Adding upstream version 124.0.1.upstream/124.0.1

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 124 insertions, 0 deletions

diff --git a/third_party/libwebrtc/rtc_base/ssl_adapter.h b/third_party/libwebrtc/rtc_base/ssl_adapter.h
new file mode 100644
index 0000000000..4b8b9c74e0
--- /dev/null
+++ b/third_party/libwebrtc/rtc_base/ssl_adapter.h
@@ -0,0 +1,124 @@
+/*
+ *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+#ifndef RTC_BASE_SSL_ADAPTER_H_
+#define RTC_BASE_SSL_ADAPTER_H_
+
+#include <string>
+#include <vector>
+
+#include "absl/strings/string_view.h"
+#include "rtc_base/async_socket.h"
+#include "rtc_base/ssl_certificate.h"
+#include "rtc_base/ssl_identity.h"
+#include "rtc_base/ssl_stream_adapter.h"
+#include "rtc_base/system/rtc_export.h"
+
+namespace rtc {
+
+class SSLAdapter;
+
+// Class for creating SSL adapters with shared state, e.g., a session cache,
+// which allows clients to resume SSL sessions to previously-contacted hosts.
+// Clients should create the factory using Create(), set up the factory as
+// needed using SetMode, and then call CreateAdapter to create adapters when
+// needed.
+class SSLAdapterFactory {
+ public:
+  virtual ~SSLAdapterFactory() {}
+
+  // Specifies whether TLS or DTLS is to be used for the SSL adapters.
+  virtual void SetMode(SSLMode mode) = 0;
+
+  // Specify a custom certificate verifier for SSL.
+  virtual void SetCertVerifier(SSLCertificateVerifier* ssl_cert_verifier) = 0;
+
+  // Set the certificate this socket will present to incoming clients.
+  // Takes ownership of `identity`.
+  virtual void SetIdentity(std::unique_ptr<SSLIdentity> identity) = 0;
+
+  // Choose whether the socket acts as a server socket or client socket.
+  virtual void SetRole(SSLRole role) = 0;
+
+  // Methods that control server certificate verification, used in unit tests.
+  // Do not call these methods in production code.
+  virtual void SetIgnoreBadCert(bool ignore) = 0;
+
+  // Creates a new SSL adapter, but from a shared context.
+  virtual SSLAdapter* CreateAdapter(Socket* socket) = 0;
+
+  static std::unique_ptr<SSLAdapterFactory> Create();
+};
+
+// Class that abstracts a client-to-server SSL session. It can be created
+// standalone, via SSLAdapter::Create, or through a factory as described above,
+// in which case it will share state with other SSLAdapters created from the
+// same factory.
+// After creation, call StartSSL to initiate the SSL handshake to the server.
+class SSLAdapter : public AsyncSocketAdapter {
+ public:
+  explicit SSLAdapter(Socket* socket) : AsyncSocketAdapter(socket) {}
+
+  // Methods that control server certificate verification, used in unit tests.
+  // Do not call these methods in production code.
+  // TODO(juberti): Remove the opportunistic encryption mechanism in
+  // BasicPacketSocketFactory that uses this function.
+  virtual void SetIgnoreBadCert(bool ignore) = 0;
+
+  virtual void SetAlpnProtocols(const std::vector<std::string>& protos) = 0;
+  virtual void SetEllipticCurves(const std::vector<std::string>& curves) = 0;
+
+  // Do DTLS or TLS (default is TLS, if unspecified)
+  virtual void SetMode(SSLMode mode) = 0;
+  // Specify a custom certificate verifier for SSL.
+  virtual void SetCertVerifier(SSLCertificateVerifier* ssl_cert_verifier) = 0;
+
+  // Set the certificate this socket will present to incoming clients.
+  // Takes ownership of `identity`.
+  virtual void SetIdentity(std::unique_ptr<SSLIdentity> identity) = 0;
+
+  // Choose whether the socket acts as a server socket or client socket.
+  virtual void SetRole(SSLRole role) = 0;
+
+  // StartSSL returns 0 if successful.
+  // If StartSSL is called while the socket is closed or connecting, the SSL
+  // negotiation will begin as soon as the socket connects.
+  virtual int StartSSL(absl::string_view hostname) = 0;
+
+  // When an SSLAdapterFactory is used, an SSLAdapter may be used to resume
+  // a previous SSL session, which results in an abbreviated handshake.
+  // This method, if called after SSL has been established for this adapter,
+  // indicates whether the current session is a resumption of a previous
+  // session.
+  virtual bool IsResumedSession() = 0;
+
+  // Create the default SSL adapter for this platform. On failure, returns null
+  // and deletes `socket`. Otherwise, the returned SSLAdapter takes ownership
+  // of `socket`.
+  static SSLAdapter* Create(Socket* socket);
+
+ private:
+  // Not supported.
+  int Listen(int backlog) override { RTC_CHECK(false); }
+  Socket* Accept(SocketAddress* paddr) override { RTC_CHECK(false); }
+};
+
+///////////////////////////////////////////////////////////////////////////////
+
+// Call this on the main thread, before using SSL.
+// Call CleanupSSL when finished with SSL.
+RTC_EXPORT bool InitializeSSL();
+
+// Call to cleanup additional threads, and also the main thread.
+RTC_EXPORT bool CleanupSSL();
+
+}  // namespace rtc
+
+#endif  // RTC_BASE_SSL_ADAPTER_H_