remoting/host/pam_authorization_factory_posix.cc - Issue 13312005: Don't use $USER for Local Login check

Side by Side Diff: remoting/host/pam_authorization_factory_posix.cc

Issue 13312005: Don't use $USER for Local Login check (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 7 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "remoting/host/pam_authorization_factory_posix.h"	5 #include "remoting/host/pam_authorization_factory_posix.h"

6	6

7 #include <security/pam_appl.h>	7 #include <security/pam_appl.h>

8	8

9 #include "base/bind.h"	9 #include "base/bind.h"

10 #include "base/callback.h"	10 #include "base/callback.h"

11 #include "base/environment.h"	11 #include "base/environment.h"

12 #include "base/logging.h"	12 #include "base/logging.h"

	13 #include "remoting/base/util.h"

13 #include "remoting/protocol/channel_authenticator.h"	14 #include "remoting/protocol/channel_authenticator.h"

14 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h"	15 #include "third_party/libjingle/source/talk/xmllite/xmlelement.h"

15	16

16 namespace remoting {	17 namespace remoting {

17	18

18 namespace {	19 namespace {

19 class PamAuthorizer : public protocol::Authenticator {	20 class PamAuthorizer : public protocol::Authenticator {

20 public:	21 public:

21 PamAuthorizer(scoped_ptr<protocol::Authenticator> underlying);	22 PamAuthorizer(scoped_ptr<protocol::Authenticator> underlying);

22 virtual ~PamAuthorizer();	23 virtual ~PamAuthorizer();

(...skipping 71 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
94 return underlying_->CreateChannelAuthenticator();	95 return underlying_->CreateChannelAuthenticator();

95 }	96 }

96	97

97 void PamAuthorizer::MaybeCheckLocalLogin() {	98 void PamAuthorizer::MaybeCheckLocalLogin() {

98 if (local_login_status_ == NOT_CHECKED && state() == ACCEPTED) {	99 if (local_login_status_ == NOT_CHECKED && state() == ACCEPTED) {

99 local_login_status_ = IsLocalLoginAllowed() ? ALLOWED : DISALLOWED;	100 local_login_status_ = IsLocalLoginAllowed() ? ALLOWED : DISALLOWED;

100 }	101 }

101 }	102 }

102	103

103 bool PamAuthorizer::IsLocalLoginAllowed() {	104 bool PamAuthorizer::IsLocalLoginAllowed() {

104 std::string username;	105 std::string username = GetUsername();

105 if (!base::Environment::Create()->GetVar("USER", &username)) {	106 if (username.empty())
	Wez 2013/03/29 17:27:57 This if() differs in style from other single-line This if() differs in style from other single-line ifs in this file. Please either match the existing style or, preferably, update the existing if()s to match this one. Jamie 2013/03/29 18:30:00 I disagree with your use of the word "preferably" Show quoted text On 2013/03/29 17:27:57, Wez wrote: > This if() differs in style from other single-line ifs in this file. Please > either match the existing style or, preferably, update the existing if()s to > match this one. I disagree with your use of the word "preferably" :) Lambros 2013/03/29 19:30:22 Done. Show quoted text On 2013/03/29 17:27:57, Wez wrote: > This if() differs in style from other single-line ifs in this file. Please > either match the existing style or, preferably, update the existing if()s to > match this one. Done.
106 return false;	107 return false;

107 }

108	108

109 struct pam_conv conv = { PamConversation, NULL };	109 struct pam_conv conv = { PamConversation, NULL };

110 pam_handle_t* handle = NULL;	110 pam_handle_t* handle = NULL;

111 int result = pam_start("chrome-remote-desktop", username.c_str(),	111 int result = pam_start("chrome-remote-desktop", username.c_str(),

112 &conv, &handle);	112 &conv, &handle);

113 if (result == PAM_SUCCESS) {	113 if (result == PAM_SUCCESS) {

114 result = pam_acct_mgmt(handle, 0);	114 result = pam_acct_mgmt(handle, 0);

115 }	115 }

116 pam_end(handle, result);	116 pam_end(handle, result);

117	117

(...skipping 47 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
165 const std::string& remote_jid,	165 const std::string& remote_jid,

166 const buzz::XmlElement* first_message) {	166 const buzz::XmlElement* first_message) {

167 scoped_ptr<protocol::Authenticator> authenticator(	167 scoped_ptr<protocol::Authenticator> authenticator(

168 underlying_->CreateAuthenticator(local_jid, remote_jid, first_message));	168 underlying_->CreateAuthenticator(local_jid, remote_jid, first_message));

169 return scoped_ptr<protocol::Authenticator>(	169 return scoped_ptr<protocol::Authenticator>(

170 new PamAuthorizer(authenticator.Pass()));	170 new PamAuthorizer(authenticator.Pass()));

171 }	171 }

172	172

173	173

174 } // namespace remoting	174 } // namespace remoting

OLD	NEW

« remoting/base/util.cc ('K') | « remoting/base/util.cc ('k') | remoting/host/remoting_me2me_host.cc » ('j') | no next file with comments »