From 3c6e46628001c6fb7efeb5731b8b4049e185e8b2 Mon Sep 17 00:00:00 2001
From: winlin <winlin@vip.126.com>
Date: Tue, 9 Mar 2021 11:54:27 +0800
Subject: [PATCH] DTLS: Use specified init API, to decrease packet size

---
 trunk/src/app/srs_app_rtc_dtls.cpp | 28 ++++++++++++++++++----------
 trunk/src/app/srs_app_rtc_dtls.hpp |  6 +++---
 trunk/src/utest/srs_utest_rtc.cpp  |  4 ++--
 3 files changed, 23 insertions(+), 15 deletions(-)

diff --git a/trunk/src/app/srs_app_rtc_dtls.cpp b/trunk/src/app/srs_app_rtc_dtls.cpp
index bdd3b7a4a..daa894fc1 100644
--- a/trunk/src/app/srs_app_rtc_dtls.cpp
+++ b/trunk/src/app/srs_app_rtc_dtls.cpp
@@ -96,16 +96,24 @@ void ssl_on_info(const SSL* dtls, int where, int ret)
     }
 }
 
-SSL_CTX* srs_build_dtls_ctx(SrsDtlsVersion version)
+SSL_CTX* srs_build_dtls_ctx(SrsDtlsVersion version, std::string role)
 {
     SSL_CTX* dtls_ctx;
 #if OPENSSL_VERSION_NUMBER < 0x10002000L // v1.0.2
     dtls_ctx = SSL_CTX_new(DTLSv1_method());
 #else
     if (version == SrsDtlsVersion1_0) {
-        dtls_ctx = SSL_CTX_new(DTLSv1_method());
+        if (role == "active") {
+            dtls_ctx = SSL_CTX_new(DTLSv1_client_method());
+        } else {
+            dtls_ctx = SSL_CTX_new(DTLSv1_server_method());
+        }
     } else if (version == SrsDtlsVersion1_2) {
-        dtls_ctx = SSL_CTX_new(DTLSv1_2_method());
+        if (role == "active") {
+            dtls_ctx = SSL_CTX_new(DTLS_client_method());
+        } else {
+            dtls_ctx = SSL_CTX_new(DTLS_server_method());
+        }
     } else {
         // SrsDtlsVersionAuto, use version-flexible DTLS methods
         dtls_ctx = SSL_CTX_new(DTLS_method());
@@ -397,7 +405,7 @@ SrsDtlsImpl::~SrsDtlsImpl()
     srs_freepa(last_outgoing_packet_cache);
 }
 
-srs_error_t SrsDtlsImpl::initialize(std::string version)
+srs_error_t SrsDtlsImpl::initialize(std::string version, std::string role)
 {
     srs_error_t err = srs_success;
 
@@ -409,7 +417,7 @@ srs_error_t SrsDtlsImpl::initialize(std::string version)
         version_ = SrsDtlsVersionAuto;
     }
 
-    dtls_ctx = srs_build_dtls_ctx(version_);
+    dtls_ctx = srs_build_dtls_ctx(version_, role);
 
     if ((dtls = SSL_new(dtls_ctx)) == NULL) {
         return srs_error_new(ERROR_OpenSslCreateSSL, "SSL_new dtls");
@@ -648,11 +656,11 @@ SrsDtlsClientImpl::~SrsDtlsClientImpl()
     srs_freep(trd);
 }
 
-srs_error_t SrsDtlsClientImpl::initialize(std::string version)
+srs_error_t SrsDtlsClientImpl::initialize(std::string version, std::string role)
 {
     srs_error_t err = srs_success;
 
-    if ((err = SrsDtlsImpl::initialize(version)) != srs_success) {
+    if ((err = SrsDtlsImpl::initialize(version, role)) != srs_success) {
         return err;
     }
 
@@ -824,11 +832,11 @@ SrsDtlsServerImpl::~SrsDtlsServerImpl()
 {
 }
 
-srs_error_t SrsDtlsServerImpl::initialize(std::string version)
+srs_error_t SrsDtlsServerImpl::initialize(std::string version, std::string role)
 {
     srs_error_t err = srs_success;
 
-    if ((err = SrsDtlsImpl::initialize(version)) != srs_success) {
+    if ((err = SrsDtlsImpl::initialize(version, role)) != srs_success) {
         return err;
     }
 
@@ -897,7 +905,7 @@ srs_error_t SrsDtls::initialize(std::string role, std::string version)
         impl = new SrsDtlsServerImpl(callback_);
     }
 
-    return impl->initialize(version);
+    return impl->initialize(version, role);
 }
 
 srs_error_t SrsDtls::start_active_handshake()
diff --git a/trunk/src/app/srs_app_rtc_dtls.hpp b/trunk/src/app/srs_app_rtc_dtls.hpp
index f72f6ef0d..1e28eaf7d 100644
--- a/trunk/src/app/srs_app_rtc_dtls.hpp
+++ b/trunk/src/app/srs_app_rtc_dtls.hpp
@@ -130,7 +130,7 @@ public:
     SrsDtlsImpl(ISrsDtlsCallback* callback);
     virtual ~SrsDtlsImpl();
 public:
-    virtual srs_error_t initialize(std::string version);
+    virtual srs_error_t initialize(std::string version, std::string role);
     virtual srs_error_t start_active_handshake() = 0;
     virtual srs_error_t on_dtls(char* data, int nb_data);
 protected:
@@ -162,7 +162,7 @@ public:
     SrsDtlsClientImpl(ISrsDtlsCallback* callback);
     virtual ~SrsDtlsClientImpl();
 public:
-    virtual srs_error_t initialize(std::string version);
+    virtual srs_error_t initialize(std::string version, std::string role);
     virtual srs_error_t start_active_handshake();
     virtual srs_error_t on_dtls(char* data, int nb_data);
 protected:
@@ -183,7 +183,7 @@ public:
     SrsDtlsServerImpl(ISrsDtlsCallback* callback);
     virtual ~SrsDtlsServerImpl();
 public:
-    virtual srs_error_t initialize(std::string version);
+    virtual srs_error_t initialize(std::string version, std::string role);
     virtual srs_error_t start_active_handshake();
 protected:
     virtual void on_ssl_out_data(uint8_t*& data, int& size, bool& cached);
diff --git a/trunk/src/utest/srs_utest_rtc.cpp b/trunk/src/utest/srs_utest_rtc.cpp
index 845f03b53..bf839aca3 100644
--- a/trunk/src/utest/srs_utest_rtc.cpp
+++ b/trunk/src/utest/srs_utest_rtc.cpp
@@ -563,7 +563,7 @@ VOID TEST(KernelRTCTest, StringDumpHexTest)
     }
 }
 
-extern SSL_CTX* srs_build_dtls_ctx(SrsDtlsVersion version);
+extern SSL_CTX* srs_build_dtls_ctx(SrsDtlsVersion version, std::string role);
 
 class MockDtls
 {
@@ -625,7 +625,7 @@ srs_error_t MockDtls::initialize(std::string role, std::string version)
         version_ = SrsDtlsVersionAuto;
     }
 
-    dtls_ctx = srs_build_dtls_ctx(version_);
+    dtls_ctx = srs_build_dtls_ctx(version_, role);
     dtls = SSL_new(dtls_ctx);
     srs_assert(dtls);