel.h
+++ b/pc/sctp_data_channel.h
@@ -78,7 +78,7 @@
// stream ids in situations where we cannot determine the SSL role from the
// transport for purposes of generating a stream ID.
// See: https://www.rfc-editor.org/rfc/rfc8832.html#name-protocol-overview
- std::optional<rtc::SSLRole> fallback_ssl_role;
+ std::optional<SSLRole> fallback_ssl_role;
};
// Helper class to allocate unique IDs for SCTP DataChannels.
@@ -89,7 +89,7 @@
// SSL_CLIENT, the allocated id starts from 0 and takes even numbers;
// otherwise, the id starts from 1 and takes odd numbers.
// If a `StreamId` cannot be allocated, `std::nullopt` is returned.
- std::optional<StreamId> AllocateSid(rtc::SSLRole role);
+ std::optional<StreamId> AllocateSid(SSLRole role);
// Attempts to reserve a specific sid. Returns false if it's unavailable.
bool ReserveSid(StreamId sid);
diff --git a/pc/sdp_offer_answer.cc b/pc/sdp_offer_answer.cc
index 4f88549..6b43be0 100644
--- a/pc/sdp_offer_answer.cc
+++ b/pc/sdp_offer_answer.cc
@@ -3374,7 +3374,7 @@
return pc_->NeedsIceRestart(content_name);
}
-std::optional<rtc::SSLRole> SdpOfferAnswerHandler::GetDtlsRole(
+std::optional<SSLRole> SdpOfferAnswerHandler::GetDtlsRole(
const std::string& mid) const {
RTC_DCHECK_RUN_ON(signaling_thread());
return transport_controller_s()->GetDtlsRole(mid);
@@ -3452,11 +3452,11 @@
return;
}
- std::optional<rtc::SSLRole> guessed_role = GuessSslRole();
+ std::optional<SSLRole> guessed_role = GuessSslRole();
network_thread()->BlockingCall(
[&, data_channel_controller = data_channel_controller()] {
RTC_DCHECK_RUN_ON(network_thread());
- std::optional<rtc::SSLRole> role = pc_->GetSctpSslRole_n();
+ std::optional<SSLRole> role = pc_->GetSctpSslRole_n();
if (!role)
role = guessed_role;
if (role)
@@ -3464,7 +3464,7 @@
});
}
-std::optional<rtc::SSLRole> SdpOfferAnswerHandler::GuessSslRole() const {
+std::optional<SSLRole> SdpOfferAnswerHandler::GuessSslRole() const {
RTC_DCHECK_RUN_ON(signaling_thread());
if (!pc_->sctp_mid())
return std::nullopt;
@@ -3504,7 +3504,7 @@
// * "Guessing" should always be correct if we get an SCTP session and are not
// the offerer.
- return is_caller() ? rtc::SSL_SERVER : rtc::SSL_CLIENT;
+ return is_caller() ? SSL_SERVER : SSL_CLIENT;
}
bool SdpOfferAnswerHandler::CheckIfNegotiationIsNeeded() {
diff --git a/pc/sdp_offer_answer.h b/pc/sdp_offer_answer.h
index 235a630..28bcb83 100644
--- a/pc/sdp_offer_answer.h
+++ b/pc/sdp_offer_answer.h
@@ -117,8 +117,7 @@
bool NeedsIceRestart(const std::string& content_name) const override;
bool IceRestartPending(const std::string& content_name) const override;
- std::optional<rtc::SSLRole> GetDtlsRole(
- const std::string& mid) const override;
+ std::optional<SSLRole> GetDtlsRole(const std::string& mid) const override;
void RestartIce();
@@ -169,7 +168,7 @@
// directly getting the information from the transport.
// This is used for allocating stream ids for data channels.
// See also `InternalDataChannelInit::fallback_ssl_role`.
- std::optional<rtc::SSLRole> GuessSslRole() const;
+ std::optional<SSLRole> GuessSslRole() const;
// Destroys all media BaseChannels.
void DestroyMediaChannels();
diff --git a/pc/sdp_state_provider.h b/pc/sdp_state_provider.h
index 8fe5bf5..85c2e19 100644
--- a/pc/sdp_state_provider.h
+++ b/pc/sdp_state_provider.h
@@ -45,8 +45,7 @@
// Whether an ICE restart was indicated in the remote offer.
// Used in CreateAnswer.
virtual bool IceRestartPending(const std::string& content_name) const = 0;
- virtual std::optional<rtc::SSLRole> GetDtlsRole(
- const std::string& mid) const = 0;
+ virtual std::optional<SSLRole> GetDtlsRole(const std::string& mid) const = 0;
};
} // namespace webrtc
diff --git a/pc/srtp_session.cc b/pc/srtp_session.cc
index 70f3243..b4d92eb 100644
--- a/pc/srtp_session.cc
+++ b/pc/srtp_session.cc
@@ -561,7 +561,7 @@
// Enable external HMAC authentication only for outgoing streams and only
// for cipher suites that support it (i.e. only non-GCM cipher suites).
if (type == ssrc_any_outbound && IsExternalAuthEnabled() &&
- !rtc::IsGcmCryptoSuite(crypto_suite)) {
+ !webrtc::IsGcmCryptoSuite(crypto_suite)) {
policy.rtp.auth_type = EXTERNAL_HMAC_SHA1;
}
if (!extension_ids.empty()) {
diff --git a/pc/srtp_session_unittest.cc b/pc/srtp_session_unittest.cc
index c1ef24d..88c92fb 100644
--- a/pc/srtp_session_unittest.cc
+++ b/pc/srtp_session_unittest.cc
@@ -89,60 +89,61 @@
// Test that we can set up the session and keys properly.
TEST_F(SrtpSessionTest, TestGoodSetup) {
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- EXPECT_TRUE(s2_.SetReceive(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s2_.SetReceive(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
}
// Test that we can't change the keys once set.
TEST_F(SrtpSessionTest, TestBadSetup) {
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- EXPECT_TRUE(s2_.SetReceive(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s2_.SetReceive(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- EXPECT_FALSE(s1_.SetSend(kSrtpAes128CmSha1_80, kTestKey2,
+ EXPECT_FALSE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80, kTestKey2,
kEncryptedHeaderExtensionIds));
- EXPECT_FALSE(s2_.SetReceive(kSrtpAes128CmSha1_80, kTestKey2,
+ EXPECT_FALSE(s2_.SetReceive(webrtc::kSrtpAes128CmSha1_80, kTestKey2,
kEncryptedHeaderExtensionIds));
}
// Test that we fail keys of the wrong length.
TEST_F(SrtpSessionTest, TestKeysTooShort) {
- EXPECT_FALSE(s1_.SetSend(kSrtpAes128CmSha1_80,
+ EXPECT_FALSE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80,
rtc::ZeroOnFreeBuffer<uint8_t>(kTestKey1.data(), 1),
kEncryptedHeaderExtensionIds));
- EXPECT_FALSE(s2_.SetReceive(
- kSrtpAes128CmSha1_80, rtc::ZeroOnFreeBuffer<uint8_t>(kTestKey1.data(), 1),
- kEncryptedHeaderExtensionIds));
+ EXPECT_FALSE(
+ s2_.SetReceive(webrtc::kSrtpAes128CmSha1_80,
+ rtc::ZeroOnFreeBuffer<uint8_t>(kTestKey1.data(), 1),
+ kEncryptedHeaderExtensionIds));
}
// Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_80.
TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_80) {
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- EXPECT_TRUE(s2_.SetReceive(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s2_.SetReceive(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- TestProtectRtp(kSrtpAes128CmSha1_80);
- TestProtectRtcp(kSrtpAes128CmSha1_80);
- TestUnprotectRtp(kSrtpAes128CmSha1_80);
- TestUnprotectRtcp(kSrtpAes128CmSha1_80);
+ TestProtectRtp(webrtc::kSrtpAes128CmSha1_80);
+ TestProtectRtcp(webrtc::kSrtpAes128CmSha1_80);
+ TestUnprotectRtp(webrtc::kSrtpAes128CmSha1_80);
+ TestUnprotectRtcp(webrtc::kSrtpAes128CmSha1_80);
}
// Test that we can encrypt and decrypt RTP/RTCP using AES_CM_128_HMAC_SHA1_32.
TEST_F(SrtpSessionTest, TestProtect_AES_CM_128_HMAC_SHA1_32) {
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_32, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_32, kTestKey1,
kEncryptedHeaderExtensionIds));
- EXPECT_TRUE(s2_.SetReceive(kSrtpAes128CmSha1_32, kTestKey1,
+ EXPECT_TRUE(s2_.SetReceive(webrtc::kSrtpAes128CmSha1_32, kTestKey1,
kEncryptedHeaderExtensionIds));
- TestProtectRtp(kSrtpAes128CmSha1_32);
- TestProtectRtcp(kSrtpAes128CmSha1_32);
- TestUnprotectRtp(kSrtpAes128CmSha1_32);
- TestUnprotectRtcp(kSrtpAes128CmSha1_32);
+ TestProtectRtp(webrtc::kSrtpAes128CmSha1_32);
+ TestProtectRtcp(webrtc::kSrtpAes128CmSha1_32);
+ TestUnprotectRtp(webrtc::kSrtpAes128CmSha1_32);
+ TestUnprotectRtcp(webrtc::kSrtpAes128CmSha1_32);
}
TEST_F(SrtpSessionTest, TestGetSendStreamPacketIndex) {
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_32, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_32, kTestKey1,
kEncryptedHeaderExtensionIds));
int64_t index;
EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, &index));
@@ -153,18 +154,18 @@
// Test that we fail to unprotect if someone tampers with the RTP/RTCP paylaods.
TEST_F(SrtpSessionTest, TestTamperReject) {
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- EXPECT_TRUE(s2_.SetReceive(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s2_.SetReceive(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- TestProtectRtp(kSrtpAes128CmSha1_80);
+ TestProtectRtp(webrtc::kSrtpAes128CmSha1_80);
rtp_packet_.MutableData<uint8_t>()[0] = 0x12;
EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_));
EXPECT_METRIC_THAT(
webrtc::metrics::Samples("WebRTC.PeerConnection.SrtpUnprotectError"),
ElementsAre(Pair(srtp_err_status_bad_param, 1)));
- TestProtectRtcp(kSrtpAes128CmSha1_80);
+ TestProtectRtcp(webrtc::kSrtpAes128CmSha1_80);
rtcp_packet_.MutableData<uint8_t>()[1] = 0x34;
EXPECT_FALSE(s2_.UnprotectRtcp(rtcp_packet_));
EXPECT_METRIC_THAT(
@@ -174,9 +175,9 @@
// Test that we fail to unprotect if the payloads are not authenticated.
TEST_F(SrtpSessionTest, TestUnencryptReject) {
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- EXPECT_TRUE(s2_.SetReceive(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s2_.SetReceive(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
EXPECT_FALSE(s2_.UnprotectRtp(rtp_packet_));
EXPECT_METRIC_THAT(
@@ -190,7 +191,7 @@
// Test that we fail when using buffers that are too small.
TEST_F(SrtpSessionTest, TestBuffersTooSmall) {
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
// This buffer does not have extra capacity which we treat as an error.
rtc::CopyOnWriteBuffer rtp_packet(rtp_packet_.data(), rtp_packet_.size(),
@@ -208,9 +209,9 @@
static const uint16_t seqnum_small = 10;
static const uint16_t replay_window = 1024;
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- EXPECT_TRUE(s2_.SetReceive(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s2_.SetReceive(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
// Initial sequence number.
@@ -257,9 +258,9 @@
}
TEST_F(SrtpSessionTest, RemoveSsrc) {
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- EXPECT_TRUE(s2_.SetReceive(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s2_.SetReceive(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
// Encrypt and decrypt the packet once.
EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_));
@@ -291,9 +292,9 @@
// failures when it wraps around with packet loss. Pick your starting
// sequence number in the lower half of the range for robustness reasons,
// see packet_sequencer.cc for the code doing so.
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- EXPECT_TRUE(s2_.SetReceive(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s2_.SetReceive(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
// Buffers include enough room for the 10 byte SRTP auth tag so we can
// encrypt in place.
@@ -348,9 +349,9 @@
}
TEST_F(SrtpSessionTest, ProtectGetPacketIndex) {
- EXPECT_TRUE(s1_.SetSend(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s1_.SetSend(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
- EXPECT_TRUE(s2_.SetReceive(kSrtpAes128CmSha1_80, kTestKey1,
+ EXPECT_TRUE(s2_.SetReceive(webrtc::kSrtpAes128CmSha1_80, kTestKey1,
kEncryptedHeaderExtensionIds));
// Buffers include enough room for the 10 byte SRTP auth tag so we can
// encrypt in place.
diff --git a/pc/srtp_transport_unittest.cc b/pc/srtp_transport_unittest.cc
index 2c8a2b3..890474c 100644
--- a/pc/srtp_transport_unittest.cc
+++ b/pc/srtp_transport_unittest.cc
@@ -33,9 +33,9 @@
#include "test/gtest.h"
#include "test/scoped_key_value_config.h"
-using rtc::kSrtpAeadAes128Gcm;
using rtc::kTestKey1;
using rtc::kTestKey2;
+using ::webrtc::kSrtpAeadAes128Gcm;
namespace webrtc {
// 128 bits key + 96 bits salt.
@@ -107,10 +107,10 @@
int overhead;
EXPECT_TRUE(transport->GetSrtpOverhead(&overhead));
switch (crypto_suite) {
- case rtc::kSrtpAes128CmSha1_32:
+ case kSrtpAes128CmSha1_32:
EXPECT_EQ(32 / 8, overhead); // 32-bit tag.
break;
- case rtc::kSrtpAes128CmSha1_80:
+ case kSrtpAes128CmSha1_80:
EXPECT_EQ(80 / 8, overhead); // 80-bit tag.
break;
default:
@@ -239,7 +239,7 @@
crypto_suite, key2, extension_ids, crypto_suite, key1, extension_ids));
EXPECT_TRUE(srtp_transport1_->IsSrtpActive());
EXPECT_TRUE(srtp_transport2_->IsSrtpActive());
- if (rtc::IsGcmCryptoSuite(crypto_suite)) {
+ if (IsGcmCryptoSuite(crypto_suite)) {
EXPECT_FALSE(srtp_transport1_->IsExternalAuthActive());
EXPECT_FALSE(srtp_transport2_->IsExternalAuthActive());
} else if (enable_external_auth) {
@@ -350,53 +350,53 @@
TEST_P(SrtpTransportTestWithExternalAuth,
SendAndRecvPacket_AES_CM_128_HMAC_SHA1_80) {
bool enable_external_auth = GetParam();
- TestSendRecvPacket(enable_external_auth, rtc::kSrtpAes128CmSha1_80, kTestKey1,
+ TestSendRecvPacket(enable_external_auth, kSrtpAes128CmSha1_80, kTestKey1,
kTestKey2);
}
TEST_F(SrtpTransportTest,
SendAndRecvPacketWithHeaderExtension_AES_CM_128_HMAC_SHA1_80) {
- TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAes128CmSha1_80, kTestKey1,
+ TestSendRecvEncryptedHeaderExtension(kSrtpAes128CmSha1_80, kTestKey1,
kTestKey2);
}
TEST_P(SrtpTransportTestWithExternalAuth,
SendAndRecvPacket_AES_CM_128_HMAC_SHA1_32) {
bool enable_external_auth = GetParam();
- TestSendRecvPacket(enable_external_auth, rtc::kSrtpAes128CmSha1_32, kTestKey1,
+ TestSendRecvPacket(enable_external_auth, kSrtpAes128CmSha1_32, kTestKey1,
kTestKey2);
}
TEST_F(SrtpTransportTest,
SendAndRecvPacketWithHeaderExtension_AES_CM_128_HMAC_SHA1_32) {
- TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAes128CmSha1_32, kTestKey1,
+ TestSendRecvEncryptedHeaderExtension(kSrtpAes128CmSha1_32, kTestKey1,
kTestKey2);
}
TEST_P(SrtpTransportTestWithExternalAuth,
SendAndRecvPacket_kSrtpAeadAes128Gcm) {
bool enable_external_auth = GetParam();
- TestSendRecvPacket(enable_external_auth, rtc::kSrtpAeadAes128Gcm,
- kTestKeyGcm128_1, kTestKeyGcm128_2);
+ TestSendRecvPacket(enable_external_auth, kSrtpAeadAes128Gcm, kTestKeyGcm128_1,
+ kTestKeyGcm128_2);
}
TEST_F(SrtpTransportTest,
SendAndRecvPacketWithHeaderExtension_kSrtpAeadAes128Gcm) {
- TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAeadAes128Gcm,
- kTestKeyGcm128_1, kTestKeyGcm128_2);
+ TestSendRecvEncryptedHeaderExtension(kSrtpAeadAes128Gcm, kTestKeyGcm128_1,
+ kTestKeyGcm128_2);
}
TEST_P(SrtpTransportTestWithExternalAuth,
SendAndRecvPacket_kSrtpAeadAes256Gcm) {
bool enable_external_auth = GetParam();
- TestSendRecvPacket(enable_external_auth, rtc::kSrtpAeadAes256Gcm,
- kTestKeyGcm256_1, kTestKeyGcm256_2);
+ TestSendRecvPacket(enable_external_auth, kSrtpAeadAes256Gcm, kTestKeyGcm256_1,
+ kTestKeyGcm256_2);
}
TEST_F(SrtpTransportTest,
SendAndRecvPacketWithHeaderExtension_kSrtpAeadAes256Gcm) {
- TestSendRecvEncryptedHeaderExtension(rtc::kSrtpAeadAes256Gcm,
- kTestKeyGcm256_1, kTestKeyGcm256_2);
+ TestSendRecvEncryptedHeaderExtension(kSrtpAeadAes256Gcm, kTestKeyGcm256_1,
+ kTestKeyGcm256_2);
}
// Run all tests both with and without external auth enabled.
@@ -408,15 +408,15 @@
TEST_F(SrtpTransportTest, TestSetParamsKeyTooShort) {
std::vector<int> extension_ids;
EXPECT_FALSE(srtp_transport1_->SetRtpParams(
- rtc::kSrtpAes128CmSha1_80,
+ kSrtpAes128CmSha1_80,
rtc::ZeroOnFreeBuffer<uint8_t>(kTestKey1.data(), kTestKey1.size() - 1),
- extension_ids, rtc::kSrtpAes128CmSha1_80,
+ extension_ids, kSrtpAes128CmSha1_80,
rtc::ZeroOnFreeBuffer<uint8_t>(kTestKey1.data(), kTestKey1.size() - 1),
extension_ids));
EXPECT_FALSE(srtp_transport1_->SetRtcpParams(
- rtc::kSrtpAes128CmSha1_80,
+ kSrtpAes128CmSha1_80,
rtc::ZeroOnFreeBuffer<uint8_t>(kTestKey1.data(), kTestKey1.size() - 1),
- extension_ids, rtc::kSrtpAes128CmSha1_80,
+ extension_ids, kSrtpAes128CmSha1_80,
rtc::ZeroOnFreeBuffer<uint8_t>(kTestKey1.data(), kTestKey1.size() - 1),
extension_ids));
}
@@ -436,9 +436,9 @@
TransportObserver rtp_sink;
std::vector<int> extension_ids;
- EXPECT_TRUE(srtp_transport->SetRtpParams(
- rtc::kSrtpAeadAes128Gcm, kTestKeyGcm128_1, extension_ids,
- rtc::kSrtpAeadAes128Gcm, kTestKeyGcm128_1, extension_ids));
+ EXPECT_TRUE(srtp_transport->SetRtpParams(kSrtpAeadAes128Gcm, kTestKeyGcm128_1,
+ extension_ids, kSrtpAeadAes128Gcm,
+ kTestKeyGcm128_1, extension_ids));
RtpDemuxerCriteria demuxer_criteria;
uint32_t ssrc = 0x1; // SSRC of kPcmuFrame
@@ -448,7 +448,7 @@
// Create a packet and try to send it three times.
size_t rtp_len = sizeof(kPcmuFrame);
- size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(rtc::kSrtpAeadAes128Gcm);
+ size_t packet_size = rtp_len + rtc::rtp_auth_tag_len(kSrtpAeadAes128Gcm);
rtc::Buffer rtp_packet_buffer(packet_size);
char* rtp_packet_data = rtp_packet_buffer.data<char>();
memcpy(rtp_packet_data, kPcmuFrame, rtp_len);
diff --git a/pc/test/fake_peer_connection_base.h b/pc/test/fake_peer_connection_base.h
index 2089012..9e2538d 100644
--- a/pc/test/fake_peer_connection_base.h
+++ b/pc/test/fake_peer_connection_base.h
@@ -339,8 +339,7 @@
return false;
}
- bool GetSslRole(const std::string& content_name,
- rtc::SSLRole* role) override {
+ bool GetSslRole(const std::string& content_name, SSLRole* role) override {
return false;
}
const PeerConnectionInterface::RTCConfiguration* configuration()
@@ -366,9 +365,7 @@
cricket::PortAllocator* port_allocator() override { return nullptr; }
LegacyStatsCollector* legacy_stats() override { return nullptr; }
PeerConnectionObserver* Observer() const override { return nullptr; }
- std::optional<rtc::SSLRole> GetSctpSslRole_n() override {
- return std::nullopt;
- }
+ std::optional<SSLRole> GetSctpSslRole_n() override { return std::nullopt; }
PeerConnectionInterface::IceConnectionState ice_connection_state_internal()
override {
return PeerConnectionInterface::IceConnectionState::kIceConnectionNew;
diff --git a/pc/test/integration_test_helpers.h b/pc/test/integration_test_helpers.h
index 14f54c5..2ab2187 100644
--- a/pc/test/integration_test_helpers.h
+++ b/pc/test/integration_test_helpers.h
@@ -129,8 +129,8 @@
// SRTP cipher name negotiated by the tests. This must be updated if the
// default changes.
-static const int kDefaultSrtpCryptoSuite = rtc::kSrtpAes128CmSha1_80;
-static const int kDefaultSrtpCryptoSuiteGcm = rtc::kSrtpAeadAes256Gcm;
+static const int kDefaultSrtpCryptoSuite = kSrtpAes128CmSha1_80;
+static const int kDefaultSrtpCryptoSuiteGcm = kSrtpAeadAes256Gcm;
static const SocketAddress kDefaultLocalAddress("192.168.1.1", 0);
@@ -1883,9 +1883,8 @@
ASSERT_THAT(WaitUntil([&] { return DtlsConnected(); }, ::testing::IsTrue()),
IsRtcOk());
EXPECT_THAT(
- WaitUntil(
- [&] { return caller()->OldGetStats()->SrtpCipher(); },
- ::testing::Eq(rtc::SrtpCryptoSuiteToName(expected_cipher_suite))),
+ WaitUntil([&] { return caller()->OldGetStats()->SrtpCipher(); },
+ ::testing::Eq(SrtpCryptoSuiteToName(expected_cipher_suite))),
IsRtcOk());
}
diff --git a/pc/test/mock_peer_connection_internal.h b/pc/test/mock_peer_connection_internal.h
index 9a53c6c..785510f 100644
--- a/pc/test/mock_peer_connection_internal.h
+++ b/pc/test/mock_peer_connection_internal.h
@@ -285,7 +285,7 @@
MOCK_METHOD(cricket::PortAllocator*, port_allocator, (), (override));
MOCK_METHOD(LegacyStatsCollector*, legacy_stats, (), (override));
MOCK_METHOD(PeerConnectionObserver*, Observer, (), (const, override));
- MOCK_METHOD(std::optional<rtc::SSLRole>, GetSctpSslRole_n, (), (override));
+ MOCK_METHOD(std::optional<SSLRole>, GetSctpSslRole_n, (), (override));
MOCK_METHOD(PeerConnectionInterface::IceConnectionState,
ice_connection_state_internal,
(),
@@ -365,7 +365,7 @@
MOCK_METHOD(bool, IceRestartPending, (const std::string&), (const, override));
MOCK_METHOD(bool,
GetSslRole,
- (const std::string&, rtc::SSLRole*),
+ (const std::string&, webrtc::SSLRole*),
(override));
MOCK_METHOD(void, NoteDataAddedEvent, (), (override));
MOCK_METHOD(void,
diff --git a/pc/test/srtp_test_util.h b/pc/test/srtp_test_util.h
index 130e797..ccf455d 100644
--- a/pc/test/srtp_test_util.h
+++ b/pc/test/srtp_test_util.h
@@ -26,12 +26,12 @@
static int rtp_auth_tag_len(int crypto_suite) {
switch (crypto_suite) {
- case kSrtpAes128CmSha1_32:
+ case webrtc::kSrtpAes128CmSha1_32:
return 4;
- case kSrtpAes128CmSha1_80:
+ case webrtc::kSrtpAes128CmSha1_80:
return 10;
- case kSrtpAeadAes128Gcm:
- case kSrtpAeadAes256Gcm:
+ case webrtc::kSrtpAeadAes128Gcm:
+ case webrtc::kSrtpAeadAes256Gcm:
return 16;
default:
RTC_CHECK_NOTREACHED();
@@ -40,11 +40,11 @@
static int rtcp_auth_tag_len(int crypto_suite) {
switch (crypto_suite) {
- case kSrtpAes128CmSha1_32:
- case kSrtpAes128CmSha1_80:
+ case webrtc::kSrtpAes128CmSha1_32:
+ case webrtc::kSrtpAes128CmSha1_80:
return 10;
- case kSrtpAeadAes128Gcm:
- case kSrtpAeadAes256Gcm:
+ case webrtc::kSrtpAeadAes128Gcm:
+ case webrtc::kSrtpAeadAes256Gcm:
return 16;
default:
RTC_CHECK_NOTREACHED();
diff --git a/pc/transport_stats.h b/pc/transport_stats.h
index 9642296..4d9ba6c 100644
--- a/pc/transport_stats.h
+++ b/pc/transport_stats.h
@@ -30,13 +30,13 @@
int component = 0;
int ssl_version_bytes = 0;
- int srtp_crypto_suite = rtc::kSrtpInvalidCryptoSuite;
- int ssl_cipher_suite = rtc::kTlsNullWithNullNull;
+ int srtp_crypto_suite = webrtc::kSrtpInvalidCryptoSuite;
+ int ssl_cipher_suite = webrtc::kTlsNullWithNullNull;
std::optional<absl::string_view> tls_cipher_suite_name;
- std::optional<rtc::SSLRole> dtls_role;
+ std::optional<webrtc::SSLRole> dtls_role;
webrtc::DtlsTransportState dtls_state = webrtc::DtlsTransportState::kNew;
IceTransportStats ice_transport_stats;
- uint16_t ssl_peer_signature_algorithm = rtc::kSslSignatureAlgorithmUnknown;
+ uint16_t ssl_peer_signature_algorithm = webrtc::kSslSignatureAlgorithmUnknown;
};
// Information about all the channels of a transport.
diff --git a/rtc_base/openssl_adapter.cc b/rtc_base/openssl_adapter.cc
index 56009cb..2879add 100644
--- a/rtc_base/openssl_adapter.cc
+++ b/rtc_base/openssl_adapter.cc
@@ -205,12 +205,12 @@
ssl_session_cache_(ssl_session_cache),
ssl_cert_verifier_(ssl_cert_verifier),
state_(SSL_NONE),
- role_(SSL_CLIENT),
+ role_(webrtc::SSL_CLIENT),
ssl_read_needs_write_(false),
ssl_write_needs_read_(false),
ssl_(nullptr),
ssl_ctx_(nullptr),
- ssl_mode_(SSL_MODE_TLS),
+ ssl_mode_(webrtc::SSL_MODE_TLS),
ignore_bad_cert_(false),
custom_cert_verifier_status_(false) {
// If a factory is used, take a reference on the factory's SSL_CTX.
@@ -240,7 +240,7 @@
elliptic_curves_ = curves;
}
-void OpenSSLAdapter::SetMode(SSLMode mode) {
+void OpenSSLAdapter::SetMode(webrtc::SSLMode mode) {
RTC_DCHECK(!ssl_ctx_);
RTC_DCHECK(state_ == SSL_NONE);
ssl_mode_ = mode;
@@ -263,7 +263,7 @@
#endif
}
-void OpenSSLAdapter::SetRole(SSLRole role) {
+void OpenSSLAdapter::SetRole(webrtc::SSLRole role) {
role_ = role;
}
@@ -392,7 +392,8 @@
// Clear the DTLS timer
timer_.reset();
- int code = (role_ == SSL_CLIENT) ? SSL_connect(ssl_) : SSL_accept(ssl_);
+ int code =
+ (role_ == webrtc::SSL_CLIENT) ? SSL_connect(ssl_) : SSL_accept(ssl_);
switch (SSL_get_error(ssl_, code)) {
case SSL_ERROR_NONE:
if (!SSLPostConnectionCheck(ssl_, ssl_host_name_)) {
@@ -934,7 +935,8 @@
return 1; // We've taken ownership of the session; OpenSSL shouldn't free it.
}
-SSL_CTX* OpenSSLAdapter::CreateContext(SSLMode mode, bool enable_cache) {
+SSL_CTX* OpenSSLAdapter::CreateContext(webrtc::SSLMode mode,
+ bool enable_cache) {
#ifdef WEBRTC_USE_CRYPTO_BUFFER_CALLBACK
// If X509 objects aren't used, we can use these methods to avoid
// linking the sizable crypto/x509 code.
@@ -942,7 +944,7 @@
: TLS_with_buffers_method());
#else
SSL_CTX* ctx =
- SSL_CTX_new(mode == SSL_MODE_DTLS ? DTLS_method() : TLS_method());
+ SSL_CTX_new(mode == webrtc::SSL_MODE_DTLS ? DTLS_method() : TLS_method());
#endif
if (ctx == nullptr) {
unsigned long error = ERR_get_error(); // NOLINT: type used by OpenSSL.
@@ -1027,7 +1029,7 @@
OpenSSLAdapterFactory::~OpenSSLAdapterFactory() = default;
-void OpenSSLAdapterFactory::SetMode(SSLMode mode) {
+void OpenSSLAdapterFactory::SetMode(webrtc::SSLMode mode) {
RTC_DCHECK(!ssl_session_cache_);
ssl_mode_ = mode;
}
@@ -1043,7 +1045,7 @@
identity_ = std::move(identity);
}
-void OpenSSLAdapterFactory::SetRole(SSLRole role) {
+void OpenSSLAdapterFactory::SetRole(webrtc::SSLRole role) {
RTC_DCHECK(!ssl_session_cache_);
ssl_role_ = role;
}
diff --git a/rtc_base/openssl_adapter.h b/rtc_base/openssl_adapter.h
index 246c954..9276f60 100644
--- a/rtc_base/openssl_adapter.h
+++ b/rtc_base/openssl_adapter.h
@@ -56,10 +56,10 @@
void SetIgnoreBadCert(bool ignore) override;
void SetAlpnProtocols(const std::vector<std::string>& protos) override;
void SetEllipticCurves(const std::vector<std::string>& curves) override;
- [[deprecated]] void SetMode(SSLMode mode) override;
+ [[deprecated]] void SetMode(webrtc::SSLMode mode) override;
void SetCertVerifier(SSLCertificateVerifier* ssl_cert_verifier) override;
void SetIdentity(std::unique_ptr<SSLIdentity> identity) override;
- void SetRole(SSLRole role) override;
+ void SetRole(webrtc::SSLRole role) override;
int StartSSL(absl::string_view hostname) override;
int Send(const void* pv, size_t cb) override;
int SendTo(const void* pv, size_t cb, const SocketAddress& addr) override;
@@ -78,7 +78,7 @@
// OpenSSLAdapterFactory will call this method to create its own internal
// SSL_CTX, and OpenSSLAdapter will also call this when used without a
// factory.
- static SSL_CTX* CreateContext(SSLMode mode, bool enable_cache);
+ static SSL_CTX* CreateContext(webrtc::SSLMode mode, bool enable_cache);
protected:
void OnConnectEvent(Socket* socket) override;
@@ -150,7 +150,7 @@
std::unique_ptr<OpenSSLIdentity> identity_;
#endif
// Indicates whethere this is a client or a server.
- SSLRole role_;
+ webrtc::SSLRole role_;
bool ssl_read_needs_write_;
bool ssl_write_needs_read_;
// This buffer is used if SSL_write fails with SSL_ERROR_WANT_WRITE, which
@@ -163,7 +163,7 @@
// Hostname of server that is being connected, used for SNI.
std::string ssl_host_name_;
// Set the adapter to DTLS or TLS mode before creating the context.
- SSLMode ssl_mode_;
+ webrtc::SSLMode ssl_mode_;
// If true, the server certificate need not match the configured hostname.
bool ignore_bad_cert_;
// List of protocols to be used in the TLS ALPN extension.
@@ -187,7 +187,7 @@
// Set the SSL Mode to use with this factory. This should only be set before
// the first adapter is created with the factory. If it is called after it
// will DCHECK.
- void SetMode(SSLMode mode) override;
+ void SetMode(webrtc::SSLMode mode) override;
// Set a custom certificate verifier to be passed down to each instance
// created with this factory. This should only ever be set before the first
@@ -197,7 +197,7 @@
void SetIdentity(std::unique_ptr<SSLIdentity> identity) override;
// Choose whether the socket acts as a server socket or client socket.
- void SetRole(SSLRole role) override;
+ void SetRole(webrtc::SSLRole role) override;
// Methods that control server certificate verification, used in unit tests.
// Do not call these methods in production code.
@@ -210,8 +210,8 @@
private:
// Holds the SSLMode (DTLS,TLS) that will be used to set the session cache.
- SSLMode ssl_mode_ = SSL_MODE_TLS;
- SSLRole ssl_role_ = SSL_CLIENT;
+ webrtc::SSLMode ssl_mode_ = webrtc::SSL_MODE_TLS;
+ webrtc::SSLRole ssl_role_ = webrtc::SSL_CLIENT;
bool ignore_bad_cert_ = false;
std::unique_ptr<SSLIdentity> identity_;
diff --git a/rtc_base/openssl_session_cache.cc b/rtc_base/openssl_session_cache.cc
index d637242..1ef3ed0 100644
--- a/rtc_base/openssl_session_cache.cc
+++ b/rtc_base/openssl_session_cache.cc
@@ -16,7 +16,8 @@
namespace rtc {
-OpenSSLSessionCache::OpenSSLSessionCache(SSLMode ssl_mode, SSL_CTX* ssl_ctx)
+OpenSSLSessionCache::OpenSSLSessionCache(webrtc::SSLMode ssl_mode,
+ SSL_CTX* ssl_ctx)
: ssl_mode_(ssl_mode), ssl_ctx_(ssl_ctx) {
// It is invalid to pass in a null context.
RTC_DCHECK(ssl_ctx != nullptr);
@@ -47,7 +48,7 @@
return ssl_ctx_;
}
-SSLMode OpenSSLSessionCache::GetSSLMode() const {
+webrtc::SSLMode OpenSSLSessionCache::GetSSLMode() const {
return ssl_mode_;
}
diff --git a/rtc_base/openssl_session_cache.h b/rtc_base/openssl_session_cache.h
index 75d8d9a..6253b01 100644
--- a/rtc_base/openssl_session_cache.h
+++ b/rtc_base/openssl_session_cache.h
@@ -34,7 +34,7 @@
// Creates a new OpenSSLSessionCache using the provided the SSL_CTX and
// the ssl_mode. The SSL_CTX will be up_refed. ssl_ctx cannot be nullptr,
// the constructor immediately dchecks this.
- OpenSSLSessionCache(SSLMode ssl_mode, SSL_CTX* ssl_ctx);
+ OpenSSLSessionCache(webrtc::SSLMode ssl_mode, SSL_CTX* ssl_ctx);
// Frees the cached SSL_SESSIONS and then frees the SSL_CTX.
~OpenSSLSessionCache();
@@ -50,12 +50,12 @@
SSL_CTX* GetSSLContext() const;
// The SSL Mode tht the OpenSSLSessionCache was constructed with. This cannot
// be changed after launch.
- SSLMode GetSSLMode() const;
+ webrtc::SSLMode GetSSLMode() const;
private:
// Holds the SSL Mode that the OpenSSLCache was initialized with. This is
// immutable after creation and cannot change.
- const SSLMode ssl_mode_;
+ const webrtc::SSLMode ssl_mode_;
/// SSL Context for all shared cached sessions. This SSL_CTX is initialized
// with SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_CLIENT); Meaning
// all client sessions will be added to the cache internal to the context.
diff --git a/rtc_base/openssl_stream_adapter.cc b/rtc_base/openssl_stream_adapter.cc
index 3db7b96..10235b0 100644
--- a/rtc_base/openssl_stream_adapter.cc
+++ b/rtc_base/openssl_stream_adapter.cc
@@ -89,10 +89,10 @@
// This isn't elegant, but it's better than an external reference
constexpr SrtpCipherMapEntry kSrtpCipherMap[] = {
- {"SRTP_AES128_CM_SHA1_80", kSrtpAes128CmSha1_80},
- {"SRTP_AES128_CM_SHA1_32", kSrtpAes128CmSha1_32},
- {"SRTP_AEAD_AES_128_GCM", kSrtpAeadAes128Gcm},
- {"SRTP_AEAD_AES_256_GCM", kSrtpAeadAes256Gcm}};
+ {"SRTP_AES128_CM_SHA1_80", webrtc::kSrtpAes128CmSha1_80},
+ {"SRTP_AES128_CM_SHA1_32", webrtc::kSrtpAes128CmSha1_32},
+ {"SRTP_AEAD_AES_128_GCM", webrtc::kSrtpAeadAes128Gcm},
+ {"SRTP_AEAD_AES_256_GCM", webrtc::kSrtpAeadAes256Gcm}};
#ifdef OPENSSL_IS_BORINGSSL
// Enabled by EnableTimeCallbackForTesting. Should never be set in production
@@ -106,31 +106,32 @@
}
#endif
-uint16_t GetMaxVersion(SSLMode ssl_mode, SSLProtocolVersion version) {
+uint16_t GetMaxVersion(webrtc::SSLMode ssl_mode,
+ webrtc::SSLProtocolVersion version) {
switch (ssl_mode) {
- case SSL_MODE_TLS:
+ case webrtc::SSL_MODE_TLS:
switch (version) {
default:
- case SSL_PROTOCOL_NOT_GIVEN:
- case SSL_PROTOCOL_TLS_10:
- case SSL_PROTOCOL_TLS_11:
- case SSL_PROTOCOL_TLS_12:
+ case webrtc::SSL_PROTOCOL_NOT_GIVEN:
+ case webrtc::SSL_PROTOCOL_TLS_10:
+ case webrtc::SSL_PROTOCOL_TLS_11:
+ case webrtc::SSL_PROTOCOL_TLS_12:
return TLS1_2_VERSION;
- case SSL_PROTOCOL_TLS_13:
+ case webrtc::SSL_PROTOCOL_TLS_13:
#ifdef TLS1_3_VERSION
return TLS1_3_VERSION;
#else
return TLS1_2_VERSION;
#endif
}
- case SSL_MODE_DTLS:
+ case webrtc::SSL_MODE_DTLS:
switch (version) {
default:
- case SSL_PROTOCOL_NOT_GIVEN:
- case SSL_PROTOCOL_DTLS_10:
- case SSL_PROTOCOL_DTLS_12:
+ case webrtc::SSL_PROTOCOL_NOT_GIVEN:
+ case webrtc::SSL_PROTOCOL_DTLS_10:
+ case webrtc::SSL_PROTOCOL_DTLS_12:
return DTLS1_2_VERSION;
- case SSL_PROTOCOL_DTLS_13:
+ case webrtc::SSL_PROTOCOL_DTLS_13:
#ifdef DTLS1_3_VERSION
return DTLS1_3_VERSION;
#else
@@ -289,19 +290,19 @@
OpenSSLStreamAdapter::OpenSSLStreamAdapter(
std::unique_ptr<webrtc::StreamInterface> stream,
- absl::AnyInvocable<void(SSLHandshakeError)> handshake_error,
+ absl::AnyInvocable<void(webrtc::SSLHandshakeError)> handshake_error,
const webrtc::FieldTrialsView* field_trials)
: stream_(std::move(stream)),
handshake_error_(std::move(handshake_error)),
owner_(rtc::Thread::Current()),
state_(SSL_NONE),
- role_(SSL_CLIENT),
+ role_(webrtc::SSL_CLIENT),
ssl_read_needs_write_(false),
ssl_write_needs_read_(false),
ssl_(nullptr),
ssl_ctx_(nullptr),
- ssl_mode_(SSL_MODE_DTLS),
- ssl_max_version_(SSL_PROTOCOL_DTLS_12),
+ ssl_mode_(webrtc::SSL_MODE_DTLS),
+ ssl_max_version_(webrtc::SSL_PROTOCOL_DTLS_12),
force_dtls_13_(GetForceDtls13(field_trials)) {
stream_->SetEventCallback(
[this](int events, int err) { OnEvent(events, err); });
@@ -325,11 +326,12 @@
return identity_.get();
}
-void OpenSSLStreamAdapter::SetServerRole(SSLRole role) {
+void OpenSSLStreamAdapter::SetServerRole(webrtc::SSLRole role) {
role_ = role;
}
-SSLPeerCertificateDigestError OpenSSLStreamAdapter::SetPeerCertificateDigest(
+webrtc::SSLPeerCertificateDigestError
+OpenSSLStreamAdapter::SetPeerCertificateDigest(
absl::string_view digest_alg,
rtc::ArrayView<const uint8_t> digest_val) {
RTC_DCHECK(!peer_certificate_verified_);
@@ -338,10 +340,10 @@
if (!OpenSSLDigest::GetDigestSize(digest_alg, &expected_len)) {
RTC_LOG(LS_WARNING) << "Unknown digest algorithm: " << digest_alg;
- return SSLPeerCertificateDigestError::UNKNOWN_ALGORITHM;
+ return webrtc::SSLPeerCertificateDigestError::UNKNOWN_ALGORITHM;
}
if (expected_len != digest_val.size()) {
- return SSLPeerCertificateDigestError::INVALID_LENGTH;
+ return webrtc::SSLPeerCertificateDigestError::INVALID_LENGTH;
}
peer_certificate_digest_value_.SetData(digest_val);
@@ -350,12 +352,12 @@
if (!peer_cert_chain_) {
// Normal case, where the digest is set before we obtain the certificate
// from the handshake.
- return SSLPeerCertificateDigestError::NONE;
+ return webrtc::SSLPeerCertificateDigestError::NONE;
}
if (!VerifyPeerCertificate()) {
Error("SetPeerCertificateDigest", -1, SSL_AD_BAD_CERTIFICATE, false);
- return SSLPeerCertificateDigestError::VERIFICATION_FAILED;
+ return webrtc::SSLPeerCertificateDigestError::VERIFICATION_FAILED;
}
if (state_ == SSL_CONNECTED) {
@@ -364,7 +366,7 @@
// events and may not be prepared for reentrancy.
PostEvent(webrtc::SE_OPEN | webrtc::SE_READ | webrtc::SE_WRITE, 0);
}
- return SSLPeerCertificateDigestError::NONE;
+ return webrtc::SSLPeerCertificateDigestError::NONE;
}
std::optional<absl::string_view> OpenSSLStreamAdapter::GetTlsCipherSuiteName()
@@ -391,39 +393,39 @@
return true;
}
-SSLProtocolVersion OpenSSLStreamAdapter::GetSslVersion() const {
+webrtc::SSLProtocolVersion OpenSSLStreamAdapter::GetSslVersion() const {
if (state_ != SSL_CONNECTED) {
- return SSL_PROTOCOL_NOT_GIVEN;
+ return webrtc::SSL_PROTOCOL_NOT_GIVEN;
}
int ssl_version = SSL_version(ssl_);
- if (ssl_mode_ == SSL_MODE_DTLS) {
+ if (ssl_mode_ == webrtc::SSL_MODE_DTLS) {
if (ssl_version == DTLS1_VERSION) {
- return SSL_PROTOCOL_DTLS_10;
+ return webrtc::SSL_PROTOCOL_DTLS_10;
} else if (ssl_version == DTLS1_2_VERSION) {
- return SSL_PROTOCOL_DTLS_12;
+ return webrtc::SSL_PROTOCOL_DTLS_12;
}
#ifdef DTLS1_3_VERSION
if (ssl_version == DTLS1_3_VERSION) {
- return SSL_PROTOCOL_DTLS_13;
+ return webrtc::SSL_PROTOCOL_DTLS_13;
}
#endif
} else {
if (ssl_version == TLS1_VERSION) {
- return SSL_PROTOCOL_TLS_10;
+ return webrtc::SSL_PROTOCOL_TLS_10;
} else if (ssl_version == TLS1_1_VERSION) {
- return SSL_PROTOCOL_TLS_11;
+ return webrtc::SSL_PROTOCOL_TLS_11;
} else if (ssl_version == TLS1_2_VERSION) {
- return SSL_PROTOCOL_TLS_12;
+ return webrtc::SSL_PROTOCOL_TLS_12;
}
#ifdef TLS1_3_VERSION
if (ssl_version == TLS1_3_VERSION) {
- return SSL_PROTOCOL_TLS_13;
+ return webrtc::SSL_PROTOCOL_TLS_13;
}
#endif
}
- return SSL_PROTOCOL_NOT_GIVEN;
+ return webrtc::SSL_PROTOCOL_NOT_GIVEN;
}
bool OpenSSLStreamAdapter::GetSslVersionBytes(int* version) const {
@@ -511,7 +513,7 @@
}
*crypto_suite = srtp_profile->id;
- RTC_DCHECK(!SrtpCryptoSuiteToName(*crypto_suite).empty());
+ RTC_DCHECK(!webrtc::SrtpCryptoSuiteToName(*crypto_suite).empty());
return true;
}
@@ -539,12 +541,13 @@
return 0;
}
-void OpenSSLStreamAdapter::SetMode(SSLMode mode) {
+void OpenSSLStreamAdapter::SetMode(webrtc::SSLMode mode) {
RTC_DCHECK(state_ == SSL_NONE);
ssl_mode_ = mode;
}
-void OpenSSLStreamAdapter::SetMaxProtocolVersion(SSLProtocolVersion version) {
+void OpenSSLStreamAdapter::SetMaxProtocolVersion(
+ webrtc::SSLProtocolVersion version) {
RTC_DCHECK(ssl_ctx_ == nullptr);
ssl_max_version_ = version;
}
@@ -552,7 +555,7 @@
void OpenSSLStreamAdapter::SetInitialRetransmissionTimeout(int timeout_ms) {
dtls_handshake_timeout_ms_ = timeout_ms;
#ifdef OPENSSL_IS_BORINGSSL
- if (ssl_ctx_ != nullptr && ssl_mode_ == SSL_MODE_DTLS) {
+ if (ssl_ctx_ != nullptr && ssl_mode_ == webrtc::SSL_MODE_DTLS) {
// TODO (jonaso, webrtc:367395350): Switch to upcoming
// DTLSv1_set_timeout_duration.
DTLSv1_set_initial_timeout_duration(ssl_, dtls_handshake_timeout_ms_);
@@ -665,14 +668,14 @@
RTC_DCHECK_LE(code, data.size());
read = code;
- if (ssl_mode_ == SSL_MODE_DTLS) {
+ if (ssl_mode_ == webrtc::SSL_MODE_DTLS) {
// Enforce atomic reads -- this is a short read
unsigned int pending = SSL_pending(ssl_);
if (pending) {
RTC_DLOG(LS_INFO) << " -- short DTLS read. flushing";
FlushInput(pending);
- error = SSE_MSG_TRUNC;
+ error = webrtc::SSE_MSG_TRUNC;
return webrtc::SR_ERROR;
}
}
@@ -873,7 +876,7 @@
SSL_set_bio(ssl_, bio, bio); // the SSL object owns the bio now.
#ifdef OPENSSL_IS_BORINGSSL
- if (ssl_mode_ == SSL_MODE_DTLS) {
+ if (ssl_mode_ == webrtc::SSL_MODE_DTLS) {
DTLSv1_set_initial_timeout_duration(ssl_, dtls_handshake_timeout_ms_);
}
#endif
@@ -893,7 +896,8 @@
// Clear the DTLS timer
timeout_task_.Stop();
- const int code = (role_ == SSL_CLIENT) ? SSL_connect(ssl_) : SSL_accept(ssl_);
+ const int code =
+ (role_ == webrtc::SSL_CLIENT) ? SSL_connect(ssl_) : SSL_accept(ssl_);
const int ssl_error = SSL_get_error(ssl_, code);
switch (ssl_error) {
@@ -924,10 +928,11 @@
break;
case SSL_ERROR_ZERO_RETURN:
default: {
- SSLHandshakeError ssl_handshake_err = SSLHandshakeError::UNKNOWN;
+ webrtc::SSLHandshakeError ssl_handshake_err =
+ webrtc::SSLHandshakeError::UNKNOWN;
int err_code = ERR_peek_last_error();
if (err_code != 0 && ERR_GET_REASON(err_code) == SSL_R_NO_SHARED_CIPHER) {
- ssl_handshake_err = SSLHandshakeError::INCOMPATIBLE_CIPHERSUITE;
+ ssl_handshake_err = webrtc::SSLHandshakeError::INCOMPATIBLE_CIPHERSUITE;
}
RTC_DLOG(LS_VERBOSE) << " -- error " << code << ", " << err_code << ", "
<< ERR_GET_REASON(err_code);
@@ -1010,9 +1015,9 @@
#ifdef OPENSSL_IS_BORINGSSL
// If X509 objects aren't used, we can use these methods to avoid
// linking the sizable crypto/x509 code, using CRYPTO_BUFFER instead.
- SSL_CTX* ctx =
- SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? DTLS_with_buffers_method()
- : TLS_with_buffers_method());
+ SSL_CTX* ctx = SSL_CTX_new(ssl_mode_ == webrtc::SSL_MODE_DTLS
+ ? DTLS_with_buffers_method()
+ : TLS_with_buffers_method());
#else
SSL_CTX* ctx =
SSL_CTX_new(ssl_mode_ == SSL_MODE_DTLS ? DTLS_method() : TLS_method());
@@ -1022,7 +1027,7 @@
}
auto min_version =
- ssl_mode_ == SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION;
+ ssl_mode_ == webrtc::SSL_MODE_DTLS ? DTLS1_2_VERSION : TLS1_2_VERSION;
auto max_version = GetMaxVersion(ssl_mode_, ssl_max_version_);
#ifdef DTLS1_3_VERSION
if (force_dtls_13_ == kForceDtls13Enabled) {
@@ -1314,9 +1319,10 @@
#endif
}
-SSLProtocolVersion OpenSSLStreamAdapter::GetMaxSupportedDTLSProtocolVersion() {
+webrtc::SSLProtocolVersion
+OpenSSLStreamAdapter::GetMaxSupportedDTLSProtocolVersion() {
#if defined(OPENSSL_IS_BORINGSSL) && defined(DTLS1_3_VERSION)
- return SSL_PROTOCOL_DTLS_13;
+ return webrtc::SSL_PROTOCOL_DTLS_13;
#else
return SSL_PROTOCOL_DTLS_12;
#endif
diff --git a/rtc_base/openssl_stream_adapter.h b/rtc_base/openssl_stream_adapter.h
index cfe627d..14e3db9 100644
--- a/rtc_base/openssl_stream_adapter.h
+++ b/rtc_base/openssl_stream_adapter.h
@@ -67,11 +67,11 @@
///////////////////////////////////////////////////////////////////////////////
-class OpenSSLStreamAdapter final : public SSLStreamAdapter {
+class OpenSSLStreamAdapter final : public webrtc::SSLStreamAdapter {
public:
OpenSSLStreamAdapter(
std::unique_ptr<webrtc::StreamInterface> stream,
- absl::AnyInvocable<void(SSLHandshakeError)> handshake_error,
+ absl::AnyInvocable<void(webrtc::SSLHandshakeError)> handshake_error,
const webrtc::FieldTrialsView* field_trials = nullptr);
~OpenSSLStreamAdapter() override;
@@ -79,8 +79,8 @@
SSLIdentity* GetIdentityForTesting() const override;
// Default argument is for compatibility
- void SetServerRole(SSLRole role = SSL_SERVER) override;
- SSLPeerCertificateDigestError SetPeerCertificateDigest(
+ void SetServerRole(webrtc::SSLRole role = webrtc::SSL_SERVER) override;
+ webrtc::SSLPeerCertificateDigestError SetPeerCertificateDigest(
absl::string_view digest_alg,
rtc::ArrayView<const uint8_t> digest_val) override;
@@ -89,8 +89,8 @@
// Goes from state SSL_NONE to either SSL_CONNECTING or SSL_WAIT, depending
// on whether the underlying stream is already open or not.
int StartSSL() override;
- [[deprecated]] void SetMode(SSLMode mode) override;
- void SetMaxProtocolVersion(SSLProtocolVersion version) override;
+ [[deprecated]] void SetMode(webrtc::SSLMode mode) override;
+ void SetMaxProtocolVersion(webrtc::SSLProtocolVersion version) override;
void SetInitialRetransmissionTimeout(int timeout_ms) override;
webrtc::StreamResult Read(rtc::ArrayView<uint8_t> data,
@@ -105,8 +105,8 @@
std::optional<absl::string_view> GetTlsCipherSuiteName() const override;
bool GetSslCipherSuite(int* cipher) const override;
- [[deprecated("Use GetSslVersionBytes")]] SSLProtocolVersion GetSslVersion()
- const override;
+ [[deprecated("Use GetSslVersionBytes")]] webrtc::SSLProtocolVersion
+ GetSslVersion() const override;
bool GetSslVersionBytes(int* version) const override;
// Key Extractor interface
bool ExportSrtpKeyingMaterial(
@@ -131,7 +131,7 @@
static void EnableTimeCallbackForTesting();
// Return max DTLS SSLProtocolVersion supported by implementation.
- static SSLProtocolVersion GetMaxSupportedDTLSProtocolVersion();
+ static webrtc::SSLProtocolVersion GetMaxSupportedDTLSProtocolVersion();
private:
enum SSLState {
@@ -200,14 +200,14 @@
}
const std::unique_ptr<webrtc::StreamInterface> stream_;
- absl::AnyInvocable<void(SSLHandshakeError)> handshake_error_;
+ absl::AnyInvocable<void(webrtc::SSLHandshakeError)> handshake_error_;
rtc::Thread* const owner_;
webrtc::ScopedTaskSafety task_safety_;
webrtc::RepeatingTaskHandle timeout_task_;
SSLState state_;
- SSLRole role_;
+ webrtc::SSLRole role_;
int ssl_error_code_; // valid when state_ == SSL_ERROR or SSL_CLOSED
// Whether the SSL negotiation is blocked on needing to read or
// write to the wrapped stream.
@@ -235,10 +235,10 @@
std::string srtp_ciphers_;
// Do DTLS or not
- SSLMode ssl_mode_;
+ webrtc::SSLMode ssl_mode_;
// Max. allowed protocol version
- SSLProtocolVersion ssl_max_version_;
+ webrtc::SSLProtocolVersion ssl_max_version_;
// A 50-ms initial timeout ensures rapid setup on fast connections, but may
// be too aggressive for low bandwidth links.
diff --git a/rtc_base/ssl_adapter.h b/rtc_base/ssl_adapter.h
index 58ad237..2bce106 100644
--- a/rtc_base/ssl_adapter.h
+++ b/rtc_base/ssl_adapter.h
@@ -35,7 +35,7 @@
virtual ~SSLAdapterFactory() {}
// Specifies whether TLS or DTLS is to be used for the SSL adapters.
- virtual void SetMode(SSLMode mode) = 0;
+ virtual void SetMode(webrtc::SSLMode mode) = 0;
// Specify a custom certificate verifier for SSL.
virtual void SetCertVerifier(SSLCertificateVerifier* ssl_cert_verifier) = 0;
@@ -45,7 +45,7 @@
virtual void SetIdentity(std::unique_ptr<SSLIdentity> identity) = 0;
// Choose whether the socket acts as a server socket or client socket.
- virtual void SetRole(SSLRole role) = 0;
+ virtual void SetRole(webrtc::SSLRole role) = 0;
// Methods that control server certificate verification, used in unit tests.
// Do not call these methods in production code.
@@ -76,7 +76,7 @@
virtual void SetEllipticCurves(const std::vector<std::string>& curves) = 0;
[[deprecated("Only TLS is supported by the adapter")]] virtual void SetMode(
- SSLMode mode) = 0;
+ webrtc::SSLMode mode) = 0;
// Specify a custom certificate verifier for SSL.
virtual void SetCertVerifier(SSLCertificateVerifier* ssl_cert_verifier) = 0;
@@ -85,7 +85,7 @@
virtual void SetIdentity(std::unique_ptr<SSLIdentity> identity) = 0;
// Choose whether the socket acts as a server socket or client socket.
- virtual void SetRole(SSLRole role) = 0;
+ virtual void SetRole(webrtc::SSLRole role) = 0;
// StartSSL returns 0 if successful.
// If StartSSL is called while the socket is closed or connecting, the SSL
diff --git a/rtc_base/ssl_adapter_unittest.cc b/rtc_base/ssl_adapter_unittest.cc
index 949e60b..032f3a0 100644
--- a/rtc_base/ssl_adapter_unittest.cc
+++ b/rtc_base/ssl_adapter_unittest.cc
@@ -62,7 +62,7 @@
explicit SSLAdapterTestDummy() : socket_(CreateSocket()) {}
virtual ~SSLAdapterTestDummy() = default;
- void CreateSSLAdapter(rtc::Socket* socket, rtc::SSLRole role) {
+ void CreateSSLAdapter(rtc::Socket* socket, webrtc::SSLRole role) {
ssl_adapter_.reset(rtc::SSLAdapter::Create(socket));
// Ignore any certificate errors for the purpose of testing.
@@ -143,7 +143,7 @@
class SSLAdapterTestDummyClient : public SSLAdapterTestDummy {
public:
explicit SSLAdapterTestDummyClient() : SSLAdapterTestDummy() {
- CreateSSLAdapter(socket_.release(), rtc::SSL_CLIENT);
+ CreateSSLAdapter(socket_.release(), webrtc::SSL_CLIENT);
}
int Connect(absl::string_view hostname, const rtc::SocketAddress& address) {
@@ -185,7 +185,7 @@
protected:
void OnReadEvent(rtc::Socket* socket) {
- CreateSSLAdapter(socket_->Accept(nullptr), rtc::SSL_SERVER);
+ CreateSSLAdapter(socket_->Accept(nullptr), webrtc::SSL_SERVER);
ssl_adapter_->SetIdentity(ssl_identity_->Clone());
if (ssl_adapter_->StartSSL(GetHostname()) != 0) {
RTC_LOG(LS_ERROR) << "Starting SSL from server failed.";
diff --git a/rtc_base/ssl_stream_adapter.cc b/rtc_base/ssl_stream_adapter.cc
index ec126f2..1e57759 100644
--- a/rtc_base/ssl_stream_adapter.cc
+++ b/rtc_base/ssl_stream_adapter.cc
@@ -23,7 +23,7 @@
#include "rtc_base/ssl_identity.h"
#include "rtc_base/stream.h"
-namespace rtc {
+namespace webrtc {
// Deprecated, prefer SrtpCryptoSuiteToName.
const char kCsAesCm128HmacSha1_80[] = "AES_CM_128_HMAC_SHA1_80";
@@ -81,22 +81,22 @@
}
std::unique_ptr<SSLStreamAdapter> SSLStreamAdapter::Create(
- std::unique_ptr<webrtc::StreamInterface> stream,
- absl::AnyInvocable<void(SSLHandshakeError)> handshake_error,
- const webrtc::FieldTrialsView* field_trials) {
- return std::make_unique<OpenSSLStreamAdapter>(
+ std::unique_ptr<StreamInterface> stream,
+ absl::AnyInvocable<void(webrtc::SSLHandshakeError)> handshake_error,
+ const FieldTrialsView* field_trials) {
+ return std::make_unique<rtc::OpenSSLStreamAdapter>(
std::move(stream), std::move(handshake_error), field_trials);
}
bool SSLStreamAdapter::IsBoringSsl() {
- return OpenSSLStreamAdapter::IsBoringSsl();
+ return rtc::OpenSSLStreamAdapter::IsBoringSsl();
}
-bool SSLStreamAdapter::IsAcceptableCipher(int cipher, KeyType key_type) {
- return OpenSSLStreamAdapter::IsAcceptableCipher(cipher, key_type);
+bool SSLStreamAdapter::IsAcceptableCipher(int cipher, rtc::KeyType key_type) {
+ return rtc::OpenSSLStreamAdapter::IsAcceptableCipher(cipher, key_type);
}
bool SSLStreamAdapter::IsAcceptableCipher(absl::string_view cipher,
- KeyType key_type) {
- return OpenSSLStreamAdapter::IsAcceptableCipher(cipher, key_type);
+ rtc::KeyType key_type) {
+ return rtc::OpenSSLStreamAdapter::IsAcceptableCipher(cipher, key_type);
}
// Default shim for backward compat.
@@ -118,13 +118,13 @@
///////////////////////////////////////////////////////////////////////////////
void SSLStreamAdapter::EnableTimeCallbackForTesting() {
- OpenSSLStreamAdapter::EnableTimeCallbackForTesting();
+ rtc::OpenSSLStreamAdapter::EnableTimeCallbackForTesting();
}
SSLProtocolVersion SSLStreamAdapter::GetMaxSupportedDTLSProtocolVersion() {
- return OpenSSLStreamAdapter::GetMaxSupportedDTLSProtocolVersion();
+ return rtc::OpenSSLStreamAdapter::GetMaxSupportedDTLSProtocolVersion();
}
///////////////////////////////////////////////////////////////////////////////
-} // namespace rtc
+} // namespace webrtc
diff --git a/rtc_base/ssl_stream_adapter.h b/rtc_base/ssl_stream_adapter.h
index 24250b1..dec1c8c 100644
--- a/rtc_base/ssl_stream_adapter.h
+++ b/rtc_base/ssl_stream_adapter.h
@@ -28,7 +28,7 @@
#include "rtc_base/ssl_identity.h"
#include "rtc_base/stream.h"
-namespace rtc {
+namespace webrtc {
// Constants for SSL profile.
constexpr int kTlsNullWithNullNull = 0;
@@ -117,15 +117,16 @@
// Used to send back UMA histogram value. Logged when Dtls handshake fails.
enum class SSLHandshakeError { UNKNOWN, INCOMPATIBLE_CIPHERSUITE, MAX_VALUE };
-class SSLStreamAdapter : public webrtc::StreamInterface {
+class SSLStreamAdapter : public StreamInterface {
public:
// Instantiate an SSLStreamAdapter wrapping the given stream,
// (using the selected implementation for the platform).
// Caller is responsible for freeing the returned object.
static std::unique_ptr<SSLStreamAdapter> Create(
- std::unique_ptr<webrtc::StreamInterface> stream,
- absl::AnyInvocable<void(SSLHandshakeError)> handshake_error = nullptr,
- const webrtc::FieldTrialsView* field_trials = nullptr);
+ std::unique_ptr<StreamInterface> stream,
+ absl::AnyInvocable<void(webrtc::SSLHandshakeError)> handshake_error =
+ nullptr,
+ const FieldTrialsView* field_trials = nullptr);
SSLStreamAdapter() = default;
~SSLStreamAdapter() override = default;
@@ -133,8 +134,8 @@
// Specify our SSL identity: key and certificate. SSLStream takes ownership
// of the SSLIdentity object and will free it when appropriate. Should be
// called no more than once on a given SSLStream instance.
- virtual void SetIdentity(std::unique_ptr<SSLIdentity> identity) = 0;
- virtual SSLIdentity* GetIdentityForTesting() const = 0;
+ virtual void SetIdentity(std::unique_ptr<rtc::SSLIdentity> identity) = 0;
+ virtual rtc::SSLIdentity* GetIdentityForTesting() const = 0;
// Call this to indicate that we are to play the server role (or client role,
// if the default argument is replaced by SSL_CLIENT).
@@ -195,7 +196,7 @@
// Retrieves the peer's certificate chain including leaf certificate, if a
// connection has been established.
- virtual std::unique_ptr<SSLCertChain> GetPeerSSLCertChain() const = 0;
+ virtual std::unique_ptr<rtc::SSLCertChain> GetPeerSSLCertChain() const = 0;
// Retrieves the IANA registration id of the cipher suite used for the
// connection (e.g. 0x2F for "TLS_RSA_WITH_AES_128_CBC_SHA").
@@ -237,8 +238,9 @@
// Returns true iff the supplied cipher is deemed to be strong.
// TODO(torbjorng): Consider removing the KeyType argument.
- static bool IsAcceptableCipher(int cipher, KeyType key_type);
- static bool IsAcceptableCipher(absl::string_view cipher, KeyType key_type);
+ static bool IsAcceptableCipher(int cipher, rtc::KeyType key_type);
+ static bool IsAcceptableCipher(absl::string_view cipher,
+ rtc::KeyType key_type);
////////////////////////////////////////////////////////////////////////////
// Testing only member functions
@@ -269,6 +271,50 @@
bool client_auth_enabled_ = true;
};
+} // namespace webrtc
+
+// Re-export symbols from the webrtc namespace for backwards compatibility.
+// TODO(bugs.webrtc.org/4222596): Remove once all references are updated.
+namespace rtc {
+using ::webrtc::GetSrtpKeyAndSaltLengths;
+using ::webrtc::IsGcmCryptoSuite;
+using ::webrtc::kCsAeadAes128Gcm;
+using ::webrtc::kCsAeadAes256Gcm;
+using ::webrtc::kCsAesCm128HmacSha1_32;
+using ::webrtc::kCsAesCm128HmacSha1_80;
+using ::webrtc::kDtls10VersionBytes;
+using ::webrtc::kDtls12VersionBytes;
+using ::webrtc::kDtls13VersionBytes;
+using ::webrtc::kSrtpAeadAes128Gcm;
+using ::webrtc::kSrtpAeadAes256Gcm;
+using ::webrtc::kSrtpAes128CmSha1_32;
+using ::webrtc::kSrtpAes128CmSha1_80;
+using ::webrtc::kSrtpCryptoSuiteMaxValue;
+using ::webrtc::kSrtpInvalidCryptoSuite;
+using ::webrtc::kSslCipherSuiteMaxValue;
+using ::webrtc::kSslSignatureAlgorithmMaxValue;
+using ::webrtc::kSslSignatureAlgorithmUnknown;
+using ::webrtc::kTlsNullWithNullNull;
+using ::webrtc::SrtpCryptoSuiteToName;
+using ::webrtc::SSE_MSG_TRUNC;
+using ::webrtc::SSL_CLIENT;
+using ::webrtc::SSL_MODE_DTLS;
+using ::webrtc::SSL_MODE_TLS;
+using ::webrtc::SSL_PROTOCOL_DTLS_10;
+using ::webrtc::SSL_PROTOCOL_DTLS_12;
+using ::webrtc::SSL_PROTOCOL_DTLS_13;
+using ::webrtc::SSL_PROTOCOL_NOT_GIVEN;
+using ::webrtc::SSL_PROTOCOL_TLS_10;
+using ::webrtc::SSL_PROTOCOL_TLS_11;
+using ::webrtc::SSL_PROTOCOL_TLS_12;
+using ::webrtc::SSL_PROTOCOL_TLS_13;
+using ::webrtc::SSL_SERVER;
+using ::webrtc::SSLHandshakeError;
+using ::webrtc::SSLMode;
+using ::webrtc::SSLPeerCertificateDigestError;
+using ::webrtc::SSLProtocolVersion;
+using ::webrtc::SSLRole;
+using ::webrtc::SSLStreamAdapter;
} // namespace rtc
#endif // RTC_BASE_SSL_STREAM_ADAPTER_H_
diff --git a/rtc_base/ssl_stream_adapter_unittest.cc b/rtc_base/ssl_stream_adapter_unittest.cc
index a4ad19c..255615e 100644
--- a/rtc_base/ssl_stream_adapter_unittest.cc
+++ b/rtc_base/ssl_stream_adapter_unittest.cc
@@ -469,13 +469,13 @@
std::unique_ptr<ScopedFieldTrials> trial(
client_experiment.empty() ? nullptr
: new ScopedFieldTrials(client_experiment));
- client_ssl_ = rtc::SSLStreamAdapter::Create(CreateClientStream());
+ client_ssl_ = webrtc::SSLStreamAdapter::Create(CreateClientStream());
}
{
std::unique_ptr<ScopedFieldTrials> trial(
server_experiment.empty() ? nullptr
: new ScopedFieldTrials(server_experiment));
- server_ssl_ = rtc::SSLStreamAdapter::Create(CreateServerStream());
+ server_ssl_ = webrtc::SSLStreamAdapter::Create(CreateServerStream());
}
client_ssl_->SetEventCallback(
[this](int events, int err) { OnClientEvent(events, err); });
@@ -515,11 +515,11 @@
rtc::Buffer client_digest(0, EVP_MAX_MD_SIZE);
size_t client_digest_len;
bool rv;
- rtc::SSLPeerCertificateDigestError err;
- rtc::SSLPeerCertificateDigestError expected_err =
+ webrtc::SSLPeerCertificateDigestError err;
+ webrtc::SSLPeerCertificateDigestError expected_err =
expect_success
- ? rtc::SSLPeerCertificateDigestError::NONE
- : rtc::SSLPeerCertificateDigestError::VERIFICATION_FAILED;
+ ? webrtc::SSLPeerCertificateDigestError::NONE
+ : webrtc::SSLPeerCertificateDigestError::VERIFICATION_FAILED;
RTC_LOG(LS_INFO) << "Setting peer identities by digest";
RTC_DCHECK(server_identity());
@@ -555,8 +555,8 @@
identities_set_ = true;
}
- void SetupProtocolVersions(rtc::SSLProtocolVersion server_version,
- rtc::SSLProtocolVersion client_version) {
+ void SetupProtocolVersions(webrtc::SSLProtocolVersion server_version,
+ webrtc::SSLProtocolVersion client_version) {
server_ssl_->SetMaxProtocolVersion(server_version);
client_ssl_->SetMaxProtocolVersion(client_version);
}
@@ -715,11 +715,11 @@
}
// Set the peer certificate digest for the client.
- rtc::SSLPeerCertificateDigestError err;
- rtc::SSLPeerCertificateDigestError expected_err =
+ webrtc::SSLPeerCertificateDigestError err;
+ webrtc::SSLPeerCertificateDigestError expected_err =
valid_identity
- ? rtc::SSLPeerCertificateDigestError::NONE
- : rtc::SSLPeerCertificateDigestError::VERIFICATION_FAILED;
+ ? webrtc::SSLPeerCertificateDigestError::NONE
+ : webrtc::SSLPeerCertificateDigestError::VERIFICATION_FAILED;
err =
client_ssl_->SetPeerCertificateDigest(digest_algorithm_, server_digest);
EXPECT_EQ(expected_err, err);
@@ -885,8 +885,8 @@
rtc::KeyParams server_key_type_;
std::string digest_algorithm_;
size_t digest_length_;
- std::unique_ptr<rtc::SSLStreamAdapter> client_ssl_;
- std::unique_ptr<rtc::SSLStreamAdapter> server_ssl_;
+ std::unique_ptr<webrtc::SSLStreamAdapter> client_ssl_;
+ std::unique_ptr<webrtc::SSLStreamAdapter> server_ssl_;
int delay_;
size_t mtu_;
int loss_;
@@ -1143,7 +1143,8 @@
// DTLS 1.2 has different cipher suite than 1.3.
TEST_P(SSLStreamAdapterTestDTLSHandshake, TestGetSslCipherSuite) {
webrtc::test::ScopedFieldTrials trials("WebRTC-ForceDtls13/Off/");
- SetupProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12);
+ SetupProtocolVersions(webrtc::SSL_PROTOCOL_DTLS_12,
+ webrtc::SSL_PROTOCOL_DTLS_12);
TestHandshake();
int client_cipher;
@@ -1152,7 +1153,7 @@
ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));
ASSERT_EQ(client_cipher, server_cipher);
- ASSERT_TRUE(rtc::SSLStreamAdapter::IsAcceptableCipher(
+ ASSERT_TRUE(webrtc::SSLStreamAdapter::IsAcceptableCipher(
server_cipher, ::testing::get<1>(GetParam()).type()));
}
@@ -1275,7 +1276,7 @@
// Test DTLS-SRTP with SrtpAes128CmSha1_80
TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpAes128CmSha1_80) {
- const std::vector<int> crypto_suites = {rtc::kSrtpAes128CmSha1_80};
+ const std::vector<int> crypto_suites = {webrtc::kSrtpAes128CmSha1_80};
SetDtlsSrtpCryptoSuites(crypto_suites, true);
SetDtlsSrtpCryptoSuites(crypto_suites, false);
TestHandshake();
@@ -1286,12 +1287,12 @@
ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
ASSERT_EQ(client_cipher, server_cipher);
- ASSERT_EQ(client_cipher, rtc::kSrtpAes128CmSha1_80);
+ ASSERT_EQ(client_cipher, webrtc::kSrtpAes128CmSha1_80);
}
// Test DTLS-SRTP with SrtpAes128CmSha1_32
TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpAes128CmSha1_32) {
- const std::vector<int> crypto_suites = {rtc::kSrtpAes128CmSha1_32};
+ const std::vector<int> crypto_suites = {webrtc::kSrtpAes128CmSha1_32};
SetDtlsSrtpCryptoSuites(crypto_suites, true);
SetDtlsSrtpCryptoSuites(crypto_suites, false);
TestHandshake();
@@ -1302,13 +1303,13 @@
ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
ASSERT_EQ(client_cipher, server_cipher);
- ASSERT_EQ(client_cipher, rtc::kSrtpAes128CmSha1_32);
+ ASSERT_EQ(client_cipher, webrtc::kSrtpAes128CmSha1_32);
}
// Test DTLS-SRTP with incompatible cipher suites -- should not converge.
TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpIncompatibleCipherSuites) {
- SetDtlsSrtpCryptoSuites({rtc::kSrtpAes128CmSha1_80}, true);
- SetDtlsSrtpCryptoSuites({rtc::kSrtpAes128CmSha1_32}, false);
+ SetDtlsSrtpCryptoSuites({webrtc::kSrtpAes128CmSha1_80}, true);
+ SetDtlsSrtpCryptoSuites({webrtc::kSrtpAes128CmSha1_32}, false);
TestHandshake();
int client_cipher;
@@ -1320,8 +1321,8 @@
// Test DTLS-SRTP with each side being mixed -- should select the stronger
// cipher.
TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpMixed) {
- const std::vector<int> crypto_suites = {rtc::kSrtpAes128CmSha1_80,
- rtc::kSrtpAes128CmSha1_32};
+ const std::vector<int> crypto_suites = {webrtc::kSrtpAes128CmSha1_80,
+ webrtc::kSrtpAes128CmSha1_32};
SetDtlsSrtpCryptoSuites(crypto_suites, true);
SetDtlsSrtpCryptoSuites(crypto_suites, false);
TestHandshake();
@@ -1332,12 +1333,12 @@
ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
ASSERT_EQ(client_cipher, server_cipher);
- ASSERT_EQ(client_cipher, rtc::kSrtpAes128CmSha1_80);
+ ASSERT_EQ(client_cipher, webrtc::kSrtpAes128CmSha1_80);
}
// Test DTLS-SRTP with SrtpAeadAes128Gcm.
TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpAeadAes128Gcm) {
- std::vector<int> crypto_suites = {rtc::kSrtpAeadAes128Gcm};
+ std::vector<int> crypto_suites = {webrtc::kSrtpAeadAes128Gcm};
SetDtlsSrtpCryptoSuites(crypto_suites, true);
SetDtlsSrtpCryptoSuites(crypto_suites, false);
TestHandshake();
@@ -1348,12 +1349,12 @@
ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
ASSERT_EQ(client_cipher, server_cipher);
- ASSERT_EQ(client_cipher, rtc::kSrtpAeadAes128Gcm);
+ ASSERT_EQ(client_cipher, webrtc::kSrtpAeadAes128Gcm);
}
// Test DTLS-SRTP with all GCM-256 ciphers.
TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCM256) {
- std::vector<int> crypto_suites = {rtc::kSrtpAeadAes256Gcm};
+ std::vector<int> crypto_suites = {webrtc::kSrtpAeadAes256Gcm};
SetDtlsSrtpCryptoSuites(crypto_suites, true);
SetDtlsSrtpCryptoSuites(crypto_suites, false);
TestHandshake();
@@ -1364,13 +1365,13 @@
ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
ASSERT_EQ(client_cipher, server_cipher);
- ASSERT_EQ(client_cipher, rtc::kSrtpAeadAes256Gcm);
+ ASSERT_EQ(client_cipher, webrtc::kSrtpAeadAes256Gcm);
}
// Test DTLS-SRTP with incompatbile GCM-128/-256 ciphers -- should not converge.
TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpIncompatibleGcmCipherSuites) {
- SetDtlsSrtpCryptoSuites({rtc::kSrtpAeadAes128Gcm}, true);
- SetDtlsSrtpCryptoSuites({rtc::kSrtpAeadAes256Gcm}, false);
+ SetDtlsSrtpCryptoSuites({webrtc::kSrtpAeadAes128Gcm}, true);
+ SetDtlsSrtpCryptoSuites({webrtc::kSrtpAeadAes256Gcm}, false);
TestHandshake();
int client_cipher;
@@ -1381,8 +1382,8 @@
// Test DTLS-SRTP with both GCM-128/-256 ciphers -- should select GCM-256.
TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpGCMMixed) {
- std::vector<int> crypto_suites = {rtc::kSrtpAeadAes256Gcm,
- rtc::kSrtpAeadAes128Gcm};
+ std::vector<int> crypto_suites = {webrtc::kSrtpAeadAes256Gcm,
+ webrtc::kSrtpAeadAes128Gcm};
SetDtlsSrtpCryptoSuites(crypto_suites, true);
SetDtlsSrtpCryptoSuites(crypto_suites, false);
TestHandshake();
@@ -1393,7 +1394,7 @@
ASSERT_TRUE(GetDtlsSrtpCryptoSuite(false, &server_cipher));
ASSERT_EQ(client_cipher, server_cipher);
- ASSERT_EQ(client_cipher, rtc::kSrtpAeadAes256Gcm);
+ ASSERT_EQ(client_cipher, webrtc::kSrtpAeadAes256Gcm);
}
// Test SRTP cipher suite lengths.
@@ -1401,33 +1402,33 @@
int key_len;
int salt_len;
- ASSERT_FALSE(rtc::GetSrtpKeyAndSaltLengths(rtc::kSrtpInvalidCryptoSuite,
- &key_len, &salt_len));
+ ASSERT_FALSE(webrtc::GetSrtpKeyAndSaltLengths(webrtc::kSrtpInvalidCryptoSuite,
+ &key_len, &salt_len));
- ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::kSrtpAes128CmSha1_32, &key_len,
- &salt_len));
+ ASSERT_TRUE(webrtc::GetSrtpKeyAndSaltLengths(webrtc::kSrtpAes128CmSha1_32,
+ &key_len, &salt_len));
ASSERT_EQ(128 / 8, key_len);
ASSERT_EQ(112 / 8, salt_len);
- ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::kSrtpAes128CmSha1_80, &key_len,
- &salt_len));
+ ASSERT_TRUE(webrtc::GetSrtpKeyAndSaltLengths(webrtc::kSrtpAes128CmSha1_80,
+ &key_len, &salt_len));
ASSERT_EQ(128 / 8, key_len);
ASSERT_EQ(112 / 8, salt_len);
- ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::kSrtpAeadAes128Gcm, &key_len,
- &salt_len));
+ ASSERT_TRUE(webrtc::GetSrtpKeyAndSaltLengths(webrtc::kSrtpAeadAes128Gcm,
+ &key_len, &salt_len));
ASSERT_EQ(128 / 8, key_len);
ASSERT_EQ(96 / 8, salt_len);
- ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(rtc::kSrtpAeadAes256Gcm, &key_len,
- &salt_len));
+ ASSERT_TRUE(webrtc::GetSrtpKeyAndSaltLengths(webrtc::kSrtpAeadAes256Gcm,
+ &key_len, &salt_len));
ASSERT_EQ(256 / 8, key_len);
ASSERT_EQ(96 / 8, salt_len);
}
// Test the DTLS-SRTP key exporter
TEST_F(SSLStreamAdapterTestDTLS, TestDTLSSrtpExporter) {
- const std::vector<int> crypto_suites = {rtc::kSrtpAes128CmSha1_80};
+ const std::vector<int> crypto_suites = {webrtc::kSrtpAes128CmSha1_80};
SetDtlsSrtpCryptoSuites(crypto_suites, true);
SetDtlsSrtpCryptoSuites(crypto_suites, false);
@@ -1436,8 +1437,8 @@
EXPECT_TRUE(GetDtlsSrtpCryptoSuite(/*client=*/false, &selected_crypto_suite));
int key_len;
int salt_len;
- ASSERT_TRUE(rtc::GetSrtpKeyAndSaltLengths(selected_crypto_suite, &key_len,
- &salt_len));
+ ASSERT_TRUE(webrtc::GetSrtpKeyAndSaltLengths(selected_crypto_suite, &key_len,
+ &salt_len));
rtc::ZeroOnFreeBuffer<uint8_t> client_out(2 * (key_len + salt_len));
rtc::ZeroOnFreeBuffer<uint8_t> server_out(2 * (key_len + salt_len));
@@ -1505,23 +1506,23 @@
#pragma clang diagnostic ignored "-Wdeprecated-declarations"
TEST_F(SSLStreamAdapterTestDTLSFromPEMStrings,
DeprecatedSetPeerCertificateDigest) {
- rtc::SSLPeerCertificateDigestError error;
+ webrtc::SSLPeerCertificateDigestError error;
// Pass in a wrong length to trigger an error.
bool ret = client_ssl_->SetPeerCertificateDigest(rtc::DIGEST_SHA_256, {},
/*length=*/0, &error);
EXPECT_FALSE(ret);
- EXPECT_EQ(error, rtc::SSLPeerCertificateDigestError::INVALID_LENGTH);
+ EXPECT_EQ(error, webrtc::SSLPeerCertificateDigestError::INVALID_LENGTH);
}
#pragma clang diagnostic pop
struct SSLStreamAdapterTestDTLSHandshakeVersion
: public SSLStreamAdapterTestDTLS,
public WithParamInterface<std::tuple<
- /* client*/ rtc::SSLProtocolVersion,
- /* server*/ rtc::SSLProtocolVersion>> {
- rtc::SSLProtocolVersion GetMin(
- const std::vector<rtc::SSLProtocolVersion>& array) {
- rtc::SSLProtocolVersion min = array[0];
+ /* client*/ webrtc::SSLProtocolVersion,
+ /* server*/ webrtc::SSLProtocolVersion>> {
+ webrtc::SSLProtocolVersion GetMin(
+ const std::vector<webrtc::SSLProtocolVersion>& array) {
+ webrtc::SSLProtocolVersion min = array[0];
for (const auto& e : array) {
if (static_cast<int>(e) < static_cast<int>(min)) {
min = e;
@@ -1529,14 +1530,14 @@
}
return min;
}
- uint16_t AsDtlsVersionBytes(rtc::SSLProtocolVersion version) {
+ uint16_t AsDtlsVersionBytes(webrtc::SSLProtocolVersion version) {
switch (version) {
- case rtc::SSL_PROTOCOL_DTLS_10:
- return rtc::kDtls10VersionBytes;
- case rtc::SSL_PROTOCOL_DTLS_12:
- return rtc::kDtls12VersionBytes;
- case rtc::SSL_PROTOCOL_DTLS_13:
- return rtc::kDtls13VersionBytes;
+ case webrtc::SSL_PROTOCOL_DTLS_10:
+ return webrtc::kDtls10VersionBytes;
+ case webrtc::SSL_PROTOCOL_DTLS_12:
+ return webrtc::kDtls12VersionBytes;
+ case webrtc::SSL_PROTOCOL_DTLS_13:
+ return webrtc::kDtls13VersionBytes;
default:
break;
}
@@ -1544,11 +1545,12 @@
}
};
-INSTANTIATE_TEST_SUITE_P(
- SSLStreamAdapterTestDTLSHandshakeVersion,
- SSLStreamAdapterTestDTLSHandshakeVersion,
- Combine(Values(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_13),
- Values(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_13)));
+INSTANTIATE_TEST_SUITE_P(SSLStreamAdapterTestDTLSHandshakeVersion,
+ SSLStreamAdapterTestDTLSHandshakeVersion,
+ Combine(Values(webrtc::SSL_PROTOCOL_DTLS_12,
+ webrtc::SSL_PROTOCOL_DTLS_13),
+ Values(webrtc::SSL_PROTOCOL_DTLS_12,
+ webrtc::SSL_PROTOCOL_DTLS_13)));
TEST_P(SSLStreamAdapterTestDTLSHandshakeVersion, TestGetSslVersionBytes) {
webrtc::test::ScopedFieldTrials trials("WebRTC-ForceDtls13/Off/");
@@ -1562,9 +1564,9 @@
ASSERT_TRUE(GetSslVersionBytes(true, &client_version));
ASSERT_TRUE(GetSslVersionBytes(false, &server_version));
- rtc::SSLProtocolVersion expect =
+ webrtc::SSLProtocolVersion expect =
GetMin({client, server,
- rtc::SSLStreamAdapter::GetMaxSupportedDTLSProtocolVersion()});
+ webrtc::SSLStreamAdapter::GetMaxSupportedDTLSProtocolVersion()});
auto expect_bytes = AsDtlsVersionBytes(expect);
EXPECT_EQ(client_version, expect_bytes);
@@ -1584,6 +1586,6 @@
ASSERT_TRUE(GetSslCipherSuite(false, &server_cipher));
ASSERT_EQ(client_cipher, server_cipher);
- ASSERT_TRUE(rtc::SSLStreamAdapter::IsAcceptableCipher(server_cipher,
- rtc::KT_DEFAULT));
+ ASSERT_TRUE(webrtc::SSLStreamAdapter::IsAcceptableCipher(server_cipher,
+ rtc::KT_DEFAULT));
}
diff --git a/test/test_main_lib.cc b/test/test_main_lib.cc
index 08f9b4e..1922df0 100644
--- a/test/test_main_lib.cc
+++ b/test/test_main_lib.cc
@@ -155,7 +155,7 @@
// Initialize SSL which are used by several tests.
rtc::InitializeSSL();
- rtc::SSLStreamAdapter::EnableTimeCallbackForTesting();
+ SSLStreamAdapter::EnableTimeCallbackForTesting();
return 0;
}
