Add gnubby authentication to remoting host

remoting/host/gnubby_auth_handler.cc

Index: remoting/host/gnubby_auth_handler.cc
diff --git a/remoting/host/gnubby_auth_handler.cc b/remoting/host/gnubby_auth_handler.cc
new file mode 100644
index 0000000000000000000000000000000000000000..d51f975cc63ccb5ea0c4571ae76455f7eebff603
--- /dev/null
+++ b/remoting/host/gnubby_auth_handler.cc
@@ -0,0 +1,203 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "remoting/host/gnubby_auth_handler.h"
+
+#include "base/base64.h"
+#include "base/json/json_reader.h"
+#include "base/strings/string_number_conversions.h"
+#include "base/values.h"
+#include "net/base/net_errors.h"
+#include "net/socket/client_socket_factory.h"
+#include "remoting/base/logging.h"
+#include "remoting/host/gnubby_advertiser.h"
+#include "remoting/host/gnubby_connection.h"
+#include "remoting/host/gnubby_connection_factory.h"
+#include "remoting/proto/control.pb.h"
+#include "remoting/protocol/client_stub.h"
+
+namespace remoting {
+
+GnubbyAuthHandler::GnubbyAuthHandler(
+    scoped_refptr<base::SingleThreadTaskRunner> network_task_runner,
+    GnubbyConnectionFactory* gnubby_connection_factory,
+    protocol::ClientStub* client_stub)
+    : network_task_runner_(network_task_runner),
+      gnubby_connection_factory_(gnubby_connection_factory),
+      client_stub_(client_stub),
+      current_connection_id_(0),
+      gnubbyd_listener_port_(0) {
+  DCHECK(network_task_runner_->BelongsToCurrentThread());
+  DCHECK(gnubby_connection_factory_);
+  DCHECK(client_stub_);
+}
+
+GnubbyAuthHandler::~GnubbyAuthHandler() {
+  for (ConnectionMap::iterator iter = active_connections_.begin();
+       iter != active_connections_.end();
+       ++iter) {
+    delete iter->second;
+  }
+}
+
+void GnubbyAuthHandler::DeliverClientMessage(const std::string message) {
+  DCHECK(network_task_runner_->BelongsToCurrentThread());
+
+  scoped_ptr<base::Value> value;
+  value.reset(base::JSONReader::Read(message));
+  DCHECK(value->IsType(base::Value::TYPE_LIST));
+
+  base::ListValue* list = NULL;
+  DCHECK(value->GetAsList(&list));
+
+  std::string auth_message_type;
+  DCHECK(list->GetString(0, &auth_message_type));
+
+  if (auth_message_type == "control") {
+    std::string payload;
+    DCHECK(list->GetString(1, &payload));
+
+    if (payload == "auth-v1") {
+      CreateGnubbydSocket();
+      AcceptGnubbydConnections();
+
+      scoped_refptr<GnubbyAdvertiser> advertiser = new GnubbyAdvertiser(
+          network_task_runner_, net::ClientSocketFactory::GetDefaultFactory());
+      advertiser->Advertise(gnubbyd_listener_port_);
+    }
+  } else if (auth_message_type == "data") {
+    std::string connection_id_str;
+    DCHECK(list->GetString(1, &connection_id_str));
+
+    std::string payload;
+    DCHECK(list->GetString(2, &payload));
+
+    std::string decoded_payload;
+    base::Base64Decode(payload, &decoded_payload);
+
+    int connection_id = 0;
+    base::StringToInt(connection_id_str, &connection_id);
+
+    ConnectionMap::iterator iter = active_connections_.find(connection_id);
+    if (iter != active_connections_.end()) {
+      iter->second->Write(decoded_payload);
+    }
+  }
+}
+
+void GnubbyAuthHandler::ConnectionClosed(int connection_id) {
+  DCHECK(network_task_runner_->BelongsToCurrentThread());
+
+  DeliverHostControlMessage("close", base::IntToString(connection_id));
+
+  ConnectionMap::iterator iter = active_connections_.find(connection_id);
+  if (iter != active_connections_.end()) {
+    delete iter->second;
+    active_connections_.erase(iter);
+  }
+}
+
+void GnubbyAuthHandler::ConnectionError(int connection_id, int result) {
+  DCHECK(network_task_runner_->BelongsToCurrentThread());
+
+  HOST_LOG << "Error on connection " << connection_id << ": " << result;
+  ConnectionClosed(connection_id);
+}
+
+void GnubbyAuthHandler::DeliverHostControlMessage(
+    const std::string control_type,
+    const std::string data) const {
+  DCHECK(network_task_runner_->BelongsToCurrentThread());
+
+  protocol::ExtensionMessage message;
+  message.set_type("gnubby-auth");
+  message.set_data("control " + control_type + " " + data);
+
+  client_stub_->DeliverHostMessage(message);
+}
+
+void GnubbyAuthHandler::DeliverHostDataMessage(int connection_id,
+                                               const std::string data) const {
+  DCHECK(network_task_runner_->BelongsToCurrentThread());
+
+  std::string encoded_data;
+  base::Base64Encode(data, &encoded_data);
+
+  protocol::ExtensionMessage message;
+  message.set_type("gnubby-auth");
+  message.set_data("data " + base::IntToString(connection_id) + " " +
+                   encoded_data);
+
+  client_stub_->DeliverHostMessage(message);
+}
+
+void GnubbyAuthHandler::SetGnubbydSocketForTesting(
+    net::TCPServerSocket* gnubbyd_socket) {
+  gnubbyd_socket_.reset(gnubbyd_socket);
+  AcceptGnubbydConnections();
+}
+
+int GnubbyAuthHandler::AddGnubbyConnectionForTesting(
+    net::StreamSocket* pending_socket) {
+  pending_socket_.reset(pending_socket);
+  OnAccept(net::ERR_IO_PENDING);
+  return current_connection_id_;
+}
+
+bool GnubbyAuthHandler::HasGnubbyConnectionForTesting(int connection_id) const {
+  return active_connections_.find(connection_id) != active_connections_.end();
+}
+
+void GnubbyAuthHandler::CreateGnubbydSocket() {
+  DCHECK(network_task_runner_->BelongsToCurrentThread());
+
+  net::NetLog::Source source;
+  gnubbyd_socket_.reset(new net::TCPServerSocket(NULL, source));
+
+  net::IPAddressNumber local_ip;
+  net::ParseIPLiteralToNumber("127.0.0.1", &local_ip);
+
+  net::IPEndPoint local_endpoint(local_ip, 0);
+  int result = gnubbyd_socket_->Listen(local_endpoint, 1);
+  if (result != net::OK) {
+    HOST_LOG << "Failed to listen: " << result;
+    return;
+  }
+
+  net::IPEndPoint listener_endpoint;
+  result = gnubbyd_socket_->GetLocalAddress(&listener_endpoint);
+  if (result != net::OK) {
+    HOST_LOG << "Failed to get local endpoint: " << result;
+    return;
+  }
+
+  HOST_LOG << "Listening on endpoint: " << listener_endpoint.ToString();
+
+  gnubbyd_listener_port_ = listener_endpoint.port();
+}
+
+void GnubbyAuthHandler::AcceptGnubbydConnections() {
+  DCHECK(network_task_runner_->BelongsToCurrentThread());
+
+  int result = gnubbyd_socket_->Accept(
+      &pending_socket_,
+      base::Bind(&GnubbyAuthHandler::OnAccept, base::Unretained(this)));
+  if (result != net::ERR_IO_PENDING) {
+    OnAccept(result);
+  }
+}
+
+void GnubbyAuthHandler::OnAccept(int result) {
+  DCHECK(network_task_runner_->BelongsToCurrentThread());
+
+  if (result == net::OK) {
+    int connection_id = ++current_connection_id_;
+    active_connections_[connection_id] = gnubby_connection_factory_->Create(
+        network_task_runner_, this, connection_id, pending_socket_.release());
+    active_connections_[connection_id]->Read();
+    AcceptGnubbydConnections();
+  }
+}
+
+}  // namespace remoting