Index: remoting/protocol/me2me_host_authenticator_factory.cc |
diff --git a/remoting/protocol/me2me_host_authenticator_factory.cc b/remoting/protocol/me2me_host_authenticator_factory.cc |
index d0deff1f5574e8d259404edd4718365b6f767f08..f0a369fb7217de1b02e4fafbe87dc76548a0968a 100644 |
--- a/remoting/protocol/me2me_host_authenticator_factory.cc |
+++ b/remoting/protocol/me2me_host_authenticator_factory.cc |
@@ -61,12 +61,14 @@ class RejectingAuthenticator : public Authenticator { |
// static |
scoped_ptr<AuthenticatorFactory> |
Me2MeHostAuthenticatorFactory::CreateWithSharedSecret( |
+ const std::string& host_owner, |
const std::string& local_cert, |
scoped_refptr<RsaKeyPair> key_pair, |
const SharedSecretHash& shared_secret_hash, |
scoped_refptr<PairingRegistry> pairing_registry) { |
scoped_ptr<Me2MeHostAuthenticatorFactory> result( |
new Me2MeHostAuthenticatorFactory()); |
+ result->host_owner_ = host_owner; |
result->local_cert_ = local_cert; |
result->key_pair_ = key_pair; |
result->shared_secret_hash_ = shared_secret_hash; |
@@ -78,12 +80,14 @@ Me2MeHostAuthenticatorFactory::CreateWithSharedSecret( |
// static |
scoped_ptr<AuthenticatorFactory> |
Me2MeHostAuthenticatorFactory::CreateWithThirdPartyAuth( |
+ const std::string& host_owner, |
const std::string& local_cert, |
scoped_refptr<RsaKeyPair> key_pair, |
scoped_ptr<ThirdPartyHostAuthenticator::TokenValidatorFactory> |
token_validator_factory) { |
scoped_ptr<Me2MeHostAuthenticatorFactory> result( |
new Me2MeHostAuthenticatorFactory()); |
+ result->host_owner_ = host_owner; |
result->local_cert_ = local_cert; |
result->key_pair_ = key_pair; |
result->token_validator_factory_ = token_validator_factory.Pass(); |
@@ -107,6 +111,7 @@ scoped_ptr<Authenticator> Me2MeHostAuthenticatorFactory::CreateAuthenticator( |
const std::string& remote_jid, |
const buzz::XmlElement* first_message) { |
+ // TODO(rmsousa): Check that local JID is host owner or robot. |
rmsousa
2013/07/23 21:50:21
I'm not even sure we want to do this. I think at t
Sergey Ulanov
2013/07/23 23:37:32
That's relevant not only in the enterprise case. A
|
size_t slash_pos = local_jid.find('/'); |
if (slash_pos == std::string::npos) { |
Sergey Ulanov
2013/07/23 23:37:32
I think you can remove this code now, because slas
|
LOG(DFATAL) << "Invalid local JID:" << local_jid; |
@@ -118,7 +123,7 @@ scoped_ptr<Authenticator> Me2MeHostAuthenticatorFactory::CreateAuthenticator( |
// full JID starts with host's bare jid. Comparison is case |
// insensitive. |
if (!IsStringASCII(remote_jid) || |
- !StartsWithASCII(remote_jid, local_jid.substr(0, slash_pos + 1), false)) { |
+ !StartsWithASCII(remote_jid, host_owner_ + '/', false)) { |
LOG(ERROR) << "Rejecting incoming connection from " << remote_jid; |
return scoped_ptr<Authenticator>(new RejectingAuthenticator()); |
} |