| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "remoting/host/linux/certificate_watcher.h" |
| 6 |
| 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" |
| 9 #include "base/location.h" |
| 10 #include "base/logging.h" |
| 11 #include "base/path_service.h" |
| 12 #include "base/thread_task_runner_handle.h" |
| 13 |
| 14 namespace remoting { |
| 15 |
| 16 // Delay time to restart the host when a change of certificate is detected. |
| 17 // This is to avoid repeating restarts when continuous writes to the database |
| 18 // occur. |
| 19 const int kRestartDelayInSecond = 2; |
| 20 |
| 21 // Full Path: $HOME/.pki/nssdb |
| 22 const char kCertDirectoryPath[] = ".pki/nssdb"; |
| 23 |
| 24 CertificateWatcher::CertificateWatcher( |
| 25 const base::Closure& restart_action, |
| 26 scoped_refptr<base::SingleThreadTaskRunner> io_task_runner) |
| 27 : restart_action_(restart_action), |
| 28 caller_task_runner_(base::ThreadTaskRunnerHandle::Get()), |
| 29 io_task_runner_(io_task_runner), |
| 30 delay_(base::TimeDelta::FromSeconds(kRestartDelayInSecond)), |
| 31 weak_factory_(this) { |
| 32 if (!base::PathService::Get(base::DIR_HOME, &cert_watch_path_)) { |
| 33 LOG(FATAL) << "Failed to get path of the home directory."; |
| 34 } |
| 35 cert_watch_path_ = cert_watch_path_.AppendASCII(kCertDirectoryPath); |
| 36 } |
| 37 |
| 38 CertificateWatcher::~CertificateWatcher() { |
| 39 DCHECK(caller_task_runner_->BelongsToCurrentThread()); |
| 40 |
| 41 if (!is_started()) { |
| 42 return; |
| 43 } |
| 44 if (monitor_) { |
| 45 monitor_->RemoveStatusObserver(this); |
| 46 } |
| 47 io_task_runner_->DeleteSoon(FROM_HERE, file_watcher_.release()); |
| 48 |
| 49 VLOG(1) << "Stopped watching certificate changes."; |
| 50 } |
| 51 |
| 52 void CertificateWatcher::Start() { |
| 53 DCHECK(caller_task_runner_->BelongsToCurrentThread()); |
| 54 DCHECK(!cert_watch_path_.empty()); |
| 55 |
| 56 file_watcher_.reset(new base::FilePathWatcher()); |
| 57 io_task_runner_->PostTask( |
| 58 FROM_HERE, |
| 59 base::Bind(base::IgnoreResult(&base::FilePathWatcher::Watch), |
| 60 base::Unretained(file_watcher_.get()), cert_watch_path_, true, |
| 61 base::Bind(&CertificateWatcher::OnCertDirectoryChanged, |
| 62 caller_task_runner_, weak_factory_.GetWeakPtr()))); |
| 63 restart_timer_.reset(new base::DelayTimer(FROM_HERE, delay_, this, |
| 64 &CertificateWatcher::OnTimer)); |
| 65 |
| 66 VLOG(1) << "Started watching certificate changes."; |
| 67 } |
| 68 |
| 69 void CertificateWatcher::SetMonitor(base::WeakPtr<HostStatusMonitor> monitor) { |
| 70 DCHECK(is_started()); |
| 71 if (monitor_) { |
| 72 monitor_->RemoveStatusObserver(this); |
| 73 } |
| 74 monitor->AddStatusObserver(this); |
| 75 monitor_ = monitor; |
| 76 } |
| 77 |
| 78 void CertificateWatcher::OnClientConnected(const std::string& jid) { |
| 79 DCHECK(is_started()); |
| 80 DCHECK(caller_task_runner_->BelongsToCurrentThread()); |
| 81 inhibit_mode_ = true; |
| 82 } |
| 83 |
| 84 void CertificateWatcher::OnClientDisconnected(const std::string& jid) { |
| 85 DCHECK(is_started()); |
| 86 DCHECK(caller_task_runner_->BelongsToCurrentThread()); |
| 87 inhibit_mode_ = false; |
| 88 if (restart_pending_) { |
| 89 restart_pending_ = false; |
| 90 restart_action_.Run(); |
| 91 } |
| 92 } |
| 93 |
| 94 void CertificateWatcher::SetDelayForTests(const base::TimeDelta& delay) { |
| 95 DCHECK(!is_started()); |
| 96 delay_ = delay; |
| 97 } |
| 98 |
| 99 void CertificateWatcher::SetWatchPathForTests( |
| 100 const base::FilePath& watch_path) { |
| 101 DCHECK(!is_started()); |
| 102 cert_watch_path_ = watch_path; |
| 103 } |
| 104 |
| 105 bool CertificateWatcher::is_started() const { |
| 106 return file_watcher_ != nullptr; |
| 107 } |
| 108 |
| 109 // static |
| 110 void CertificateWatcher::OnCertDirectoryChanged( |
| 111 scoped_refptr<base::SingleThreadTaskRunner> network_task_runner, |
| 112 base::WeakPtr<CertificateWatcher> watcher_, |
| 113 const base::FilePath& path, |
| 114 bool error) { |
| 115 network_task_runner->PostTask( |
| 116 FROM_HERE, |
| 117 base::Bind(&CertificateWatcher::DirectoryChanged, watcher_, path, error)); |
| 118 } |
| 119 |
| 120 void CertificateWatcher::DirectoryChanged(const base::FilePath& path, |
| 121 bool error) { |
| 122 DCHECK(caller_task_runner_->BelongsToCurrentThread()); |
| 123 DCHECK(path == cert_watch_path_); |
| 124 |
| 125 if (error) { |
| 126 LOG(FATAL) << "Error occurs when watching changes of file " |
| 127 << cert_watch_path_.MaybeAsASCII(); |
| 128 } |
| 129 |
| 130 restart_timer_->Reset(); |
| 131 } |
| 132 |
| 133 void CertificateWatcher::OnTimer() { |
| 134 DCHECK(caller_task_runner_->BelongsToCurrentThread()); |
| 135 |
| 136 if (inhibit_mode_) { |
| 137 restart_pending_ = true; |
| 138 return; |
| 139 } |
| 140 |
| 141 VLOG(1) << "Certificate was updated. Calling restart..."; |
| 142 restart_action_.Run(); |
| 143 } |
| 144 |
| 145 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1838313002:
Restart the host when the third party auth certificate changes (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master