Chromium Code Reviews Chromium Code Reviews
Issue 138753005:
Add gnubby authentication to remoting host (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // This file implements a standalone host process for Me2Me. | 5 // This file implements a standalone host process for Me2Me. |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/at_exit.h" | 9 #include "base/at_exit.h" |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 196 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 207 void OnPolicyUpdate(scoped_ptr<base::DictionaryValue> policies); | 207 void OnPolicyUpdate(scoped_ptr<base::DictionaryValue> policies); |
| 208 bool OnHostDomainPolicyUpdate(const std::string& host_domain); | 208 bool OnHostDomainPolicyUpdate(const std::string& host_domain); |
| 209 bool OnUsernamePolicyUpdate(bool curtain_required, | 209 bool OnUsernamePolicyUpdate(bool curtain_required, |
| 210 bool username_match_required); | 210 bool username_match_required); |
| 211 bool OnNatPolicyUpdate(bool nat_traversal_enabled); | 211 bool OnNatPolicyUpdate(bool nat_traversal_enabled); |
| 212 void OnCurtainPolicyUpdate(bool curtain_required); | 212 void OnCurtainPolicyUpdate(bool curtain_required); |
| 213 bool OnHostTalkGadgetPrefixPolicyUpdate(const std::string& talkgadget_prefix); | 213 bool OnHostTalkGadgetPrefixPolicyUpdate(const std::string& talkgadget_prefix); |
| 214 bool OnHostTokenUrlPolicyUpdate(const GURL& token_url, | 214 bool OnHostTokenUrlPolicyUpdate(const GURL& token_url, |
| 215 const GURL& token_validation_url); | 215 const GURL& token_validation_url); |
| 216 bool OnPairingPolicyUpdate(bool pairing_enabled); | 216 bool OnPairingPolicyUpdate(bool pairing_enabled); |
| 217 bool OnGnubbyAuthPolicyUpdate(bool enable_gnubby_auth); | |
| 217 | 218 |
| 218 void StartHost(); | 219 void StartHost(); |
| 219 | 220 |
| 220 void OnAuthFailed(); | 221 void OnAuthFailed(); |
| 221 | 222 |
| 222 void RestartHost(); | 223 void RestartHost(); |
| 223 | 224 |
| 224 // Stops the host and shuts down the process with the specified |exit_code|. | 225 // Stops the host and shuts down the process with the specified |exit_code|. |
| 225 void ShutdownHost(HostExitCodes exit_code); | 226 void ShutdownHost(HostExitCodes exit_code); |
| 226 | 227 |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 263 std::string oauth_refresh_token_; | 264 std::string oauth_refresh_token_; |
| 264 std::string serialized_config_; | 265 std::string serialized_config_; |
| 265 std::string host_owner_; | 266 std::string host_owner_; |
| 266 bool use_service_account_; | 267 bool use_service_account_; |
| 267 scoped_ptr<policy_hack::PolicyWatcher> policy_watcher_; | 268 scoped_ptr<policy_hack::PolicyWatcher> policy_watcher_; |
| 268 bool allow_nat_traversal_; | 269 bool allow_nat_traversal_; |
| 269 std::string talkgadget_prefix_; | 270 std::string talkgadget_prefix_; |
| 270 bool allow_pairing_; | 271 bool allow_pairing_; |
| 271 | 272 |
| 272 bool curtain_required_; | 273 bool curtain_required_; |
| 274 bool enable_gnubby_auth_; | |
| 273 GURL token_url_; | 275 GURL token_url_; |
| 274 GURL token_validation_url_; | 276 GURL token_validation_url_; |
| 275 | 277 |
| 276 scoped_ptr<XmppSignalStrategy> signal_strategy_; | 278 scoped_ptr<XmppSignalStrategy> signal_strategy_; |
| 277 scoped_ptr<SignalingConnector> signaling_connector_; | 279 scoped_ptr<SignalingConnector> signaling_connector_; |
| 278 scoped_ptr<HeartbeatSender> heartbeat_sender_; | 280 scoped_ptr<HeartbeatSender> heartbeat_sender_; |
| 279 scoped_ptr<HostStatusSender> host_status_sender_; | 281 scoped_ptr<HostStatusSender> host_status_sender_; |
| 280 scoped_ptr<HostChangeNotificationListener> host_change_notification_listener_; | 282 scoped_ptr<HostChangeNotificationListener> host_change_notification_listener_; |
| 281 scoped_ptr<LogToServer> log_to_server_; | 283 scoped_ptr<LogToServer> log_to_server_; |
| 282 scoped_ptr<HostEventLogger> host_event_logger_; | 284 scoped_ptr<HostEventLogger> host_event_logger_; |
| (...skipping 12 matching lines...) Expand all Loading... | |
| 295 }; | 297 }; |
| 296 | 298 |
| 297 HostProcess::HostProcess(scoped_ptr<ChromotingHostContext> context, | 299 HostProcess::HostProcess(scoped_ptr<ChromotingHostContext> context, |
| 298 int* exit_code_out) | 300 int* exit_code_out) |
| 299 : context_(context.Pass()), | 301 : context_(context.Pass()), |
| 300 state_(HOST_INITIALIZING), | 302 state_(HOST_INITIALIZING), |
| 301 use_service_account_(false), | 303 use_service_account_(false), |
| 302 allow_nat_traversal_(true), | 304 allow_nat_traversal_(true), |
| 303 allow_pairing_(true), | 305 allow_pairing_(true), |
| 304 curtain_required_(false), | 306 curtain_required_(false), |
| 307 enable_gnubby_auth_(false), | |
| 305 #if defined(REMOTING_MULTI_PROCESS) | 308 #if defined(REMOTING_MULTI_PROCESS) |
| 306 desktop_session_connector_(NULL), | 309 desktop_session_connector_(NULL), |
| 307 #endif // defined(REMOTING_MULTI_PROCESS) | 310 #endif // defined(REMOTING_MULTI_PROCESS) |
| 308 self_(this), | 311 self_(this), |
| 309 exit_code_out_(exit_code_out), | 312 exit_code_out_(exit_code_out), |
| 310 signal_parent_(false) { | 313 signal_parent_(false) { |
| 311 StartOnUiThread(); | 314 StartOnUiThread(); |
| 312 } | 315 } |
| 313 | 316 |
| 314 HostProcess::~HostProcess() { | 317 HostProcess::~HostProcess() { |
| (...skipping 471 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 786 policy_hack::PolicyWatcher::kHostTokenValidationUrlPolicyName, | 789 policy_hack::PolicyWatcher::kHostTokenValidationUrlPolicyName, |
| 787 &token_validation_url_string)) { | 790 &token_validation_url_string)) { |
| 788 restart_required |= OnHostTokenUrlPolicyUpdate( | 791 restart_required |= OnHostTokenUrlPolicyUpdate( |
| 789 GURL(token_url_string), GURL(token_validation_url_string)); | 792 GURL(token_url_string), GURL(token_validation_url_string)); |
| 790 } | 793 } |
| 791 if (policies->GetBoolean( | 794 if (policies->GetBoolean( |
| 792 policy_hack::PolicyWatcher::kHostAllowClientPairing, | 795 policy_hack::PolicyWatcher::kHostAllowClientPairing, |
| 793 &bool_value)) { | 796 &bool_value)) { |
| 794 restart_required |= OnPairingPolicyUpdate(bool_value); | 797 restart_required |= OnPairingPolicyUpdate(bool_value); |
| 795 } | 798 } |
| 799 if (policies->GetBoolean( | |
| 800 policy_hack::PolicyWatcher::kHostAllowGnubbyAuthPolicyName, | |
| 801 &bool_value)) { | |
| 802 restart_required |= OnGnubbyAuthPolicyUpdate(bool_value); | |
| 803 } | |
| 796 | 804 |
| 797 if (state_ == HOST_INITIALIZING) { | 805 if (state_ == HOST_INITIALIZING) { |
| 798 StartHost(); | 806 StartHost(); |
| 799 } else if (state_ == HOST_STARTED && restart_required) { | 807 } else if (state_ == HOST_STARTED && restart_required) { |
| 800 RestartHost(); | 808 RestartHost(); |
| 801 } | 809 } |
| 802 } | 810 } |
| 803 | 811 |
| 804 bool HostProcess::OnHostDomainPolicyUpdate(const std::string& host_domain) { | 812 bool HostProcess::OnHostDomainPolicyUpdate(const std::string& host_domain) { |
| 805 // Returns true if the host has to be restarted after this policy update. | 813 // Returns true if the host has to be restarted after this policy update. |
| (...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 945 return false; | 953 return false; |
| 946 | 954 |
| 947 if (allow_pairing) | 955 if (allow_pairing) |
| 948 HOST_LOG << "Policy enables client pairing."; | 956 HOST_LOG << "Policy enables client pairing."; |
| 949 else | 957 else |
| 950 HOST_LOG << "Policy disables client pairing."; | 958 HOST_LOG << "Policy disables client pairing."; |
| 951 allow_pairing_ = allow_pairing; | 959 allow_pairing_ = allow_pairing; |
| 952 return true; | 960 return true; |
| 953 } | 961 } |
| 954 | 962 |
| 963 bool HostProcess::OnGnubbyAuthPolicyUpdate(bool enable_gnubby_auth) { | |
| 964 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); | |
| 965 | |
| 966 if (enable_gnubby_auth_ == enable_gnubby_auth) | |
| 967 return false; | |
| 968 | |
| 969 if (enable_gnubby_auth) | |
| 970 HOST_LOG << "Policy enables gnubby auth."; | |
|
Sergey Ulanov
2014/01/25 02:03:33
add {} because there is else case.
psj
2014/01/29 09:07:15
Done.
| |
| 971 else | |
| 972 HOST_LOG << "Policy disables gnubby auth."; | |
| 973 enable_gnubby_auth_ = enable_gnubby_auth; | |
| 974 | |
| 975 return true; | |
| 976 } | |
| 977 | |
| 955 void HostProcess::StartHost() { | 978 void HostProcess::StartHost() { |
| 956 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); | 979 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); |
| 957 DCHECK(!host_); | 980 DCHECK(!host_); |
| 958 DCHECK(!signal_strategy_.get()); | 981 DCHECK(!signal_strategy_.get()); |
| 959 DCHECK(state_ == HOST_INITIALIZING || state_ == HOST_STOPPING_TO_RESTART || | 982 DCHECK(state_ == HOST_INITIALIZING || state_ == HOST_STOPPING_TO_RESTART || |
| 960 state_ == HOST_STOPPED) << state_; | 983 state_ == HOST_STOPPED) << state_; |
| 961 state_ = HOST_STARTED; | 984 state_ = HOST_STARTED; |
| 962 | 985 |
| 963 signal_strategy_.reset( | 986 signal_strategy_.reset( |
| 964 new XmppSignalStrategy(net::ClientSocketFactory::GetDefaultFactory(), | 987 new XmppSignalStrategy(net::ClientSocketFactory::GetDefaultFactory(), |
| (...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1029 // Set up repoting the host status notifications. | 1052 // Set up repoting the host status notifications. |
| 1030 #if defined(REMOTING_MULTI_PROCESS) | 1053 #if defined(REMOTING_MULTI_PROCESS) |
| 1031 host_event_logger_.reset( | 1054 host_event_logger_.reset( |
| 1032 new IpcHostEventLogger(host_->AsWeakPtr(), daemon_channel_.get())); | 1055 new IpcHostEventLogger(host_->AsWeakPtr(), daemon_channel_.get())); |
| 1033 #else // !defined(REMOTING_MULTI_PROCESS) | 1056 #else // !defined(REMOTING_MULTI_PROCESS) |
| 1034 host_event_logger_ = | 1057 host_event_logger_ = |
| 1035 HostEventLogger::Create(host_->AsWeakPtr(), kApplicationName); | 1058 HostEventLogger::Create(host_->AsWeakPtr(), kApplicationName); |
| 1036 #endif // !defined(REMOTING_MULTI_PROCESS) | 1059 #endif // !defined(REMOTING_MULTI_PROCESS) |
| 1037 | 1060 |
| 1038 host_->SetEnableCurtaining(curtain_required_); | 1061 host_->SetEnableCurtaining(curtain_required_); |
| 1062 host_->SetEnableGnubbyAuth(enable_gnubby_auth_); | |
| 1039 host_->Start(host_owner_); | 1063 host_->Start(host_owner_); |
| 1040 | 1064 |
| 1041 CreateAuthenticatorFactory(); | 1065 CreateAuthenticatorFactory(); |
| 1042 } | 1066 } |
| 1043 | 1067 |
| 1044 void HostProcess::OnAuthFailed() { | 1068 void HostProcess::OnAuthFailed() { |
| 1045 ShutdownHost(kInvalidOauthCredentialsExitCode); | 1069 ShutdownHost(kInvalidOauthCredentialsExitCode); |
| 1046 } | 1070 } |
| 1047 | 1071 |
| 1048 void HostProcess::RestartHost() { | 1072 void HostProcess::RestartHost() { |
| (...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1176 return exit_code; | 1200 return exit_code; |
| 1177 } | 1201 } |
| 1178 | 1202 |
| 1179 } // namespace remoting | 1203 } // namespace remoting |
| 1180 | 1204 |
| 1181 #if !defined(OS_WIN) | 1205 #if !defined(OS_WIN) |
| 1182 int main(int argc, char** argv) { | 1206 int main(int argc, char** argv) { |
| 1183 return remoting::HostMain(argc, argv); | 1207 return remoting::HostMain(argc, argv); |
| 1184 } | 1208 } |
| 1185 #endif // !defined(OS_WIN) | 1209 #endif // !defined(OS_WIN) |
| OLD | NEW |
