aboutsummaryrefslogtreecommitdiff
path: root/webrtc/base/opensslidentity.cc
diff options
context:
space:
mode:
authorChih-hung Hsieh <chh@google.com>2016-01-20 17:50:13 +0000
committerandroid-build-merger <android-build-merger@google.com>2016-01-20 17:50:13 +0000
commitb3cb8ab4ede8bb77f0bdef2715efc2c1e6267072 (patch)
tree28c4cf735dd5bd9cc8f1ccd06fff8a173b20d1cb /webrtc/base/opensslidentity.cc
parenta4acd9d6bc9b3b033d7d274316e75ee067df8d20 (diff)
parent9a337512d97e37afc142dee4fd50a41b741a87d2 (diff)
downloadwebrtc-b3cb8ab4ede8bb77f0bdef2715efc2c1e6267072.tar.gz
Merge "Merge upstream SHA 04cb763"android-cts_7.1_r1android-cts-7.1_r9android-cts-7.1_r8android-cts-7.1_r7android-cts-7.1_r6android-cts-7.1_r5android-cts-7.1_r4android-cts-7.1_r3android-cts-7.1_r29android-cts-7.1_r28android-cts-7.1_r27android-cts-7.1_r26android-cts-7.1_r25android-cts-7.1_r24android-cts-7.1_r23android-cts-7.1_r22android-cts-7.1_r21android-cts-7.1_r20android-cts-7.1_r2android-cts-7.1_r19android-cts-7.1_r18android-cts-7.1_r17android-cts-7.1_r16android-cts-7.1_r15android-cts-7.1_r14android-cts-7.1_r13android-cts-7.1_r12android-cts-7.1_r11android-cts-7.1_r10android-cts-7.1_r1android-cts-7.0_r9android-cts-7.0_r8android-cts-7.0_r7android-cts-7.0_r6android-cts-7.0_r5android-cts-7.0_r4android-cts-7.0_r33android-cts-7.0_r32android-cts-7.0_r31android-cts-7.0_r30android-cts-7.0_r3android-cts-7.0_r29android-cts-7.0_r28android-cts-7.0_r27android-cts-7.0_r26android-cts-7.0_r25android-cts-7.0_r24android-cts-7.0_r23android-cts-7.0_r22android-cts-7.0_r21android-cts-7.0_r20android-cts-7.0_r2android-cts-7.0_r19android-cts-7.0_r18android-cts-7.0_r17android-cts-7.0_r16android-cts-7.0_r15android-cts-7.0_r14android-cts-7.0_r13android-cts-7.0_r12android-cts-7.0_r11android-cts-7.0_r10android-cts-7.0_r1android-7.1.2_r9android-7.1.2_r8android-7.1.2_r6android-7.1.2_r5android-7.1.2_r4android-7.1.2_r39android-7.1.2_r38android-7.1.2_r37android-7.1.2_r36android-7.1.2_r33android-7.1.2_r32android-7.1.2_r30android-7.1.2_r3android-7.1.2_r29android-7.1.2_r28android-7.1.2_r27android-7.1.2_r25android-7.1.2_r24android-7.1.2_r23android-7.1.2_r2android-7.1.2_r19android-7.1.2_r18android-7.1.2_r17android-7.1.2_r16android-7.1.2_r15android-7.1.2_r14android-7.1.2_r13android-7.1.2_r12android-7.1.2_r11android-7.1.2_r10android-7.1.2_r1android-7.1.1_r9android-7.1.1_r8android-7.1.1_r7android-7.1.1_r61android-7.1.1_r60android-7.1.1_r6android-7.1.1_r59android-7.1.1_r58android-7.1.1_r57android-7.1.1_r56android-7.1.1_r55android-7.1.1_r54android-7.1.1_r53android-7.1.1_r52android-7.1.1_r51android-7.1.1_r50android-7.1.1_r49android-7.1.1_r48android-7.1.1_r47android-7.1.1_r46android-7.1.1_r45android-7.1.1_r44android-7.1.1_r43android-7.1.1_r42android-7.1.1_r41android-7.1.1_r40android-7.1.1_r4android-7.1.1_r39android-7.1.1_r38android-7.1.1_r35android-7.1.1_r33android-7.1.1_r32android-7.1.1_r31android-7.1.1_r3android-7.1.1_r28android-7.1.1_r27android-7.1.1_r26android-7.1.1_r25android-7.1.1_r24android-7.1.1_r23android-7.1.1_r22android-7.1.1_r21android-7.1.1_r20android-7.1.1_r2android-7.1.1_r17android-7.1.1_r16android-7.1.1_r15android-7.1.1_r14android-7.1.1_r13android-7.1.1_r12android-7.1.1_r11android-7.1.1_r10android-7.1.1_r1android-7.1.0_r7android-7.1.0_r6android-7.1.0_r5android-7.1.0_r4android-7.1.0_r3android-7.1.0_r2android-7.1.0_r1android-7.0.0_r9android-7.0.0_r8android-7.0.0_r7android-7.0.0_r6android-7.0.0_r5android-7.0.0_r4android-7.0.0_r36android-7.0.0_r35android-7.0.0_r34android-7.0.0_r33android-7.0.0_r32android-7.0.0_r31android-7.0.0_r30android-7.0.0_r3android-7.0.0_r29android-7.0.0_r28android-7.0.0_r27android-7.0.0_r24android-7.0.0_r21android-7.0.0_r19android-7.0.0_r17android-7.0.0_r15android-7.0.0_r14android-7.0.0_r13android-7.0.0_r12android-7.0.0_r11android-7.0.0_r10android-7.0.0_r1nougat-releasenougat-mr2.3-releasenougat-mr2.2-releasenougat-mr2.1-releasenougat-mr2-security-releasenougat-mr2-releasenougat-mr2-pixel-releasenougat-mr2-devnougat-mr1.8-releasenougat-mr1.7-releasenougat-mr1.6-releasenougat-mr1.5-releasenougat-mr1.4-releasenougat-mr1.3-releasenougat-mr1.2-releasenougat-mr1.1-releasenougat-mr1-volantis-releasenougat-mr1-security-releasenougat-mr1-releasenougat-mr1-flounder-releasenougat-mr1-devnougat-mr1-cts-releasenougat-mr0.5-releasenougat-dr1-releasenougat-devnougat-cts-releasenougat-bugfix-release
am: 9a337512d9 * commit '9a337512d97e37afc142dee4fd50a41b741a87d2': (797 commits) Add tests for verifying transport feedback for audio and video. Eliminate defines in talk/ Revert of Update with new default boringssl no-aes cipher suites. Re-enable tests. (patchset #3 id:40001 of https://codereview.webrtc.org/1550773002/ ) Remove assert which was incorrectly added to TcpPort::OnSentPacket. Reland Connect TurnPort and TCPPort to AsyncPacketSocket::SignalSentPacket. Update with new default boringssl no-aes cipher suites. Re-enable tests. Revert of Connect TurnPort and TCPPort to AsyncPacketSocket::SignalSentPacket. (patchset #3 id:40001 of https://codereview.webrtc.org/1577873003/ ) Re-land: "Use an explicit identifier in Config" Connect TurnPort and TCPPort to AsyncPacketSocket::SignalSentPacket. Revert of Delete remnants of non-square pixel support from cricket::VideoFrame. (patchset #1 id:1 of https://codereview.webrtc.org/1586613002/ ) Remove libfuzzer trybot from default trybot set. Add ramp-up tests for transport sequence number with and w/o audio. Delete remnants of non-square pixel support from cricket::VideoFrame. Fix IPAddress::ToSensitiveString() to avoid dependency on inet_ntop(). Revert of Storing raw audio sink for default audio track. (patchset #7 id:120001 of https://codereview.chromium.org/1551813002/ ) Re-enable tests that failed under Linux_Msan. Revert of Use an explicit identifier in Config (patchset #4 id:60001 of https://codereview.webrtc.org/1538643004/ ) Roll chromium_revision 346fea9..099be58 (369082:369139) Disable WebRtcVideoChannel2BaseTest.SendManyResizeOnce for TSan Add build_protobuf variable. ...
Diffstat (limited to 'webrtc/base/opensslidentity.cc')
-rw-r--r--webrtc/base/opensslidentity.cc30
1 files changed, 24 insertions, 6 deletions
diff --git a/webrtc/base/opensslidentity.cc b/webrtc/base/opensslidentity.cc
index feda6744f0..7185571102 100644
--- a/webrtc/base/opensslidentity.cc
+++ b/webrtc/base/opensslidentity.cc
@@ -96,6 +96,7 @@ static X509* MakeCertificate(EVP_PKEY* pkey, const SSLIdentityParams& params) {
X509* x509 = NULL;
BIGNUM* serial_number = NULL;
X509_NAME* name = NULL;
+ time_t epoch_off = 0; // Time offset since epoch.
if ((x509=X509_new()) == NULL)
goto error;
@@ -130,8 +131,8 @@ static X509* MakeCertificate(EVP_PKEY* pkey, const SSLIdentityParams& params) {
!X509_set_issuer_name(x509, name))
goto error;
- if (!X509_gmtime_adj(X509_get_notBefore(x509), params.not_before) ||
- !X509_gmtime_adj(X509_get_notAfter(x509), params.not_after))
+ if (!X509_time_adj(X509_get_notBefore(x509), params.not_before, &epoch_off) ||
+ !X509_time_adj(X509_get_notAfter(x509), params.not_after, &epoch_off))
goto error;
if (!X509_sign(x509, pkey, EVP_sha256()))
@@ -186,7 +187,7 @@ void OpenSSLKeyPair::AddReference() {
#endif
}
-#ifdef _DEBUG
+#if !defined(NDEBUG)
// Print a certificate to the log, for debugging.
static void PrintCert(X509* x509) {
BIO* temp_memory_bio = BIO_new(BIO_s_mem());
@@ -215,7 +216,7 @@ OpenSSLCertificate* OpenSSLCertificate::Generate(
LogSSLErrors("Generating certificate");
return NULL;
}
-#ifdef _DEBUG
+#if !defined(NDEBUG)
PrintCert(x509);
#endif
OpenSSLCertificate* ret = new OpenSSLCertificate(x509);
@@ -373,6 +374,22 @@ void OpenSSLCertificate::AddReference() const {
#endif
}
+// Documented in sslidentity.h.
+int64_t OpenSSLCertificate::CertificateExpirationTime() const {
+ ASN1_TIME* expire_time = X509_get_notAfter(x509_);
+ bool long_format;
+
+ if (expire_time->type == V_ASN1_UTCTIME) {
+ long_format = false;
+ } else if (expire_time->type == V_ASN1_GENERALIZEDTIME) {
+ long_format = true;
+ } else {
+ return -1;
+ }
+
+ return ASN1TimeToSec(expire_time->data, expire_time->length, long_format);
+}
+
OpenSSLIdentity::OpenSSLIdentity(OpenSSLKeyPair* key_pair,
OpenSSLCertificate* certificate)
: key_pair_(key_pair), certificate_(certificate) {
@@ -401,8 +418,9 @@ OpenSSLIdentity* OpenSSLIdentity::Generate(const std::string& common_name,
SSLIdentityParams params;
params.key_params = key_params;
params.common_name = common_name;
- params.not_before = CERTIFICATE_WINDOW;
- params.not_after = CERTIFICATE_LIFETIME;
+ time_t now = time(NULL);
+ params.not_before = now + CERTIFICATE_WINDOW;
+ params.not_after = now + CERTIFICATE_LIFETIME;
return GenerateInternal(params);
}