OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 // | 4 // |
5 // This file implements a standalone host process for Me2Me. | 5 // This file implements a standalone host process for Me2Me. |
6 | 6 |
7 #include "remoting/host/remoting_me2me_host.h" | 7 #include "remoting/host/remoting_me2me_host.h" |
8 | 8 |
9 #include <string> | 9 #include <string> |
10 | 10 |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
47 #include "remoting/host/desktop_environment.h" | 47 #include "remoting/host/desktop_environment.h" |
48 #include "remoting/host/desktop_resizer.h" | 48 #include "remoting/host/desktop_resizer.h" |
49 #include "remoting/host/desktop_session_connector.h" | 49 #include "remoting/host/desktop_session_connector.h" |
50 #include "remoting/host/dns_blackhole_checker.h" | 50 #include "remoting/host/dns_blackhole_checker.h" |
51 #include "remoting/host/event_executor.h" | 51 #include "remoting/host/event_executor.h" |
52 #include "remoting/host/heartbeat_sender.h" | 52 #include "remoting/host/heartbeat_sender.h" |
53 #include "remoting/host/host_change_notification_listener.h" | 53 #include "remoting/host/host_change_notification_listener.h" |
54 #include "remoting/host/host_config.h" | 54 #include "remoting/host/host_config.h" |
55 #include "remoting/host/host_event_logger.h" | 55 #include "remoting/host/host_event_logger.h" |
56 #include "remoting/host/host_exit_codes.h" | 56 #include "remoting/host/host_exit_codes.h" |
57 #include "remoting/host/host_token_validator_factory.h" | |
57 #include "remoting/host/host_user_interface.h" | 58 #include "remoting/host/host_user_interface.h" |
58 #include "remoting/host/ipc_constants.h" | 59 #include "remoting/host/ipc_constants.h" |
59 #include "remoting/host/ipc_desktop_environment.h" | 60 #include "remoting/host/ipc_desktop_environment.h" |
60 #include "remoting/host/json_host_config.h" | 61 #include "remoting/host/json_host_config.h" |
61 #include "remoting/host/log_to_server.h" | 62 #include "remoting/host/log_to_server.h" |
62 #include "remoting/host/logging.h" | 63 #include "remoting/host/logging.h" |
63 #include "remoting/host/network_settings.h" | 64 #include "remoting/host/network_settings.h" |
64 #include "remoting/host/policy_hack/policy_watcher.h" | 65 #include "remoting/host/policy_hack/policy_watcher.h" |
65 #include "remoting/host/resizing_host_observer.h" | 66 #include "remoting/host/resizing_host_observer.h" |
66 #include "remoting/host/service_urls.h" | 67 #include "remoting/host/service_urls.h" |
67 #include "remoting/host/session_manager_factory.h" | 68 #include "remoting/host/session_manager_factory.h" |
68 #include "remoting/host/signaling_connector.h" | 69 #include "remoting/host/signaling_connector.h" |
69 #include "remoting/host/ui_strings.h" | 70 #include "remoting/host/ui_strings.h" |
70 #include "remoting/host/usage_stats_consent.h" | 71 #include "remoting/host/usage_stats_consent.h" |
71 #include "remoting/jingle_glue/xmpp_signal_strategy.h" | 72 #include "remoting/jingle_glue/xmpp_signal_strategy.h" |
73 #include "remoting/protocol/key_pair.h" | |
72 #include "remoting/protocol/me2me_host_authenticator_factory.h" | 74 #include "remoting/protocol/me2me_host_authenticator_factory.h" |
73 | 75 |
74 #if defined(OS_POSIX) | 76 #if defined(OS_POSIX) |
75 #include <pwd.h> | 77 #include <pwd.h> |
76 #include <signal.h> | 78 #include <signal.h> |
77 #include "base/file_descriptor_posix.h" | 79 #include "base/file_descriptor_posix.h" |
78 #include "remoting/host/pam_authorization_factory_posix.h" | 80 #include "remoting/host/pam_authorization_factory_posix.h" |
79 #include "remoting/host/posix/signal_handler.h" | 81 #include "remoting/host/posix/signal_handler.h" |
80 #endif // defined(OS_POSIX) | 82 #endif // defined(OS_POSIX) |
81 | 83 |
(...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
234 | 236 |
235 // Applies the host config, returning true if successful. | 237 // Applies the host config, returning true if successful. |
236 bool ApplyConfig(scoped_ptr<JsonHostConfig> config); | 238 bool ApplyConfig(scoped_ptr<JsonHostConfig> config); |
237 | 239 |
238 void OnPolicyUpdate(scoped_ptr<base::DictionaryValue> policies); | 240 void OnPolicyUpdate(scoped_ptr<base::DictionaryValue> policies); |
239 bool OnHostDomainPolicyUpdate(const std::string& host_domain); | 241 bool OnHostDomainPolicyUpdate(const std::string& host_domain); |
240 bool OnUsernamePolicyUpdate(bool username_match_required); | 242 bool OnUsernamePolicyUpdate(bool username_match_required); |
241 bool OnNatPolicyUpdate(bool nat_traversal_enabled); | 243 bool OnNatPolicyUpdate(bool nat_traversal_enabled); |
242 bool OnCurtainPolicyUpdate(bool curtain_required); | 244 bool OnCurtainPolicyUpdate(bool curtain_required); |
243 bool OnHostTalkGadgetPrefixPolicyUpdate(const std::string& talkgadget_prefix); | 245 bool OnHostTalkGadgetPrefixPolicyUpdate(const std::string& talkgadget_prefix); |
246 bool OnHostTokenUrlPolicyUpdate(const std::string& token_issue_url, | |
247 const std::string& token_verification_url); | |
244 | 248 |
245 void StartHost(); | 249 void StartHost(); |
246 | 250 |
247 void OnAuthFailed(); | 251 void OnAuthFailed(); |
248 | 252 |
249 void OnCurtainModeFailed(); | 253 void OnCurtainModeFailed(); |
250 | 254 |
251 void OnRemoteSessionSwitchedToConsole(); | 255 void OnRemoteSessionSwitchedToConsole(); |
252 | 256 |
253 // Invoked when the user uses the Disconnect windows to terminate | 257 // Invoked when the user uses the Disconnect windows to terminate |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
297 std::string xmpp_login_; | 301 std::string xmpp_login_; |
298 std::string xmpp_auth_token_; | 302 std::string xmpp_auth_token_; |
299 std::string xmpp_auth_service_; | 303 std::string xmpp_auth_service_; |
300 scoped_ptr<policy_hack::PolicyWatcher> policy_watcher_; | 304 scoped_ptr<policy_hack::PolicyWatcher> policy_watcher_; |
301 bool allow_nat_traversal_; | 305 bool allow_nat_traversal_; |
302 std::string talkgadget_prefix_; | 306 std::string talkgadget_prefix_; |
303 | 307 |
304 scoped_ptr<CurtainMode> curtain_; | 308 scoped_ptr<CurtainMode> curtain_; |
305 scoped_ptr<CurtainingHostObserver> curtaining_host_observer_; | 309 scoped_ptr<CurtainingHostObserver> curtaining_host_observer_; |
306 bool curtain_required_; | 310 bool curtain_required_; |
311 std::string token_issue_url_; | |
312 std::string token_verification_url_; | |
307 | 313 |
308 scoped_ptr<DesktopResizer> desktop_resizer_; | 314 scoped_ptr<DesktopResizer> desktop_resizer_; |
309 scoped_ptr<ResizingHostObserver> resizing_host_observer_; | 315 scoped_ptr<ResizingHostObserver> resizing_host_observer_; |
316 scoped_ptr<HostTokenValidatorFactory> host_token_validator_factory_; | |
310 scoped_ptr<XmppSignalStrategy> signal_strategy_; | 317 scoped_ptr<XmppSignalStrategy> signal_strategy_; |
311 scoped_ptr<SignalingConnector> signaling_connector_; | 318 scoped_ptr<SignalingConnector> signaling_connector_; |
312 scoped_ptr<HeartbeatSender> heartbeat_sender_; | 319 scoped_ptr<HeartbeatSender> heartbeat_sender_; |
313 scoped_ptr<HostChangeNotificationListener> host_change_notification_listener_; | 320 scoped_ptr<HostChangeNotificationListener> host_change_notification_listener_; |
314 scoped_ptr<LogToServer> log_to_server_; | 321 scoped_ptr<LogToServer> log_to_server_; |
315 scoped_ptr<HostEventLogger> host_event_logger_; | 322 scoped_ptr<HostEventLogger> host_event_logger_; |
316 | 323 |
317 // Created on the UI thread and used on the network thread. | 324 // Created on the UI thread and used on the network thread. |
318 scoped_ptr<HostUserInterface> host_user_interface_; | 325 scoped_ptr<HostUserInterface> host_user_interface_; |
319 | 326 |
(...skipping 25 matching lines...) Expand all Loading... | |
345 network_change_notifier_.reset(net::NetworkChangeNotifier::Create()); | 352 network_change_notifier_.reset(net::NetworkChangeNotifier::Create()); |
346 | 353 |
347 // Create the platform-specific curtain-mode implementation. | 354 // Create the platform-specific curtain-mode implementation. |
348 // TODO(wez): Create this on the network thread? | 355 // TODO(wez): Create this on the network thread? |
349 curtain_ = CurtainMode::Create( | 356 curtain_ = CurtainMode::Create( |
350 base::Bind(&HostProcess::OnRemoteSessionSwitchedToConsole, | 357 base::Bind(&HostProcess::OnRemoteSessionSwitchedToConsole, |
351 base::Unretained(this)), | 358 base::Unretained(this)), |
352 base::Bind(&HostProcess::OnCurtainModeFailed, | 359 base::Bind(&HostProcess::OnCurtainModeFailed, |
353 base::Unretained(this))); | 360 base::Unretained(this))); |
354 | 361 |
362 host_token_validator_factory_.reset( | |
Wez
2013/03/06 01:01:08
nit: Comment e.g. "Create factory for third-party
rmsousa
2013/03/25 22:45:58
Done.
| |
363 new HostTokenValidatorFactory(context_->url_request_context_getter())); | |
364 | |
355 StartOnUiThread(); | 365 StartOnUiThread(); |
356 } | 366 } |
357 | 367 |
358 HostProcess::~HostProcess() { | 368 HostProcess::~HostProcess() { |
359 // Verify that UI components have been torn down. | 369 // Verify that UI components have been torn down. |
360 DCHECK(!config_watcher_); | 370 DCHECK(!config_watcher_); |
361 DCHECK(!daemon_channel_); | 371 DCHECK(!daemon_channel_); |
362 DCHECK(!desktop_environment_factory_); | 372 DCHECK(!desktop_environment_factory_); |
363 DCHECK(!host_user_interface_); | 373 DCHECK(!host_user_interface_); |
364 | 374 |
(...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
517 std::string local_certificate = key_pair_.GenerateCertificate(); | 527 std::string local_certificate = key_pair_.GenerateCertificate(); |
518 if (local_certificate.empty()) { | 528 if (local_certificate.empty()) { |
519 LOG(ERROR) << "Failed to generate host certificate."; | 529 LOG(ERROR) << "Failed to generate host certificate."; |
520 ShutdownHost(kInitializationFailed); | 530 ShutdownHost(kInitializationFailed); |
521 return; | 531 return; |
522 } | 532 } |
523 | 533 |
524 scoped_ptr<protocol::AuthenticatorFactory> factory( | 534 scoped_ptr<protocol::AuthenticatorFactory> factory( |
525 new protocol::Me2MeHostAuthenticatorFactory( | 535 new protocol::Me2MeHostAuthenticatorFactory( |
526 local_certificate, key_pair_.Copy(), host_secret_hash_, | 536 local_certificate, key_pair_.Copy(), host_secret_hash_, |
527 "", "", NULL)); | 537 token_issue_url_, token_verification_url_, |
538 host_token_validator_factory_.get())); | |
Wez
2013/03/06 01:01:08
Remind me, will this become Pass()?
rmsousa
2013/03/25 22:45:58
"It's complicated". Basically, NegotiatingAuthenti
| |
528 #if defined(OS_POSIX) | 539 #if defined(OS_POSIX) |
529 // On Linux and Mac, perform a PAM authorization step after authentication. | 540 // On Linux and Mac, perform a PAM authorization step after authentication. |
530 factory.reset(new PamAuthorizationFactory(factory.Pass())); | 541 factory.reset(new PamAuthorizationFactory(factory.Pass())); |
531 #endif | 542 #endif |
532 host_->SetAuthenticatorFactory(factory.Pass()); | 543 host_->SetAuthenticatorFactory(factory.Pass()); |
533 } | 544 } |
534 | 545 |
535 // IPC::Listener implementation. | 546 // IPC::Listener implementation. |
536 bool HostProcess::OnMessageReceived(const IPC::Message& message) { | 547 bool HostProcess::OnMessageReceived(const IPC::Message& message) { |
537 DCHECK(context_->ui_task_runner()->BelongsToCurrentThread()); | 548 DCHECK(context_->ui_task_runner()->BelongsToCurrentThread()); |
(...skipping 222 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
760 if (policies->GetString( | 771 if (policies->GetString( |
761 policy_hack::PolicyWatcher::kHostTalkGadgetPrefixPolicyName, | 772 policy_hack::PolicyWatcher::kHostTalkGadgetPrefixPolicyName, |
762 &string_value)) { | 773 &string_value)) { |
763 restart_required |= OnHostTalkGadgetPrefixPolicyUpdate(string_value); | 774 restart_required |= OnHostTalkGadgetPrefixPolicyUpdate(string_value); |
764 } | 775 } |
765 if (policies->GetBoolean( | 776 if (policies->GetBoolean( |
766 policy_hack::PolicyWatcher::kHostRequireCurtainPolicyName, | 777 policy_hack::PolicyWatcher::kHostRequireCurtainPolicyName, |
767 &bool_value)) { | 778 &bool_value)) { |
768 restart_required |= OnCurtainPolicyUpdate(bool_value); | 779 restart_required |= OnCurtainPolicyUpdate(bool_value); |
769 } | 780 } |
781 std::string token_issue_url, token_verification_url; | |
782 if (policies->GetString( | |
783 policy_hack::PolicyWatcher::kHostTokenIssueUrlPolicyName, | |
784 &token_issue_url) && | |
785 policies->GetString( | |
786 policy_hack::PolicyWatcher::kHostTokenVerificationUrlPolicyName, | |
787 &token_verification_url)) { | |
788 restart_required |= OnHostTokenUrlPolicyUpdate(token_issue_url, | |
789 token_verification_url); | |
790 } | |
770 | 791 |
792 // TODO(rmsousa): Read token URL policies. | |
Wez
2013/03/06 01:01:08
Remove this TODO
rmsousa
2013/03/25 22:45:58
Done.
| |
771 if (state_ == HOST_INITIALIZING) { | 793 if (state_ == HOST_INITIALIZING) { |
772 StartHost(); | 794 StartHost(); |
773 } else if (state_ == HOST_STARTED && restart_required) { | 795 } else if (state_ == HOST_STARTED && restart_required) { |
774 RestartHost(); | 796 RestartHost(); |
775 } | 797 } |
776 } | 798 } |
777 | 799 |
778 bool HostProcess::OnHostDomainPolicyUpdate(const std::string& host_domain) { | 800 bool HostProcess::OnHostDomainPolicyUpdate(const std::string& host_domain) { |
779 // Returns true if the host has to be restarted after this policy update. | 801 // Returns true if the host has to be restarted after this policy update. |
780 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); | 802 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); |
(...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
873 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); | 895 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); |
874 | 896 |
875 if (talkgadget_prefix != talkgadget_prefix_) { | 897 if (talkgadget_prefix != talkgadget_prefix_) { |
876 LOG(INFO) << "Policy sets talkgadget prefix: " << talkgadget_prefix; | 898 LOG(INFO) << "Policy sets talkgadget prefix: " << talkgadget_prefix; |
877 talkgadget_prefix_ = talkgadget_prefix; | 899 talkgadget_prefix_ = talkgadget_prefix; |
878 return true; | 900 return true; |
879 } | 901 } |
880 return false; | 902 return false; |
881 } | 903 } |
882 | 904 |
905 bool HostProcess::OnHostTokenUrlPolicyUpdate( | |
906 const std::string& token_issue_url, | |
907 const std::string& token_verification_url) { | |
908 // Returns true if the host has to be restarted after this policy update. | |
909 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); | |
910 | |
911 if (token_issue_url != token_issue_url_ || | |
912 token_verification_url != token_verification_url_) { | |
913 LOG(INFO) << "Policy sets token urls: " << token_issue_url << ", " << | |
914 token_verification_url; | |
915 if ((token_issue_url.empty() || token_verification_url.empty()) && | |
916 token_issue_url != token_verification_url) { | |
Wez
2013/03/06 01:01:08
I think it's clearer to structure this with a chec
rmsousa
2013/03/25 22:45:58
Done.
| |
917 LOG(ERROR) << | |
918 "Only one token URL set. Token authentication will be disabled. " << | |
919 "TokenIssueUrl: " << token_issue_url << ", " | |
920 "TokenVerificationUrl: " << token_verification_url; | |
921 } | |
Wez
2013/03/06 01:01:08
nit: Blank line after this.
rmsousa
2013/03/25 22:45:58
Done.
| |
922 token_issue_url_ = token_issue_url; | |
923 token_verification_url_ = token_verification_url; | |
Wez
2013/03/06 01:01:08
nit: Blank line after this
rmsousa
2013/03/25 22:45:58
Done.
| |
924 return true; | |
925 } | |
926 return false; | |
927 } | |
928 | |
883 void HostProcess::StartHost() { | 929 void HostProcess::StartHost() { |
884 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); | 930 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); |
885 DCHECK(!host_); | 931 DCHECK(!host_); |
886 DCHECK(!signal_strategy_.get()); | 932 DCHECK(!signal_strategy_.get()); |
887 DCHECK(state_ == HOST_INITIALIZING || state_ == HOST_STOPPING_TO_RESTART || | 933 DCHECK(state_ == HOST_INITIALIZING || state_ == HOST_STOPPING_TO_RESTART || |
888 state_ == HOST_STOPPED) << state_; | 934 state_ == HOST_STOPPED) << state_; |
889 state_ = HOST_STARTED; | 935 state_ = HOST_STARTED; |
890 | 936 |
891 signal_strategy_.reset( | 937 signal_strategy_.reset( |
892 new XmppSignalStrategy(context_->url_request_context_getter(), | 938 new XmppSignalStrategy(context_->url_request_context_getter(), |
(...skipping 265 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1158 return exit_code; | 1204 return exit_code; |
1159 } | 1205 } |
1160 | 1206 |
1161 } // namespace remoting | 1207 } // namespace remoting |
1162 | 1208 |
1163 #if !defined(OS_WIN) | 1209 #if !defined(OS_WIN) |
1164 int main(int argc, char** argv) { | 1210 int main(int argc, char** argv) { |
1165 return remoting::HostProcessMain(argc, argv); | 1211 return remoting::HostProcessMain(argc, argv); |
1166 } | 1212 } |
1167 #endif // !defined(OS_WIN) | 1213 #endif // !defined(OS_WIN) |
OLD | NEW |