Chromium Code Reviews Chromium Code Reviews
Issue 1922873005:
ppapi: PPB_VpnProvider: Bind VpnService to the PPAPI Resource Host (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@vpn-api-resource-host| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/browser/api/vpn_provider/vpn_service.h" | 5 #include "extensions/browser/api/vpn_provider/vpn_service.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/bind.h" | 11 #include "base/bind.h" |
| 12 #include "base/bind_helpers.h" | 12 #include "base/bind_helpers.h" |
| 13 #include "base/guid.h" | 13 #include "base/guid.h" |
| 14 #include "base/location.h" | 14 #include "base/location.h" |
| 15 #include "base/logging.h" | 15 #include "base/logging.h" |
| 16 #include "base/macros.h" | 16 #include "base/macros.h" |
| 17 #include "base/memory/ptr_util.h" | |
| 17 #include "base/message_loop/message_loop.h" | 18 #include "base/message_loop/message_loop.h" |
| 18 #include "base/stl_util.h" | 19 #include "base/stl_util.h" |
| 19 #include "base/strings/string_number_conversions.h" | 20 #include "base/strings/string_number_conversions.h" |
| 20 #include "base/strings/string_util.h" | 21 #include "base/strings/string_util.h" |
| 21 #include "base/values.h" | 22 #include "base/values.h" |
| 22 #include "chromeos/dbus/shill_third_party_vpn_driver_client.h" | 23 #include "chromeos/dbus/shill_third_party_vpn_driver_client.h" |
| 23 #include "chromeos/dbus/shill_third_party_vpn_observer.h" | 24 #include "chromeos/dbus/shill_third_party_vpn_observer.h" |
| 24 #include "chromeos/network/network_configuration_handler.h" | 25 #include "chromeos/network/network_configuration_handler.h" |
| 25 #include "chromeos/network/network_profile.h" | 26 #include "chromeos/network/network_profile.h" |
| 26 #include "chromeos/network/network_profile_handler.h" | 27 #include "chromeos/network/network_profile_handler.h" |
| 27 #include "chromeos/network/network_state.h" | 28 #include "chromeos/network/network_state.h" |
| 28 #include "chromeos/network/network_state_handler.h" | 29 #include "chromeos/network/network_state_handler.h" |
| 29 #include "chromeos/network/network_type_pattern.h" | 30 #include "chromeos/network/network_type_pattern.h" |
| 31 #include "content/public/browser/pepper_vpn_provider_service_helper.h" | |
| 30 #include "crypto/sha2.h" | 32 #include "crypto/sha2.h" |
| 31 #include "extensions/browser/event_router.h" | 33 #include "extensions/browser/event_router.h" |
| 32 #include "extensions/browser/extension_registry.h" | 34 #include "extensions/browser/extension_registry.h" |
| 33 #include "third_party/cros_system_api/dbus/service_constants.h" | 35 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 34 | 36 |
| 35 namespace chromeos { | 37 namespace chromeos { |
| 36 | 38 |
| 37 namespace { | 39 namespace { |
| 38 | 40 |
| 39 namespace api_vpn = extensions::api::vpn_provider; | 41 namespace api_vpn = extensions::api::vpn_provider; |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 55 | 57 |
| 56 const std::string& extension_id() const { return extension_id_; } | 58 const std::string& extension_id() const { return extension_id_; } |
| 57 const std::string& configuration_name() const { return configuration_name_; } | 59 const std::string& configuration_name() const { return configuration_name_; } |
| 58 const std::string& key() const { return key_; } | 60 const std::string& key() const { return key_; } |
| 59 const std::string& service_path() const { return service_path_; } | 61 const std::string& service_path() const { return service_path_; } |
| 60 void set_service_path(const std::string& service_path) { | 62 void set_service_path(const std::string& service_path) { |
| 61 service_path_ = service_path; | 63 service_path_ = service_path; |
| 62 } | 64 } |
| 63 const std::string& object_path() const { return object_path_; } | 65 const std::string& object_path() const { return object_path_; } |
| 64 | 66 |
| 67 void set_nacl_bound(bool nacl_bound) { nacl_bound_ = nacl_bound; } | |
| 68 | |
| 65 // ShillThirdPartyVpnObserver: | 69 // ShillThirdPartyVpnObserver: |
| 66 void OnPacketReceived(const std::vector<char>& data) override; | 70 void OnPacketReceived(const std::vector<char>& data) override; |
| 67 void OnPlatformMessage(uint32_t message) override; | 71 void OnPlatformMessage(uint32_t message) override; |
| 68 | 72 |
| 69 private: | 73 private: |
| 70 const std::string extension_id_; | 74 const std::string extension_id_; |
| 71 const std::string configuration_name_; | 75 const std::string configuration_name_; |
| 72 const std::string key_; | 76 const std::string key_; |
| 73 const std::string object_path_; | 77 const std::string object_path_; |
| 74 | 78 |
| 79 bool nacl_bound_; | |
| 80 | |
| 75 std::string service_path_; | 81 std::string service_path_; |
| 76 | 82 |
| 77 base::WeakPtr<VpnService> vpn_service_; | 83 base::WeakPtr<VpnService> vpn_service_; |
| 78 | 84 |
| 79 DISALLOW_COPY_AND_ASSIGN(VpnConfiguration); | 85 DISALLOW_COPY_AND_ASSIGN(VpnConfiguration); |
| 80 }; | 86 }; |
| 81 | 87 |
| 82 VpnService::VpnConfiguration::VpnConfiguration( | 88 VpnService::VpnConfiguration::VpnConfiguration( |
| 83 const std::string& extension_id, | 89 const std::string& extension_id, |
| 84 const std::string& configuration_name, | 90 const std::string& configuration_name, |
| 85 const std::string& key, | 91 const std::string& key, |
| 86 base::WeakPtr<VpnService> vpn_service) | 92 base::WeakPtr<VpnService> vpn_service) |
| 87 : extension_id_(extension_id), | 93 : extension_id_(extension_id), |
| 88 configuration_name_(configuration_name), | 94 configuration_name_(configuration_name), |
| 89 key_(key), | 95 key_(key), |
| 90 object_path_(shill::kObjectPathBase + key_), | 96 object_path_(shill::kObjectPathBase + key_), |
| 91 vpn_service_(vpn_service) { | 97 nacl_bound_(false), |
| 92 } | 98 vpn_service_(vpn_service) {} |
| 93 | 99 |
| 94 VpnService::VpnConfiguration::~VpnConfiguration() { | 100 VpnService::VpnConfiguration::~VpnConfiguration() { |
| 95 } | 101 } |
| 96 | 102 |
| 97 void VpnService::VpnConfiguration::OnPacketReceived( | 103 void VpnService::VpnConfiguration::OnPacketReceived( |
| 98 const std::vector<char>& data) { | 104 const std::vector<char>& data) { |
| 99 if (!vpn_service_) { | 105 if (!vpn_service_) { |
| 100 return; | 106 return; |
| 101 } | 107 } |
| 102 std::unique_ptr<base::ListValue> event_args = | 108 // If the configrataion was added via a PPAPI plugin |
|
ncarter (slow)
2016/05/17 17:15:40
"configuration"
adrian.belgun
2016/05/17 17:18:55
Done.
| |
| 103 api_vpn::OnPacketReceived::Create(data); | 109 if (nacl_bound_) { |
| 104 vpn_service_->SendSignalToExtension( | 110 content::VpnProviderServiceHelper::GetInstance()->OnPacketReceived( |
| 105 extension_id_, extensions::events::VPN_PROVIDER_ON_PACKET_RECEIVED, | 111 extension_id_, data); |
| 106 api_vpn::OnPacketReceived::kEventName, std::move(event_args)); | 112 } else { |
| 113 std::unique_ptr<base::ListValue> event_args = | |
| 114 api_vpn::OnPacketReceived::Create(data); | |
| 115 vpn_service_->SendSignalToExtension( | |
| 116 extension_id_, extensions::events::VPN_PROVIDER_ON_PACKET_RECEIVED, | |
| 117 api_vpn::OnPacketReceived::kEventName, std::move(event_args)); | |
| 118 } | |
| 107 } | 119 } |
| 108 | 120 |
| 109 void VpnService::VpnConfiguration::OnPlatformMessage(uint32_t message) { | 121 void VpnService::VpnConfiguration::OnPlatformMessage(uint32_t message) { |
| 110 if (!vpn_service_) { | 122 if (!vpn_service_) { |
| 111 return; | 123 return; |
| 112 } | 124 } |
| 113 DCHECK_GE(api_vpn::PLATFORM_MESSAGE_LAST, message); | 125 DCHECK_GE(api_vpn::PLATFORM_MESSAGE_LAST, message); |
| 114 | 126 |
| 115 api_vpn::PlatformMessage platform_message = | 127 api_vpn::PlatformMessage platform_message = |
| 116 static_cast<api_vpn::PlatformMessage>(message); | 128 static_cast<api_vpn::PlatformMessage>(message); |
| 117 | 129 |
| 118 if (platform_message == api_vpn::PLATFORM_MESSAGE_CONNECTED) { | 130 if (platform_message == api_vpn::PLATFORM_MESSAGE_CONNECTED) { |
| 119 vpn_service_->SetActiveConfiguration(this); | 131 vpn_service_->SetActiveConfiguration(this); |
| 120 } else if (platform_message == api_vpn::PLATFORM_MESSAGE_DISCONNECTED || | 132 } else if (platform_message == api_vpn::PLATFORM_MESSAGE_DISCONNECTED || |
| 121 platform_message == api_vpn::PLATFORM_MESSAGE_ERROR) { | 133 platform_message == api_vpn::PLATFORM_MESSAGE_ERROR) { |
| 122 vpn_service_->SetActiveConfiguration(nullptr); | 134 vpn_service_->SetActiveConfiguration(nullptr); |
| 135 | |
| 136 // Disconnect NaCl-bound configuration | |
| 137 if (nacl_bound_) { | |
| 138 nacl_bound_ = false; | |
| 139 content::VpnProviderServiceHelper::GetInstance()->OnUnbind(extension_id_); | |
| 140 } | |
| 123 } | 141 } |
| 124 | 142 |
| 125 // TODO(kaliamoorthi): Update the lower layers to get the error message and | 143 // TODO(kaliamoorthi): Update the lower layers to get the error message and |
| 126 // pass in the error instead of std::string(). | 144 // pass in the error instead of std::string(). |
| 127 std::unique_ptr<base::ListValue> event_args = | 145 std::unique_ptr<base::ListValue> event_args = |
| 128 api_vpn::OnPlatformMessage::Create(configuration_name_, platform_message, | 146 api_vpn::OnPlatformMessage::Create(configuration_name_, platform_message, |
| 129 std::string()); | 147 std::string()); |
| 130 | 148 |
| 131 vpn_service_->SendSignalToExtension( | 149 vpn_service_->SendSignalToExtension( |
| 132 extension_id_, extensions::events::VPN_PROVIDER_ON_PLATFORM_MESSAGE, | 150 extension_id_, extensions::events::VPN_PROVIDER_ON_PLATFORM_MESSAGE, |
| 133 api_vpn::OnPlatformMessage::kEventName, std::move(event_args)); | 151 api_vpn::OnPlatformMessage::kEventName, std::move(event_args)); |
| 134 } | 152 } |
| 135 | 153 |
| 154 class VpnService::VpnServiceDelegateImpl : public content::VpnServiceDelegate { | |
| 155 public: | |
| 156 VpnServiceDelegateImpl(base::WeakPtr<VpnService> vpn_service); | |
| 157 ~VpnServiceDelegateImpl() override; | |
| 158 | |
| 159 void Bind(const std::string& extension_id, | |
| 160 const std::string& configuration_id, | |
| 161 const std::string& configuration_name, | |
| 162 const SuccessCallback& success, | |
| 163 const FailureCallback& failure) override; | |
| 164 void SendPacket(const std::string& extension_id, | |
| 165 const std::vector<char>& data, | |
| 166 const SuccessCallback& success, | |
| 167 const FailureCallback& failure) override; | |
| 168 | |
| 169 private: | |
| 170 base::WeakPtr<VpnService> vpn_service_; | |
| 171 | |
| 172 DISALLOW_COPY_AND_ASSIGN(VpnServiceDelegateImpl); | |
| 173 }; | |
| 174 | |
| 175 VpnService::VpnServiceDelegateImpl::VpnServiceDelegateImpl( | |
| 176 base::WeakPtr<VpnService> vpn_service) | |
| 177 : vpn_service_(vpn_service) {} | |
| 178 | |
| 179 VpnService::VpnServiceDelegateImpl::~VpnServiceDelegateImpl() {} | |
| 180 | |
| 181 void VpnService::VpnServiceDelegateImpl::Bind( | |
| 182 const std::string& extension_id, | |
| 183 const std::string& configuration_id, | |
| 184 const std::string& configuration_name, | |
| 185 const SuccessCallback& success, | |
| 186 const FailureCallback& failure) { | |
| 187 if (!vpn_service_) { | |
| 188 NOTREACHED(); | |
| 189 return; | |
| 190 } | |
| 191 | |
| 192 vpn_service_->Bind(extension_id, configuration_id, configuration_name, | |
| 193 success, failure); | |
| 194 } | |
| 195 | |
| 196 void VpnService::VpnServiceDelegateImpl::SendPacket( | |
| 197 const std::string& extension_id, | |
| 198 const std::vector<char>& data, | |
| 199 const SuccessCallback& success, | |
| 200 const FailureCallback& failure) { | |
| 201 if (!vpn_service_) { | |
| 202 NOTREACHED(); | |
| 203 return; | |
| 204 } | |
| 205 | |
| 206 vpn_service_->SendPacket(extension_id, data, success, failure); | |
| 207 } | |
| 208 | |
| 136 VpnService::VpnService( | 209 VpnService::VpnService( |
| 137 content::BrowserContext* browser_context, | 210 content::BrowserContext* browser_context, |
| 138 const std::string& userid_hash, | 211 const std::string& userid_hash, |
| 139 extensions::ExtensionRegistry* extension_registry, | 212 extensions::ExtensionRegistry* extension_registry, |
| 140 extensions::EventRouter* event_router, | 213 extensions::EventRouter* event_router, |
| 141 ShillThirdPartyVpnDriverClient* shill_client, | 214 ShillThirdPartyVpnDriverClient* shill_client, |
| 142 NetworkConfigurationHandler* network_configuration_handler, | 215 NetworkConfigurationHandler* network_configuration_handler, |
| 143 NetworkProfileHandler* network_profile_handler, | 216 NetworkProfileHandler* network_profile_handler, |
| 144 NetworkStateHandler* network_state_handler) | 217 NetworkStateHandler* network_state_handler) |
| 145 : browser_context_(browser_context), | 218 : browser_context_(browser_context), |
| 146 userid_hash_(userid_hash), | 219 userid_hash_(userid_hash), |
| 147 extension_registry_(extension_registry), | 220 extension_registry_(extension_registry), |
| 148 event_router_(event_router), | 221 event_router_(event_router), |
| 149 shill_client_(shill_client), | 222 shill_client_(shill_client), |
| 150 network_configuration_handler_(network_configuration_handler), | 223 network_configuration_handler_(network_configuration_handler), |
| 151 network_profile_handler_(network_profile_handler), | 224 network_profile_handler_(network_profile_handler), |
| 152 network_state_handler_(network_state_handler), | 225 network_state_handler_(network_state_handler), |
| 153 active_configuration_(nullptr), | 226 active_configuration_(nullptr), |
| 154 weak_factory_(this) { | 227 weak_factory_(this) { |
| 155 extension_registry_->AddObserver(this); | 228 extension_registry_->AddObserver(this); |
| 156 network_state_handler_->AddObserver(this, FROM_HERE); | 229 network_state_handler_->AddObserver(this, FROM_HERE); |
| 157 network_configuration_handler_->AddObserver(this); | 230 network_configuration_handler_->AddObserver(this); |
| 158 base::MessageLoop::current()->PostTask( | 231 base::MessageLoop::current()->PostTask( |
| 159 FROM_HERE, | 232 FROM_HERE, |
| 160 base::Bind(&VpnService::NetworkListChanged, weak_factory_.GetWeakPtr())); | 233 base::Bind(&VpnService::NetworkListChanged, weak_factory_.GetWeakPtr())); |
| 234 content::VpnProviderServiceHelper::GetInstance()->RegisterDelegate( | |
| 235 browser_context, | |
| 236 base::WrapUnique(new VpnServiceDelegateImpl(weak_factory_.GetWeakPtr()))); | |
| 161 } | 237 } |
| 162 | 238 |
| 163 VpnService::~VpnService() { | 239 VpnService::~VpnService() { |
| 164 network_configuration_handler_->RemoveObserver(this); | 240 network_configuration_handler_->RemoveObserver(this); |
| 165 network_state_handler_->RemoveObserver(this, FROM_HERE); | 241 network_state_handler_->RemoveObserver(this, FROM_HERE); |
| 166 extension_registry_->RemoveObserver(this); | 242 extension_registry_->RemoveObserver(this); |
| 167 STLDeleteContainerPairSecondPointers(key_to_configuration_map_.begin(), | 243 STLDeleteContainerPairSecondPointers(key_to_configuration_map_.begin(), |
| 168 key_to_configuration_map_.end()); | 244 key_to_configuration_map_.end()); |
| 169 } | 245 } |
| 170 | 246 |
| (...skipping 397 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 568 } | 644 } |
| 569 delete configuration; | 645 delete configuration; |
| 570 } | 646 } |
| 571 | 647 |
| 572 bool VpnService::DoesActiveConfigurationExistAndIsAccessAuthorized( | 648 bool VpnService::DoesActiveConfigurationExistAndIsAccessAuthorized( |
| 573 const std::string& extension_id) { | 649 const std::string& extension_id) { |
| 574 return active_configuration_ && | 650 return active_configuration_ && |
| 575 active_configuration_->extension_id() == extension_id; | 651 active_configuration_->extension_id() == extension_id; |
| 576 } | 652 } |
| 577 | 653 |
| 654 void VpnService::Bind(const std::string& extension_id, | |
| 655 const std::string& configuration_id, | |
| 656 const std::string& configuration_name, | |
| 657 const SuccessCallback& success, | |
| 658 const FailureCallback& failure) { | |
| 659 // The ID is the configuration name for now. This may change in the future. | |
| 660 const std::string key = GetKey(extension_id, configuration_id); | |
| 661 if (!ContainsKey(key_to_configuration_map_, key)) { | |
| 662 failure.Run(std::string(), std::string("Unauthorized access 1.")); | |
| 663 return; | |
| 664 } | |
| 665 | |
| 666 VpnConfiguration* configuration = key_to_configuration_map_[key]; | |
| 667 if (active_configuration_ != configuration) { | |
| 668 failure.Run(std::string(), std::string("Unauthorized access 2.")); | |
| 669 return; | |
| 670 } | |
| 671 | |
| 672 if (configuration->extension_id() != extension_id || | |
| 673 configuration->configuration_name() != configuration_name) { | |
| 674 failure.Run(std::string(), std::string("Unauthorized access 3.")); | |
| 675 return; | |
| 676 } | |
| 677 | |
| 678 const std::string service_path = configuration->service_path(); | |
| 679 if (service_path.empty()) { | |
| 680 failure.Run(std::string(), std::string("Pending create.")); | |
| 681 return; | |
| 682 } | |
| 683 | |
| 684 // Connection authorized. All packets will be routed through NaCl. | |
| 685 configuration->set_nacl_bound(true); | |
| 686 | |
| 687 success.Run(); | |
| 688 } | |
| 689 | |
| 578 } // namespace chromeos | 690 } // namespace chromeos |
| OLD | NEW |
