| OLD | NEW |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/browser/api/vpn_provider/vpn_service.h" | 5 #include "extensions/browser/api/vpn_provider/vpn_service.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/bind.h" | 11 #include "base/bind.h" |
| 12 #include "base/bind_helpers.h" | 12 #include "base/bind_helpers.h" |
| 13 #include "base/guid.h" | 13 #include "base/guid.h" |
| 14 #include "base/location.h" | 14 #include "base/location.h" |
| 15 #include "base/logging.h" | 15 #include "base/logging.h" |
| 16 #include "base/macros.h" | 16 #include "base/macros.h" |
| 17 #include "base/memory/ptr_util.h" |
| 17 #include "base/single_thread_task_runner.h" | 18 #include "base/single_thread_task_runner.h" |
| 18 #include "base/stl_util.h" | 19 #include "base/stl_util.h" |
| 19 #include "base/strings/string_number_conversions.h" | 20 #include "base/strings/string_number_conversions.h" |
| 20 #include "base/strings/string_util.h" | 21 #include "base/strings/string_util.h" |
| 21 #include "base/threading/thread_task_runner_handle.h" | 22 #include "base/threading/thread_task_runner_handle.h" |
| 22 #include "base/values.h" | 23 #include "base/values.h" |
| 23 #include "chromeos/dbus/shill_third_party_vpn_driver_client.h" | 24 #include "chromeos/dbus/shill_third_party_vpn_driver_client.h" |
| 24 #include "chromeos/dbus/shill_third_party_vpn_observer.h" | 25 #include "chromeos/dbus/shill_third_party_vpn_observer.h" |
| 25 #include "chromeos/network/network_configuration_handler.h" | 26 #include "chromeos/network/network_configuration_handler.h" |
| 26 #include "chromeos/network/network_profile.h" | 27 #include "chromeos/network/network_profile.h" |
| 27 #include "chromeos/network/network_profile_handler.h" | 28 #include "chromeos/network/network_profile_handler.h" |
| 28 #include "chromeos/network/network_state.h" | 29 #include "chromeos/network/network_state.h" |
| 29 #include "chromeos/network/network_state_handler.h" | 30 #include "chromeos/network/network_state_handler.h" |
| 30 #include "chromeos/network/network_type_pattern.h" | 31 #include "chromeos/network/network_type_pattern.h" |
| 32 #include "content/public/browser/pepper_vpn_provider_resource_host_proxy.h" |
| 33 #include "content/public/browser/vpn_service_proxy.h" |
| 31 #include "crypto/sha2.h" | 34 #include "crypto/sha2.h" |
| 32 #include "extensions/browser/event_router.h" | 35 #include "extensions/browser/event_router.h" |
| 33 #include "extensions/browser/extension_registry.h" | 36 #include "extensions/browser/extension_registry.h" |
| 34 #include "third_party/cros_system_api/dbus/service_constants.h" | 37 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 35 | 38 |
| 36 namespace chromeos { | 39 namespace chromeos { |
| 37 | 40 |
| 38 namespace { | 41 namespace { |
| 39 | 42 |
| 40 namespace api_vpn = extensions::api::vpn_provider; | 43 namespace api_vpn = extensions::api::vpn_provider; |
| (...skipping 14 matching lines...) Expand all Loading... |
| 55 ~VpnConfiguration() override; | 58 ~VpnConfiguration() override; |
| 56 | 59 |
| 57 const std::string& extension_id() const { return extension_id_; } | 60 const std::string& extension_id() const { return extension_id_; } |
| 58 const std::string& configuration_name() const { return configuration_name_; } | 61 const std::string& configuration_name() const { return configuration_name_; } |
| 59 const std::string& key() const { return key_; } | 62 const std::string& key() const { return key_; } |
| 60 const std::string& service_path() const { return service_path_; } | 63 const std::string& service_path() const { return service_path_; } |
| 61 void set_service_path(const std::string& service_path) { | 64 void set_service_path(const std::string& service_path) { |
| 62 service_path_ = service_path; | 65 service_path_ = service_path; |
| 63 } | 66 } |
| 64 const std::string& object_path() const { return object_path_; } | 67 const std::string& object_path() const { return object_path_; } |
| 68 void set_pepper_proxy( |
| 69 std::unique_ptr<content::PepperVpnProviderResourceHostProxy> |
| 70 pepper_vpn_provider_proxy) { |
| 71 pepper_vpn_provider_proxy_ = std::move(pepper_vpn_provider_proxy); |
| 72 } |
| 65 | 73 |
| 66 // ShillThirdPartyVpnObserver: | 74 // ShillThirdPartyVpnObserver: |
| 67 void OnPacketReceived(const std::vector<char>& data) override; | 75 void OnPacketReceived(const std::vector<char>& data) override; |
| 68 void OnPlatformMessage(uint32_t message) override; | 76 void OnPlatformMessage(uint32_t message) override; |
| 69 | 77 |
| 70 private: | 78 private: |
| 71 const std::string extension_id_; | 79 const std::string extension_id_; |
| 72 const std::string configuration_name_; | 80 const std::string configuration_name_; |
| 73 const std::string key_; | 81 const std::string key_; |
| 74 const std::string object_path_; | 82 const std::string object_path_; |
| 75 | 83 |
| 84 std::unique_ptr<content::PepperVpnProviderResourceHostProxy> |
| 85 pepper_vpn_provider_proxy_; |
| 86 |
| 76 std::string service_path_; | 87 std::string service_path_; |
| 77 | 88 |
| 78 base::WeakPtr<VpnService> vpn_service_; | 89 base::WeakPtr<VpnService> vpn_service_; |
| 79 | 90 |
| 80 DISALLOW_COPY_AND_ASSIGN(VpnConfiguration); | 91 DISALLOW_COPY_AND_ASSIGN(VpnConfiguration); |
| 81 }; | 92 }; |
| 82 | 93 |
| 83 VpnService::VpnConfiguration::VpnConfiguration( | 94 VpnService::VpnConfiguration::VpnConfiguration( |
| 84 const std::string& extension_id, | 95 const std::string& extension_id, |
| 85 const std::string& configuration_name, | 96 const std::string& configuration_name, |
| 86 const std::string& key, | 97 const std::string& key, |
| 87 base::WeakPtr<VpnService> vpn_service) | 98 base::WeakPtr<VpnService> vpn_service) |
| 88 : extension_id_(extension_id), | 99 : extension_id_(extension_id), |
| 89 configuration_name_(configuration_name), | 100 configuration_name_(configuration_name), |
| 90 key_(key), | 101 key_(key), |
| 91 object_path_(shill::kObjectPathBase + key_), | 102 object_path_(shill::kObjectPathBase + key_), |
| 92 vpn_service_(vpn_service) { | 103 vpn_service_(vpn_service) { |
| 93 } | 104 } |
| 94 | 105 |
| 95 VpnService::VpnConfiguration::~VpnConfiguration() { | 106 VpnService::VpnConfiguration::~VpnConfiguration() { |
| 96 } | 107 } |
| 97 | 108 |
| 98 void VpnService::VpnConfiguration::OnPacketReceived( | 109 void VpnService::VpnConfiguration::OnPacketReceived( |
| 99 const std::vector<char>& data) { | 110 const std::vector<char>& data) { |
| 100 if (!vpn_service_) { | 111 if (!vpn_service_) { |
| 101 return; | 112 return; |
| 102 } | 113 } |
| 103 std::unique_ptr<base::ListValue> event_args = | 114 // Pass packet to the Pepper API if the connection is bound to it. |
| 104 api_vpn::OnPacketReceived::Create(data); | 115 if (pepper_vpn_provider_proxy_) { |
| 105 vpn_service_->SendSignalToExtension( | 116 pepper_vpn_provider_proxy_->SendOnPacketReceived(data); |
| 106 extension_id_, extensions::events::VPN_PROVIDER_ON_PACKET_RECEIVED, | 117 } else { |
| 107 api_vpn::OnPacketReceived::kEventName, std::move(event_args)); | 118 std::unique_ptr<base::ListValue> event_args = |
| 119 api_vpn::OnPacketReceived::Create(data); |
| 120 vpn_service_->SendSignalToExtension( |
| 121 extension_id_, extensions::events::VPN_PROVIDER_ON_PACKET_RECEIVED, |
| 122 api_vpn::OnPacketReceived::kEventName, std::move(event_args)); |
| 123 } |
| 108 } | 124 } |
| 109 | 125 |
| 110 void VpnService::VpnConfiguration::OnPlatformMessage(uint32_t message) { | 126 void VpnService::VpnConfiguration::OnPlatformMessage(uint32_t message) { |
| 111 if (!vpn_service_) { | 127 if (!vpn_service_) { |
| 112 return; | 128 return; |
| 113 } | 129 } |
| 114 DCHECK_GE(api_vpn::PLATFORM_MESSAGE_LAST, message); | 130 DCHECK_GE(api_vpn::PLATFORM_MESSAGE_LAST, message); |
| 115 | 131 |
| 116 api_vpn::PlatformMessage platform_message = | 132 api_vpn::PlatformMessage platform_message = |
| 117 static_cast<api_vpn::PlatformMessage>(message); | 133 static_cast<api_vpn::PlatformMessage>(message); |
| 118 | 134 |
| 119 if (platform_message == api_vpn::PLATFORM_MESSAGE_CONNECTED) { | 135 if (platform_message == api_vpn::PLATFORM_MESSAGE_CONNECTED) { |
| 120 vpn_service_->SetActiveConfiguration(this); | 136 vpn_service_->SetActiveConfiguration(this); |
| 121 } else if (platform_message == api_vpn::PLATFORM_MESSAGE_DISCONNECTED || | 137 } else if (platform_message == api_vpn::PLATFORM_MESSAGE_DISCONNECTED || |
| 122 platform_message == api_vpn::PLATFORM_MESSAGE_ERROR) { | 138 platform_message == api_vpn::PLATFORM_MESSAGE_ERROR) { |
| 123 vpn_service_->SetActiveConfiguration(nullptr); | 139 vpn_service_->SetActiveConfiguration(nullptr); |
| 140 |
| 141 // Disconnect Pepper-bound configuration. |
| 142 if (pepper_vpn_provider_proxy_) { |
| 143 pepper_vpn_provider_proxy_->SendOnUnbind(); |
| 144 pepper_vpn_provider_proxy_.reset(); |
| 145 } |
| 124 } | 146 } |
| 125 | 147 |
| 126 // TODO(kaliamoorthi): Update the lower layers to get the error message and | 148 // TODO(kaliamoorthi): Update the lower layers to get the error message and |
| 127 // pass in the error instead of std::string(). | 149 // pass in the error instead of std::string(). |
| 128 std::unique_ptr<base::ListValue> event_args = | 150 std::unique_ptr<base::ListValue> event_args = |
| 129 api_vpn::OnPlatformMessage::Create(configuration_name_, platform_message, | 151 api_vpn::OnPlatformMessage::Create(configuration_name_, platform_message, |
| 130 std::string()); | 152 std::string()); |
| 131 | 153 |
| 132 vpn_service_->SendSignalToExtension( | 154 vpn_service_->SendSignalToExtension( |
| 133 extension_id_, extensions::events::VPN_PROVIDER_ON_PLATFORM_MESSAGE, | 155 extension_id_, extensions::events::VPN_PROVIDER_ON_PLATFORM_MESSAGE, |
| 134 api_vpn::OnPlatformMessage::kEventName, std::move(event_args)); | 156 api_vpn::OnPlatformMessage::kEventName, std::move(event_args)); |
| 135 } | 157 } |
| 136 | 158 |
| 159 class VpnService::VpnServiceProxyImpl : public content::VpnServiceProxy { |
| 160 public: |
| 161 VpnServiceProxyImpl(base::WeakPtr<VpnService> vpn_service); |
| 162 |
| 163 void Bind(const std::string& extension_id, |
| 164 const std::string& configuration_id, |
| 165 const std::string& configuration_name, |
| 166 const SuccessCallback& success, |
| 167 const FailureCallback& failure, |
| 168 std::unique_ptr<content::PepperVpnProviderResourceHostProxy> |
| 169 pepper_vpn_provider_proxy) override; |
| 170 void SendPacket(const std::string& extension_id, |
| 171 const std::vector<char>& data, |
| 172 const SuccessCallback& success, |
| 173 const FailureCallback& failure) override; |
| 174 |
| 175 private: |
| 176 base::WeakPtr<VpnService> vpn_service_; |
| 177 |
| 178 DISALLOW_COPY_AND_ASSIGN(VpnServiceProxyImpl); |
| 179 }; |
| 180 |
| 181 VpnService::VpnServiceProxyImpl::VpnServiceProxyImpl( |
| 182 base::WeakPtr<VpnService> vpn_service) |
| 183 : vpn_service_(vpn_service) {} |
| 184 |
| 185 void VpnService::VpnServiceProxyImpl::Bind( |
| 186 const std::string& extension_id, |
| 187 const std::string& configuration_id, |
| 188 const std::string& configuration_name, |
| 189 const SuccessCallback& success, |
| 190 const FailureCallback& failure, |
| 191 std::unique_ptr<content::PepperVpnProviderResourceHostProxy> |
| 192 pepper_vpn_provider_proxy) { |
| 193 if (!vpn_service_) { |
| 194 NOTREACHED(); |
| 195 return; |
| 196 } |
| 197 |
| 198 vpn_service_->Bind(extension_id, configuration_id, configuration_name, |
| 199 success, failure, std::move(pepper_vpn_provider_proxy)); |
| 200 } |
| 201 |
| 202 void VpnService::VpnServiceProxyImpl::SendPacket( |
| 203 const std::string& extension_id, |
| 204 const std::vector<char>& data, |
| 205 const SuccessCallback& success, |
| 206 const FailureCallback& failure) { |
| 207 if (!vpn_service_) { |
| 208 NOTREACHED(); |
| 209 return; |
| 210 } |
| 211 |
| 212 vpn_service_->SendPacket(extension_id, data, success, failure); |
| 213 } |
| 214 |
| 137 VpnService::VpnService( | 215 VpnService::VpnService( |
| 138 content::BrowserContext* browser_context, | 216 content::BrowserContext* browser_context, |
| 139 const std::string& userid_hash, | 217 const std::string& userid_hash, |
| 140 extensions::ExtensionRegistry* extension_registry, | 218 extensions::ExtensionRegistry* extension_registry, |
| 141 extensions::EventRouter* event_router, | 219 extensions::EventRouter* event_router, |
| 142 ShillThirdPartyVpnDriverClient* shill_client, | 220 ShillThirdPartyVpnDriverClient* shill_client, |
| 143 NetworkConfigurationHandler* network_configuration_handler, | 221 NetworkConfigurationHandler* network_configuration_handler, |
| 144 NetworkProfileHandler* network_profile_handler, | 222 NetworkProfileHandler* network_profile_handler, |
| 145 NetworkStateHandler* network_state_handler) | 223 NetworkStateHandler* network_state_handler) |
| 146 : browser_context_(browser_context), | 224 : browser_context_(browser_context), |
| (...skipping 422 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 569 } | 647 } |
| 570 delete configuration; | 648 delete configuration; |
| 571 } | 649 } |
| 572 | 650 |
| 573 bool VpnService::DoesActiveConfigurationExistAndIsAccessAuthorized( | 651 bool VpnService::DoesActiveConfigurationExistAndIsAccessAuthorized( |
| 574 const std::string& extension_id) { | 652 const std::string& extension_id) { |
| 575 return active_configuration_ && | 653 return active_configuration_ && |
| 576 active_configuration_->extension_id() == extension_id; | 654 active_configuration_->extension_id() == extension_id; |
| 577 } | 655 } |
| 578 | 656 |
| 657 void VpnService::Bind( |
| 658 const std::string& extension_id, |
| 659 const std::string& configuration_id, |
| 660 const std::string& configuration_name, |
| 661 const SuccessCallback& success, |
| 662 const FailureCallback& failure, |
| 663 std::unique_ptr<content::PepperVpnProviderResourceHostProxy> |
| 664 pepper_vpn_provider_proxy) { |
| 665 // The ID is the configuration name for now. This may change in the future. |
| 666 const std::string key = GetKey(extension_id, configuration_id); |
| 667 if (!ContainsKey(key_to_configuration_map_, key)) { |
| 668 failure.Run(std::string(), |
| 669 std::string("Unauthorized access. " |
| 670 "The configuration does not exist.")); |
| 671 return; |
| 672 } |
| 673 |
| 674 VpnConfiguration* configuration = key_to_configuration_map_[key]; |
| 675 if (active_configuration_ != configuration) { |
| 676 failure.Run(std::string(), std::string("Unauthorized access. " |
| 677 "The configuration is not active.")); |
| 678 return; |
| 679 } |
| 680 |
| 681 if (configuration->extension_id() != extension_id || |
| 682 configuration->configuration_name() != configuration_name) { |
| 683 failure.Run(std::string(), |
| 684 std::string("Unauthorized access. " |
| 685 "Configuration name or extension ID mismatch.")); |
| 686 return; |
| 687 } |
| 688 |
| 689 const std::string service_path = configuration->service_path(); |
| 690 if (service_path.empty()) { |
| 691 failure.Run(std::string(), std::string("Pending create.")); |
| 692 return; |
| 693 } |
| 694 |
| 695 // Connection authorized. All packets will be routed through the Pepper API. |
| 696 configuration->set_pepper_proxy(std::move(pepper_vpn_provider_proxy)); |
| 697 |
| 698 success.Run(); |
| 699 } |
| 700 |
| 701 std::unique_ptr<content::VpnServiceProxy> VpnService::GetVpnServiceProxy() { |
| 702 return base::WrapUnique(new VpnServiceProxyImpl(weak_factory_.GetWeakPtr())); |
| 703 } |
| 704 |
| 579 } // namespace chromeos | 705 } // namespace chromeos |
| OLD | NEW |