Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / webrtc / 042041bf9585f92e962387c59ca805f1218338f9
commit042041bf9585f92e962387c59ca805f1218338f9[log] [tgz]
authorTaylor Brandstetter <deadbeef@webrtc.org>Mon Sep 19 16:02:23 2016 -0700
committerTaylor Brandstetter <deadbeef@webrtc.org>Mon Sep 19 23:02:35 2016 +0000
treed0eb2a7852088bef3a1efb6cece62295d5628ffe
parente9cac751396d140e968192e763f540bd917cb551 [diff]
Allow the DTLS fingerprint verification to occur after the handshake.

This means the DTLS handshake can make progress while the SDP answer
containing the fingerprint is still in transit. If the signaling path
if significantly slower than the media path, this can have a moderate
impact on call setup time.

Of course, until the fingerprint is verified no media can be sent. Any
attempted write will result in SR_BLOCK.

This essentially fulfills the requirements of RFC 4572, Section 6.2:

   Note that when the offer/answer model is being used, it is possible
   for a media connection to outrace the answer back to the offerer.
   Thus, if the offerer has offered a 'setup:passive' or 'setup:actpass'
   role, it MUST (as specified in RFC 4145 [2]) begin listening for an
   incoming connection as soon as it sends its offer.  However, it MUST
   NOT assume that the data transmitted over the TLS connection is valid
   until it has received a matching fingerprint in an SDP answer.  If
   the fingerprint, once it arrives, does not match the client's
   certificate, the server endpoint MUST terminate the media connection
   with a bad_certificate error, as stated in the previous paragraph.

BUG=webrtc:6387
R=mattdr@webrtc.org, pthatcher@webrtc.org

Review URL: https://codereview.webrtc.org/2163683003 .

Cr-Commit-Position: refs/heads/master@{#14296}
8 files changed
tree: d0eb2a7852088bef3a1efb6cece62295d5628ffe
  1. build_overrides/
  2. chromium/
  3. data/
  4. infra/
  5. resources/
  6. third_party/
  7. tools/
  8. webrtc/
  9. .clang-format
  10. .gitignore
  11. .gn
  12. all.gyp
  13. AUTHORS
  14. BUILD.gn
  15. check_root_dir.py
  16. codereview.settings
  17. DEPS
  18. LICENSE
  19. license_template.txt
  20. LICENSE_THIRD_PARTY
  21. OWNERS
  22. PATENTS
  23. PRESUBMIT.py
  24. pylintrc
  25. README.md
  26. setup_links.py
  27. sync_chromium.py
  28. WATCHLISTS
README.md

WebRTC is a free, open software project that provides browsers and mobile applications with Real-Time Communications (RTC) capabilities via simple APIs. The WebRTC components have been optimized to best serve this purpose.

Our mission: To enable rich, high-quality RTC applications to be developed for the browser, mobile platforms, and IoT devices, and allow them all to communicate via a common set of protocols.

The WebRTC initiative is a project supported by Google, Mozilla and Opera, amongst others. This page is maintained by the Google Chrome team.

Development

See http://www.webrtc.org/native-code/development for instructions on how to get started developing with the native code.

More info