Prevent creation of the GnubbyExtension if no socket name is defined.

remoting/host/remoting_me2me_host.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // This file implements a standalone host process for Me2Me.
 
 #include <stddef.h>
 #include <stdint.h>
 
 #include <string>
@@ skipping 409 matching lines @@
   std::string host_domain_;
   bool host_username_match_required_;
   bool allow_nat_traversal_;
   bool allow_relay_;
   PortRange udp_port_range_;
   std::string talkgadget_prefix_;
   bool allow_pairing_;
 
   bool curtain_required_;
   ThirdPartyAuthConfig third_party_auth_config_;
-  bool enable_gnubby_auth_;
+  bool gnubby_auth_policy_enabled_;
+  bool skip_gnubby_extension_creation_;

[Lambros, 2016/02/18 01:02:39]

Optional: Maybe better to invert the meaning and call it
enable_gnubby_extension_ ? Default-initialize to false and set it to true when
the socket name is provided?

[joedow, 2016/02/18 02:24:37]

That's a good point, I was originally thinking I would create the extension for
the other OS's but that doesn't work at this point so I've flipped the flag and
we now only create the extension on Linux and only if the socket name has been
passed in to us.

 
   // Boolean to change flow, where necessary, if we're
   // capturing a window instead of the entire desktop.
   bool enable_window_capture_;
 
   // Used to specify which window to stream, if enabled.
   webrtc::WindowId window_id_;
 
   // Must outlive |gcd_state_updater_| and |signaling_connector_|.
   scoped_ptr<OAuthTokenGetter> oauth_token_getter_;
@@ skipping 43 matching lines @@
       state_(HOST_STARTING),
       use_service_account_(false),
       enable_vp9_(false),
       frame_recorder_buffer_size_(0),
       policy_state_(POLICY_INITIALIZING),
       host_username_match_required_(false),
       allow_nat_traversal_(true),
       allow_relay_(true),
       allow_pairing_(true),
       curtain_required_(false),
-      enable_gnubby_auth_(false),
+      gnubby_auth_policy_enabled_(false),
+      skip_gnubby_extension_creation_(false),
       enable_window_capture_(false),
       window_id_(0),
       self_(this),
       exit_code_out_(exit_code_out),
       signal_parent_(false),
       shutdown_watchdog_(shutdown_watchdog) {
   StartOnUiThread();
 }
 
 HostProcess::~HostProcess() {
@@ skipping 374 matching lines @@
   // AudioCapturerLinux to capture from it.
   base::FilePath audio_pipe_name = base::CommandLine::ForCurrentProcess()->
       GetSwitchValuePath(kAudioPipeSwitchName);
   if (!audio_pipe_name.empty()) {
     remoting::AudioCapturerLinux::InitializePipeReader(
         context_->audio_task_runner(), audio_pipe_name);
   }
 
   base::FilePath gnubby_socket_name = base::CommandLine::ForCurrentProcess()->
       GetSwitchValuePath(kAuthSocknameSwitchName);
-  if (!gnubby_socket_name.empty())
+  if (!gnubby_socket_name.empty()) {
     remoting::GnubbyAuthHandler::SetGnubbySocketName(gnubby_socket_name);
+  } else {
+    // No socket name means no gnubby support.
+    skip_gnubby_extension_creation_ = true;
+  }
 #endif  // defined(OS_LINUX)
 
   // Create a desktop environment factory appropriate to the build type &
   // platform.
 #if defined(REMOTING_MULTI_PROCESS)
   IpcDesktopEnvironmentFactory* desktop_environment_factory =
       new IpcDesktopEnvironmentFactory(
           context_->audio_task_runner(), context_->network_task_runner(),
           context_->network_task_runner(), daemon_channel_.get());
   desktop_session_connector_ = desktop_environment_factory;
@@ skipping 487 matching lines @@
   } else {
     HOST_LOG << "Policy disables client pairing.";
   }
   return true;
 }
 
 bool HostProcess::OnGnubbyAuthPolicyUpdate(base::DictionaryValue* policies) {
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
 
   if (!policies->GetBoolean(policy::key::kRemoteAccessHostAllowGnubbyAuth,
-                            &enable_gnubby_auth_)) {
+                            &gnubby_auth_policy_enabled_)) {
     return false;
   }
 
-  if (enable_gnubby_auth_) {
+  if (gnubby_auth_policy_enabled_) {
     HOST_LOG << "Policy enables gnubby auth.";
   } else {
     HOST_LOG << "Policy disables gnubby auth.";
   }
 
   return true;
 }
 
 void HostProcess::InitializeSignaling() {
   DCHECK(!host_id_.empty());  // ApplyConfig() should already have been run.
@@ skipping 116 matching lines @@
           kEnableWebrtcSwitchName)) {
     protocol_config->set_webrtc_supported(true);
   }
   session_manager->set_protocol_config(std::move(protocol_config));
 
   host_.reset(new ChromotingHost(desktop_environment_factory_.get(),
                                  std::move(session_manager), transport_context,
                                  context_->audio_task_runner(),
                                  context_->video_encode_task_runner()));
 
-  if (enable_gnubby_auth_) {
+  if (gnubby_auth_policy_enabled_ && !skip_gnubby_extension_creation_) {
     host_->AddExtension(make_scoped_ptr(new GnubbyExtension()));
   }
 
   if (frame_recorder_buffer_size_ > 0) {
     scoped_ptr<VideoFrameRecorderHostExtension> frame_recorder_extension(
         new VideoFrameRecorderHostExtension());
     frame_recorder_extension->SetMaxContentBytes(frame_recorder_buffer_size_);
     host_->AddExtension(std::move(frame_recorder_extension));
   }
 
@@ skipping 191 matching lines @@
       base::TimeDelta::FromSeconds(kShutdownTimeoutSeconds));
   new HostProcess(std::move(context), &exit_code, &shutdown_watchdog);
 
   // Run the main (also UI) message loop until the host no longer needs it.
   message_loop.Run();
 
   return exit_code;
 }
 
 }  // namespace remoting