Add gnubby authentication to remoting host

remoting/host/client_session.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "remoting/host/client_session.h"
 
 #include <algorithm>
 
 #include "base/message_loop/message_loop_proxy.h"
 #include "remoting/base/capabilities.h"
 #include "remoting/base/logging.h"
 #include "remoting/codec/audio_encoder.h"
 #include "remoting/codec/audio_encoder_opus.h"
 #include "remoting/codec/audio_encoder_verbatim.h"
 #include "remoting/codec/video_encoder.h"
 #include "remoting/codec/video_encoder_verbatim.h"
 #include "remoting/codec/video_encoder_vpx.h"
 #include "remoting/host/audio_capturer.h"
 #include "remoting/host/audio_scheduler.h"
 #include "remoting/host/desktop_environment.h"
+#include "remoting/host/gnubby_connection_factory.h"
 #include "remoting/host/input_injector.h"
 #include "remoting/host/screen_controls.h"
 #include "remoting/host/screen_resolution.h"
 #include "remoting/host/video_scheduler.h"
 #include "remoting/proto/control.pb.h"
 #include "remoting/proto/event.pb.h"
 #include "remoting/protocol/client_stub.h"
 #include "remoting/protocol/clipboard_thread_proxy.h"
 #include "remoting/protocol/pairing_registry.h"
 #include "third_party/webrtc/modules/desktop_capture/screen_capturer.h"
 
 // Default DPI to assume for old clients that use notifyClientDimensions.
 const int kDefaultDPI = 96;
 
 namespace remoting {
 
 ClientSession::ClientSession(
     EventHandler* event_handler,
     scoped_refptr<base::SingleThreadTaskRunner> audio_task_runner,
     scoped_refptr<base::SingleThreadTaskRunner> input_task_runner,
     scoped_refptr<base::SingleThreadTaskRunner> video_capture_task_runner,
     scoped_refptr<base::SingleThreadTaskRunner> video_encode_task_runner,
     scoped_refptr<base::SingleThreadTaskRunner> network_task_runner,
     scoped_refptr<base::SingleThreadTaskRunner> ui_task_runner,
     scoped_ptr<protocol::ConnectionToClient> connection,
     DesktopEnvironmentFactory* desktop_environment_factory,
     const base::TimeDelta& max_duration,
-    scoped_refptr<protocol::PairingRegistry> pairing_registry)
+    scoped_refptr<protocol::PairingRegistry> pairing_registry,
+    bool enable_gnubby_auth)
     : event_handler_(event_handler),
       connection_(connection.Pass()),
       client_jid_(connection_->session()->jid()),
       control_factory_(this),
       desktop_environment_factory_(desktop_environment_factory),
       input_tracker_(&host_input_filter_),
       remote_input_filter_(&input_tracker_),
       mouse_clamping_filter_(&remote_input_filter_),
       disable_input_filter_(mouse_clamping_filter_.input_filter()),
       disable_clipboard_filter_(clipboard_echo_filter_.host_filter()),
       auth_input_filter_(&disable_input_filter_),
       auth_clipboard_filter_(&disable_clipboard_filter_),
       client_clipboard_factory_(clipboard_echo_filter_.client_filter()),
       max_duration_(max_duration),
       audio_task_runner_(audio_task_runner),
       input_task_runner_(input_task_runner),
       video_capture_task_runner_(video_capture_task_runner),
       video_encode_task_runner_(video_encode_task_runner),
       network_task_runner_(network_task_runner),
       ui_task_runner_(ui_task_runner),
-      pairing_registry_(pairing_registry) {
+      pairing_registry_(pairing_registry),
+      enable_gnubby_auth_(enable_gnubby_auth) {
   connection_->SetEventHandler(this);
 
   // TODO(sergeyu): Currently ConnectionToClient expects stubs to be
   // set before channels are connected. Make it possible to set stubs
   // later and set them only when connection is authenticated.
   connection_->set_clipboard_stub(&auth_clipboard_filter_);
   connection_->set_host_stub(this);
   connection_->set_input_stub(&auth_input_filter_);
 
   // |auth_*_filter_|'s states reflect whether the session is authenticated.
@@ skipping 110 matching lines @@
 void ClientSession::DeliverClientMessage(
     const protocol::ExtensionMessage& message) {
   if (message.has_type()) {
     if (message.type() == "test-echo") {
       protocol::ExtensionMessage reply;
       reply.set_type("test-echo-reply");
       if (message.has_data())
         reply.set_data(message.data().substr(0, 16));
       connection_->client_stub()->DeliverHostMessage(reply);
       return;
+    } else if (message.type() == "gnubby-auth") {

[Sergey Ulanov, 2014/01/25 02:03:33]

we added ExtensionMessage as a hack that allows to add new features  in cases
when we can't modify the client plugin. I hope that we can remove it completely
in the future after we migrate the client plugin to NaCl. It's better to add a
new message or multiple messages in remoting/proto/control.proto. Then you
wouldn't need to use JSON to format the messages.

[psj, 2014/01/29 09:07:15]

Wez said that I should use the extension message.

+      if (gnubby_auth_handler_) {
+        gnubby_auth_handler_->DeliverClientMessage(message.data());
+      } else {
+        HOST_LOG << "gnubby auth is not enabled";
+      }
+      return;
     }
   }
-  // No messages are currently supported.
   HOST_LOG << "Unexpected message received: "
             << message.type() << ": " << message.data();
 }
 
 void ClientSession::OnConnectionAuthenticated(
     protocol::ConnectionToClient* connection) {
   DCHECK(CalledOnValidThread());
   DCHECK_EQ(connection_.get(), connection);
   DCHECK(!audio_scheduler_.get());
   DCHECK(!desktop_environment_);
@@ skipping 68 matching lines @@
   if (connection_->session()->config().is_audio_enabled()) {
     scoped_ptr<AudioEncoder> audio_encoder =
         CreateAudioEncoder(connection_->session()->config());
     audio_scheduler_ = new AudioScheduler(
         audio_task_runner_,
         network_task_runner_,
         desktop_environment_->CreateAudioCapturer(),
         audio_encoder.Pass(),
         connection_->audio_stub());
   }
+
+  if (enable_gnubby_auth_) {
+    // Create a GnubbyAuthHandler to proxy gnubbyd messages.
+    gnubby_auth_handler_.reset(
+        new GnubbyAuthHandler(network_task_runner_,
+                              GnubbyConnectionFactory::GetDefaultFactory(),
+                              connection_->client_stub()));
+  }
 }
 
 void ClientSession::OnConnectionChannelsConnected(
     protocol::ConnectionToClient* connection) {
   DCHECK(CalledOnValidThread());
   DCHECK_EQ(connection_.get(), connection);
 
   // Negotiate capabilities with the client.
   if (connection_->session()->config().SupportsCapabilities()) {
     VLOG(1) << "Host capabilities: " << host_capabilities_;
@@ skipping 104 matching lines @@
 void ClientSession::SetDisableInputs(bool disable_inputs) {
   DCHECK(CalledOnValidThread());
 
   if (disable_inputs)
     input_tracker_.ReleaseAll();
 
   disable_input_filter_.set_enabled(!disable_inputs);
   disable_clipboard_filter_.set_enabled(!disable_inputs);
 }
 
+void ClientSession::SetGnubbyAuthHandlerForTesting(
+    GnubbyAuthHandler* gnubby_auth_handler) {
+  gnubby_auth_handler_.reset(gnubby_auth_handler);
+}
+
 scoped_ptr<protocol::ClipboardStub> ClientSession::CreateClipboardProxy() {
   DCHECK(CalledOnValidThread());
 
   return scoped_ptr<protocol::ClipboardStub>(
       new protocol::ClipboardThreadProxy(
           client_clipboard_factory_.GetWeakPtr(),
           base::MessageLoopProxy::current()));
 }
 
 // TODO(sergeyu): Move this to SessionManager?
@@ skipping 19 matching lines @@
     return scoped_ptr<AudioEncoder>(new AudioEncoderVerbatim());
   } else if (audio_config.codec == protocol::ChannelConfig::CODEC_OPUS) {
     return scoped_ptr<AudioEncoder>(new AudioEncoderOpus());
   }
 
   NOTREACHED();
   return scoped_ptr<AudioEncoder>();
 }
 
 }  // namespace remoting