| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "remoting/host/security_key/security_key_ipc_server_impl.h" | |
| 6 | |
| 7 #include <cstdint> | |
| 8 #include <memory> | |
| 9 #include <string> | |
| 10 | |
| 11 #include "base/callback.h" | |
| 12 #include "base/callback_helpers.h" | |
| 13 #include "base/location.h" | |
| 14 #include "base/threading/thread_checker.h" | |
| 15 #include "base/threading/thread_task_runner_handle.h" | |
| 16 #include "base/timer/timer.h" | |
| 17 #include "ipc/ipc_channel.h" | |
| 18 #include "ipc/ipc_message.h" | |
| 19 #include "ipc/ipc_message_macros.h" | |
| 20 #include "remoting/base/logging.h" | |
| 21 #include "remoting/host/chromoting_messages.h" | |
| 22 | |
| 23 #if defined(OS_WIN) | |
| 24 #include "base/strings/stringprintf.h" | |
| 25 #include "base/strings/utf_string_conversions.h" | |
| 26 #include "base/win/win_util.h" | |
| 27 #include "remoting/host/ipc_util.h" | |
| 28 #endif // defined(OS_WIN) | |
| 29 | |
| 30 namespace { | |
| 31 | |
| 32 // Returns the command code (the first byte of the data) if it exists, or -1 if | |
| 33 // the data is empty. | |
| 34 unsigned int GetCommandCode(const std::string& data) { | |
| 35 return data.empty() ? -1 : static_cast<unsigned int>(data[0]); | |
| 36 } | |
| 37 | |
| 38 } // namespace | |
| 39 | |
| 40 namespace remoting { | |
| 41 | |
| 42 SecurityKeyIpcServerImpl::SecurityKeyIpcServerImpl( | |
| 43 int connection_id, | |
| 44 uint32_t peer_session_id, | |
| 45 base::TimeDelta initial_connect_timeout, | |
| 46 const SecurityKeyAuthHandler::SendMessageCallback& message_callback, | |
| 47 const base::Closure& done_callback) | |
| 48 : connection_id_(connection_id), | |
| 49 peer_session_id_(peer_session_id), | |
| 50 initial_connect_timeout_(initial_connect_timeout), | |
| 51 done_callback_(done_callback), | |
| 52 message_callback_(message_callback), | |
| 53 weak_factory_(this) { | |
| 54 DCHECK_GT(connection_id_, 0); | |
| 55 DCHECK(!done_callback_.is_null()); | |
| 56 DCHECK(!message_callback_.is_null()); | |
| 57 } | |
| 58 | |
| 59 SecurityKeyIpcServerImpl::~SecurityKeyIpcServerImpl() {} | |
| 60 | |
| 61 bool SecurityKeyIpcServerImpl::CreateChannel(const std::string& channel_name, | |
| 62 base::TimeDelta request_timeout) { | |
| 63 DCHECK(thread_checker_.CalledOnValidThread()); | |
| 64 DCHECK(!ipc_channel_); | |
| 65 security_key_request_timeout_ = request_timeout; | |
| 66 | |
| 67 #if defined(OS_WIN) | |
| 68 // Create a named pipe owned by the current user (the LocalService account | |
| 69 // (SID: S-1-5-19) when running in the network process) which is available to | |
| 70 // all authenticated users. | |
| 71 // presubmit: allow wstring | |
| 72 std::wstring user_sid; | |
| 73 if (!base::win::GetUserSidString(&user_sid)) { | |
| 74 return false; | |
| 75 } | |
| 76 std::string user_sid_utf8 = base::WideToUTF8(user_sid); | |
| 77 std::string security_descriptor = base::StringPrintf( | |
| 78 "O:%sG:%sD:(A;;GA;;;AU)", user_sid_utf8.c_str(), user_sid_utf8.c_str()); | |
| 79 | |
| 80 base::win::ScopedHandle pipe; | |
| 81 if (!CreateIpcChannel(channel_name, security_descriptor, &pipe)) { | |
| 82 return false; | |
| 83 } | |
| 84 | |
| 85 ipc_channel_ = | |
| 86 IPC::Channel::CreateNamedServer(IPC::ChannelHandle(pipe.Get()), this); | |
| 87 #else // defined(OS_WIN) | |
| 88 ipc_channel_ = | |
| 89 IPC::Channel::CreateNamedServer(IPC::ChannelHandle(channel_name), this); | |
| 90 #endif // !defined(OS_WIN) | |
| 91 | |
| 92 if (!ipc_channel_->Connect()) { | |
| 93 ipc_channel_.reset(); | |
| 94 return false; | |
| 95 } | |
| 96 // It is safe to use base::Unretained here as |timer_| will be stopped and | |
| 97 // this task will be removed when this instance is being destroyed. All | |
| 98 // methods must execute on the same thread (due to |thread_Checker_| so | |
| 99 // the posted task and D'Tor can not execute concurrently. | |
| 100 timer_.Start(FROM_HERE, initial_connect_timeout_, | |
| 101 base::Bind(&SecurityKeyIpcServerImpl::OnChannelError, | |
| 102 base::Unretained(this))); | |
| 103 return true; | |
| 104 } | |
| 105 | |
| 106 bool SecurityKeyIpcServerImpl::SendResponse(const std::string& response) { | |
| 107 DCHECK(thread_checker_.CalledOnValidThread()); | |
| 108 | |
| 109 // Since we have received a response, we update the timer and wait | |
| 110 // for a subsequent request. | |
| 111 timer_.Start(FROM_HERE, security_key_request_timeout_, | |
| 112 base::Bind(&SecurityKeyIpcServerImpl::OnChannelError, | |
| 113 base::Unretained(this))); | |
| 114 | |
| 115 return ipc_channel_->Send( | |
| 116 new ChromotingNetworkToRemoteSecurityKeyMsg_Response(response)); | |
| 117 } | |
| 118 | |
| 119 bool SecurityKeyIpcServerImpl::OnMessageReceived(const IPC::Message& message) { | |
| 120 DCHECK(thread_checker_.CalledOnValidThread()); | |
| 121 | |
| 122 if (connection_close_pending_) { | |
| 123 LOG(WARNING) << "IPC Message ignored because channel is being closed."; | |
| 124 return false; | |
| 125 } | |
| 126 | |
| 127 bool handled = true; | |
| 128 IPC_BEGIN_MESSAGE_MAP(SecurityKeyIpcServerImpl, message) | |
| 129 IPC_MESSAGE_HANDLER(ChromotingRemoteSecurityKeyToNetworkMsg_Request, | |
| 130 OnSecurityKeyRequest) | |
| 131 IPC_MESSAGE_UNHANDLED(handled = false) | |
| 132 IPC_END_MESSAGE_MAP() | |
| 133 | |
| 134 CHECK(handled) << "Received unexpected IPC type: " << message.type(); | |
| 135 return handled; | |
| 136 } | |
| 137 | |
| 138 void SecurityKeyIpcServerImpl::OnChannelConnected(int32_t peer_pid) { | |
| 139 DCHECK(thread_checker_.CalledOnValidThread()); | |
| 140 | |
| 141 #if defined(OS_WIN) | |
| 142 DWORD peer_session_id; | |
| 143 if (!ProcessIdToSessionId(peer_pid, &peer_session_id)) { | |
| 144 PLOG(ERROR) << "ProcessIdToSessionId() failed"; | |
| 145 connection_close_pending_ = true; | |
| 146 } else if (peer_session_id != peer_session_id_) { | |
| 147 LOG(ERROR) << "Ignoring connection attempt from outside remoted session."; | |
| 148 connection_close_pending_ = true; | |
| 149 } | |
| 150 if (connection_close_pending_) { | |
| 151 base::ThreadTaskRunnerHandle::Get()->PostTask( | |
| 152 FROM_HERE, base::Bind(&SecurityKeyIpcServerImpl::OnChannelError, | |
| 153 weak_factory_.GetWeakPtr())); | |
| 154 return; | |
| 155 } | |
| 156 #else // !defined(OS_WIN) | |
| 157 CHECK_EQ(peer_session_id_, UINT32_MAX); | |
| 158 #endif // !defined(OS_WIN) | |
| 159 | |
| 160 // Reset the timer to give the client a chance to send the request. | |
| 161 timer_.Start(FROM_HERE, initial_connect_timeout_, | |
| 162 base::Bind(&SecurityKeyIpcServerImpl::OnChannelError, | |
| 163 base::Unretained(this))); | |
| 164 } | |
| 165 | |
| 166 void SecurityKeyIpcServerImpl::OnChannelError() { | |
| 167 DCHECK(thread_checker_.CalledOnValidThread()); | |
| 168 if (ipc_channel_) { | |
| 169 ipc_channel_->Close(); | |
| 170 connection_close_pending_ = false; | |
| 171 } | |
| 172 | |
| 173 if (!done_callback_.is_null()) { | |
| 174 // Note: This callback may result in this object being torn down. | |
| 175 base::ResetAndReturn(&done_callback_).Run(); | |
| 176 } | |
| 177 } | |
| 178 | |
| 179 void SecurityKeyIpcServerImpl::OnSecurityKeyRequest( | |
| 180 const std::string& request_data) { | |
| 181 DCHECK(thread_checker_.CalledOnValidThread()); | |
| 182 | |
| 183 // Reset the timer to give the client a chance to send the response. | |
| 184 timer_.Start(FROM_HERE, security_key_request_timeout_, | |
| 185 base::Bind(&SecurityKeyIpcServerImpl::OnChannelError, | |
| 186 base::Unretained(this))); | |
| 187 | |
| 188 HOST_LOG << "Received security key request: " << GetCommandCode(request_data); | |
| 189 message_callback_.Run(connection_id_, request_data); | |
| 190 } | |
| 191 | |
| 192 } // namespace remoting | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2167473003:
Revert of Renaming Gnubby and RemoteSecurityKey files/classes/members (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master