OLD | NEW |
1 /* | 1 /* |
2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2011 The WebRTC Project Authors. All rights reserved. |
3 * | 3 * |
4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
9 */ | 9 */ |
10 | 10 |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
55 packet_size_(0), | 55 packet_size_(0), |
56 use_dtls_srtp_(false), | 56 use_dtls_srtp_(false), |
57 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10), | 57 ssl_max_version_(rtc::SSL_PROTOCOL_DTLS_10), |
58 negotiated_dtls_(false), | 58 negotiated_dtls_(false), |
59 received_dtls_client_hello_(false), | 59 received_dtls_client_hello_(false), |
60 received_dtls_server_hello_(false) { | 60 received_dtls_server_hello_(false) { |
61 } | 61 } |
62 void SetIceProtocol(cricket::TransportProtocol proto) { | 62 void SetIceProtocol(cricket::TransportProtocol proto) { |
63 protocol_ = proto; | 63 protocol_ = proto; |
64 } | 64 } |
65 void CreateIdentity() { | 65 void CreateIdentity(rtc::KeyType key_type) { |
66 identity_.reset(rtc::SSLIdentity::Generate(name_)); | 66 identity_.reset(rtc::SSLIdentity::Generate(name_, key_type)); |
67 } | 67 } |
68 rtc::SSLIdentity* identity() { return identity_.get(); } | 68 rtc::SSLIdentity* identity() { return identity_.get(); } |
69 void SetupSrtp() { | 69 void SetupSrtp() { |
70 ASSERT(identity_.get() != NULL); | 70 ASSERT(identity_.get() != NULL); |
71 use_dtls_srtp_ = true; | 71 use_dtls_srtp_ = true; |
72 } | 72 } |
73 void SetupMaxProtocolVersion(rtc::SSLProtocolVersion version) { | 73 void SetupMaxProtocolVersion(rtc::SSLProtocolVersion version) { |
74 ASSERT(transport_.get() == NULL); | 74 ASSERT(transport_.get() == NULL); |
75 ssl_max_version_ = version; | 75 ssl_max_version_ = version; |
76 } | 76 } |
(...skipping 328 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
405 | 405 |
406 void SetChannelCount(size_t channel_ct) { | 406 void SetChannelCount(size_t channel_ct) { |
407 channel_ct_ = static_cast<int>(channel_ct); | 407 channel_ct_ = static_cast<int>(channel_ct); |
408 } | 408 } |
409 void SetMaxProtocolVersions(rtc::SSLProtocolVersion c1, | 409 void SetMaxProtocolVersions(rtc::SSLProtocolVersion c1, |
410 rtc::SSLProtocolVersion c2) { | 410 rtc::SSLProtocolVersion c2) { |
411 client1_.SetupMaxProtocolVersion(c1); | 411 client1_.SetupMaxProtocolVersion(c1); |
412 client2_.SetupMaxProtocolVersion(c2); | 412 client2_.SetupMaxProtocolVersion(c2); |
413 ssl_expected_version_ = std::min(c1, c2); | 413 ssl_expected_version_ = std::min(c1, c2); |
414 } | 414 } |
415 void PrepareDtls(bool c1, bool c2) { | 415 void PrepareDtls(bool c1, bool c2, rtc::KeyType key_type) { |
416 if (c1) { | 416 if (c1) { |
417 client1_.CreateIdentity(); | 417 client1_.CreateIdentity(key_type); |
418 } | 418 } |
419 if (c2) { | 419 if (c2) { |
420 client2_.CreateIdentity(); | 420 client2_.CreateIdentity(key_type); |
421 } | 421 } |
422 if (c1 && c2) | 422 if (c1 && c2) |
423 use_dtls_ = true; | 423 use_dtls_ = true; |
424 } | 424 } |
425 void PrepareDtlsSrtp(bool c1, bool c2) { | 425 void PrepareDtlsSrtp(bool c1, bool c2) { |
426 if (!use_dtls_) | 426 if (!use_dtls_) |
427 return; | 427 return; |
428 | 428 |
429 if (c1) | 429 if (c1) |
430 client1_.SetupSrtp(); | 430 client1_.SetupSrtp(); |
(...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
609 TEST_F(DtlsTransportChannelTest, TestTransferSrtpTwoChannels) { | 609 TEST_F(DtlsTransportChannelTest, TestTransferSrtpTwoChannels) { |
610 SetChannelCount(2); | 610 SetChannelCount(2); |
611 ASSERT_TRUE(Connect()); | 611 ASSERT_TRUE(Connect()); |
612 TestTransfer(0, 1000, 100, true); | 612 TestTransfer(0, 1000, 100, true); |
613 TestTransfer(1, 1000, 100, true); | 613 TestTransfer(1, 1000, 100, true); |
614 } | 614 } |
615 | 615 |
616 // Connect with DTLS, and transfer some data. | 616 // Connect with DTLS, and transfer some data. |
617 TEST_F(DtlsTransportChannelTest, TestTransferDtls) { | 617 TEST_F(DtlsTransportChannelTest, TestTransferDtls) { |
618 MAYBE_SKIP_TEST(HaveDtls); | 618 MAYBE_SKIP_TEST(HaveDtls); |
619 PrepareDtls(true, true); | 619 PrepareDtls(true, true, rtc::KT_DEFAULT); |
620 ASSERT_TRUE(Connect()); | 620 ASSERT_TRUE(Connect()); |
621 TestTransfer(0, 1000, 100, false); | 621 TestTransfer(0, 1000, 100, false); |
622 } | 622 } |
623 | 623 |
624 // Create two channels with DTLS, and transfer some data. | 624 // Create two channels with DTLS, and transfer some data. |
625 TEST_F(DtlsTransportChannelTest, TestTransferDtlsTwoChannels) { | 625 TEST_F(DtlsTransportChannelTest, TestTransferDtlsTwoChannels) { |
626 MAYBE_SKIP_TEST(HaveDtls); | 626 MAYBE_SKIP_TEST(HaveDtls); |
627 SetChannelCount(2); | 627 SetChannelCount(2); |
628 PrepareDtls(true, true); | 628 PrepareDtls(true, true, rtc::KT_DEFAULT); |
629 ASSERT_TRUE(Connect()); | 629 ASSERT_TRUE(Connect()); |
630 TestTransfer(0, 1000, 100, false); | 630 TestTransfer(0, 1000, 100, false); |
631 TestTransfer(1, 1000, 100, false); | 631 TestTransfer(1, 1000, 100, false); |
632 } | 632 } |
633 | 633 |
634 // Connect with A doing DTLS and B not, and transfer some data. | 634 // Connect with A doing DTLS and B not, and transfer some data. |
635 TEST_F(DtlsTransportChannelTest, TestTransferDtlsRejected) { | 635 TEST_F(DtlsTransportChannelTest, TestTransferDtlsRejected) { |
636 PrepareDtls(true, false); | 636 PrepareDtls(true, false, rtc::KT_DEFAULT); |
637 ASSERT_TRUE(Connect()); | 637 ASSERT_TRUE(Connect()); |
638 TestTransfer(0, 1000, 100, false); | 638 TestTransfer(0, 1000, 100, false); |
639 } | 639 } |
640 | 640 |
641 // Connect with B doing DTLS and A not, and transfer some data. | 641 // Connect with B doing DTLS and A not, and transfer some data. |
642 TEST_F(DtlsTransportChannelTest, TestTransferDtlsNotOffered) { | 642 TEST_F(DtlsTransportChannelTest, TestTransferDtlsNotOffered) { |
643 PrepareDtls(false, true); | 643 PrepareDtls(false, true, rtc::KT_DEFAULT); |
644 ASSERT_TRUE(Connect()); | 644 ASSERT_TRUE(Connect()); |
645 TestTransfer(0, 1000, 100, false); | 645 TestTransfer(0, 1000, 100, false); |
646 } | 646 } |
647 | 647 |
648 // Create two channels with DTLS 1.0 and check ciphers. | 648 // Create two channels with DTLS 1.0 and check ciphers. |
649 TEST_F(DtlsTransportChannelTest, TestDtls12None) { | 649 TEST_F(DtlsTransportChannelTest, TestDtls12None) { |
650 MAYBE_SKIP_TEST(HaveDtls); | 650 MAYBE_SKIP_TEST(HaveDtls); |
651 SetChannelCount(2); | 651 SetChannelCount(2); |
652 PrepareDtls(true, true); | 652 PrepareDtls(true, true, rtc::KT_DEFAULT); |
653 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10); | 653 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_10); |
654 ASSERT_TRUE(Connect()); | 654 ASSERT_TRUE(Connect()); |
655 } | 655 } |
656 | 656 |
657 // Create two channels with DTLS 1.2 and check ciphers. | 657 // Create two channels with DTLS 1.2 and check ciphers. |
658 TEST_F(DtlsTransportChannelTest, TestDtls12Both) { | 658 TEST_F(DtlsTransportChannelTest, TestDtls12Both) { |
659 MAYBE_SKIP_TEST(HaveDtls); | 659 MAYBE_SKIP_TEST(HaveDtls); |
660 SetChannelCount(2); | 660 SetChannelCount(2); |
661 PrepareDtls(true, true); | 661 PrepareDtls(true, true, rtc::KT_DEFAULT); |
662 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); | 662 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_12); |
663 ASSERT_TRUE(Connect()); | 663 ASSERT_TRUE(Connect()); |
664 } | 664 } |
665 | 665 |
666 // Create two channels with DTLS 1.0 / DTLS 1.2 and check ciphers. | 666 // Create two channels with DTLS 1.0 / DTLS 1.2 and check ciphers. |
667 TEST_F(DtlsTransportChannelTest, TestDtls12Client1) { | 667 TEST_F(DtlsTransportChannelTest, TestDtls12Client1) { |
668 MAYBE_SKIP_TEST(HaveDtls); | 668 MAYBE_SKIP_TEST(HaveDtls); |
669 SetChannelCount(2); | 669 SetChannelCount(2); |
670 PrepareDtls(true, true); | 670 PrepareDtls(true, true, rtc::KT_DEFAULT); |
671 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10); | 671 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_12, rtc::SSL_PROTOCOL_DTLS_10); |
672 ASSERT_TRUE(Connect()); | 672 ASSERT_TRUE(Connect()); |
673 } | 673 } |
674 | 674 |
675 // Create two channels with DTLS 1.2 / DTLS 1.0 and check ciphers. | 675 // Create two channels with DTLS 1.2 / DTLS 1.0 and check ciphers. |
676 TEST_F(DtlsTransportChannelTest, TestDtls12Client2) { | 676 TEST_F(DtlsTransportChannelTest, TestDtls12Client2) { |
677 MAYBE_SKIP_TEST(HaveDtls); | 677 MAYBE_SKIP_TEST(HaveDtls); |
678 SetChannelCount(2); | 678 SetChannelCount(2); |
679 PrepareDtls(true, true); | 679 PrepareDtls(true, true, rtc::KT_DEFAULT); |
680 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12); | 680 SetMaxProtocolVersions(rtc::SSL_PROTOCOL_DTLS_10, rtc::SSL_PROTOCOL_DTLS_12); |
681 ASSERT_TRUE(Connect()); | 681 ASSERT_TRUE(Connect()); |
682 } | 682 } |
683 | 683 |
684 // Connect with DTLS, negotiate DTLS-SRTP, and transfer SRTP using bypass. | 684 // Connect with DTLS, negotiate DTLS-SRTP, and transfer SRTP using bypass. |
685 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtp) { | 685 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtp) { |
686 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 686 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
687 PrepareDtls(true, true); | 687 PrepareDtls(true, true, rtc::KT_DEFAULT); |
688 PrepareDtlsSrtp(true, true); | 688 PrepareDtlsSrtp(true, true); |
689 ASSERT_TRUE(Connect()); | 689 ASSERT_TRUE(Connect()); |
690 TestTransfer(0, 1000, 100, true); | 690 TestTransfer(0, 1000, 100, true); |
691 } | 691 } |
692 | 692 |
693 // Connect with DTLS-SRTP, transfer an invalid SRTP packet, and expects -1 | 693 // Connect with DTLS-SRTP, transfer an invalid SRTP packet, and expects -1 |
694 // returned. | 694 // returned. |
695 TEST_F(DtlsTransportChannelTest, TestTransferDtlsInvalidSrtpPacket) { | 695 TEST_F(DtlsTransportChannelTest, TestTransferDtlsInvalidSrtpPacket) { |
696 MAYBE_SKIP_TEST(HaveDtls); | 696 MAYBE_SKIP_TEST(HaveDtls); |
697 PrepareDtls(true, true); | 697 PrepareDtls(true, true, rtc::KT_DEFAULT); |
698 PrepareDtlsSrtp(true, true); | 698 PrepareDtlsSrtp(true, true); |
699 ASSERT_TRUE(Connect()); | 699 ASSERT_TRUE(Connect()); |
700 int result = client1_.SendInvalidSrtpPacket(0, 100); | 700 int result = client1_.SendInvalidSrtpPacket(0, 100); |
701 ASSERT_EQ(-1, result); | 701 ASSERT_EQ(-1, result); |
702 } | 702 } |
703 | 703 |
704 // Connect with DTLS. A does DTLS-SRTP but B does not. | 704 // Connect with DTLS. A does DTLS-SRTP but B does not. |
705 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpRejected) { | 705 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpRejected) { |
706 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 706 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
707 PrepareDtls(true, true); | 707 PrepareDtls(true, true, rtc::KT_DEFAULT); |
708 PrepareDtlsSrtp(true, false); | 708 PrepareDtlsSrtp(true, false); |
709 ASSERT_TRUE(Connect()); | 709 ASSERT_TRUE(Connect()); |
710 } | 710 } |
711 | 711 |
712 // Connect with DTLS. B does DTLS-SRTP but A does not. | 712 // Connect with DTLS. B does DTLS-SRTP but A does not. |
713 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpNotOffered) { | 713 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpNotOffered) { |
714 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 714 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
715 PrepareDtls(true, true); | 715 PrepareDtls(true, true, rtc::KT_DEFAULT); |
716 PrepareDtlsSrtp(false, true); | 716 PrepareDtlsSrtp(false, true); |
717 ASSERT_TRUE(Connect()); | 717 ASSERT_TRUE(Connect()); |
718 } | 718 } |
719 | 719 |
720 // Create two channels with DTLS, negotiate DTLS-SRTP, and transfer bypass SRTP. | 720 // Create two channels with DTLS, negotiate DTLS-SRTP, and transfer bypass SRTP. |
721 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpTwoChannels) { | 721 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpTwoChannels) { |
722 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 722 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
723 SetChannelCount(2); | 723 SetChannelCount(2); |
724 PrepareDtls(true, true); | 724 PrepareDtls(true, true, rtc::KT_DEFAULT); |
725 PrepareDtlsSrtp(true, true); | 725 PrepareDtlsSrtp(true, true); |
726 ASSERT_TRUE(Connect()); | 726 ASSERT_TRUE(Connect()); |
727 TestTransfer(0, 1000, 100, true); | 727 TestTransfer(0, 1000, 100, true); |
728 TestTransfer(1, 1000, 100, true); | 728 TestTransfer(1, 1000, 100, true); |
729 } | 729 } |
730 | 730 |
731 // Create a single channel with DTLS, and send normal data and SRTP data on it. | 731 // Create a single channel with DTLS, and send normal data and SRTP data on it. |
732 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpDemux) { | 732 TEST_F(DtlsTransportChannelTest, TestTransferDtlsSrtpDemux) { |
733 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 733 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
734 PrepareDtls(true, true); | 734 PrepareDtls(true, true, rtc::KT_DEFAULT); |
735 PrepareDtlsSrtp(true, true); | 735 PrepareDtlsSrtp(true, true); |
736 ASSERT_TRUE(Connect()); | 736 ASSERT_TRUE(Connect()); |
737 TestTransfer(0, 1000, 100, false); | 737 TestTransfer(0, 1000, 100, false); |
738 TestTransfer(0, 1000, 100, true); | 738 TestTransfer(0, 1000, 100, true); |
739 } | 739 } |
740 | 740 |
741 // Testing when the remote is passive. | 741 // Testing when the remote is passive. |
742 TEST_F(DtlsTransportChannelTest, TestTransferDtlsAnswererIsPassive) { | 742 TEST_F(DtlsTransportChannelTest, TestTransferDtlsAnswererIsPassive) { |
743 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 743 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
744 SetChannelCount(2); | 744 SetChannelCount(2); |
745 PrepareDtls(true, true); | 745 PrepareDtls(true, true, rtc::KT_DEFAULT); |
746 PrepareDtlsSrtp(true, true); | 746 PrepareDtlsSrtp(true, true); |
747 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, | 747 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, |
748 cricket::CONNECTIONROLE_PASSIVE)); | 748 cricket::CONNECTIONROLE_PASSIVE)); |
749 TestTransfer(0, 1000, 100, true); | 749 TestTransfer(0, 1000, 100, true); |
750 TestTransfer(1, 1000, 100, true); | 750 TestTransfer(1, 1000, 100, true); |
751 } | 751 } |
752 | 752 |
753 // Testing with the legacy DTLS client which doesn't use setup attribute. | 753 // Testing with the legacy DTLS client which doesn't use setup attribute. |
754 // In this case legacy is the answerer. | 754 // In this case legacy is the answerer. |
755 TEST_F(DtlsTransportChannelTest, TestDtlsSetupWithLegacyAsAnswerer) { | 755 TEST_F(DtlsTransportChannelTest, TestDtlsSetupWithLegacyAsAnswerer) { |
756 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 756 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
757 PrepareDtls(true, true); | 757 PrepareDtls(true, true, rtc::KT_DEFAULT); |
758 NegotiateWithLegacy(); | 758 NegotiateWithLegacy(); |
759 rtc::SSLRole channel1_role; | 759 rtc::SSLRole channel1_role; |
760 rtc::SSLRole channel2_role; | 760 rtc::SSLRole channel2_role; |
761 EXPECT_TRUE(client1_.transport()->GetSslRole(&channel1_role)); | 761 EXPECT_TRUE(client1_.transport()->GetSslRole(&channel1_role)); |
762 EXPECT_TRUE(client2_.transport()->GetSslRole(&channel2_role)); | 762 EXPECT_TRUE(client2_.transport()->GetSslRole(&channel2_role)); |
763 EXPECT_EQ(rtc::SSL_SERVER, channel1_role); | 763 EXPECT_EQ(rtc::SSL_SERVER, channel1_role); |
764 EXPECT_EQ(rtc::SSL_CLIENT, channel2_role); | 764 EXPECT_EQ(rtc::SSL_CLIENT, channel2_role); |
765 } | 765 } |
766 | 766 |
767 // Testing re offer/answer after the session is estbalished. Roles will be | 767 // Testing re offer/answer after the session is estbalished. Roles will be |
768 // kept same as of the previous negotiation. | 768 // kept same as of the previous negotiation. |
769 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromOfferer) { | 769 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromOfferer) { |
770 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 770 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
771 SetChannelCount(2); | 771 SetChannelCount(2); |
772 PrepareDtls(true, true); | 772 PrepareDtls(true, true, rtc::KT_DEFAULT); |
773 PrepareDtlsSrtp(true, true); | 773 PrepareDtlsSrtp(true, true); |
774 // Initial role for client1 is ACTPASS and client2 is ACTIVE. | 774 // Initial role for client1 is ACTPASS and client2 is ACTIVE. |
775 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, | 775 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, |
776 cricket::CONNECTIONROLE_ACTIVE)); | 776 cricket::CONNECTIONROLE_ACTIVE)); |
777 TestTransfer(0, 1000, 100, true); | 777 TestTransfer(0, 1000, 100, true); |
778 TestTransfer(1, 1000, 100, true); | 778 TestTransfer(1, 1000, 100, true); |
779 // Using input roles for the re-offer. | 779 // Using input roles for the re-offer. |
780 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, | 780 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, |
781 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); | 781 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); |
782 TestTransfer(0, 1000, 100, true); | 782 TestTransfer(0, 1000, 100, true); |
783 TestTransfer(1, 1000, 100, true); | 783 TestTransfer(1, 1000, 100, true); |
784 } | 784 } |
785 | 785 |
786 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromAnswerer) { | 786 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferFromAnswerer) { |
787 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 787 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
788 SetChannelCount(2); | 788 SetChannelCount(2); |
789 PrepareDtls(true, true); | 789 PrepareDtls(true, true, rtc::KT_DEFAULT); |
790 PrepareDtlsSrtp(true, true); | 790 PrepareDtlsSrtp(true, true); |
791 // Initial role for client1 is ACTPASS and client2 is ACTIVE. | 791 // Initial role for client1 is ACTPASS and client2 is ACTIVE. |
792 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, | 792 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, |
793 cricket::CONNECTIONROLE_ACTIVE)); | 793 cricket::CONNECTIONROLE_ACTIVE)); |
794 TestTransfer(0, 1000, 100, true); | 794 TestTransfer(0, 1000, 100, true); |
795 TestTransfer(1, 1000, 100, true); | 795 TestTransfer(1, 1000, 100, true); |
796 // Using input roles for the re-offer. | 796 // Using input roles for the re-offer. |
797 Renegotiate(&client2_, cricket::CONNECTIONROLE_PASSIVE, | 797 Renegotiate(&client2_, cricket::CONNECTIONROLE_PASSIVE, |
798 cricket::CONNECTIONROLE_ACTPASS, NF_REOFFER); | 798 cricket::CONNECTIONROLE_ACTPASS, NF_REOFFER); |
799 TestTransfer(0, 1000, 100, true); | 799 TestTransfer(0, 1000, 100, true); |
800 TestTransfer(1, 1000, 100, true); | 800 TestTransfer(1, 1000, 100, true); |
801 } | 801 } |
802 | 802 |
803 // Test that any change in role after the intial setup will result in failure. | 803 // Test that any change in role after the intial setup will result in failure. |
804 TEST_F(DtlsTransportChannelTest, TestDtlsRoleReversal) { | 804 TEST_F(DtlsTransportChannelTest, TestDtlsRoleReversal) { |
805 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 805 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
806 SetChannelCount(2); | 806 SetChannelCount(2); |
807 PrepareDtls(true, true); | 807 PrepareDtls(true, true, rtc::KT_DEFAULT); |
808 PrepareDtlsSrtp(true, true); | 808 PrepareDtlsSrtp(true, true); |
809 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, | 809 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, |
810 cricket::CONNECTIONROLE_PASSIVE)); | 810 cricket::CONNECTIONROLE_PASSIVE)); |
811 | 811 |
812 // Renegotiate from client2 with actpass and client1 as active. | 812 // Renegotiate from client2 with actpass and client1 as active. |
813 Renegotiate(&client2_, cricket::CONNECTIONROLE_ACTPASS, | 813 Renegotiate(&client2_, cricket::CONNECTIONROLE_ACTPASS, |
814 cricket::CONNECTIONROLE_ACTIVE, | 814 cricket::CONNECTIONROLE_ACTIVE, |
815 NF_REOFFER | NF_EXPECT_FAILURE); | 815 NF_REOFFER | NF_EXPECT_FAILURE); |
816 } | 816 } |
817 | 817 |
818 // Test that using different setup attributes which results in similar ssl | 818 // Test that using different setup attributes which results in similar ssl |
819 // role as the initial negotiation will result in success. | 819 // role as the initial negotiation will result in success. |
820 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferWithDifferentSetupAttr) { | 820 TEST_F(DtlsTransportChannelTest, TestDtlsReOfferWithDifferentSetupAttr) { |
821 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 821 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
822 SetChannelCount(2); | 822 SetChannelCount(2); |
823 PrepareDtls(true, true); | 823 PrepareDtls(true, true, rtc::KT_DEFAULT); |
824 PrepareDtlsSrtp(true, true); | 824 PrepareDtlsSrtp(true, true); |
825 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, | 825 ASSERT_TRUE(Connect(cricket::CONNECTIONROLE_ACTPASS, |
826 cricket::CONNECTIONROLE_PASSIVE)); | 826 cricket::CONNECTIONROLE_PASSIVE)); |
827 // Renegotiate from client2 with actpass and client1 as active. | 827 // Renegotiate from client2 with actpass and client1 as active. |
828 Renegotiate(&client2_, cricket::CONNECTIONROLE_ACTIVE, | 828 Renegotiate(&client2_, cricket::CONNECTIONROLE_ACTIVE, |
829 cricket::CONNECTIONROLE_ACTPASS, NF_REOFFER); | 829 cricket::CONNECTIONROLE_ACTPASS, NF_REOFFER); |
830 TestTransfer(0, 1000, 100, true); | 830 TestTransfer(0, 1000, 100, true); |
831 TestTransfer(1, 1000, 100, true); | 831 TestTransfer(1, 1000, 100, true); |
832 } | 832 } |
833 | 833 |
834 // Test that re-negotiation can be started before the clients become connected | 834 // Test that re-negotiation can be started before the clients become connected |
835 // in the first negotiation. | 835 // in the first negotiation. |
836 TEST_F(DtlsTransportChannelTest, TestRenegotiateBeforeConnect) { | 836 TEST_F(DtlsTransportChannelTest, TestRenegotiateBeforeConnect) { |
837 MAYBE_SKIP_TEST(HaveDtlsSrtp); | 837 MAYBE_SKIP_TEST(HaveDtlsSrtp); |
838 SetChannelCount(2); | 838 SetChannelCount(2); |
839 PrepareDtls(true, true); | 839 PrepareDtls(true, true, rtc::KT_DEFAULT); |
840 PrepareDtlsSrtp(true, true); | 840 PrepareDtlsSrtp(true, true); |
841 Negotiate(); | 841 Negotiate(); |
842 | 842 |
843 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, | 843 Renegotiate(&client1_, cricket::CONNECTIONROLE_ACTPASS, |
844 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); | 844 cricket::CONNECTIONROLE_ACTIVE, NF_REOFFER); |
845 bool rv = client1_.Connect(&client2_); | 845 bool rv = client1_.Connect(&client2_); |
846 EXPECT_TRUE(rv); | 846 EXPECT_TRUE(rv); |
847 EXPECT_TRUE_WAIT(client1_.writable() && client2_.writable(), 10000); | 847 EXPECT_TRUE_WAIT(client1_.writable() && client2_.writable(), 10000); |
848 | 848 |
849 TestTransfer(0, 1000, 100, true); | 849 TestTransfer(0, 1000, 100, true); |
850 TestTransfer(1, 1000, 100, true); | 850 TestTransfer(1, 1000, 100, true); |
851 } | 851 } |
852 | 852 |
853 // Test Certificates state after negotiation but before connection. | 853 // Test Certificates state after negotiation but before connection. |
854 TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) { | 854 TEST_F(DtlsTransportChannelTest, TestCertificatesBeforeConnect) { |
855 MAYBE_SKIP_TEST(HaveDtls); | 855 MAYBE_SKIP_TEST(HaveDtls); |
856 PrepareDtls(true, true); | 856 PrepareDtls(true, true, rtc::KT_DEFAULT); |
857 Negotiate(); | 857 Negotiate(); |
858 | 858 |
859 rtc::scoped_ptr<rtc::SSLIdentity> identity1; | 859 rtc::scoped_ptr<rtc::SSLIdentity> identity1; |
860 rtc::scoped_ptr<rtc::SSLIdentity> identity2; | 860 rtc::scoped_ptr<rtc::SSLIdentity> identity2; |
861 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; | 861 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; |
862 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; | 862 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; |
863 | 863 |
864 // After negotiation, each side has a distinct local certificate, but still no | 864 // After negotiation, each side has a distinct local certificate, but still no |
865 // remote certificate, because connection has not yet occurred. | 865 // remote certificate, because connection has not yet occurred. |
866 ASSERT_TRUE(client1_.transport()->GetIdentity(identity1.accept())); | 866 ASSERT_TRUE(client1_.transport()->GetIdentity(identity1.accept())); |
867 ASSERT_TRUE(client2_.transport()->GetIdentity(identity2.accept())); | 867 ASSERT_TRUE(client2_.transport()->GetIdentity(identity2.accept())); |
868 ASSERT_NE(identity1->certificate().ToPEMString(), | 868 ASSERT_NE(identity1->certificate().ToPEMString(), |
869 identity2->certificate().ToPEMString()); | 869 identity2->certificate().ToPEMString()); |
870 ASSERT_FALSE( | 870 ASSERT_FALSE( |
871 client1_.transport()->GetRemoteCertificate(remote_cert1.accept())); | 871 client1_.transport()->GetRemoteCertificate(remote_cert1.accept())); |
872 ASSERT_FALSE(remote_cert1 != NULL); | 872 ASSERT_FALSE(remote_cert1 != NULL); |
873 ASSERT_FALSE( | 873 ASSERT_FALSE( |
874 client2_.transport()->GetRemoteCertificate(remote_cert2.accept())); | 874 client2_.transport()->GetRemoteCertificate(remote_cert2.accept())); |
875 ASSERT_FALSE(remote_cert2 != NULL); | 875 ASSERT_FALSE(remote_cert2 != NULL); |
876 } | 876 } |
877 | 877 |
878 // Test Certificates state after connection. | 878 // Test Certificates state after connection. |
879 TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { | 879 TEST_F(DtlsTransportChannelTest, TestCertificatesAfterConnect) { |
880 MAYBE_SKIP_TEST(HaveDtls); | 880 MAYBE_SKIP_TEST(HaveDtls); |
881 PrepareDtls(true, true); | 881 PrepareDtls(true, true, rtc::KT_DEFAULT); |
882 ASSERT_TRUE(Connect()); | 882 ASSERT_TRUE(Connect()); |
883 | 883 |
884 rtc::scoped_ptr<rtc::SSLIdentity> identity1; | 884 rtc::scoped_ptr<rtc::SSLIdentity> identity1; |
885 rtc::scoped_ptr<rtc::SSLIdentity> identity2; | 885 rtc::scoped_ptr<rtc::SSLIdentity> identity2; |
886 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; | 886 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert1; |
887 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; | 887 rtc::scoped_ptr<rtc::SSLCertificate> remote_cert2; |
888 | 888 |
889 // After connection, each side has a distinct local certificate. | 889 // After connection, each side has a distinct local certificate. |
890 ASSERT_TRUE(client1_.transport()->GetIdentity(identity1.accept())); | 890 ASSERT_TRUE(client1_.transport()->GetIdentity(identity1.accept())); |
891 ASSERT_TRUE(client2_.transport()->GetIdentity(identity2.accept())); | 891 ASSERT_TRUE(client2_.transport()->GetIdentity(identity2.accept())); |
892 ASSERT_NE(identity1->certificate().ToPEMString(), | 892 ASSERT_NE(identity1->certificate().ToPEMString(), |
893 identity2->certificate().ToPEMString()); | 893 identity2->certificate().ToPEMString()); |
894 | 894 |
895 // Each side's remote certificate is the other side's local certificate. | 895 // Each side's remote certificate is the other side's local certificate. |
896 ASSERT_TRUE( | 896 ASSERT_TRUE( |
897 client1_.transport()->GetRemoteCertificate(remote_cert1.accept())); | 897 client1_.transport()->GetRemoteCertificate(remote_cert1.accept())); |
898 ASSERT_EQ(remote_cert1->ToPEMString(), | 898 ASSERT_EQ(remote_cert1->ToPEMString(), |
899 identity2->certificate().ToPEMString()); | 899 identity2->certificate().ToPEMString()); |
900 ASSERT_TRUE( | 900 ASSERT_TRUE( |
901 client2_.transport()->GetRemoteCertificate(remote_cert2.accept())); | 901 client2_.transport()->GetRemoteCertificate(remote_cert2.accept())); |
902 ASSERT_EQ(remote_cert2->ToPEMString(), | 902 ASSERT_EQ(remote_cert2->ToPEMString(), |
903 identity1->certificate().ToPEMString()); | 903 identity1->certificate().ToPEMString()); |
904 } | 904 } |
OLD | NEW |