| Index: remoting/host/remoting_me2me_host.cc
|
| diff --git a/remoting/host/remoting_me2me_host.cc b/remoting/host/remoting_me2me_host.cc
|
| index 69b505bb2973b328e510b93adf859296a303877f..aadd809eafe9d092623337497f7a27554fe447d6 100644
|
| --- a/remoting/host/remoting_me2me_host.cc
|
| +++ b/remoting/host/remoting_me2me_host.cc
|
| @@ -112,6 +112,10 @@ const char kApplicationName[] = "chromoting";
|
| // The command line switch used to pass name of the pipe to capture audio on
|
| // linux.
|
| const char kAudioPipeSwitchName[] = "audio-pipe-name";
|
| +
|
| +// The command line switch used to pass name of the unix domain socket used to
|
| +// listen for gnubby requests.
|
| +const char kAuthSocknameSwitchName[] = "ssh-auth-sockname";
|
| #endif // defined(OS_LINUX)
|
|
|
| // The command line switch used by the parent to request the host to signal it
|
| @@ -229,6 +233,7 @@ class HostProcess
|
| const GURL& token_validation_url,
|
| const std::string& token_validation_cert_issuer);
|
| bool OnPairingPolicyUpdate(bool pairing_enabled);
|
| + bool OnGnubbyAuthPolicyUpdate(bool enable_gnubby_auth);
|
|
|
| void StartHost();
|
|
|
| @@ -286,6 +291,7 @@ class HostProcess
|
|
|
| bool curtain_required_;
|
| ThirdPartyAuthConfig third_party_auth_config_;
|
| + bool enable_gnubby_auth_;
|
|
|
| scoped_ptr<OAuthTokenGetter> oauth_token_getter_;
|
| scoped_ptr<XmppSignalStrategy> signal_strategy_;
|
| @@ -319,6 +325,7 @@ HostProcess::HostProcess(scoped_ptr<ChromotingHostContext> context,
|
| allow_nat_traversal_(true),
|
| allow_pairing_(true),
|
| curtain_required_(false),
|
| + enable_gnubby_auth_(false),
|
| #if defined(REMOTING_MULTI_PROCESS)
|
| desktop_session_connector_(NULL),
|
| #endif // defined(REMOTING_MULTI_PROCESS)
|
| @@ -631,6 +638,11 @@ void HostProcess::StartOnUiThread() {
|
| remoting::AudioCapturerLinux::InitializePipeReader(
|
| context_->audio_task_runner(), audio_pipe_name);
|
| }
|
| +
|
| + base::FilePath gnubby_socket_name = CommandLine::ForCurrentProcess()->
|
| + GetSwitchValuePath(kAuthSocknameSwitchName);
|
| + if (!gnubby_socket_name.empty())
|
| + remoting::GnubbyAuthHandler::SetGnubbySocketName(gnubby_socket_name);
|
| #endif // defined(OS_LINUX)
|
|
|
| // Create a desktop environment factory appropriate to the build type &
|
| @@ -653,6 +665,7 @@ void HostProcess::StartOnUiThread() {
|
| #endif // !defined(OS_WIN)
|
|
|
| desktop_environment_factory_.reset(desktop_environment_factory);
|
| + desktop_environment_factory_->SetEnableGnubbyAuth(enable_gnubby_auth_);
|
|
|
| context_->network_task_runner()->PostTask(
|
| FROM_HERE,
|
| @@ -847,6 +860,10 @@ void HostProcess::OnPolicyUpdate(scoped_ptr<base::DictionaryValue> policies) {
|
| &bool_value)) {
|
| restart_required |= OnPairingPolicyUpdate(bool_value);
|
| }
|
| + if (policies->GetBoolean(
|
| + policy_hack::PolicyWatcher::kHostAllowGnubbyAuthPolicyName,
|
| + &bool_value))
|
| + restart_required |= OnGnubbyAuthPolicyUpdate(bool_value);
|
|
|
| if (state_ == HOST_INITIALIZING) {
|
| StartHost();
|
| @@ -1012,6 +1029,25 @@ bool HostProcess::OnPairingPolicyUpdate(bool allow_pairing) {
|
| return true;
|
| }
|
|
|
| +bool HostProcess::OnGnubbyAuthPolicyUpdate(bool enable_gnubby_auth) {
|
| + DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
|
| +
|
| + if (enable_gnubby_auth_ == enable_gnubby_auth)
|
| + return false;
|
| +
|
| + if (enable_gnubby_auth) {
|
| + HOST_LOG << "Policy enables gnubby auth.";
|
| + } else {
|
| + HOST_LOG << "Policy disables gnubby auth.";
|
| + }
|
| + enable_gnubby_auth_ = enable_gnubby_auth;
|
| +
|
| + if (desktop_environment_factory_)
|
| + desktop_environment_factory_->SetEnableGnubbyAuth(enable_gnubby_auth);
|
| +
|
| + return true;
|
| +}
|
| +
|
| void HostProcess::StartHost() {
|
| DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
|
| DCHECK(!host_);
|
|
|
Chromium Code Reviews
Issue 138753005:
Add gnubby authentication to remoting host (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master