af1f8655b2cb69af382396ea642eb0a2bf04bb4d - platform/external/webrtc

commit	af1f8655b2cb69af382396ea642eb0a2bf04bb4d	[log] [tgz]
author	Benjamin Wright <benwright@webrtc.org>	Mon Apr 01 18:25:23 2019 +0000
committer	Commit Bot <commit-bot@chromium.org>	Mon Apr 01 19:11:07 2019 +0000
tree	2d10c663ca022d9a8a152740289c2fa44241cf43
parent	ae4b62318dbad797c2ca0a4f71aa5e65a2445a4e [diff]

Revert "Disable DTLS 1.0, TLS 1.0 and TLS 1.1 downgrade in WebRTC."

This reverts commit 7276b974b78ea4f409d8738b1b6f1515f7a8968e.

Reason for revert: Changing to a later Chrome release.

Original change's description:
> Disable DTLS 1.0, TLS 1.0 and TLS 1.1 downgrade in WebRTC.
>
> This change disables DTLS 1.0, TLS 1.0 and TLS 1.1 in WebRTC by default. This
> is part of a larger effort at Google to remove old TLS protocols:
> https://security.googleblog.com/2018/10/modernizing-transport-security.html
>
> For the M74 timeline I have added a disabled by default field trial
> WebRTC-LegacyTlsProtocols which can be enabled to support these cipher suites
> as consumers move away from these legacy cipher protocols but it will be off
> in Chrome.
>
> This is compliant with the webrtc-security-arch specification which states:
>
>    All Implementations MUST implement DTLS 1.2 with the
>    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite and the P-256
>    curve [FIPS186].  Earlier drafts of this specification required DTLS
>    1.0 with the cipher suite TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, and
>    at the time of this writing some implementations do not support DTLS
>    1.2; endpoints which support only DTLS 1.2 might encounter
>    interoperability issues.  The DTLS-SRTP protection profile
>    SRTP_AES128_CM_HMAC_SHA1_80 MUST be supported for SRTP.
>    Implementations MUST favor cipher suites which support (Perfect
>    Forward Secrecy) PFS over non-PFS cipher suites and SHOULD favor AEAD
>    over non-AEAD cipher suites.
>
> Bug: webrtc:10261
> Change-Id: I847c567592911cc437f095376ad67585b4355fc0
> Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/125141
> Commit-Queue: Benjamin Wright <benwright@webrtc.org>
> Reviewed-by: David Benjamin <davidben@webrtc.org>
> Reviewed-by: Qingsi Wang <qingsi@webrtc.org>
> Cr-Commit-Position: refs/heads/master@{#27006}

TBR=steveanton@webrtc.org,davidben@webrtc.org,qingsi@webrtc.org,benwright@webrtc.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: webrtc:10261
Change-Id: I34727e65c069e1fb2ad71838828ad0a22b5fe811
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/130367
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Benjamin Wright <benwright@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#27403}

5 files changed

tree: 2d10c663ca022d9a8a152740289c2fa44241cf43

README.md

WebRTC is a free, open software project that provides browsers and mobile applications with Real-Time Communications (RTC) capabilities via simple APIs. The WebRTC components have been optimized to best serve this purpose.

Our mission: To enable rich, high-quality RTC applications to be developed for the browser, mobile platforms, and IoT devices, and allow them all to communicate via a common set of protocols.

The WebRTC initiative is a project supported by Google, Mozilla and Opera, amongst others.

Development

See http://www.webrtc.org/native-code/development for instructions on how to get started developing with the native code.

Authoritative list of directories that contain the native API header files.

More info

Official web site: http://www.webrtc.org
Master source code repo: https://webrtc.googlesource.com/src
Samples and reference apps: https://github.com/webrtc
Mailing list: http://groups.google.com/group/discuss-webrtc
Continuous build: http://build.chromium.org/p/client.webrtc
Coding style guide
Code of conduct