Use Authenticator interface in Session and SessionManager

remoting/host/chromoting_host.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "remoting/host/chromoting_host.h"
 
 #include "base/bind.h"
 #include "base/callback.h"
 #include "base/logging.h"
 #include "base/message_loop_proxy.h"
 #include "build/build_config.h"
 #include "remoting/base/constants.h"
 #include "remoting/base/encoder.h"
 #include "remoting/base/encoder_row_based.h"
 #include "remoting/base/encoder_vp8.h"
 #include "remoting/host/chromoting_host_context.h"
 #include "remoting/host/curtain.h"
 #include "remoting/host/desktop_environment.h"
 #include "remoting/host/event_executor.h"
 #include "remoting/host/host_config.h"
-#include "remoting/host/host_key_pair.h"
 #include "remoting/host/screen_recorder.h"
 #include "remoting/jingle_glue/xmpp_signal_strategy.h"
 #include "remoting/protocol/connection_to_client.h"
 #include "remoting/protocol/client_stub.h"
 #include "remoting/protocol/host_stub.h"
 #include "remoting/protocol/input_stub.h"
 #include "remoting/protocol/jingle_session_manager.h"
 #include "remoting/protocol/session_config.h"
+#include "remoting/protocol/v1_authenticator.h"
 
 using remoting::protocol::ConnectionToClient;
 using remoting::protocol::InputStub;
 
 namespace remoting {
 
 // static
 ChromotingHost* ChromotingHost::Create(ChromotingHostContext* context,
                                        MutableHostConfig* config,
                                        DesktopEnvironment* environment,
@@ skipping 30 matching lines @@
   }
 
   LOG(INFO) << "Starting host";
   DCHECK(!signal_strategy_.get());
 
   // Make sure this object is not started.
   if (state_ != kInitial)
     return;
   state_ = kStarted;
 
+  // Assign key and certificate to server.
+  if (!key_pair_.Load(config_)) {
+    LOG(ERROR) << "Failed to load key pair for the host.";
+    return;
+  }
+
   // Use an XMPP connection to the Talk network for session signalling.
   std::string xmpp_login;
   std::string xmpp_auth_token;
   std::string xmpp_auth_service;
   if (!config_->GetString(kXmppLoginConfigPath, &xmpp_login) ||
       !config_->GetString(kXmppAuthTokenConfigPath, &xmpp_auth_token) ||
       !config_->GetString(kXmppAuthServiceConfigPath, &xmpp_auth_service)) {
     LOG(ERROR) << "XMPP credentials are not defined in the config.";
     return;
   }
@@ skipping 58 matching lines @@
   } else {
     ShutdownFinish();
   }
 }
 
 void ChromotingHost::AddStatusObserver(HostStatusObserver* observer) {
   DCHECK_EQ(state_, kInitial);
   status_observers_.push_back(observer);
 }
 
+void ChromotingHost::SetSharedSecret(const std::string& shared_secret) {
+  DCHECK(context_->network_message_loop()->BelongsToCurrentThread());
+  session_manager_->set_authenticator_factory(
+      new protocol::V1HostAuthenticatorFactory(
+          key_pair_.GenerateCertificate(), key_pair_.CopyPrivateKey(),
+          shared_secret));
+}
+
 ////////////////////////////////////////////////////////////////////////////
 // protocol::ClientSession::EventHandler implementation.
 void ChromotingHost::OnSessionAuthenticated(ClientSession* client) {
   DCHECK(context_->network_message_loop()->BelongsToCurrentThread());
 
   // Disconnect all other clients.
   // Iterate over a copy of the list of clients, to avoid mutating the list
   // while iterating over it.
   ClientList clients_copy(clients_);
   for (ClientList::const_iterator other_client = clients_copy.begin();
@@ skipping 87 matching lines @@
 
   if (state == SignalStrategy::StatusObserver::CONNECTED) {
     LOG(INFO) << "Host connected as " << local_jid_;
 
     // Create and start session manager.
     protocol::JingleSessionManager* server =
         new protocol::JingleSessionManager(context_->network_message_loop());
     // TODO(ajwong): Make this a command switch when we're more stable.
     server->set_allow_local_ips(true);
 
-    // Assign key and certificate to server.
-    HostKeyPair key_pair;
-    CHECK(key_pair.Load(config_))
-        << "Failed to load server authentication data";
-
-    server->Init(local_jid_, signal_strategy_.get(), this,
-                 key_pair.CopyPrivateKey(), key_pair.GenerateCertificate(),
-                 allow_nat_traversal_);
+    server->Init(local_jid_, signal_strategy_.get(),
+                 this, allow_nat_traversal_);
 
     session_manager_.reset(server);
 
     for (StatusObserverList::iterator it = status_observers_.begin();
          it != status_observers_.end(); ++it) {
       (*it)->OnSignallingConnected(signal_strategy_.get(), local_jid_);
     }
   } else if (state == SignalStrategy::StatusObserver::CLOSED) {
     LOG(INFO) << "Host disconnected from talk network.";
     for (StatusObserverList::iterator it = status_observers_.begin();
@@ skipping 42 matching lines @@
   protocol::SessionConfig config;
   if (!protocol_config_->Select(session->candidate_config(),
                                 true /* force_host_resolution */, &config)) {
     LOG(WARNING) << "Rejecting connection from " << session->jid()
                  << " because no compatible configuration has been found.";
     *response = protocol::SessionManager::INCOMPATIBLE;
     return;
   }
 
   session->set_config(config);
-  // Provide the Access Code as shared secret for SSL channel authentication.
-  session->set_shared_secret(access_code_);
 
   *response = protocol::SessionManager::ACCEPT;
 
   LOG(INFO) << "Client connected: " << session->jid();
 
   // Create a client object.
   protocol::ConnectionToClient* connection =
       new protocol::ConnectionToClient(session);
   ClientSession* client = new ClientSession(
       this, connection, desktop_environment_->event_executor(),
@@ skipping 119 matching lines @@
   }
 
   for (std::vector<base::Closure>::iterator it = shutdown_tasks_.begin();
        it != shutdown_tasks_.end(); ++it) {
     it->Run();
   }
   shutdown_tasks_.clear();
 }
 
 }  // namespace remoting