remoting/protocol/it2me_host_authenticator_factory.cc - Issue 1643793002: Add policy to restrict client domain for Me2Me.

Side by Side Diff: remoting/protocol/it2me_host_authenticator_factory.cc

Issue 1643793002: Add policy to restrict client domain for Me2Me. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Fix remoting_perftests compile. Created 4 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "remoting/protocol/it2me_host_authenticator_factory.h"	5 #include "remoting/protocol/it2me_host_authenticator_factory.h"

6	6

7 #include "base/logging.h"	7 #include "base/logging.h"

	8 #include "base/strings/string_util.h"

8 #include "remoting/base/rsa_key_pair.h"	9 #include "remoting/base/rsa_key_pair.h"

9 #include "remoting/protocol/negotiating_host_authenticator.h"	10 #include "remoting/protocol/negotiating_host_authenticator.h"

	11 #include "remoting/protocol/rejecting_authenticator.h"

10	12

11 namespace remoting {	13 namespace remoting {

12 namespace protocol {	14 namespace protocol {

13	15

14 It2MeHostAuthenticatorFactory::It2MeHostAuthenticatorFactory(	16 It2MeHostAuthenticatorFactory::It2MeHostAuthenticatorFactory(

15 const std::string& local_cert,	17 const std::string& local_cert,

16 scoped_refptr<RsaKeyPair> key_pair,	18 scoped_refptr<RsaKeyPair> key_pair,

17 const std::string& shared_secret)	19 const std::string& shared_secret,

	20 const std::string& required_client_domain)

18 : local_cert_(local_cert),	21 : local_cert_(local_cert),

19 key_pair_(key_pair),	22 key_pair_(key_pair),

20 shared_secret_(shared_secret) {	23 shared_secret_(shared_secret),

	24 required_client_domain_(required_client_domain) {

21 }	25 }

22	26

23 It2MeHostAuthenticatorFactory::~It2MeHostAuthenticatorFactory() {	27 It2MeHostAuthenticatorFactory::~It2MeHostAuthenticatorFactory() {

24 }	28 }

25	29

26 scoped_ptr<Authenticator> It2MeHostAuthenticatorFactory::CreateAuthenticator(	30 scoped_ptr<Authenticator> It2MeHostAuthenticatorFactory::CreateAuthenticator(

27 const std::string& local_jid,	31 const std::string& local_jid,

28 const std::string& remote_jid,	32 const std::string& remote_jid,

29 const buzz::XmlElement* first_message) {	33 const buzz::XmlElement* first_message) {

	34 // Check the client domain policy.

	35 if (!required_client_domain_.empty()) {

	36 std::string client_username = remote_jid;

	37 size_t pos = client_username.find('/');

	38 if (pos != std::string::npos) {

	39 client_username.replace(pos, std::string::npos, "");

	40 }

	41 if (!base::EndsWith(client_username,

	42 std::string("@") + required_client_domain_,

	43 base::CompareCase::INSENSITIVE_ASCII)) {

	44 LOG(ERROR) << "Rejecting incoming connection from " << remote_jid

	45 << ": Domain mismatch.";

	46 return make_scoped_ptr(

	47 new RejectingAuthenticator(Authenticator::INVALID_CREDENTIALS));

	48 }

	49 }

	50

30 return NegotiatingHostAuthenticator::CreateWithSharedSecret(	51 return NegotiatingHostAuthenticator::CreateWithSharedSecret(

31 local_cert_, key_pair_, shared_secret_, AuthenticationMethod::NONE,	52 local_cert_, key_pair_, shared_secret_, AuthenticationMethod::NONE,

32 nullptr);	53 nullptr);

33 }	54 }

34	55

35 } // namespace protocol	56 } // namespace protocol

36 } // namespace remoting	57 } // namespace remoting

OLD	NEW

« no previous file with comments | « remoting/protocol/it2me_host_authenticator_factory.h ('k') | remoting/protocol/me2me_host_authenticator_factory.h » ('j') | no next file with comments »