diff --git a/3rdpart/ZLToolKit b/3rdpart/ZLToolKit index 273592b6..3fd2b856 160000 --- a/3rdpart/ZLToolKit +++ b/3rdpart/ZLToolKit @@ -1 +1 @@ -Subproject commit 273592b6ba39babe6407021ffc089bfe7328e447 +Subproject commit 3fd2b856b6856dd679a32c673431561c0affdd0c diff --git a/webrtc/DtlsTransport.cpp b/webrtc/DtlsTransport.cpp index 66183f8e..5ae4f4b0 100644 --- a/webrtc/DtlsTransport.cpp +++ b/webrtc/DtlsTransport.cpp @@ -29,6 +29,8 @@ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. #include // std::sprintf(), std::fopen() #include // std::memcpy(), std::strcmp() #include "Util/util.h" +#include "Util/SSLBox.h" +#include "Util/SSLUtil.h" using namespace std; @@ -129,16 +131,10 @@ namespace RTC MS_TRACE(); // Generate a X509 certificate and private key (unless PEM files are provided). - if (true /* - Settings::configuration.dtlsCertificateFile.empty() || - Settings::configuration.dtlsPrivateKeyFile.empty()*/) - { + auto ssl = toolkit::SSL_Initor::Instance().getSSLCtx("", true); + if (!ssl || !ReadCertificateAndPrivateKeyFromContext(ssl.get())) { GenerateCertificateAndPrivateKey(); } - else - { - ReadCertificateAndPrivateKeyFromFiles(); - } // Create a global SSL_CTX. CreateSslCtx(); @@ -297,59 +293,22 @@ namespace RTC MS_THROW_ERROR("DTLS certificate and private key generation failed"); } - void DtlsTransport::DtlsEnvironment::ReadCertificateAndPrivateKeyFromFiles() + bool DtlsTransport::DtlsEnvironment::ReadCertificateAndPrivateKeyFromContext(SSL_CTX *ctx) { -#if 0 MS_TRACE(); - - FILE* file{ nullptr }; - - file = fopen(Settings::configuration.dtlsCertificateFile.c_str(), "r"); - - if (!file) - { - MS_ERROR("error reading DTLS certificate file: %s", std::strerror(errno)); - - goto error; + certificate = SSL_CTX_get0_certificate(ctx); + if (!certificate) { + return false; } + X509_up_ref(certificate); - certificate = PEM_read_X509(file, nullptr, nullptr, nullptr); - - if (!certificate) - { - LOG_OPENSSL_ERROR("PEM_read_X509() failed"); - - goto error; + privateKey = SSL_CTX_get0_privatekey(ctx); + if (!privateKey) { + return false; } - - fclose(file); - - file = fopen(Settings::configuration.dtlsPrivateKeyFile.c_str(), "r"); - - if (!file) - { - MS_ERROR("error reading DTLS private key file: %s", std::strerror(errno)); - - goto error; - } - - privateKey = PEM_read_PrivateKey(file, nullptr, nullptr, nullptr); - - if (!privateKey) - { - LOG_OPENSSL_ERROR("PEM_read_PrivateKey() failed"); - - goto error; - } - - fclose(file); - - return; - - error: - - MS_THROW_ERROR("error reading DTLS certificate and private key PEM files"); -#endif + EVP_PKEY_up_ref(privateKey); + InfoL << "Load webrtc dtls certificate: " << toolkit::SSLUtil::getServerName(certificate); + return true; } void DtlsTransport::DtlsEnvironment::CreateSslCtx() diff --git a/webrtc/DtlsTransport.hpp b/webrtc/DtlsTransport.hpp index bf57d01d..53a1981d 100644 --- a/webrtc/DtlsTransport.hpp +++ b/webrtc/DtlsTransport.hpp @@ -88,7 +88,7 @@ namespace RTC private: DtlsEnvironment(); void GenerateCertificateAndPrivateKey(); - void ReadCertificateAndPrivateKeyFromFiles(); + bool ReadCertificateAndPrivateKeyFromContext(SSL_CTX *ctx); void CreateSslCtx(); void GenerateFingerprints(); diff --git a/webrtc/WebRtcTransport.cpp b/webrtc/WebRtcTransport.cpp index 4ec13e6f..9ac6251f 100644 --- a/webrtc/WebRtcTransport.cpp +++ b/webrtc/WebRtcTransport.cpp @@ -251,7 +251,7 @@ void WebRtcTransport::sendSockData(const char *buf, size_t len, RTC::TransportTu } Session::Ptr WebRtcTransport::getSession() const { - auto tuple = _ice_server->GetSelectedTuple(true); + auto tuple = _ice_server ? _ice_server->GetSelectedTuple(true) : nullptr; return tuple ? static_pointer_cast(tuple->shared_from_this()) : nullptr; }