Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(275)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: content/browser/renderer_host/pepper/pepper_socket_utils.cc

Issue 1213203004: Make the Pepper TCP open the firewall on Cros. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/browser/renderer_host/pepper/pepper_socket_utils.h ('K') | « content/browser/renderer_host/pepper/pepper_socket_utils.h ('k') | content/browser/renderer_host/pepper/pepper_tcp_server_socket_message_filter.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "content/browser/renderer_host/pepper/pepper_socket_utils.h" 5 #include "content/browser/renderer_host/pepper/pepper_socket_utils.h"
6 6
7 #include <string> 7 #include <string>
8 #include <vector> 8 #include <vector>
9 9
10 #include "base/logging.h" 10 #include "base/logging.h"
11 #include "base/memory/ref_counted.h" 11 #include "base/memory/ref_counted.h"
12 #include "base/strings/string_util.h" 12 #include "base/strings/string_util.h"
13 #include "content/public/browser/browser_thread.h" 13 #include "content/public/browser/browser_thread.h"
14 #include "content/public/browser/content_browser_client.h" 14 #include "content/public/browser/content_browser_client.h"
15 #include "content/public/browser/render_frame_host.h" 15 #include "content/public/browser/render_frame_host.h"
16 #include "content/public/browser/site_instance.h" 16 #include "content/public/browser/site_instance.h"
17 #include "content/public/common/content_client.h" 17 #include "content/public/common/content_client.h"
18 #include "net/base/ip_address_number.h"
18 #include "net/cert/x509_certificate.h" 19 #include "net/cert/x509_certificate.h"
19 #include "ppapi/c/private/ppb_net_address_private.h" 20 #include "ppapi/c/private/ppb_net_address_private.h"
20 #include "ppapi/shared_impl/private/net_address_private_impl.h" 21 #include "ppapi/shared_impl/private/net_address_private_impl.h"
21 #include "ppapi/shared_impl/private/ppb_x509_certificate_private_shared.h" 22 #include "ppapi/shared_impl/private/ppb_x509_certificate_private_shared.h"
22 23
24 #if defined(OS_CHROMEOS)
25 #include "chromeos/network/firewall_hole.h"
26 #endif // defined(OS_CHROMEOS)
27
23 namespace content { 28 namespace content {
24 namespace pepper_socket_utils { 29 namespace pepper_socket_utils {
25 30
26 SocketPermissionRequest CreateSocketPermissionRequest( 31 SocketPermissionRequest CreateSocketPermissionRequest(
27 SocketPermissionRequest::OperationType type, 32 SocketPermissionRequest::OperationType type,
28 const PP_NetAddress_Private& net_addr) { 33 const PP_NetAddress_Private& net_addr) {
29 std::string host = 34 std::string host =
30 ppapi::NetAddressPrivateImpl::DescribeNetAddress(net_addr, false); 35 ppapi::NetAddressPrivateImpl::DescribeNetAddress(net_addr, false);
31 uint16 port = 0; 36 uint16 port = 0;
32 std::vector<unsigned char> address; 37 std::vector<unsigned char> address;
33 ppapi::NetAddressPrivateImpl::NetAddressToIPEndPoint( 38 ppapi::NetAddressPrivateImpl::NetAddressToIPEndPoint(
34 net_addr, &address, &port); 39 net_addr, &address, &port);
35 return SocketPermissionRequest(type, host, port); 40 return SocketPermissionRequest(type, host, port);
36 } 41 }
37 42
38 bool CanUseSocketAPIs(bool external_plugin, 43 bool CanUseSocketAPIs(bool external_plugin,
39 bool private_api, 44 bool private_api,
40 const SocketPermissionRequest* params, 45 const SocketPermissionRequest* params,
41 int render_process_id, 46 int render_process_id,
42 int render_frame_id) { 47 int render_frame_id) {
43 DCHECK_CURRENTLY_ON(BrowserThread::UI); 48 DCHECK_CURRENTLY_ON(BrowserThread::UI);
44 if (!external_plugin) { 49 if (!external_plugin) {
45 // Always allow socket APIs for out-process plugins (other than external 50 // Always allow socket APIs for out-process plugins (other than external
46 // plugins instantiated by the embeeder through 51 // plugins instantiated by the embedder through
47 // BrowserPpapiHost::CreateExternalPluginProcess). 52 // BrowserPpapiHost::CreateExternalPluginProcess).
48 return true; 53 return true;
49 } 54 }
50 55
51 RenderFrameHost* render_frame_host = 56 RenderFrameHost* render_frame_host =
52 RenderFrameHost::FromID(render_process_id, render_frame_id); 57 RenderFrameHost::FromID(render_process_id, render_frame_id);
53 if (!render_frame_host) 58 if (!render_frame_host)
54 return false; 59 return false;
55 SiteInstance* site_instance = render_frame_host->GetSiteInstance(); 60 SiteInstance* site_instance = render_frame_host->GetSiteInstance();
56 if (!site_instance) 61 if (!site_instance)
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
121 bool GetCertificateFields(const char* der, 126 bool GetCertificateFields(const char* der,
122 uint32_t length, 127 uint32_t length,
123 ppapi::PPB_X509Certificate_Fields* fields) { 128 ppapi::PPB_X509Certificate_Fields* fields) {
124 scoped_refptr<net::X509Certificate> cert = 129 scoped_refptr<net::X509Certificate> cert =
125 net::X509Certificate::CreateFromBytes(der, length); 130 net::X509Certificate::CreateFromBytes(der, length);
126 if (!cert.get()) 131 if (!cert.get())
127 return false; 132 return false;
128 return GetCertificateFields(*cert.get(), fields); 133 return GetCertificateFields(*cert.get(), fields);
129 } 134 }
130 135
136 #if defined(OS_CHROMEOS)
137 using ppapi::NetAddressPrivateImpl;
138 namespace {
139 bool isLoopbackAddress(const net::IPAddressNumber& address) {
140 static const net::IPAddressNumber kIPv6Loopback = {0, 0, 0, 0, 0, 0, 0, 0,
141 0, 0, 0, 0, 0, 0, 0, 1};
142 if (address.size() == net::kIPv4AddressSize && address[0] == 0x7f) {
143 // All of 127.0.0.0/8 is loopback in ipv4.
144 return true;
145 } else if (address.size() == net::kIPv6AddressSize &&
146 address == kIPv6Loopback) {
147 // ::1 is the only loopback address in ipv6.
148 return true;
149 }
150 return false;
151 }
152
153 std::string addressToFirewallString(const net::IPAddressNumber& address) {
154 static const net::IPAddressNumber kIPv4Empty = {0, 0, 0, 0};
155 static const net::IPAddressNumber kIPv6Empty = {0, 0, 0, 0, 0, 0, 0, 0,
156 0, 0, 0, 0, 0, 0, 0, 0};
157 if (address == kIPv4Empty || address == kIPv6Empty) {
158 return std::string();
159 }
160 return net::IPAddressToString(address);
161 }
162 } // namespace
163
164 bool OpenFirewallHole(const PP_NetAddress_Private& bind_address,
165 FirewallHoleOpenCallback callback) {
166 net::IPAddressNumber address;
167 uint16_t port;
168 NetAddressPrivateImpl::NetAddressToIPEndPoint(bind_address, &address, &port);
169 if (isLoopbackAddress(address)) {
170 return false;
171 }
172 std::string address_string = addressToFirewallString(address);
173
174 chromeos::FirewallHole::Open(chromeos::FirewallHole::PortType::TCP, port,
175 address_string, callback);
176 return true;
177 }
178 #endif // defined(OS_CHROMEOS)
179
131 } // namespace pepper_socket_utils 180 } // namespace pepper_socket_utils
132 } // namespace content 181 } // namespace content
OLDNEW
« content/browser/renderer_host/pepper/pepper_socket_utils.h ('K') | « content/browser/renderer_host/pepper/pepper_socket_utils.h ('k') | content/browser/renderer_host/pepper/pepper_tcp_server_socket_message_filter.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698