chrome/common/extensions/permissions/socket_permission_entry.cc - Issue 201203006: Move basic API permissions code out of //chrome

Side by Side Diff: chrome/common/extensions/permissions/socket_permission_entry.cc

Issue 201203006: Move basic API permissions code out of //chrome (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: move moar things Created 6 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « chrome/common/extensions/permissions/socket_permission_entry.h ('k') | chrome/common/extensions/permissions/socket_permission_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
	(Empty)
1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.

4

5 #include "chrome/common/extensions/permissions/socket_permission_entry.h"

6

7 #include <cstdlib>

8 #include <sstream>

9 #include <vector>

10

11 #include "base/logging.h"

12 #include "base/memory/scoped_ptr.h"

13 #include "base/strings/string_number_conversions.h"

14 #include "base/strings/string_split.h"

15 #include "base/strings/string_util.h"

16 #include "chrome/common/extensions/permissions/socket_permission.h"

17 #include "extensions/common/permissions/api_permission.h"

18 #include "url/url_canon.h"

19

20 namespace {

21

22 using content::SocketPermissionRequest;

23

24 const char kColon = ':';

25 const char kDot = '.';

26 const char kWildcard[] = "*";

27 const int kWildcardPortNumber = 0;

28 const int kInvalidPort = -1;

29

30 bool StartsOrEndsWithWhitespace(const std::string& str) {

31 if (str.find_first_not_of(base::kWhitespaceASCII) != 0)

32 return true;

33 if (str.find_last_not_of(base::kWhitespaceASCII) != str.length() - 1)

34 return true;

35 return false;

36 }

37

38 } // namespace

39

40 namespace extensions {

41

42 SocketPermissionEntry::SocketPermissionEntry()

43 : pattern_(SocketPermissionRequest::NONE, std::string(), kInvalidPort),

44 match_subdomains_(false) {

45 }

46

47 SocketPermissionEntry::~SocketPermissionEntry() {}

48

49 bool SocketPermissionEntry::operator<(const SocketPermissionEntry& rhs) const {

50 if (pattern_.type < rhs.pattern_.type)

51 return true;

52 if (pattern_.type > rhs.pattern_.type)

53 return false;

54

55 if (pattern_.host < rhs.pattern_.host)

56 return true;

57 if (pattern_.host > rhs.pattern_.host)

58 return false;

59

60 if (match_subdomains_ < rhs.match_subdomains_)

61 return true;

62 if (match_subdomains_ > rhs.match_subdomains_)

63 return false;

64

65 if (pattern_.port < rhs.pattern_.port)

66 return true;

67 return false;

68 }

69

70 bool SocketPermissionEntry::operator==(const SocketPermissionEntry& rhs) const {

71 return (pattern_.type == rhs.pattern_.type) &&

72 (pattern_.host == rhs.pattern_.host) &&

73 (match_subdomains_ == rhs.match_subdomains_) &&

74 (pattern_.port == rhs.pattern_.port);

75 }

76

77 bool SocketPermissionEntry::Check(

78 const content::SocketPermissionRequest& request) const {

79 if (pattern_.type != request.type)

80 return false;

81

82 std::string lhost = StringToLowerASCII(request.host);

83 if (pattern_.host != lhost) {

84 if (!match_subdomains_)

85 return false;

86

87 if (!pattern_.host.empty()) {

88 // Do not wildcard part of IP address.

89 url_parse::Component component(0, lhost.length());

90 url_canon::RawCanonOutputT<char, 128> ignored_output;

91 url_canon::CanonHostInfo host_info;

92 url_canon::CanonicalizeIPAddress(lhost.c_str(), component,

93 &ignored_output, &host_info);

94 if (host_info.IsIPAddress())

95 return false;

96

97 // host should equal one or more chars + "." + host_.

98 int i = lhost.length() - pattern_.host.length();

99 if (i < 2)

100 return false;

101

102 if (lhost.compare(i, pattern_.host.length(), pattern_.host) != 0)

103 return false;

104

105 if (lhost[i - 1] != kDot)

106 return false;

107 }

108 }

109

110 if (pattern_.port != request.port && pattern_.port != kWildcardPortNumber)

111 return false;

112

113 return true;

114 }

115

116 SocketPermissionEntry::HostType SocketPermissionEntry::GetHostType() const {

117 return pattern_.host.empty() ? SocketPermissionEntry::ANY_HOST :

118 match_subdomains_ ? SocketPermissionEntry::HOSTS_IN_DOMAINS :

119 SocketPermissionEntry::SPECIFIC_HOSTS;

120 }

121

122 bool SocketPermissionEntry::IsAddressBoundType() const {

123 return pattern_.type == SocketPermissionRequest::TCP_CONNECT \|\|

124 pattern_.type == SocketPermissionRequest::TCP_LISTEN \|\|

125 pattern_.type == SocketPermissionRequest::UDP_BIND \|\|

126 pattern_.type == SocketPermissionRequest::UDP_SEND_TO;

127 }

128

129 // static

130 bool SocketPermissionEntry::ParseHostPattern(

131 SocketPermissionRequest::OperationType type,

132 const std::string& pattern,

133 SocketPermissionEntry* entry) {

134 std::vector<std::string> tokens;

135 base::SplitStringDontTrim(pattern, kColon, &tokens);

136 return ParseHostPattern(type, tokens, entry);

137 }

138

139 // static

140 bool SocketPermissionEntry::ParseHostPattern(

141 SocketPermissionRequest::OperationType type,

142 const std::vector<std::string>& pattern_tokens,

143 SocketPermissionEntry* entry) {

144

145 SocketPermissionEntry result;

146

147 if (type == SocketPermissionRequest::NONE)

148 return false;

149

150 if (pattern_tokens.size() > 2)

151 return false;

152

153 result.pattern_.type = type;

154 result.pattern_.port = kWildcardPortNumber;

155 result.match_subdomains_ = true;

156

157 if (pattern_tokens.size() == 0) {

158 *entry = result;

159 return true;

160 }

161

162 // Return an error if address is specified for permissions that don't

163 // need it (such as 'resolve-host').

164 if (!result.IsAddressBoundType())

165 return false;

166

167 result.pattern_.host = pattern_tokens[0];

168 if (!result.pattern_.host.empty()) {

169 if (StartsOrEndsWithWhitespace(result.pattern_.host))

170 return false;

171 result.pattern_.host = StringToLowerASCII(result.pattern_.host);

172

173 // The first component can optionally be '*' to match all subdomains.

174 std::vector<std::string> host_components;

175 base::SplitString(result.pattern_.host, kDot, &host_components);

176 DCHECK(!host_components.empty());

177

178 if (host_components[0] == kWildcard \|\| host_components[0].empty()) {

179 host_components.erase(host_components.begin(),

180 host_components.begin() + 1);

181 } else {

182 result.match_subdomains_ = false;

183 }

184 result.pattern_.host = JoinString(host_components, kDot);

185 }

186

187 if (pattern_tokens.size() == 1 \|\|

188 pattern_tokens[1].empty() \|\|

189 pattern_tokens[1] == kWildcard) {

190 *entry = result;

191 return true;

192 }

193

194 if (StartsOrEndsWithWhitespace(pattern_tokens[1]))

195 return false;

196

197 if (!base::StringToInt(pattern_tokens[1], &result.pattern_.port) \|\|

198 result.pattern_.port < 1 \|\| result.pattern_.port > 65535)

199 return false;

200

201 *entry = result;

202 return true;

203 }

204

205 std::string SocketPermissionEntry::GetHostPatternAsString() const {

206 std::string result;

207

208 if (!IsAddressBoundType())

209 return result;

210

211 if (match_subdomains()) {

212 result.append(kWildcard);

213 if (!pattern_.host.empty())

214 result.append(1, kDot).append(pattern_.host);

215 } else {

216 result.append(pattern_.host);

217 }

218

219 if (pattern_.port == kWildcardPortNumber)

220 result.append(1, kColon).append(kWildcard);

221 else

222 result.append(1, kColon).append(base::IntToString(pattern_.port));

223

224 return result;

225 }

226

227 } // namespace extensions

OLD	NEW