remoting/host/linux/certificate_watcher.cc - Issue 1838313002: Restart the host when the third party auth certificate changes

Side by Side Diff: remoting/host/linux/certificate_watcher.cc

Issue 1838313002: Restart the host when the third party auth certificate changes (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Feedback from sergeyu@ Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright 2016 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "certificate_watcher.h"
	Sergey Ulanov 2016/04/04 19:29:37 Specify pull path here please. Specify pull path here please. Yuwei 2016/04/04 21:40:24 full path I guess? Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > Specify pull path here please. full path I guess? Sergey Ulanov 2016/04/04 21:44:38 yes Show quoted text On 2016/04/04 21:40:24, yuweih wrote: > On 2016/04/04 19:29:37, Sergey Ulanov wrote: > > Specify pull path here please. > > full path I guess? yes Yuwei 2016/04/04 23:42:24 Done. Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > Specify pull path here please. Done.
	6

	7 #include "base/bind.h"

	8 #include "base/bind_helpers.h"

	9 #include "base/location.h"

	10 #include "base/logging.h"

	11 #include "base/message_loop/message_loop.h"

	12 #include "base/path_service.h"

	13

	14 namespace remoting {

	15

	16 // Delay time to restart the host when a change of certificate is detected.

	17 // This is to avoid repeating restarts when continuous writes to the database

	18 // occur.

	19 const int kRestartDelayInSecond = 2;

	20

	21 // Full Path: $HOME/.pki/nssdb

	22 const char kCertDirectoryPath[] = ".pki/nssdb";

	23

	24 CertificateWatcher::CertificateWatcher(

	25 const base::Closure& restart_action,

	26 scoped_refptr<base::SingleThreadTaskRunner> network_runner,

	27 scoped_refptr<base::SingleThreadTaskRunner> io_runner)

	28 : restart_action_(restart_action),

	29 network_runner_(network_runner),
	Sergey Ulanov 2016/04/04 19:29:37 Don't need to pass it as parameter explicitly. Ins Don't need to pass it as parameter explicitly. Instead use base::ThreadTaskRunnerHandle::Get() to get task runner for the current thread. Yuwei 2016/04/04 23:42:24 Done. Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > Don't need to pass it as parameter explicitly. Instead use > base::ThreadTaskRunnerHandle::Get() to get task runner for the current thread. Done.
	30 io_runner_(io_runner),
	Sergey Ulanov 2016/04/04 19:29:37 Call this io_task_runner_. Call this io_task_runner_. Yuwei 2016/04/04 23:42:24 Done. Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > Call this io_task_runner_. Done.
	31 delay_(base::TimeDelta::FromSeconds(kRestartDelayInSecond)) {

	32 if (!base::PathService::Get(base::DIR_HOME, &cert_watch_path_)) {

	33 LOG(ERROR) << "Failed to get path of the home directory. ";

	34 return;

	35 }

	36
	Sergey Ulanov 2016/04/04 19:29:37 nit: remove this empty line. Otherwise the followi nit: remove this empty line. Otherwise the following line looks as if it's not related to the code above. Yuwei 2016/04/04 23:42:24 Done. Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > nit: remove this empty line. Otherwise the following line looks as if it's not > related to the code above. Done.
	37 cert_watch_path_ = cert_watch_path_.AppendASCII(kCertDirectoryPath);
	Sergey Ulanov 2016/04/04 19:29:37 nit: incorrect indentation. nit: incorrect indentation. Yuwei 2016/04/04 23:42:24 Done. Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > nit: incorrect indentation. Done.
	38 }

	39

	40 void CertificateWatcher::OnCertDirectoryChanged(const base::FilePath& path,

	41 bool error) {

	42 DCHECK(io_runner_->BelongsToCurrentThread());

	43

	44 if (error \|\| path != cert_watch_path_) {

	45 LOG(WARNING) << "Unexpected file update callback. "

	46 << "Path: " << path.MaybeAsASCII() << "; "

	47 << "Error: " << error;

	48 return;

	49 }

	50

	51 network_runner_->PostTask(

	52 FROM_HERE, base::Bind(&base::DelayTimer::Reset,

	53 base::Unretained(restart_timer_.get())));

	54 }

	55

	56 void CertificateWatcher::OnTimer() {

	57 DCHECK(network_runner_->BelongsToCurrentThread());

	58

	59 if (inhibit_mode_) {

	60 restart_pending_ = true;

	61 return;

	62 }

	63

	64 VLOG(1) << "Certificate was updated. Calling restart...";

	65 restart_action_.Run();

	66 }

	67

	68 CertificateWatcher::~CertificateWatcher() {

	69 if (monitor_) {

	70 monitor_->RemoveStatusObserver(this);

	71 }

	72

	73 VLOG(1) << "Stopped watching certificate changes.";

	74 }

	75

	76 void CertificateWatcher::Start() {
	Sergey Ulanov 2016/04/04 19:29:37 Do you really need this separate from the construc Do you really need this separate from the constructor? I suggest moving all this code to the constructor. Yuwei 2016/04/04 21:45:20 It's basically to allow unit tests to override par Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > Do you really need this separate from the constructor? I suggest moving all this > code to the constructor. It's basically to allow unit tests to override parameters before starting the test. If we move this to the constructor then we need to have separate constructor for testing... Sergey Ulanov 2016/04/04 21:47:15 I see. Then maybe make it return a bool value (fal Show quoted text On 2016/04/04 21:45:20, yuweih wrote: > On 2016/04/04 19:29:37, Sergey Ulanov wrote: > > Do you really need this separate from the constructor? I suggest moving all > this > > code to the constructor. > > It's basically to allow unit tests to override parameters before starting the > test. If we move this to the constructor then we need to have separate > constructor for testing... I see. Then maybe make it return a bool value (false in case it fails). Then you can make is_started() private or remove it completely. Yuwei 2016/04/04 23:42:24 Done. Show quoted text On 2016/04/04 21:47:15, Sergey Ulanov wrote: > On 2016/04/04 21:45:20, yuweih wrote: > > On 2016/04/04 19:29:37, Sergey Ulanov wrote: > > > Do you really need this separate from the constructor? I suggest moving all > > this > > > code to the constructor. > > > > It's basically to allow unit tests to override parameters before starting the > > test. If we move this to the constructor then we need to have separate > > constructor for testing... > > I see. Then maybe make it return a bool value (false in case it fails). Then you > can make is_started() private or remove it completely. Done.
	77 if (cert_watch_path_.empty()) {

	78 LOG(ERROR) << "Failed to start watching. "
	Sergey Ulanov 2016/04/04 19:29:37 This essentially duplicates the error you have in This essentially duplicates the error you have in the constructor. You can avoid this by moving all code to the constructor.
	79 << "The certificate path is not correctly set up.";

	80 return;

	81 }

	82

	83 io_runner_->PostTask(FROM_HERE, base::Bind(

	84 &CertificateWatcher::StartWatcherOnIo, base::Unretained(this)));
	Sergey Ulanov 2016/04/04 19:29:37 base::Unretained() is not safe here. CertificateWa base::Unretained() is not safe here. CertificateWatcher may be destroyed by the time this task gets executed on the IO thread. Instead you can create FilePathWatcher here and post a task directly for the Watch() method: file_watcher_.reset(new base::FilePathWatcher()); io_runner_->PostTask(FROM_HERE, base::Bind( &FilePathWatcher::Watch, base::Unretained(file_watcher.get()), cert_watch_path_, true, base::Bind(&OnCertDirectoryChanged)); Then from the destructor post a task on io thread to delete the watcher: io_runner_->DeleteSoon(FROM_HERE, file_watcher_.release()); Yuwei 2016/04/04 23:42:24 Done. Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > base::Unretained() is not safe here. CertificateWatcher may be destroyed by the > time this task gets executed on the IO thread. Instead you can create > FilePathWatcher here and post a task directly for the Watch() method: > > file_watcher_.reset(new base::FilePathWatcher()); > io_runner_->PostTask(FROM_HERE, base::Bind( > &FilePathWatcher::Watch, base::Unretained(file_watcher.get()), > cert_watch_path_, true, base::Bind(&OnCertDirectoryChanged)); > > Then from the destructor post a task on io thread to delete the watcher: > io_runner_->DeleteSoon(FROM_HERE, file_watcher_.release()); Done.
	85

	86 network_runner_->PostTask(FROM_HERE, base::Bind(

	87 &CertificateWatcher::StartTimerOnNetwork, base::Unretained(this)));
	Sergey Ulanov 2016/04/04 19:29:37 Why do you need to post a separate task here? netw Why do you need to post a separate task here? network_runner_ must be the same thread on which this code is executed. Yuwei 2016/04/04 21:40:24 I was thinking it's the main thread calling this f Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > Why do you need to post a separate task here? network_runner_ must be the same > thread on which this code is executed. I was thinking it's the main thread calling this function... Looks like I can clean up the code a little bit. Yuwei 2016/04/04 23:42:24 Not posting task now Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > Why do you need to post a separate task here? network_runner_ must be the same > thread on which this code is executed. Not posting task now
	88

	89 VLOG(1) << "Started watching certificate changes.";

	90 }

	91

	92 void CertificateWatcher::StartWatcherOnIo() {

	93 DCHECK(io_runner_->BelongsToCurrentThread());

	94

	95 file_watcher_.reset(new base::FilePathWatcher());

	96 file_watcher_->Watch(

	97 cert_watch_path_, true,

	98 base::Bind(&CertificateWatcher::OnCertDirectoryChanged,

	99 base::Unretained(this)));
	Sergey Ulanov 2016/04/04 19:29:37 It's not safe to use base::Unretained() here. OnCe It's not safe to use base::Unretained() here. OnCertDirectoryChanged() is called on the IO thread, while CertificateWatcher is destroyed on the network thread. I suggest you make OnCertDirectoryChanged a static method that gets a weak pointer for the CertficateWatcher to post the task back to the network thread: OnCertDirectoryChanged(scoped_refptr<TaskRunner> network_task_runner, base::WeakPtr<CertificateWatcher> cert_watcher, const base::FilePath& path, bool error) { network_task_runner->PostTask( FROM_HERE, base::Bind(&CertificateWatcher::DirectoryChanged, cert_watcher, path, error)); } You will need to bind the first two parameters for the callback passed to FilePathWatcher::Watch(). Yuwei 2016/04/04 23:42:24 Done. Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > It's not safe to use base::Unretained() here. OnCertDirectoryChanged() is called > on the IO thread, while CertificateWatcher is destroyed on the network thread. I > suggest you make OnCertDirectoryChanged a static method that gets a weak pointer > for the CertficateWatcher > to post the task back to the network thread: > > OnCertDirectoryChanged(scoped_refptr<TaskRunner> network_task_runner, > base::WeakPtr<CertificateWatcher> cert_watcher, > const base::FilePath& path, > bool error) { > network_task_runner->PostTask( > FROM_HERE, > base::Bind(&CertificateWatcher::DirectoryChanged, cert_watcher, > path, error)); > } > > You will need to bind the first two parameters for the callback passed to > FilePathWatcher::Watch(). Done.
	100 }

	101

	102 void CertificateWatcher::StartTimerOnNetwork() {

	103 DCHECK(network_runner_->BelongsToCurrentThread());

	104

	105 restart_timer_.reset(new base::DelayTimer(FROM_HERE, delay_, this,

	106 &CertificateWatcher::OnTimer));

	107 }

	108

	109 bool CertificateWatcher::Started() const {

	110 return file_watcher_ != nullptr;

	111 }

	112

	113 void CertificateWatcher::SetMonitor(base::WeakPtr<HostStatusMonitor> monitor) {

	114 if (monitor_) {

	115 monitor_->RemoveStatusObserver(this);

	116 }

	117 if (monitor) {
	Sergey Ulanov 2016/04/04 19:29:37 I don't think this you need this condition: monito I don't think this you need this condition: monitor must exist when SetMonitor() is called. Yuwei 2016/04/04 23:42:24 Changed to DCHECK Show quoted text On 2016/04/04 19:29:37, Sergey Ulanov wrote: > I don't think this you need this condition: monitor must exist when SetMonitor() > is called. Changed to DCHECK
	118 monitor->AddStatusObserver(this);

	119 }

	120 monitor_ = monitor;

	121 }

	122

	123 void CertificateWatcher::OnClientConnected(const std::string& jid) {

	124 if (!Started()) {

	125 return;

	126 }

	127 DCHECK(network_runner_->BelongsToCurrentThread());

	128 inhibit_mode_ = true;

	129 }

	130

	131 void CertificateWatcher::OnClientDisconnected(const std::string& jid) {

	132 if (!Started()) {

	133 return;

	134 }

	135 DCHECK(network_runner_->BelongsToCurrentThread());

	136 inhibit_mode_ = false;

	137 if (restart_pending_) {

	138 restart_pending_ = false;

	139 restart_action_.Run();

	140 }

	141 }

	142

	143 void CertificateWatcher::SetDelayForTests(const base::TimeDelta& delay) {

	144 DCHECK(!Started());

	145 delay_ = delay;

	146 }

	147

	148 void CertificateWatcher::SetWatchPathForTests(

	149 const base::FilePath& watch_path) {

	150 DCHECK(!Started());

	151 cert_watch_path_ = watch_path;

	152 }

	153

	154 } // namespace remoting

OLD	NEW

« remoting/host/linux/certificate_watcher.h ('K') | « remoting/host/linux/certificate_watcher.h ('k') | remoting/host/linux/certificate_watcher_unittest.cc » ('j') | no next file with comments »