| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/protocol/it2me_host_authenticator_factory.h" | 5 #include "remoting/protocol/it2me_host_authenticator_factory.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/strings/string_util.h" |
| 8 #include "remoting/base/rsa_key_pair.h" | 9 #include "remoting/base/rsa_key_pair.h" |
| 9 #include "remoting/protocol/negotiating_host_authenticator.h" | 10 #include "remoting/protocol/negotiating_host_authenticator.h" |
| 11 #include "remoting/protocol/rejecting_authenticator.h" |
| 10 | 12 |
| 11 namespace remoting { | 13 namespace remoting { |
| 12 namespace protocol { | 14 namespace protocol { |
| 13 | 15 |
| 14 It2MeHostAuthenticatorFactory::It2MeHostAuthenticatorFactory( | 16 It2MeHostAuthenticatorFactory::It2MeHostAuthenticatorFactory( |
| 15 const std::string& local_cert, | 17 const std::string& local_cert, |
| 16 scoped_refptr<RsaKeyPair> key_pair, | 18 scoped_refptr<RsaKeyPair> key_pair, |
| 17 const std::string& shared_secret) | 19 const std::string& shared_secret, |
| 20 const std::string& required_client_domain) |
| 18 : local_cert_(local_cert), | 21 : local_cert_(local_cert), |
| 19 key_pair_(key_pair), | 22 key_pair_(key_pair), |
| 20 shared_secret_(shared_secret) { | 23 shared_secret_(shared_secret), |
| 24 required_client_domain_(required_client_domain) { |
| 21 } | 25 } |
| 22 | 26 |
| 23 It2MeHostAuthenticatorFactory::~It2MeHostAuthenticatorFactory() { | 27 It2MeHostAuthenticatorFactory::~It2MeHostAuthenticatorFactory() { |
| 24 } | 28 } |
| 25 | 29 |
| 26 scoped_ptr<Authenticator> It2MeHostAuthenticatorFactory::CreateAuthenticator( | 30 scoped_ptr<Authenticator> It2MeHostAuthenticatorFactory::CreateAuthenticator( |
| 27 const std::string& local_jid, | 31 const std::string& local_jid, |
| 28 const std::string& remote_jid, | 32 const std::string& remote_jid, |
| 29 const buzz::XmlElement* first_message) { | 33 const buzz::XmlElement* first_message) { |
| 34 // Check the client domain policy. |
| 35 if (!required_client_domain_.empty()) { |
| 36 std::string client_username = remote_jid; |
| 37 size_t pos = client_username.find('/'); |
| 38 if (pos != std::string::npos) { |
| 39 client_username.replace(pos, std::string::npos, ""); |
| 40 } |
| 41 if (!base::EndsWith(client_username, |
| 42 std::string("@") + required_client_domain_, |
| 43 base::CompareCase::INSENSITIVE_ASCII)) { |
| 44 LOG(ERROR) << "Rejecting incoming connection from " << remote_jid |
| 45 << ": Domain mismatch."; |
| 46 return make_scoped_ptr( |
| 47 new RejectingAuthenticator(Authenticator::INVALID_CREDENTIALS)); |
| 48 } |
| 49 } |
| 50 |
| 30 return NegotiatingHostAuthenticator::CreateWithSharedSecret( | 51 return NegotiatingHostAuthenticator::CreateWithSharedSecret( |
| 31 local_cert_, key_pair_, shared_secret_, AuthenticationMethod::NONE, | 52 local_cert_, key_pair_, shared_secret_, AuthenticationMethod::NONE, |
| 32 nullptr); | 53 nullptr); |
| 33 } | 54 } |
| 34 | 55 |
| 35 } // namespace protocol | 56 } // namespace protocol |
| 36 } // namespace remoting | 57 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1643793002:
Add policy to restrict client domain for Me2Me. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master