remoting/host/it2me/it2me_host.cc - Issue 2912143002: Host port range policy is no longer ignored in it2me host.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: remoting/host/it2me/it2me_host.cc

Issue 2912143002: Host port range policy is no longer ignored in it2me host. (Closed)

Patch Set: Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: remoting/host/it2me/it2me_host.cc

diff --git a/remoting/host/it2me/it2me_host.cc b/remoting/host/it2me/it2me_host.cc

index 17e7143541fc2d8f58256a01957bdd7da893b722..08f91ba742702ea9458100e3a300d401e29ab3dc 100644

--- a/remoting/host/it2me/it2me_host.cc

+++ b/remoting/host/it2me/it2me_host.cc

@@ -191,13 +191,19 @@ void It2MeHost::FinishConnect() {

// Beyond this point nothing can fail, so save the config and request.

register_request_ = std::move(register_request);

- // If NAT traversal is off then limit port range to allow firewall pin-holing.

HOST_LOG << "NAT state: " << nat_traversal_enabled_;

protocol::NetworkSettings network_settings(

nat_traversal_enabled_ ?

protocol::NetworkSettings::NAT_TRAVERSAL_FULL :

protocol::NetworkSettings::NAT_TRAVERSAL_DISABLED);

- if (!nat_traversal_enabled_) {

+ if (!udp_port_range_.is_null()) {

+ network_settings.port_range = udp_port_range_;

+ } else if (!nat_traversal_enabled_) {

+ // For legacy reasons we have to restrict the port range to a set of default

+ // values when nat traversal is disabled, even if the port range was not

+ // set in policy.

network_settings.port_range.min_port =

protocol::NetworkSettings::kDefaultMinPort;

network_settings.port_range.max_port =

@@ -330,6 +336,12 @@ void It2MeHost::OnPolicyUpdate(

UpdateClientDomainListPolicy(std::move(client_domain_list_vector));

}

+ std::string port_range_string;

+ if (policies->GetString(policy::key::kRemoteAccessHostUdpPortRange,

+ &port_range_string)) {

+ UpdateHostUdpPortRangePolicy(port_range_string);

+ }

policy_received_ = true;

if (!pending_connect_.is_null()) {

@@ -386,6 +398,22 @@ void It2MeHost::UpdateClientDomainListPolicy(

required_client_domain_list_ = std::move(client_domain_list);

}

+void It2MeHost::UpdateHostUdpPortRangePolicy(

+ const std::string& port_range_string) {

+ DCHECK(host_context_->network_task_runner()->BelongsToCurrentThread());

+ VLOG(2) << "UpdateHostUdpPortRangePolicy: " << port_range_string;

+ if (IsRunning()) {

+ DisconnectOnNetworkThread();

+ }

+ if (!PortRange::Parse(port_range_string, &udp_port_range_)) {

+ // PolicyWatcher verifies that the value is formatted correctly.

+ LOG(FATAL) << "Invalid port range: " << port_range_string;

+ }

void It2MeHost::SetState(It2MeHostState state,

const std::string& error_message) {

DCHECK(host_context_->network_task_runner()->BelongsToCurrentThread());

« no previous file with comments | « remoting/host/it2me/it2me_host.h ('k') | remoting/host/it2me/it2me_host_unittest.cc » ('j') | no next file with comments »