| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/extensions/permissions/socket_permission_data.h" | 5 #include "chrome/common/extensions/permissions/socket_permission_data.h" |
| 6 | 6 |
| 7 #include <cstdlib> | 7 #include <cstdlib> |
| 8 #include <sstream> | 8 #include <sstream> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 #include "base/string_number_conversions.h" | 12 #include "base/string_number_conversions.h" |
| 13 #include "base/string_split.h" | 13 #include "base/string_split.h" |
| 14 #include "base/string_util.h" | 14 #include "base/string_util.h" |
| 15 #include "googleurl/src/url_canon.h" | 15 #include "googleurl/src/url_canon.h" |
| 16 | 16 |
| 17 namespace { | 17 namespace { |
| 18 | 18 |
| 19 using content::SocketPermissionRequest; |
| 19 using extensions::SocketPermissionData; | 20 using extensions::SocketPermissionData; |
| 20 | 21 |
| 21 const char kColon = ':'; | 22 const char kColon = ':'; |
| 22 const char kDot = '.'; | 23 const char kDot = '.'; |
| 23 const char kWildcard[] = "*"; | 24 const char kWildcard[] = "*"; |
| 24 const char kInvalid[] = "invalid"; | 25 const char kInvalid[] = "invalid"; |
| 25 const char kTCPConnect[] = "tcp-connect"; | 26 const char kTCPConnect[] = "tcp-connect"; |
| 26 const char kTCPListen[] = "tcp-listen"; | 27 const char kTCPListen[] = "tcp-listen"; |
| 27 const char kUDPBind[] = "udp-bind"; | 28 const char kUDPBind[] = "udp-bind"; |
| 28 const char kUDPSendTo[] = "udp-send-to"; | 29 const char kUDPSendTo[] = "udp-send-to"; |
| 29 const int kAnyPort = 0; | 30 const int kAnyPort = 0; |
| 30 const int kInvalidPort = -1; | 31 const int kInvalidPort = -1; |
| 31 | 32 |
| 32 SocketPermissionData::OperationType StringToType(const std::string& s) { | 33 SocketPermissionRequest::OperationType StringToType(const std::string& s) { |
| 33 if (s == kTCPConnect) | 34 if (s == kTCPConnect) |
| 34 return SocketPermissionData::TCP_CONNECT; | 35 return SocketPermissionRequest::TCP_CONNECT; |
| 35 if (s == kTCPListen) | 36 if (s == kTCPListen) |
| 36 return SocketPermissionData::TCP_LISTEN; | 37 return SocketPermissionRequest::TCP_LISTEN; |
| 37 if (s == kUDPBind) | 38 if (s == kUDPBind) |
| 38 return SocketPermissionData::UDP_BIND; | 39 return SocketPermissionRequest::UDP_BIND; |
| 39 if (s == kUDPSendTo) | 40 if (s == kUDPSendTo) |
| 40 return SocketPermissionData::UDP_SEND_TO; | 41 return SocketPermissionRequest::UDP_SEND_TO; |
| 41 return SocketPermissionData::NONE; | 42 return SocketPermissionRequest::NONE; |
| 42 } | 43 } |
| 43 | 44 |
| 44 const char* TypeToString(SocketPermissionData::OperationType type) { | 45 const char* TypeToString(SocketPermissionRequest::OperationType type) { |
| 45 switch (type) { | 46 switch (type) { |
| 46 case SocketPermissionData::TCP_CONNECT: | 47 case SocketPermissionRequest::TCP_CONNECT: |
| 47 return kTCPConnect; | 48 return kTCPConnect; |
| 48 case SocketPermissionData::TCP_LISTEN: | 49 case SocketPermissionRequest::TCP_LISTEN: |
| 49 return kTCPListen; | 50 return kTCPListen; |
| 50 case SocketPermissionData::UDP_BIND: | 51 case SocketPermissionRequest::UDP_BIND: |
| 51 return kUDPBind; | 52 return kUDPBind; |
| 52 case SocketPermissionData::UDP_SEND_TO: | 53 case SocketPermissionRequest::UDP_SEND_TO: |
| 53 return kUDPSendTo; | 54 return kUDPSendTo; |
| 54 default: | 55 default: |
| 55 return kInvalid; | 56 return kInvalid; |
| 56 } | 57 } |
| 57 } | 58 } |
| 58 | 59 |
| 59 bool StartsOrEndsWithWhitespace(const std::string& str) { | 60 bool StartsOrEndsWithWhitespace(const std::string& str) { |
| 60 if (str.find_first_not_of(kWhitespaceASCII) != 0) | 61 if (str.find_first_not_of(kWhitespaceASCII) != 0) |
| 61 return true; | 62 return true; |
| 62 if (str.find_last_not_of(kWhitespaceASCII) != str.length() - 1) | 63 if (str.find_last_not_of(kWhitespaceASCII) != str.length() - 1) |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 95 return true; | 96 return true; |
| 96 return false; | 97 return false; |
| 97 } | 98 } |
| 98 | 99 |
| 99 bool SocketPermissionData::operator==(const SocketPermissionData& rhs) const { | 100 bool SocketPermissionData::operator==(const SocketPermissionData& rhs) const { |
| 100 return (type_ == rhs.type_) && (host_ == rhs.host_) && | 101 return (type_ == rhs.type_) && (host_ == rhs.host_) && |
| 101 (match_subdomains_ == rhs.match_subdomains_) && | 102 (match_subdomains_ == rhs.match_subdomains_) && |
| 102 (port_ == rhs.port_); | 103 (port_ == rhs.port_); |
| 103 } | 104 } |
| 104 | 105 |
| 105 bool SocketPermissionData::Match( | 106 bool SocketPermissionData::Match(SocketPermissionRequest request) const { |
| 106 OperationType type, const std::string& host, int port) const { | 107 if (type_ != request.type) |
| 107 if (type_ != type) | |
| 108 return false; | 108 return false; |
| 109 | 109 |
| 110 std::string lhost = StringToLowerASCII(host); | 110 std::string lhost = StringToLowerASCII(request.host); |
| 111 if (host_ != lhost) { | 111 if (host_ != lhost) { |
| 112 if (!match_subdomains_) | 112 if (!match_subdomains_) |
| 113 return false; | 113 return false; |
| 114 | 114 |
| 115 if (!host_.empty()) { | 115 if (!host_.empty()) { |
| 116 // Do not wildcard part of IP address. | 116 // Do not wildcard part of IP address. |
| 117 url_parse::Component component(0, lhost.length()); | 117 url_parse::Component component(0, lhost.length()); |
| 118 url_canon::RawCanonOutputT<char, 128> ignored_output; | 118 url_canon::RawCanonOutputT<char, 128> ignored_output; |
| 119 url_canon::CanonHostInfo host_info; | 119 url_canon::CanonHostInfo host_info; |
| 120 url_canon::CanonicalizeIPAddress(lhost.c_str(), component, | 120 url_canon::CanonicalizeIPAddress(lhost.c_str(), component, |
| 121 &ignored_output, &host_info); | 121 &ignored_output, &host_info); |
| 122 if (host_info.IsIPAddress()) | 122 if (host_info.IsIPAddress()) |
| 123 return false; | 123 return false; |
| 124 | 124 |
| 125 // host should equal one or more chars + "." + host_. | 125 // host should equal one or more chars + "." + host_. |
| 126 int i = lhost.length() - host_.length(); | 126 int i = lhost.length() - host_.length(); |
| 127 if (i < 2) | 127 if (i < 2) |
| 128 return false; | 128 return false; |
| 129 | 129 |
| 130 if (lhost.compare(i, host_.length(), host_) != 0) | 130 if (lhost.compare(i, host_.length(), host_) != 0) |
| 131 return false; | 131 return false; |
| 132 | 132 |
| 133 if (lhost[i - 1] != kDot) | 133 if (lhost[i - 1] != kDot) |
| 134 return false; | 134 return false; |
| 135 } | 135 } |
| 136 } | 136 } |
| 137 | 137 |
| 138 if (port_ != port && port_ != kAnyPort) | 138 if (port_ != request.port && port_ != kAnyPort) |
| 139 return false; | 139 return false; |
| 140 | 140 |
| 141 return true; | 141 return true; |
| 142 } | 142 } |
| 143 | 143 |
| 144 bool SocketPermissionData::Parse(const std::string& permission) { | 144 bool SocketPermissionData::Parse(const std::string& permission) { |
| 145 do { | 145 do { |
| 146 host_.clear(); | 146 host_.clear(); |
| 147 match_subdomains_ = true; | 147 match_subdomains_ = true; |
| 148 port_ = kAnyPort; | 148 port_ = kAnyPort; |
| 149 spec_.clear(); | 149 spec_.clear(); |
| 150 | 150 |
| 151 std::vector<std::string> tokens; | 151 std::vector<std::string> tokens; |
| 152 base::SplitStringDontTrim(permission, kColon, &tokens); | 152 base::SplitStringDontTrim(permission, kColon, &tokens); |
| 153 | 153 |
| 154 if (tokens.empty() || tokens.size() > 3) | 154 if (tokens.empty() || tokens.size() > 3) |
| 155 break; | 155 break; |
| 156 | 156 |
| 157 type_ = StringToType(tokens[0]); | 157 type_ = StringToType(tokens[0]); |
| 158 if (type_ == NONE) | 158 if (type_ == SocketPermissionRequest::NONE) |
| 159 break; | 159 break; |
| 160 | 160 |
| 161 if (tokens.size() == 1) | 161 if (tokens.size() == 1) |
| 162 return true; | 162 return true; |
| 163 | 163 |
| 164 host_ = tokens[1]; | 164 host_ = tokens[1]; |
| 165 if (!host_.empty()) { | 165 if (!host_.empty()) { |
| 166 if (StartsOrEndsWithWhitespace(host_)) | 166 if (StartsOrEndsWithWhitespace(host_)) |
| 167 break; | 167 break; |
| 168 host_ = StringToLowerASCII(host_); | 168 host_ = StringToLowerASCII(host_); |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 224 | 224 |
| 225 if (port_ == kAnyPort) | 225 if (port_ == kAnyPort) |
| 226 spec_.append(1, kColon).append(kWildcard); | 226 spec_.append(1, kColon).append(kWildcard); |
| 227 else | 227 else |
| 228 spec_.append(1, kColon).append(base::IntToString(port_)); | 228 spec_.append(1, kColon).append(base::IntToString(port_)); |
| 229 | 229 |
| 230 return spec_; | 230 return spec_; |
| 231 } | 231 } |
| 232 | 232 |
| 233 void SocketPermissionData::Reset() { | 233 void SocketPermissionData::Reset() { |
| 234 type_ = NONE; | 234 type_ = SocketPermissionRequest::NONE; |
| 235 host_.clear(); | 235 host_.clear(); |
| 236 match_subdomains_ = false; | 236 match_subdomains_ = false; |
| 237 port_ = kInvalidPort; | 237 port_ = kInvalidPort; |
| 238 spec_.clear(); | 238 spec_.clear(); |
| 239 } | 239 } |
| 240 | 240 |
| 241 } // namespace extensions | 241 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10993078:
Use extensions socket permission for TCP/UDP socket APIs in Pepper (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src