commit 58271c37d7593914ad7b4477cabbce69cd6adcd4
author tkchin@webrtc.org <tkchin@webrtc.org@4adac7df-926f-26a2-2b94-8c16560cd09d> Thu Aug 07 20:39:08 2014 +0000
committer tkchin@webrtc.org <tkchin@webrtc.org@4adac7df-926f-26a2-2b94-8c16560cd09d> Thu Aug 07 20:39:08 2014 +0000
tree c927e6ad850c59aa3cb0ab4bc6f9b43d858e26e5
parent 39e16e7b9314d7efb1ce30fd705bee17acdd86aa

Support for TURN/TLS.

Wrap the socket in an SSL adapter, then simply call StartSSL() on the
SSLAdapter instance.

Cloned from: https://webrtc-codereview.appspot.com/21799004/

R=juberti@chromium.org, juberti@webrtc.org
BUG=

Review URL: https://webrtc-codereview.appspot.com/14059004

Patch from Manish Jethani <manish.jethani@gmail.com>.

git-svn-id: http://webrtc.googlecode.com/svn/trunk/talk@6852 4adac7df-926f-26a2-2b94-8c16560cd09d

p2p/base/basicpacketsocketfactory.cc

diff --git a/p2p/base/basicpacketsocketfactory.cc b/p2p/base/basicpacketsocketfactory.cc
index 75a7055..b3575c0 100644
--- a/p2p/base/basicpacketsocketfactory.cc
+++ b/p2p/base/basicpacketsocketfactory.cc
@@ -34,6 +34,7 @@
 #include "webrtc/base/physicalsocketserver.h"
 #include "webrtc/base/scoped_ptr.h"
 #include "webrtc/base/socketadapters.h"
+#include "webrtc/base/ssladapter.h"
 #include "webrtc/base/thread.h"
 #include "talk/p2p/base/asyncstuntcpsocket.h"
 #include "talk/p2p/base/stun.h"
@@ -120,12 +121,6 @@
     const SocketAddress& local_address, const SocketAddress& remote_address,
     const ProxyInfo& proxy_info, const std::string& user_agent, int opts) {
 
-  // Fail if TLS is required.
-  if (opts & PacketSocketFactory::OPT_TLS) {
-    LOG(LS_ERROR) << "TLS support currently is not available.";
-    return NULL;
-  }
-
   rtc::AsyncSocket* socket =
       socket_factory()->CreateAsyncSocket(local_address.family(), SOCK_STREAM);
   if (!socket) {
@@ -149,8 +144,24 @@
         proxy_info.username, proxy_info.password);
   }
 
+  // If using TLS, wrap the socket in an SSL adapter.
+  if (opts & PacketSocketFactory::OPT_TLS) {
+    ASSERT(!(opts & PacketSocketFactory::OPT_SSLTCP));
+
+    rtc::SSLAdapter* ssl_adapter = rtc::SSLAdapter::Create(socket);
+    if (!ssl_adapter) {
+      return NULL;
+    }
+
+    socket = ssl_adapter;
+
+    if (ssl_adapter->StartSSL(remote_address.hostname().c_str(), false) != 0) {
+      delete ssl_adapter;
+      return NULL;
+    }
+
   // If using SSLTCP, wrap the TCP socket in a pseudo-SSL socket.
-  if (opts & PacketSocketFactory::OPT_SSLTCP) {
+  } else if (opts & PacketSocketFactory::OPT_SSLTCP) {
     ASSERT(!(opts & PacketSocketFactory::OPT_TLS));
     socket = new rtc::AsyncSSLSocket(socket);
   }