OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/host/it2me/it2me_host.h" | 5 #include "remoting/host/it2me/it2me_host.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 | 8 |
9 #include <utility> | 9 #include <utility> |
10 | 10 |
(...skipping 280 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
291 | 291 |
292 // ChromotingHost doesn't allow multiple concurrent connection and the | 292 // ChromotingHost doesn't allow multiple concurrent connection and the |
293 // host is destroyed in OnClientDisconnected() after the first connection. | 293 // host is destroyed in OnClientDisconnected() after the first connection. |
294 CHECK_NE(state_, kConnected); | 294 CHECK_NE(state_, kConnected); |
295 | 295 |
296 std::string client_username = jid; | 296 std::string client_username = jid; |
297 size_t pos = client_username.find('/'); | 297 size_t pos = client_username.find('/'); |
298 if (pos != std::string::npos) | 298 if (pos != std::string::npos) |
299 client_username.replace(pos, std::string::npos, ""); | 299 client_username.replace(pos, std::string::npos, ""); |
300 | 300 |
301 // Check the client domain policy. | |
Jamie
2016/01/28 01:02:22
Is there a better place to test this? Doing it her
Sergey Ulanov
2016/01/28 19:42:46
I think the best approach would be to put this che
Jamie
2016/01/29 02:23:27
Done.
| |
302 if (!required_client_domain_.empty() && | |
303 !base::EndsWith(client_username, | |
304 std::string("@") + required_client_domain_, | |
305 base::CompareCase::INSENSITIVE_ASCII)) { | |
306 SetState(kInvalidDomainError, "Client domain mismatch"); | |
307 return; | |
308 } | |
309 | |
301 HOST_LOG << "Client " << client_username << " connected."; | 310 HOST_LOG << "Client " << client_username << " connected."; |
302 | 311 |
303 // Pass the client user name to the script object before changing state. | 312 // Pass the client user name to the script object before changing state. |
304 task_runner_->PostTask( | 313 task_runner_->PostTask( |
305 FROM_HERE, base::Bind(&It2MeHost::Observer::OnClientAuthenticated, | 314 FROM_HERE, base::Bind(&It2MeHost::Observer::OnClientAuthenticated, |
306 observer_, client_username)); | 315 observer_, client_username)); |
307 | 316 |
308 SetState(kConnected, ""); | 317 SetState(kConnected, ""); |
309 } | 318 } |
310 | 319 |
(...skipping 14 matching lines...) Expand all Loading... | |
325 | 334 |
326 bool nat_policy; | 335 bool nat_policy; |
327 if (policies->GetBoolean(policy::key::kRemoteAccessHostFirewallTraversal, | 336 if (policies->GetBoolean(policy::key::kRemoteAccessHostFirewallTraversal, |
328 &nat_policy)) { | 337 &nat_policy)) { |
329 UpdateNatPolicy(nat_policy); | 338 UpdateNatPolicy(nat_policy); |
330 } | 339 } |
331 std::string host_domain; | 340 std::string host_domain; |
332 if (policies->GetString(policy::key::kRemoteAccessHostDomain, &host_domain)) { | 341 if (policies->GetString(policy::key::kRemoteAccessHostDomain, &host_domain)) { |
333 UpdateHostDomainPolicy(host_domain); | 342 UpdateHostDomainPolicy(host_domain); |
334 } | 343 } |
344 std::string client_domain; | |
345 if (policies->GetString(policy::key::kRemoteAccessHostClientDomain, | |
346 &client_domain)) { | |
347 UpdateClientDomainPolicy(client_domain); | |
348 } | |
335 | 349 |
336 policy_received_ = true; | 350 policy_received_ = true; |
337 | 351 |
338 if (!pending_connect_.is_null()) { | 352 if (!pending_connect_.is_null()) { |
339 base::ResetAndReturn(&pending_connect_).Run(); | 353 base::ResetAndReturn(&pending_connect_).Run(); |
340 } | 354 } |
341 } | 355 } |
342 | 356 |
343 void It2MeHost::OnPolicyError() { | 357 void It2MeHost::OnPolicyError() { |
344 // TODO(lukasza): Report the policy error to the user. crbug.com/433009 | 358 // TODO(lukasza): Report the policy error to the user. crbug.com/433009 |
(...skipping 25 matching lines...) Expand all Loading... | |
370 VLOG(2) << "UpdateHostDomainPolicy: " << host_domain; | 384 VLOG(2) << "UpdateHostDomainPolicy: " << host_domain; |
371 | 385 |
372 // When setting a host domain policy, force disconnect any existing session. | 386 // When setting a host domain policy, force disconnect any existing session. |
373 if (!host_domain.empty() && IsConnected()) { | 387 if (!host_domain.empty() && IsConnected()) { |
374 Shutdown(); | 388 Shutdown(); |
375 } | 389 } |
376 | 390 |
377 required_host_domain_ = host_domain; | 391 required_host_domain_ = host_domain; |
378 } | 392 } |
379 | 393 |
394 void It2MeHost::UpdateClientDomainPolicy(const std::string& client_domain) { | |
395 DCHECK(host_context_->network_task_runner()->BelongsToCurrentThread()); | |
396 | |
397 VLOG(2) << "UpdateClientDomainPolicy: " << client_domain; | |
398 | |
399 // When setting a host domain policy, force disconnect any existing session. | |
400 if (!client_domain.empty() && IsConnected()) { | |
401 Shutdown(); | |
402 } | |
403 | |
404 required_client_domain_ = client_domain; | |
405 } | |
406 | |
380 It2MeHost::~It2MeHost() { | 407 It2MeHost::~It2MeHost() { |
381 // Check that resources that need to be torn down on the UI thread are gone. | 408 // Check that resources that need to be torn down on the UI thread are gone. |
382 DCHECK(!desktop_environment_factory_.get()); | 409 DCHECK(!desktop_environment_factory_.get()); |
383 DCHECK(!policy_watcher_.get()); | 410 DCHECK(!policy_watcher_.get()); |
384 } | 411 } |
385 | 412 |
386 void It2MeHost::SetState(It2MeHostState state, | 413 void It2MeHost::SetState(It2MeHostState state, |
387 const std::string& error_message) { | 414 const std::string& error_message) { |
388 DCHECK(host_context_->network_task_runner()->BelongsToCurrentThread()); | 415 DCHECK(host_context_->network_task_runner()->BelongsToCurrentThread()); |
389 | 416 |
390 switch (state_) { | 417 switch (state_) { |
391 case kDisconnected: | 418 case kDisconnected: |
392 DCHECK(state == kStarting || | 419 DCHECK(state == kStarting || |
393 state == kError) << state; | 420 state == kError) << state; |
394 break; | 421 break; |
395 case kStarting: | 422 case kStarting: |
396 DCHECK(state == kRequestedAccessCode || | 423 DCHECK(state == kRequestedAccessCode || |
397 state == kDisconnected || | 424 state == kDisconnected || |
398 state == kError || | 425 state == kError || |
399 state == kInvalidDomainError) << state; | 426 state == kInvalidDomainError) << state; |
400 break; | 427 break; |
401 case kRequestedAccessCode: | 428 case kRequestedAccessCode: |
402 DCHECK(state == kReceivedAccessCode || | 429 DCHECK(state == kReceivedAccessCode || |
403 state == kDisconnected || | 430 state == kDisconnected || |
404 state == kError) << state; | 431 state == kError) << state; |
405 break; | 432 break; |
406 case kReceivedAccessCode: | 433 case kReceivedAccessCode: |
407 DCHECK(state == kConnected || | 434 DCHECK(state == kConnected || |
408 state == kDisconnected || | 435 state == kDisconnected || |
409 state == kError) << state; | 436 state == kError || |
437 state == kInvalidDomainError) << state; | |
410 break; | 438 break; |
411 case kConnected: | 439 case kConnected: |
412 DCHECK(state == kDisconnected || | 440 DCHECK(state == kDisconnected || |
413 state == kError) << state; | 441 state == kError) << state; |
414 break; | 442 break; |
415 case kError: | 443 case kError: |
416 DCHECK(state == kDisconnected) << state; | 444 DCHECK(state == kDisconnected) << state; |
417 break; | 445 break; |
418 case kInvalidDomainError: | 446 case kInvalidDomainError: |
419 DCHECK(state == kDisconnected) << state; | 447 DCHECK(state == kDisconnected) << state; |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
492 scoped_ptr<It2MeConfirmationDialogFactory> confirmation_dialog_factory( | 520 scoped_ptr<It2MeConfirmationDialogFactory> confirmation_dialog_factory( |
493 new It2MeConfirmationDialogFactory()); | 521 new It2MeConfirmationDialogFactory()); |
494 scoped_ptr<PolicyWatcher> policy_watcher = | 522 scoped_ptr<PolicyWatcher> policy_watcher = |
495 PolicyWatcher::Create(policy_service_, context->file_task_runner()); | 523 PolicyWatcher::Create(policy_service_, context->file_task_runner()); |
496 return new It2MeHost(std::move(context), std::move(policy_watcher), | 524 return new It2MeHost(std::move(context), std::move(policy_watcher), |
497 std::move(confirmation_dialog_factory), observer, | 525 std::move(confirmation_dialog_factory), observer, |
498 xmpp_server_config, directory_bot_jid); | 526 xmpp_server_config, directory_bot_jid); |
499 } | 527 } |
500 | 528 |
501 } // namespace remoting | 529 } // namespace remoting |
OLD | NEW |