Bootstrap Mojo IPC independent of Chrome IPC

mojo/edk/system/node_channel.cc

Index: mojo/edk/system/node_channel.cc
diff --git a/mojo/edk/system/node_channel.cc b/mojo/edk/system/node_channel.cc
index 0277d46c4160ba158682587fcac1d1a4cac41e64..c23fb0f5b0eff12eaf1ea1b06de24d093fa7d417 100644
--- a/mojo/edk/system/node_channel.cc
+++ b/mojo/edk/system/node_channel.cc
@@ -194,6 +194,20 @@ void NodeChannel::SetRemoteNodeName(const ports::NodeName& name) {
   remote_node_name_ = name;
 }
 
+void NodeChannel::SetExpectedSecret(const std::string& secret) {
+#if !defined(OS_WIN)
+  // Ensure we aren't expecting a secret on non-Windows.
+  CHECK(secret.empty());
+#endif
+  expected_secret_ = secret;
+}
+
+void NodeChannel::SendSecret(const std::string& secret) {
+  Channel::MessagePtr message(new Channel::Message(secret.size(), 0));
+  memcpy(message->mutable_payload(), secret.data(), secret.size());
+  WriteChannelMessage(std::move(message));
+}
+
 void NodeChannel::AcceptChild(const ports::NodeName& parent_name,
                               const ports::NodeName& token) {
   AcceptChildData* data;
@@ -337,6 +351,18 @@ void NodeChannel::OnChannelMessage(const void* payload,
                                    ScopedPlatformHandleVectorPtr handles) {
   DCHECK(io_task_runner_->RunsTasksOnCurrentThread());
 
+  if (!expected_secret_.empty()) {
+    // If we're expecting a secret string, that takes precedence over everything
+    // else.
+    if (std::string(static_cast<const char*>(payload), payload_size) !=
+        expected_secret_) {
+      LOG(ERROR) << "Received invalid secret from peer. Dropping channel.";
+      delegate_->OnChannelError(remote_node_name_);
+    }
+    expected_secret_.clear();
+    return;
+  }
+
 #if defined(OS_WIN)
   // If we receive handles from a known process, rewrite them to our own
   // process. This can occur when a privileged node receives handles directly