remoting/host/linux/certificate_watcher.h - Issue 1838313002: Restart the host when the third party auth certificate changes

Side by Side Diff: remoting/host/linux/certificate_watcher.h

Issue 1838313002: Restart the host when the third party auth certificate changes (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright 2016 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef HOST_LINUX_CERTIFICATE_WATCHER_H_
	Sergey Ulanov 2016/03/29 19:40:04 REMOTING_ REMOTING_ Yuwei 2016/03/30 18:47:45 Done. Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > REMOTING_ Done.
	6 #define HOST_LINUX_CERTIFICATE_WATCHER_H_

	7

	8 #include "base/files/file_path.h"

	9 #include "base/files/file_path_watcher.h"

	10 #include "base/macros.h"

	11 #include "base/memory/scoped_ptr.h"

	12 #include "base/timer/timer.h"

	13

	14 namespace remoting {

	15

	16 class CertificateWatcherImplInterface {
	Sergey Ulanov 2016/03/29 19:40:04 We normally don't use Interface suffix for interfa We normally don't use Interface suffix for interfaces. Interface name should generally be shorter than the name of the implementing class. But ImplInterface suffix makes no sense. See my comment about impl_. I don't think you need any of this at all. Yuwei 2016/03/29 19:57:02 Acknowledged. Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > We normally don't use Interface suffix for interfaces. Interface name should > generally be shorter than the name of the implementing class. But ImplInterface > suffix makes no sense. See my comment about impl_. I don't think you need any of > this at all. Acknowledged. Yuwei 2016/03/30 18:47:45 Done. Removed interface and merged the impl Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > We normally don't use Interface suffix for interfaces. Interface name should > generally be shorter than the name of the implementing class. But ImplInterface > suffix makes no sense. See my comment about impl_. I don't think you need any of > this at all. Done. Removed interface and merged the impl
	17 public:

	18 virtual void Start() = 0;

	19 virtual void Stop() = 0;

	20 virtual void ScheduleSuicide() = 0;

	21 };

	22

	23 /*

	24 * This class watches the NSS database and kills the host when a change of the

	25 * database is detected. The runner script will restart the host when the host

	26 * is killed then the new host will capture any new changes of the database.

	27 *

	28 * Acceptable false positives will be caused by desktop sessions and other

	29 * external programs.

	30 */

	31 class CertificateWatcher {

	32 public:

	33 typedef base::Callback<void(void)> SuicideAction;
	Sergey Ulanov 2016/03/29 19:40:04 this is base::Closure. You don't need this typedef this is base::Closure. You don't need this typedef. Also "void(void)" is better expressed as "void()" Yuwei 2016/03/29 19:57:02 Acknowledged. Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > this is base::Closure. You don't need this typedef. > Also "void(void)" is better expressed as "void()" Acknowledged. Yuwei 2016/03/30 18:47:45 Done. Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > this is base::Closure. You don't need this typedef. > Also "void(void)" is better expressed as "void()" Done.
	34 CertificateWatcher(

	35 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner,
	Sergey Ulanov 2016/03/29 19:40:04 I think this class can be made single-threaded and I think this class can be made single-threaded and live on the network thread. Then you wouldn't need to pass any threads here and will not need any of the impl_ stuff. Yuwei 2016/03/29 19:57:02 Acknowledged. Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > I think this class can be made single-threaded and live on the network thread. > Then you wouldn't need to pass any threads here and will not need any of the > impl_ stuff. Acknowledged. Yuwei 2016/03/30 18:47:45 Looks like it doesn't work... There are checks in Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > I think this class can be made single-threaded and live on the network thread. > Then you wouldn't need to pass any threads here and will not need any of the > impl_ stuff. Looks like it doesn't work... There are checks in FilePathWatcher and HostProcess to prevent being called on the wrong thread... Basically FilePathWatcher needs IO thread and Host process needs network thread. I changed the code a little bit so now StarOn() takes in the file runner and there is a callback `OnNSSCertificateUpdate()` in HostProcess that dispatches the shutdown task to the network thread.
	36 scoped_refptr<base::SingleThreadTaskRunner> suicide_task_runner,

	37 int suicide_delay, const SuicideAction& suicide_action);
	Sergey Ulanov 2016/03/29 19:40:04 Don't call it "suicide". The host process is just Don't call it "suicide". The host process is just being restarted cleanly. It's not killing itself. Yuwei 2016/03/29 19:57:02 So should I call it "restart"? Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > Don't call it "suicide". The host process is just being restarted cleanly. It's > not killing itself. So should I call it "restart"? Yuwei 2016/03/30 18:47:45 Done. Renamed to restart Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > Don't call it "suicide". The host process is just being restarted cleanly. It's > not killing itself. Done. Renamed to restart
	38

	39 // Constructs watcher with given impl. Will take ownership.

	40 CertificateWatcher(CertificateWatcherImplInterface* impl);

	41 virtual ~CertificateWatcher();

	42 void Start();

	43 void Stop();

	44

	45 // Marks suicide_scheduled_ flag without calling the suicide action

	46 void Inhibit();

	47

	48 // Leaves inhibit mode and schedule suicide action if suicide_scheduled_

	49 // is marked in previous inhibit mode.

	50 void Uninhibit();

	51

	52 // Called when the certificate is updated.

	53 void OnUpdate();

	54

	55 private:

	56 scoped_ptr<CertificateWatcherImplInterface> impl_;
	Sergey Ulanov 2016/03/29 19:40:04 Normally we define nested Core class for pimpl cla Normally we define nested Core class for pimpl classes. You don't need the interface here - just forward-declare the class. e.g. see remoting/host/audio_pump.h for example. But I don't think you need any of this stuff here. This class can be simple single-threaded watcher running on the network thread. Yuwei 2016/03/29 19:57:02 I basically separated the impl class so that I can Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > Normally we define nested Core class for pimpl classes. You don't need the > interface here - just forward-declare the class. e.g. see > remoting/host/audio_pump.h for example. But I don't think you need any of this > stuff here. This class can be simple single-threaded watcher running on the > network thread. I basically separated the impl class so that I can test the logic in a cleaner way. I agree that creating temp files may be better way for testing after seeing your comments.
	57

	58 bool inhibit_mode_ = false;

	59

	60 // A flag to prevent posting multiple suicide tasks
	Sergey Ulanov 2016/03/29 19:40:04 nit: here and everywhere else: please add . at the nit: here and everywhere else: please add . at the end of the comment. Yuwei 2016/03/29 19:57:02 Acknowledged. Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > nit: here and everywhere else: please add . at the end of the comment. Acknowledged. Yuwei 2016/03/30 18:47:45 Done. Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > nit: here and everywhere else: please add . at the end of the comment. Done.
	61 bool suicide_scheduled_ = false;

	62

	63 DISALLOW_COPY_AND_ASSIGN(CertificateWatcher);

	64 };

	65

	66 }
	Sergey Ulanov 2016/03/29 19:40:04 // namespace remoting // namespace remoting Yuwei 2016/03/29 19:57:02 Acknowledged. Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > // namespace remoting Acknowledged. Yuwei 2016/03/30 18:47:45 Done. Show quoted text On 2016/03/29 19:40:04, Sergey Ulanov wrote: > // namespace remoting Done.
	67

	68 #endif // HOST_LINUX_CERTIFICATE_WATCHER_H_

OLD	NEW

« no previous file with comments | « remoting/host/BUILD.gn ('k') | remoting/host/linux/certificate_watcher.cc » ('j') | remoting/host/linux/certificate_watcher.cc » ('J')