| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" | 5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/callback_helpers.h" | 9 #include "base/callback_helpers.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 56 verify_result->cert_status = net::CERT_STATUS_INVALID; | 56 verify_result->cert_status = net::CERT_STATUS_INVALID; |
| 57 return net::ERR_CERT_INVALID; | 57 return net::ERR_CERT_INVALID; |
| 58 } | 58 } |
| 59 }; | 59 }; |
| 60 | 60 |
| 61 // Implements net::StreamSocket interface on top of P2PStreamSocket to be passed | 61 // Implements net::StreamSocket interface on top of P2PStreamSocket to be passed |
| 62 // to net::SSLClientSocket and net::SSLServerSocket. | 62 // to net::SSLClientSocket and net::SSLServerSocket. |
| 63 class NetStreamSocketAdapter : public net::StreamSocket { | 63 class NetStreamSocketAdapter : public net::StreamSocket { |
| 64 public: | 64 public: |
| 65 NetStreamSocketAdapter(scoped_ptr<P2PStreamSocket> socket) | 65 NetStreamSocketAdapter(scoped_ptr<P2PStreamSocket> socket) |
| 66 : socket_(socket.Pass()) {} | 66 : socket_(std::move(socket)) {} |
| 67 ~NetStreamSocketAdapter() override {} | 67 ~NetStreamSocketAdapter() override {} |
| 68 | 68 |
| 69 int Read(net::IOBuffer* buf, int buf_len, | 69 int Read(net::IOBuffer* buf, int buf_len, |
| 70 const net::CompletionCallback& callback) override { | 70 const net::CompletionCallback& callback) override { |
| 71 return socket_->Read(buf, buf_len, callback); | 71 return socket_->Read(buf, buf_len, callback); |
| 72 } | 72 } |
| 73 int Write(net::IOBuffer* buf, int buf_len, | 73 int Write(net::IOBuffer* buf, int buf_len, |
| 74 const net::CompletionCallback& callback) override { | 74 const net::CompletionCallback& callback) override { |
| 75 return socket_->Write(buf, buf_len, callback); | 75 return socket_->Write(buf, buf_len, callback); |
| 76 } | 76 } |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 140 | 140 |
| 141 private: | 141 private: |
| 142 scoped_ptr<P2PStreamSocket> socket_; | 142 scoped_ptr<P2PStreamSocket> socket_; |
| 143 net::BoundNetLog net_log_; | 143 net::BoundNetLog net_log_; |
| 144 }; | 144 }; |
| 145 | 145 |
| 146 // Implements P2PStreamSocket interface on top of net::StreamSocket. | 146 // Implements P2PStreamSocket interface on top of net::StreamSocket. |
| 147 class P2PStreamSocketAdapter : public P2PStreamSocket { | 147 class P2PStreamSocketAdapter : public P2PStreamSocket { |
| 148 public: | 148 public: |
| 149 P2PStreamSocketAdapter(scoped_ptr<net::StreamSocket> socket) | 149 P2PStreamSocketAdapter(scoped_ptr<net::StreamSocket> socket) |
| 150 : socket_(socket.Pass()) {} | 150 : socket_(std::move(socket)) {} |
| 151 ~P2PStreamSocketAdapter() override {} | 151 ~P2PStreamSocketAdapter() override {} |
| 152 | 152 |
| 153 int Read(const scoped_refptr<net::IOBuffer>& buf, int buf_len, | 153 int Read(const scoped_refptr<net::IOBuffer>& buf, int buf_len, |
| 154 const net::CompletionCallback& callback) override { | 154 const net::CompletionCallback& callback) override { |
| 155 return socket_->Read(buf.get(), buf_len, callback); | 155 return socket_->Read(buf.get(), buf_len, callback); |
| 156 } | 156 } |
| 157 int Write(const scoped_refptr<net::IOBuffer>& buf, int buf_len, | 157 int Write(const scoped_refptr<net::IOBuffer>& buf, int buf_len, |
| 158 const net::CompletionCallback& callback) override { | 158 const net::CompletionCallback& callback) override { |
| 159 return socket_->Write(buf.get(), buf_len, callback); | 159 return socket_->Write(buf.get(), buf_len, callback); |
| 160 } | 160 } |
| 161 | 161 |
| 162 private: | 162 private: |
| 163 scoped_ptr<net::StreamSocket> socket_; | 163 scoped_ptr<net::StreamSocket> socket_; |
| 164 }; | 164 }; |
| 165 | 165 |
| 166 } // namespace | 166 } // namespace |
| 167 | 167 |
| 168 // static | 168 // static |
| 169 scoped_ptr<SslHmacChannelAuthenticator> | 169 scoped_ptr<SslHmacChannelAuthenticator> |
| 170 SslHmacChannelAuthenticator::CreateForClient( | 170 SslHmacChannelAuthenticator::CreateForClient( |
| 171 const std::string& remote_cert, | 171 const std::string& remote_cert, |
| 172 const std::string& auth_key) { | 172 const std::string& auth_key) { |
| 173 scoped_ptr<SslHmacChannelAuthenticator> result( | 173 scoped_ptr<SslHmacChannelAuthenticator> result( |
| 174 new SslHmacChannelAuthenticator(auth_key)); | 174 new SslHmacChannelAuthenticator(auth_key)); |
| 175 result->remote_cert_ = remote_cert; | 175 result->remote_cert_ = remote_cert; |
| 176 return result.Pass(); | 176 return result; |
| 177 } | 177 } |
| 178 | 178 |
| 179 scoped_ptr<SslHmacChannelAuthenticator> | 179 scoped_ptr<SslHmacChannelAuthenticator> |
| 180 SslHmacChannelAuthenticator::CreateForHost( | 180 SslHmacChannelAuthenticator::CreateForHost( |
| 181 const std::string& local_cert, | 181 const std::string& local_cert, |
| 182 scoped_refptr<RsaKeyPair> key_pair, | 182 scoped_refptr<RsaKeyPair> key_pair, |
| 183 const std::string& auth_key) { | 183 const std::string& auth_key) { |
| 184 scoped_ptr<SslHmacChannelAuthenticator> result( | 184 scoped_ptr<SslHmacChannelAuthenticator> result( |
| 185 new SslHmacChannelAuthenticator(auth_key)); | 185 new SslHmacChannelAuthenticator(auth_key)); |
| 186 result->local_cert_ = local_cert; | 186 result->local_cert_ = local_cert; |
| 187 result->local_key_pair_ = key_pair; | 187 result->local_key_pair_ = key_pair; |
| 188 return result.Pass(); | 188 return result; |
| 189 } | 189 } |
| 190 | 190 |
| 191 SslHmacChannelAuthenticator::SslHmacChannelAuthenticator( | 191 SslHmacChannelAuthenticator::SslHmacChannelAuthenticator( |
| 192 const std::string& auth_key) | 192 const std::string& auth_key) |
| 193 : auth_key_(auth_key) { | 193 : auth_key_(auth_key) { |
| 194 } | 194 } |
| 195 | 195 |
| 196 SslHmacChannelAuthenticator::~SslHmacChannelAuthenticator() { | 196 SslHmacChannelAuthenticator::~SslHmacChannelAuthenticator() { |
| 197 } | 197 } |
| 198 | 198 |
| (...skipping 18 matching lines...) Expand all Loading... |
| 217 if (!cert.get()) { | 217 if (!cert.get()) { |
| 218 LOG(ERROR) << "Failed to parse X509Certificate"; | 218 LOG(ERROR) << "Failed to parse X509Certificate"; |
| 219 NotifyError(net::ERR_FAILED); | 219 NotifyError(net::ERR_FAILED); |
| 220 return; | 220 return; |
| 221 } | 221 } |
| 222 | 222 |
| 223 net::SSLServerConfig ssl_config; | 223 net::SSLServerConfig ssl_config; |
| 224 ssl_config.require_ecdhe = true; | 224 ssl_config.require_ecdhe = true; |
| 225 | 225 |
| 226 scoped_ptr<net::SSLServerSocket> server_socket = net::CreateSSLServerSocket( | 226 scoped_ptr<net::SSLServerSocket> server_socket = net::CreateSSLServerSocket( |
| 227 make_scoped_ptr(new NetStreamSocketAdapter(socket.Pass())), cert.get(), | 227 make_scoped_ptr(new NetStreamSocketAdapter(std::move(socket))), |
| 228 local_key_pair_->private_key(), ssl_config); | 228 cert.get(), local_key_pair_->private_key(), ssl_config); |
| 229 net::SSLServerSocket* raw_server_socket = server_socket.get(); | 229 net::SSLServerSocket* raw_server_socket = server_socket.get(); |
| 230 socket_ = server_socket.Pass(); | 230 socket_ = std::move(server_socket); |
| 231 result = raw_server_socket->Handshake( | 231 result = raw_server_socket->Handshake( |
| 232 base::Bind(&SslHmacChannelAuthenticator::OnConnected, | 232 base::Bind(&SslHmacChannelAuthenticator::OnConnected, |
| 233 base::Unretained(this))); | 233 base::Unretained(this))); |
| 234 #endif | 234 #endif |
| 235 } else { | 235 } else { |
| 236 transport_security_state_.reset(new net::TransportSecurityState); | 236 transport_security_state_.reset(new net::TransportSecurityState); |
| 237 cert_verifier_.reset(new FailingCertVerifier); | 237 cert_verifier_.reset(new FailingCertVerifier); |
| 238 | 238 |
| 239 net::SSLConfig::CertAndStatus cert_and_status; | 239 net::SSLConfig::CertAndStatus cert_and_status; |
| 240 cert_and_status.cert_status = net::CERT_STATUS_AUTHORITY_INVALID; | 240 cert_and_status.cert_status = net::CERT_STATUS_AUTHORITY_INVALID; |
| 241 cert_and_status.der_cert = remote_cert_; | 241 cert_and_status.der_cert = remote_cert_; |
| 242 | 242 |
| 243 net::SSLConfig ssl_config; | 243 net::SSLConfig ssl_config; |
| 244 // Certificate verification and revocation checking are not needed | 244 // Certificate verification and revocation checking are not needed |
| 245 // because we use self-signed certs. Disable it so that the SSL | 245 // because we use self-signed certs. Disable it so that the SSL |
| 246 // layer doesn't try to initialize OCSP (OCSP works only on the IO | 246 // layer doesn't try to initialize OCSP (OCSP works only on the IO |
| 247 // thread). | 247 // thread). |
| 248 ssl_config.cert_io_enabled = false; | 248 ssl_config.cert_io_enabled = false; |
| 249 ssl_config.rev_checking_enabled = false; | 249 ssl_config.rev_checking_enabled = false; |
| 250 ssl_config.allowed_bad_certs.push_back(cert_and_status); | 250 ssl_config.allowed_bad_certs.push_back(cert_and_status); |
| 251 ssl_config.require_ecdhe = true; | 251 ssl_config.require_ecdhe = true; |
| 252 | 252 |
| 253 net::HostPortPair host_and_port(kSslFakeHostName, 0); | 253 net::HostPortPair host_and_port(kSslFakeHostName, 0); |
| 254 net::SSLClientSocketContext context; | 254 net::SSLClientSocketContext context; |
| 255 context.transport_security_state = transport_security_state_.get(); | 255 context.transport_security_state = transport_security_state_.get(); |
| 256 context.cert_verifier = cert_verifier_.get(); | 256 context.cert_verifier = cert_verifier_.get(); |
| 257 scoped_ptr<net::ClientSocketHandle> socket_handle( | 257 scoped_ptr<net::ClientSocketHandle> socket_handle( |
| 258 new net::ClientSocketHandle); | 258 new net::ClientSocketHandle); |
| 259 socket_handle->SetSocket( | 259 socket_handle->SetSocket( |
| 260 make_scoped_ptr(new NetStreamSocketAdapter(socket.Pass()))); | 260 make_scoped_ptr(new NetStreamSocketAdapter(std::move(socket)))); |
| 261 | 261 |
| 262 #if defined(OS_NACL) | 262 #if defined(OS_NACL) |
| 263 // net_nacl doesn't include ClientSocketFactory. | 263 // net_nacl doesn't include ClientSocketFactory. |
| 264 socket_.reset(new net::SSLClientSocketOpenSSL( | 264 socket_.reset(new net::SSLClientSocketOpenSSL( |
| 265 socket_handle.Pass(), host_and_port, ssl_config, context)); | 265 std::move(socket_handle), host_and_port, ssl_config, context)); |
| 266 #else | 266 #else |
| 267 socket_ = | 267 socket_ = |
| 268 net::ClientSocketFactory::GetDefaultFactory()->CreateSSLClientSocket( | 268 net::ClientSocketFactory::GetDefaultFactory()->CreateSSLClientSocket( |
| 269 socket_handle.Pass(), host_and_port, ssl_config, context); | 269 std::move(socket_handle), host_and_port, ssl_config, context); |
| 270 #endif | 270 #endif |
| 271 | 271 |
| 272 result = socket_->Connect( | 272 result = socket_->Connect( |
| 273 base::Bind(&SslHmacChannelAuthenticator::OnConnected, | 273 base::Bind(&SslHmacChannelAuthenticator::OnConnected, |
| 274 base::Unretained(this))); | 274 base::Unretained(this))); |
| 275 } | 275 } |
| 276 | 276 |
| 277 if (result == net::ERR_IO_PENDING) | 277 if (result == net::ERR_IO_PENDING) |
| 278 return; | 278 return; |
| 279 | 279 |
| (...skipping 139 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 419 } | 419 } |
| 420 | 420 |
| 421 void SslHmacChannelAuthenticator::CheckDone(bool* callback_called) { | 421 void SslHmacChannelAuthenticator::CheckDone(bool* callback_called) { |
| 422 if (auth_write_buf_.get() == nullptr && auth_read_buf_.get() == nullptr) { | 422 if (auth_write_buf_.get() == nullptr && auth_read_buf_.get() == nullptr) { |
| 423 DCHECK(socket_.get() != nullptr); | 423 DCHECK(socket_.get() != nullptr); |
| 424 if (callback_called) | 424 if (callback_called) |
| 425 *callback_called = true; | 425 *callback_called = true; |
| 426 | 426 |
| 427 base::ResetAndReturn(&done_callback_) | 427 base::ResetAndReturn(&done_callback_) |
| 428 .Run(net::OK, | 428 .Run(net::OK, |
| 429 make_scoped_ptr(new P2PStreamSocketAdapter(socket_.Pass()))); | 429 make_scoped_ptr(new P2PStreamSocketAdapter(std::move(socket_)))); |
| 430 } | 430 } |
| 431 } | 431 } |
| 432 | 432 |
| 433 void SslHmacChannelAuthenticator::NotifyError(int error) { | 433 void SslHmacChannelAuthenticator::NotifyError(int error) { |
| 434 base::ResetAndReturn(&done_callback_).Run(error, nullptr); | 434 base::ResetAndReturn(&done_callback_).Run(error, nullptr); |
| 435 } | 435 } |
| 436 | 436 |
| 437 } // namespace protocol | 437 } // namespace protocol |
| 438 } // namespace remoting | 438 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1534193004:
Use std::move() instead of scoped_ptr<>::Pass(). (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master