Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(236)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: remoting/protocol/v2_authenticator.cc

Issue 1739503003: Ignore host certificate in remoting::V2Authenticator on the client side. Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « remoting/protocol/v2_authenticator.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "remoting/protocol/v2_authenticator.h" 5 #include "remoting/protocol/v2_authenticator.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/base64.h" 9 #include "base/base64.h"
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 74 matching lines...) Expand 10 before | Expand all | Expand 10 after
85 85
86 void V2Authenticator::ProcessMessage(const buzz::XmlElement* message, 86 void V2Authenticator::ProcessMessage(const buzz::XmlElement* message,
87 const base::Closure& resume_callback) { 87 const base::Closure& resume_callback) {
88 ProcessMessageInternal(message); 88 ProcessMessageInternal(message);
89 resume_callback.Run(); 89 resume_callback.Run();
90 } 90 }
91 91
92 void V2Authenticator::ProcessMessageInternal(const buzz::XmlElement* message) { 92 void V2Authenticator::ProcessMessageInternal(const buzz::XmlElement* message) {
93 DCHECK_EQ(state(), WAITING_MESSAGE); 93 DCHECK_EQ(state(), WAITING_MESSAGE);
94 94
95 // Parse the certificate.
96 std::string base64_cert = message->TextNamed(kCertificateTag);
97 if (!base64_cert.empty()) {
98 if (!base::Base64Decode(base64_cert, &remote_cert_)) {
99 LOG(WARNING) << "Failed to decode certificate received from the peer.";
100 remote_cert_.clear();
101 }
102 }
103
104 // Client always expect certificate in the first message.
105 if (!is_host_side() && remote_cert_.empty()) {
106 LOG(WARNING) << "No valid host certificate.";
107 state_ = REJECTED;
108 rejection_reason_ = PROTOCOL_ERROR;
109 return;
110 }
111
112 const buzz::XmlElement* eke_element = message->FirstNamed(kEkeTag); 95 const buzz::XmlElement* eke_element = message->FirstNamed(kEkeTag);
113 if (!eke_element) { 96 if (!eke_element) {
114 LOG(WARNING) << "No eke-message found."; 97 LOG(WARNING) << "No eke-message found.";
115 state_ = REJECTED; 98 state_ = REJECTED;
116 rejection_reason_ = PROTOCOL_ERROR; 99 rejection_reason_ = PROTOCOL_ERROR;
117 return; 100 return;
118 } 101 }
119 102
120 for (; eke_element; eke_element = eke_element->NextNamed(kEkeTag)) { 103 for (; eke_element; eke_element = eke_element->NextNamed(kEkeTag)) {
121 std::string base64_message = eke_element->BodyText(); 104 std::string base64_message = eke_element->BodyText();
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after
189 172
190 scoped_ptr<ChannelAuthenticator> 173 scoped_ptr<ChannelAuthenticator>
191 V2Authenticator::CreateChannelAuthenticator() const { 174 V2Authenticator::CreateChannelAuthenticator() const {
192 DCHECK_EQ(state(), ACCEPTED); 175 DCHECK_EQ(state(), ACCEPTED);
193 CHECK(!auth_key_.empty()); 176 CHECK(!auth_key_.empty());
194 177
195 if (is_host_side()) { 178 if (is_host_side()) {
196 return SslHmacChannelAuthenticator::CreateForHost( 179 return SslHmacChannelAuthenticator::CreateForHost(
197 local_cert_, local_key_pair_, auth_key_); 180 local_cert_, local_key_pair_, auth_key_);
198 } else { 181 } else {
199 return SslHmacChannelAuthenticator::CreateForClient( 182 return SslHmacChannelAuthenticator::CreateForClient(auth_key_);
200 remote_cert_, auth_key_);
201 } 183 }
202 } 184 }
203 185
204 bool V2Authenticator::is_host_side() const { 186 bool V2Authenticator::is_host_side() const {
205 return local_key_pair_.get() != nullptr; 187 return local_key_pair_.get() != nullptr;
206 } 188 }
207 189
208 } // namespace protocol 190 } // namespace protocol
209 } // namespace remoting 191 } // namespace remoting
OLDNEW
« no previous file with comments | « remoting/protocol/v2_authenticator.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698