remoting/host/it2me/it2me_host.cc - Issue 2901033002: Host port range policy is no longer ignored in it2me host

Side by Side Diff: remoting/host/it2me/it2me_host.cc

Issue 2901033002: Host port range policy is no longer ignored in it2me host (Closed)

Patch Set: Host port range policy is no longer ignored in it2me host Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "remoting/host/it2me/it2me_host.h"	5 #include "remoting/host/it2me/it2me_host.h"

6	6

7 #include <cstdint>	7 #include <cstdint>

8 #include <memory>	8 #include <memory>

9 #include <string>	9 #include <string>

10 #include <utility>	10 #include <utility>

(...skipping 173 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
184	184

185 // Request registration of the host for support.	185 // Request registration of the host for support.

186 std::unique_ptr<RegisterSupportHostRequest> register_request(	186 std::unique_ptr<RegisterSupportHostRequest> register_request(

187 new RegisterSupportHostRequest(	187 new RegisterSupportHostRequest(

188 signal_strategy_.get(), host_key_pair_, directory_bot_jid_,	188 signal_strategy_.get(), host_key_pair_, directory_bot_jid_,

189 base::Bind(&It2MeHost::OnReceivedSupportID, base::Unretained(this))));	189 base::Bind(&It2MeHost::OnReceivedSupportID, base::Unretained(this))));

190	190

191 // Beyond this point nothing can fail, so save the config and request.	191 // Beyond this point nothing can fail, so save the config and request.

192 register_request_ = std::move(register_request);	192 register_request_ = std::move(register_request);

193	193

194 // If NAT traversal is off then limit port range to allow firewall pin-holing.

195 HOST_LOG << "NAT state: " << nat_traversal_enabled_;

196 protocol::NetworkSettings network_settings(	194 protocol::NetworkSettings network_settings(

197 nat_traversal_enabled_ ?	195 nat_traversal_enabled_ ?

198 protocol::NetworkSettings::NAT_TRAVERSAL_FULL :	196 protocol::NetworkSettings::NAT_TRAVERSAL_FULL :

199 protocol::NetworkSettings::NAT_TRAVERSAL_DISABLED);	197 protocol::NetworkSettings::NAT_TRAVERSAL_DISABLED);

200 if (!nat_traversal_enabled_) {	198

	199 // Update port range only if it has not already been set.
	Sergey Ulanov 2017/05/26 00:40:09 This comment doesn't look correct. The code sets p This comment doesn't look correct. The code sets port_range in network_settings when the policy is set. I would just remove it. The code is clear enough without this comment. Gus Smith 2017/05/26 15:59:11 Done. Show quoted text On 2017/05/26 00:40:09, Sergey Ulanov wrote: > This comment doesn't look correct. The code sets port_range in network_settings > when the policy is set. I would just remove it. The code is clear enough without > this comment. Done.
	200 // If NAT traversal is off then limit port range to allow firewall pin-holing.
	Sergey Ulanov 2017/05/26 00:40:09 Please remove this comment to avoid confusion. Ins Please remove this comment to avoid confusion. Instead I suggest adding a comment in the !nat_traversal_enabled_ case, maybe just copy from the Me2Me host: https://codesearch.chromium.org/chromium/src/remoting/host/remoting_me2me_hos... Gus Smith 2017/05/26 15:59:11 Done. Show quoted text On 2017/05/26 00:40:09, Sergey Ulanov wrote: > Please remove this comment to avoid confusion. Instead I suggest adding a > comment in the !nat_traversal_enabled_ case, maybe just copy from the Me2Me > host: > https://codesearch.chromium.org/chromium/src/remoting/host/remoting_me2me_hos... Done.
	201 HOST_LOG << "NAT state: " << nat_traversal_enabled_;
	Sergey Ulanov 2017/05/26 00:40:09 This line is not related to port range. I'd prefer This line is not related to port range. I'd prefer to keep it where it was, i.e. before network_settings definition. Gus Smith 2017/05/26 15:59:11 Done. Show quoted text On 2017/05/26 00:40:09, Sergey Ulanov wrote: > This line is not related to port range. I'd prefer to keep it where it was, i.e. > before network_settings definition. Done.
	202 if (!udp_port_range_.is_null()) {

	203 network_settings.port_range = udp_port_range_;

	204 } else if (!nat_traversal_enabled_) {

201 network_settings.port_range.min_port =	205 network_settings.port_range.min_port =

202 protocol::NetworkSettings::kDefaultMinPort;	206 protocol::NetworkSettings::kDefaultMinPort;

203 network_settings.port_range.max_port =	207 network_settings.port_range.max_port =

204 protocol::NetworkSettings::kDefaultMaxPort;	208 protocol::NetworkSettings::kDefaultMaxPort;

205 }	209 }

206	210

207 scoped_refptr<protocol::TransportContext> transport_context =	211 scoped_refptr<protocol::TransportContext> transport_context =

208 new protocol::TransportContext(	212 new protocol::TransportContext(

209 signal_strategy_.get(),	213 signal_strategy_.get(),

210 base::WrapUnique(new protocol::ChromiumPortAllocatorFactory()),	214 base::WrapUnique(new protocol::ChromiumPortAllocatorFactory()),

(...skipping 112 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
323 const base::ListValue* client_domain_list;	327 const base::ListValue* client_domain_list;

324 if (policies->GetList(policy::key::kRemoteAccessHostClientDomainList,	328 if (policies->GetList(policy::key::kRemoteAccessHostClientDomainList,

325 &client_domain_list)) {	329 &client_domain_list)) {

326 std::vector<std::string> client_domain_list_vector;	330 std::vector<std::string> client_domain_list_vector;

327 for (const auto& value : *client_domain_list) {	331 for (const auto& value : *client_domain_list) {

328 client_domain_list_vector.push_back(value.GetString());	332 client_domain_list_vector.push_back(value.GetString());

329 }	333 }

330 UpdateClientDomainListPolicy(std::move(client_domain_list_vector));	334 UpdateClientDomainListPolicy(std::move(client_domain_list_vector));

331 }	335 }

332	336

	337 std::string port_range_string;

	338 if (policies->GetString(policy::key::kRemoteAccessHostUdpPortRange,

	339 &port_range_string)) {

	340 UpdateHostUdpPortRangePolicy(port_range_string);

	341 }

	342

333 policy_received_ = true;	343 policy_received_ = true;

334	344

335 if (!pending_connect_.is_null()) {	345 if (!pending_connect_.is_null()) {

336 base::ResetAndReturn(&pending_connect_).Run();	346 base::ResetAndReturn(&pending_connect_).Run();

337 }	347 }

338 }	348 }

339	349

340 void It2MeHost::UpdateNatPolicy(bool nat_traversal_enabled) {	350 void It2MeHost::UpdateNatPolicy(bool nat_traversal_enabled) {

341 DCHECK(host_context_->network_task_runner()->BelongsToCurrentThread());	351 DCHECK(host_context_->network_task_runner()->BelongsToCurrentThread());

342	352

(...skipping 36 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
379 << base::JoinString(client_domain_list, ", ");	389 << base::JoinString(client_domain_list, ", ");

380	390

381 // When setting a client domain policy, disconnect any existing session.	391 // When setting a client domain policy, disconnect any existing session.

382 if (!client_domain_list.empty() && IsRunning()) {	392 if (!client_domain_list.empty() && IsRunning()) {

383 DisconnectOnNetworkThread();	393 DisconnectOnNetworkThread();

384 }	394 }

385	395

386 required_client_domain_list_ = std::move(client_domain_list);	396 required_client_domain_list_ = std::move(client_domain_list);

387 }	397 }

388	398

	399 void It2MeHost::UpdateHostUdpPortRangePolicy(

	400 const std::string& port_range_string) {

	401 DCHECK(host_context_->network_task_runner()->BelongsToCurrentThread());

	402

	403 VLOG(2) << "UpdateHostUdpPortRangePolicy: " << port_range_string;

	404

	405 if (IsRunning()) {

	406 DisconnectOnNetworkThread();

	407 }

	408

	409 if (!PortRange::Parse(port_range_string, &udp_port_range_)) {

	410 // PolicyWatcher verifies that the value is formatted correctly.

	411 LOG(FATAL) << "Invalid port range: " << port_range_string;

	412 }

	413 }

	414

389 void It2MeHost::SetState(It2MeHostState state,	415 void It2MeHost::SetState(It2MeHostState state,

390 const std::string& error_message) {	416 const std::string& error_message) {

391 DCHECK(host_context_->network_task_runner()->BelongsToCurrentThread());	417 DCHECK(host_context_->network_task_runner()->BelongsToCurrentThread());

392	418

393 switch (state_) {	419 switch (state_) {

394 case kDisconnected:	420 case kDisconnected:

395 DCHECK(state == kStarting \|\|	421 DCHECK(state == kStarting \|\|

396 state == kError) << state;	422 state == kError) << state;

397 break;	423 break;

398 case kStarting:	424 case kStarting:

(...skipping 177 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
576 std::unique_ptr<SignalStrategy> signal_strategy,	602 std::unique_ptr<SignalStrategy> signal_strategy,

577 const std::string& username,	603 const std::string& username,

578 const std::string& directory_bot_jid) {	604 const std::string& directory_bot_jid) {

579 DCHECK(context->ui_task_runner()->BelongsToCurrentThread());	605 DCHECK(context->ui_task_runner()->BelongsToCurrentThread());

580 return new It2MeHost(	606 return new It2MeHost(

581 std::move(context), base::MakeUnique<It2MeConfirmationDialogFactory>(),	607 std::move(context), base::MakeUnique<It2MeConfirmationDialogFactory>(),

582 observer, std::move(signal_strategy), username, directory_bot_jid);	608 observer, std::move(signal_strategy), username, directory_bot_jid);

583 }	609 }

584	610

585 } // namespace remoting	611 } // namespace remoting

OLD	NEW

« no previous file with comments | « remoting/host/it2me/it2me_host.h ('k') | remoting/host/it2me/it2me_host_unittest.cc » ('j') | no next file with comments »