Replaces staging provisioning server url with production server url

The default provisioning server url now points to the production server. Also switches to the real field provisioning system ID that works only on the production servers, and updates the unit tests to work properly with the prod servers. Bug: 8724358 Merge of: https://widevine-internal-review.googlesource.com/#/c/5270/ https://widevine-internal-review.googlesource.com/#/c/5550/ https://widevine-internal-review.googlesource.com/#/c/5321/ https://widevine-internal-review.googlesource.com/#/c/5501/ from the Widevine CDM repository Change-Id: Iff1d7349c6a84bf30c6cdd534933ae747d5cff55
2013-05-09 12:18:38 -07:00
parent 10a55612d0
commit 4cf8594a87
10 changed files with 216 additions and 84 deletions
--- a/libwvdrmengine/cdm/core/test/http_socket.cpp
+++ b/libwvdrmengine/cdm/core/test/http_socket.cpp
@@ -5,13 +5,60 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <netdb.h>
+#include "openssl/bio.h"
+#include "openssl/err.h"
+#include "openssl/x509.h"
 #include <string.h>
 #include <sys/socket.h>

 #include "log.h"
 namespace wvcdm {

-HttpSocket::HttpSocket() : socket_fd_(-1), timeout_enabled_(false) {}
+SSL_CTX* HttpSocket::InitSslContext(void) {
+  const SSL_METHOD* method;
+  SSL_CTX* ctx;
+
+  OpenSSL_add_all_algorithms();
+  SSL_load_error_strings();
+  method = SSLv3_client_method();
+  ctx = SSL_CTX_new(method);
+  if (NULL == ctx)
+  {
+    LOGE("failed to create SSL context");
+  }
+  return ctx;
+}
+
+void HttpSocket::ShowServerCertificate(const SSL* ssl) {
+  X509* cert;
+  char* line;
+
+  // gets the server certificate
+  cert = SSL_get_peer_certificate(ssl);
+  if (cert != NULL)
+  {
+    LOGV("server certificate:");
+    line = X509_NAME_oneline(X509_get_subject_name(cert), 0, 0);
+    LOGV("subject: %s", line);
+    free(line);
+    line = X509_NAME_oneline(X509_get_issuer_name(cert), 0, 0);
+    LOGV("issuer: %s", line);
+    free(line);
+    X509_free(cert);
+  }
+  else
+    LOGE("Failed to get server certificate");
+}
+
+HttpSocket::HttpSocket() :
+    secure_connect_(true),
+    socket_fd_(-1),
+    ssl_(NULL),
+    ssl_ctx_(NULL),
+    timeout_enabled_(false) {
+
+  SSL_library_init();
+}

 HttpSocket::~HttpSocket()
 {
@@ -24,6 +71,16 @@ void HttpSocket::CloseSocket()
      close(socket_fd_);
      socket_fd_ = -1;
  }
+  if (secure_connect_) {
+    if (ssl_) {
+      SSL_free(ssl_);
+      ssl_ = NULL;
+    }
+    if (ssl_ctx_) {
+      CloseSslContext(ssl_ctx_);
+      ssl_ctx_ = NULL;
+    }
+  }
 }

 // Extracts the domain name and resource path from the input url parameter.
@@ -65,6 +122,10 @@ void HttpSocket::GetDomainNameAndPathFromUrl(const std::string& url,

 bool HttpSocket::Connect(const char* url, const std::string& port, bool enable_timeout)
 {
+  secure_connect_ = (strstr(url, "https") != NULL) ? true : false;
+  if (secure_connect_)
+    ssl_ctx_ = InitSslContext();
+
  GetDomainNameAndPathFromUrl(url, domain_name_, resource_path_);

  socket_fd_ = socket(AF_INET, SOCK_STREAM, 0);
@@ -102,6 +163,26 @@ bool HttpSocket::Connect(const char* url, const std::string& port, bool enable_t
  if (addr_info != NULL) {
    freeaddrinfo(addr_info);
  }
+
+  // secures connection
+  if (secure_connect_ && ssl_ctx_) {
+    ssl_ = SSL_new(ssl_ctx_);
+    if (ssl_) {
+      BIO* a_bio = BIO_new_socket(socket_fd_, BIO_NOCLOSE);
+      if (a_bio) {
+        SSL_set_bio(ssl_, a_bio, a_bio);
+        int ret = SSL_connect(ssl_);
+        if (1 != ret) {
+          char buf[256];
+          LOGE("SSL_connect error:%s", ERR_error_string(ERR_get_error(), buf));
+        }
+      } else {
+        LOGE("BIO_new_socket error");
+      }
+    } else {
+      LOGE("failed SSL_new");
+    }
+  }
  return status;
 }

@@ -148,7 +229,11 @@ int HttpSocket::Read(char* data, int len, int timeout_in_ms)
      }
    }

-    read = recv(socket_fd_, data, to_read, 0);
+    if (secure_connect_)
+      read = SSL_read(ssl_, data, to_read);
+    else
+      read = recv(socket_fd_, data, to_read, 0);
+
    if (read > 0) {
      to_read -= read;
      data += read;
@@ -175,7 +260,11 @@ int HttpSocket::Write(const char* data, int len)
  int sent = 0;
  int to_send = len;
  while (to_send > 0) {
-    sent = send(socket_fd_, data, to_send, 0);
+    if (secure_connect_)
+      sent = SSL_write(ssl_, data, to_send);
+    else
+      sent = send(socket_fd_, data, to_send, 0);
+
    if (sent > 0) {
      to_send -= sent;
      data += sent;