Fix token URL policy processing. Refactor/clean-up individual policy processing. Separate policy ap…

remoting/host/remoting_me2me_host.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // This file implements a standalone host process for Me2Me.
 
 #include <string>
 
 #include "base/at_exit.h"
 #include "base/bind.h"
@@ skipping 205 matching lines @@
 
   // Called on the network thread to set the host's Authenticator factory.
   void CreateAuthenticatorFactory();
 
   // Tear down resources that run on the UI thread.
   void ShutdownOnUiThread();
 
   // Applies the host config, returning true if successful.
   bool ApplyConfig(scoped_ptr<JsonHostConfig> config);
 
+  // Handles policy updates, by calling On*PolicyUpdate methods.
   void OnPolicyUpdate(scoped_ptr<base::DictionaryValue> policies);
-  bool OnHostDomainPolicyUpdate(const std::string& host_domain);
-  bool OnUsernamePolicyUpdate(bool curtain_required,
-                              bool username_match_required);
-  bool OnNatPolicyUpdate(bool nat_traversal_enabled);
-  bool OnRelayPolicyUpdate(bool allow_relay);
-  bool OnUdpPortPolicyUpdate(const std::string& udp_port_range);
-  void OnCurtainPolicyUpdate(bool curtain_required);
-  bool OnHostTalkGadgetPrefixPolicyUpdate(const std::string& talkgadget_prefix);
-  bool OnHostTokenUrlPolicyUpdate(
-      const GURL& token_url,
-      const GURL& token_validation_url,
-      const std::string& token_validation_cert_issuer);
-  bool OnPairingPolicyUpdate(bool pairing_enabled);
-  bool OnGnubbyAuthPolicyUpdate(bool enable_gnubby_auth);
+  void ApplyHostDomainPolicy();
+  void ApplyUsernamePolicy();
+  bool OnHostDomainPolicyUpdate(base::DictionaryValue* policies);
+  bool OnUsernamePolicyUpdate(base::DictionaryValue* policies);
+  bool OnNatPolicyUpdate(base::DictionaryValue* policies);
+  bool OnRelayPolicyUpdate(base::DictionaryValue* policies);
+  bool OnUdpPortPolicyUpdate(base::DictionaryValue* policies);
+  bool OnCurtainPolicyUpdate(base::DictionaryValue* policies);
+  bool OnHostTalkGadgetPrefixPolicyUpdate(base::DictionaryValue* policies);
+  bool OnHostTokenUrlPolicyUpdate(base::DictionaryValue* policies);
+  bool OnPairingPolicyUpdate(base::DictionaryValue* policies);
+  bool OnGnubbyAuthPolicyUpdate(base::DictionaryValue* policies);
 
   void StartHost();
 
   void OnAuthFailed();
 
   void RestartHost();
 
   // Stops the host and shuts down the process with the specified |exit_code|.
   void ShutdownHost(HostExitCodes exit_code);
 
@@ skipping 30 matching lines @@
 
   scoped_ptr<ConfigWatcher> config_watcher_;
 
   std::string host_id_;
   protocol::SharedSecretHash host_secret_hash_;
   scoped_refptr<RsaKeyPair> key_pair_;
   std::string oauth_refresh_token_;
   std::string serialized_config_;
   std::string host_owner_;
   bool use_service_account_;
+

[rmsousa, 2014/06/06 23:23:14]

empty line separates config variables from policy variables.

   scoped_ptr<policy_hack::PolicyWatcher> policy_watcher_;
+  std::string host_domain_;
+  bool host_username_match_required_;
   bool allow_nat_traversal_;
   bool allow_relay_;
   int min_udp_port_;
   int max_udp_port_;
   std::string talkgadget_prefix_;
   bool allow_pairing_;
 
   bool curtain_required_;
   ThirdPartyAuthConfig third_party_auth_config_;
   bool enable_gnubby_auth_;
@@ skipping 20 matching lines @@
   bool signal_parent_;
 
   scoped_ptr<PairingRegistry::Delegate> pairing_registry_delegate_;
 };
 
 HostProcess::HostProcess(scoped_ptr<ChromotingHostContext> context,
                          int* exit_code_out)
     : context_(context.Pass()),
       state_(HOST_INITIALIZING),
       use_service_account_(false),
+      host_username_match_required_(false),
       allow_nat_traversal_(true),
       allow_relay_(true),
       min_udp_port_(0),
       max_udp_port_(0),
       allow_pairing_(true),
       curtain_required_(false),
       enable_gnubby_auth_(false),
 #if defined(REMOTING_MULTI_PROCESS)
       desktop_session_connector_(NULL),
 #endif  // defined(REMOTING_MULTI_PROCESS)
@@ skipping 133 matching lines @@
 
   if (state_ == HOST_INITIALIZING) {
     // TODO(sergeyu): Currently OnPolicyUpdate() assumes that host config is
     // already loaded so PolicyWatcher has to be started here. Separate policy
     // loading from policy verifications and move |policy_watcher_|
     // initialization to StartOnNetworkThread().
     policy_watcher_.reset(
         policy_hack::PolicyWatcher::Create(context_->file_task_runner()));
     policy_watcher_->StartWatching(
         base::Bind(&HostProcess::OnPolicyUpdate, base::Unretained(this)));
-  } else if (state_ == HOST_STARTED) {
-    // TODO(sergeyu): Here we assume that PIN is the only part of the config
-    // that may change while the service is running. Change ApplyConfig() to
-    // detect other changes in the config and restart host if necessary here.
-    CreateAuthenticatorFactory();
+  } else {
+    // Reapply policies that could be affected by a new config.
+    ApplyHostDomainPolicy();
+    ApplyUsernamePolicy();
+
+    if (state_ == HOST_STARTED) {
+      // TODO(sergeyu): Here we assume that PIN is the only part of the config
+      // that may change while the service is running. Change ApplyConfig() to
+      // detect other changes in the config and restart host if necessary here.
+      CreateAuthenticatorFactory();
+    }
   }
 }
 
 void HostProcess::OnConfigWatcherError() {
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
   ShutdownHost(kInvalidHostConfigurationExitCode);
 }
 
 void HostProcess::StartOnNetworkThread() {
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
@@ skipping 304 matching lines @@
     use_service_account_ = true;
   } else {
     // User credential configs only have an xmpp_login, which is also the owner.
     host_owner_ = xmpp_server_config_.username;
     use_service_account_ = false;
   }
   return true;
 }
 
 void HostProcess::OnPolicyUpdate(scoped_ptr<base::DictionaryValue> policies) {
-  // TODO(rmsousa): Consolidate all On*PolicyUpdate methods into this one.
-  // TODO(sergeyu): Currently polices are verified only when they are loaded.
-  // Separate policy loading from policy verifications - this will allow to
-  // check policies again later, e.g. when host config changes.
-
   if (!context_->network_task_runner()->BelongsToCurrentThread()) {
     context_->network_task_runner()->PostTask(FROM_HERE, base::Bind(
         &HostProcess::OnPolicyUpdate, this, base::Passed(&policies)));
     return;
   }
 
   bool restart_required = false;
-  bool bool_value;
-  std::string string_value;
-  if (policies->GetString(policy_hack::PolicyWatcher::kHostDomainPolicyName,
-                          &string_value)) {
-    restart_required |= OnHostDomainPolicyUpdate(string_value);
-  }
-  bool curtain_required = false;
-  if (policies->GetBoolean(
-          policy_hack::PolicyWatcher::kHostRequireCurtainPolicyName,
-          &curtain_required)) {
-    OnCurtainPolicyUpdate(curtain_required);
-  }
-  if (policies->GetBoolean(
-      policy_hack::PolicyWatcher::kHostMatchUsernamePolicyName,
-      &bool_value)) {
-    restart_required |= OnUsernamePolicyUpdate(curtain_required, bool_value);
-  }
-  if (policies->GetBoolean(policy_hack::PolicyWatcher::kNatPolicyName,
-                           &bool_value)) {
-    restart_required |= OnNatPolicyUpdate(bool_value);
-  }
-  if (policies->GetBoolean(policy_hack::PolicyWatcher::kRelayPolicyName,
-                           &bool_value)) {
-    restart_required |= OnRelayPolicyUpdate(bool_value);
-  }
-  std::string udp_port_range;
-  if (policies->GetString(policy_hack::PolicyWatcher::kUdpPortRangePolicyName,
-                           &udp_port_range)) {
-    restart_required |= OnUdpPortPolicyUpdate(udp_port_range);
-  }
-
-  if (policies->GetString(
-          policy_hack::PolicyWatcher::kHostTalkGadgetPrefixPolicyName,
-          &string_value)) {
-    restart_required |= OnHostTalkGadgetPrefixPolicyUpdate(string_value);
-  }
-  std::string token_url_string, token_validation_url_string;
-  std::string token_validation_cert_issuer;
-  if (policies->GetString(
-          policy_hack::PolicyWatcher::kHostTokenUrlPolicyName,
-          &token_url_string) &&
-      policies->GetString(
-          policy_hack::PolicyWatcher::kHostTokenValidationUrlPolicyName,
-          &token_validation_url_string) &&
-      policies->GetString(
-          policy_hack::PolicyWatcher::kHostTokenValidationCertIssuerPolicyName,
-          &token_validation_cert_issuer)) {
-    restart_required |= OnHostTokenUrlPolicyUpdate(
-        GURL(token_url_string), GURL(token_validation_url_string),
-        token_validation_cert_issuer);
-  }
-  if (policies->GetBoolean(
-          policy_hack::PolicyWatcher::kHostAllowClientPairing,
-          &bool_value)) {
-    restart_required |= OnPairingPolicyUpdate(bool_value);
-  }
-  if (policies->GetBoolean(
-          policy_hack::PolicyWatcher::kHostAllowGnubbyAuthPolicyName,
-          &bool_value))
-    restart_required |= OnGnubbyAuthPolicyUpdate(bool_value);
+  restart_required |= OnHostDomainPolicyUpdate(policies.get());
+  restart_required |= OnCurtainPolicyUpdate(policies.get());
+  // Note: UsernamePolicyUpdate must run after OnCurtainPolicyUpdate.
+  restart_required |= OnUsernamePolicyUpdate(policies.get());
+  restart_required |= OnNatPolicyUpdate(policies.get());
+  restart_required |= OnRelayPolicyUpdate(policies.get());
+  restart_required |= OnUdpPortPolicyUpdate(policies.get());
+  restart_required |= OnHostTalkGadgetPrefixPolicyUpdate(policies.get());
+  restart_required |= OnHostTokenUrlPolicyUpdate(policies.get());
+  restart_required |= OnPairingPolicyUpdate(policies.get());
+  restart_required |= OnGnubbyAuthPolicyUpdate(policies.get());
 
   if (state_ == HOST_INITIALIZING) {
     StartHost();
   } else if (state_ == HOST_STARTED && restart_required) {
     RestartHost();
   }
 }
 
-bool HostProcess::OnHostDomainPolicyUpdate(const std::string& host_domain) {
+void HostProcess::ApplyHostDomainPolicy() {
+  HOST_LOG << "Policy sets host domain: " << host_domain_;
+  if (!host_domain_.empty() &&
+      !EndsWith(host_owner_, std::string("@") + host_domain_, false)) {
+    LOG(ERROR) << "The host domain does not match the policy.";
+    ShutdownHost(kInvalidHostDomainExitCode);
+  }
+}
+
+bool HostProcess::OnHostDomainPolicyUpdate(base::DictionaryValue* policies) {
   // Returns true if the host has to be restarted after this policy update.
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
 
-  HOST_LOG << "Policy sets host domain: " << host_domain;
+  if (!policies->GetString(policy_hack::PolicyWatcher::kHostDomainPolicyName,
+                          &host_domain_)) {
+    return false;
+  }
 
-  if (!host_domain.empty() &&
-      !EndsWith(host_owner_, std::string("@") + host_domain, false)) {
-    ShutdownHost(kInvalidHostDomainExitCode);
-  }
+  ApplyHostDomainPolicy();
   return false;
 }
 
-bool HostProcess::OnUsernamePolicyUpdate(bool curtain_required,
-                                         bool host_username_match_required) {
-  // Returns false: never restart the host after this policy update.
-  DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
-
-  if (host_username_match_required) {
+void HostProcess::ApplyUsernamePolicy() {
+  if (host_username_match_required_) {
     HOST_LOG << "Policy requires host username match.";
     std::string username = GetUsername();
     bool shutdown = username.empty() ||
         !StartsWithASCII(host_owner_, username + std::string("@"),
                          false);
 
 #if defined(OS_MACOSX)
     // On Mac, we run as root at the login screen, so the username won't match.
     // However, there's no need to enforce the policy at the login screen, as
     // the client will have to reconnect if a login occurs.
     if (shutdown && getuid() == 0) {
       shutdown = false;
     }
 #endif
 
     // Curtain-mode on Windows presents the standard OS login prompt to the user
     // for each connection, removing the need for an explicit user-name matching
     // check.
 #if defined(OS_WIN) && defined(REMOTING_RDP_SESSION)
-    if (curtain_required)
+    if (curtain_required_)
       return false;
 #endif  // defined(OS_WIN) && defined(REMOTING_RDP_SESSION)
 
     // Shutdown the host if the username does not match.
     if (shutdown) {
       LOG(ERROR) << "The host username does not match.";
       ShutdownHost(kUsernameMismatchExitCode);
     }
   } else {
     HOST_LOG << "Policy does not require host username match.";
   }
+}
 
+bool HostProcess::OnUsernamePolicyUpdate(base::DictionaryValue* policies) {
+  // Returns false: never restart the host after this policy update.
+  DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
+
+  if (!policies->GetBoolean(
+      policy_hack::PolicyWatcher::kHostMatchUsernamePolicyName,
+      &host_username_match_required_)) {
+    return false;
+  }
+
+  ApplyUsernamePolicy();
   return false;
 }
 
-bool HostProcess::OnNatPolicyUpdate(bool nat_traversal_enabled) {
+bool HostProcess::OnNatPolicyUpdate(base::DictionaryValue* policies) {
   // Returns true if the host has to be restarted after this policy update.
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
 
-  if (allow_nat_traversal_ != nat_traversal_enabled) {
-    if (nat_traversal_enabled)
-      HOST_LOG << "Policy enables NAT traversal.";
-    else
-      HOST_LOG << "Policy disables NAT traversal.";
-    allow_nat_traversal_ = nat_traversal_enabled;
-    return true;
+  if (!policies->GetBoolean(policy_hack::PolicyWatcher::kNatPolicyName,
+                           &allow_nat_traversal_)) {
+    return false;
   }
-  return false;
+
+  if (allow_nat_traversal_)
+    HOST_LOG << "Policy enables NAT traversal.";

[Sergey Ulanov, 2014/06/07 00:51:44]

add {} please

[rmsousa, 2014/06/07 01:09:03]

Done.

+  else
+    HOST_LOG << "Policy disables NAT traversal.";
+  return true;
 }
 
-bool HostProcess::OnRelayPolicyUpdate(bool allow_relay) {
+bool HostProcess::OnRelayPolicyUpdate(base::DictionaryValue* policies) {
   // Returns true if the host has to be restarted after this policy update.
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
 
-  if (allow_relay_ != allow_relay) {
-    if (allow_relay)
-      HOST_LOG << "Policy enables use of relay server.";
-    else
-      HOST_LOG << "Policy disables use of relay server.";
-    allow_relay_ = allow_relay;
-    return true;
+  if (!policies->GetBoolean(policy_hack::PolicyWatcher::kRelayPolicyName,
+                           &allow_relay_)) {
+    return false;
   }
-  return false;
+
+  if (allow_relay_)
+    HOST_LOG << "Policy enables use of relay server.";
+  else
+    HOST_LOG << "Policy disables use of relay server.";
+  return true;
 }
 
-bool HostProcess::OnUdpPortPolicyUpdate(const std::string& udp_port_range) {
+bool HostProcess::OnUdpPortPolicyUpdate(base::DictionaryValue* policies) {
   // Returns true if the host has to be restarted after this policy update.
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
 
+  std::string udp_port_range;
+  if (!policies->GetString(policy_hack::PolicyWatcher::kUdpPortRangePolicyName,
+                           &udp_port_range)) {
+    return false;
+  }
+
   // Use default values if policy setting is empty or invalid.
   int min_udp_port = 0;
   int max_udp_port = 0;
   if (!udp_port_range.empty() &&
       !NetworkSettings::ParsePortRange(udp_port_range, &min_udp_port,
                                        &max_udp_port)) {
     LOG(WARNING) << "Invalid port range policy: \"" << udp_port_range
                  << "\". Using default values.";
   }
 
   if (min_udp_port_ != min_udp_port || max_udp_port_ != max_udp_port) {
     if (min_udp_port != 0 && max_udp_port != 0) {
       HOST_LOG << "Policy restricts UDP port range to [" << min_udp_port
                << ", " << max_udp_port << "]";
     } else {
       HOST_LOG << "Policy does not restrict UDP port range.";
     }
     min_udp_port_ = min_udp_port;
     max_udp_port_ = max_udp_port;
     return true;
   }
   return false;
 }
 
-void HostProcess::OnCurtainPolicyUpdate(bool curtain_required) {
+bool HostProcess::OnCurtainPolicyUpdate(base::DictionaryValue* policies) {
   // Returns true if the host has to be restarted after this policy update.
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
 
+  if (!policies->GetBoolean(
+          policy_hack::PolicyWatcher::kHostRequireCurtainPolicyName,
+          &curtain_required_)) {
+    return false;
+  }
+
 #if defined(OS_MACOSX)
-  if (curtain_required) {
+  if (curtain_required_) {
     // When curtain mode is in effect on Mac, the host process runs in the
     // user's switched-out session, but launchd will also run an instance at
     // the console login screen.  Even if no user is currently logged-on, we
     // can't support remote-access to the login screen because the current host
     // process model disconnects the client during login, which would leave
     // the logged in session un-curtained on the console until they reconnect.
     //
     // TODO(jamiewalch): Fix this once we have implemented the multi-process
     // daemon architecture (crbug.com/134894)
     if (getuid() == 0) {
       LOG(ERROR) << "Running the host in the console login session is yet not "
                     "supported.";
       ShutdownHost(kLoginScreenNotSupportedExitCode);
-      return;
+      return false;
     }
   }
 #endif
 
-  if (curtain_required_ != curtain_required) {
-    if (curtain_required)
-      HOST_LOG << "Policy requires curtain-mode.";
-    else
-      HOST_LOG << "Policy does not require curtain-mode.";
-    curtain_required_ = curtain_required;
-    if (host_)
-      host_->SetEnableCurtaining(curtain_required_);
-  }
+  if (curtain_required_)
+    HOST_LOG << "Policy requires curtain-mode.";
+  else
+    HOST_LOG << "Policy does not require curtain-mode.";
+
+  if (host_)
+    host_->SetEnableCurtaining(curtain_required_);
+  return false;
 }
 
 bool HostProcess::OnHostTalkGadgetPrefixPolicyUpdate(
-    const std::string& talkgadget_prefix) {
+    base::DictionaryValue* policies) {
   // Returns true if the host has to be restarted after this policy update.
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
 
-  if (talkgadget_prefix != talkgadget_prefix_) {
-    HOST_LOG << "Policy sets talkgadget prefix: " << talkgadget_prefix;
-    talkgadget_prefix_ = talkgadget_prefix;
-    return true;
+  if (!policies->GetString(
+          policy_hack::PolicyWatcher::kHostTalkGadgetPrefixPolicyName,
+          &talkgadget_prefix_)) {
+    return false;
   }
-  return false;
+
+  HOST_LOG << "Policy sets talkgadget prefix: " << talkgadget_prefix_;
+  return true;
 }
 
-bool HostProcess::OnHostTokenUrlPolicyUpdate(
-    const GURL& token_url,
-    const GURL& token_validation_url,
-    const std::string& token_validation_cert_issuer) {
+bool HostProcess::OnHostTokenUrlPolicyUpdate(base::DictionaryValue* policies) {
   // Returns true if the host has to be restarted after this policy update.
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
 
-  if (third_party_auth_config_.token_url != token_url ||
-      third_party_auth_config_.token_validation_url != token_validation_url ||
-      third_party_auth_config_.token_validation_cert_issuer !=
-      token_validation_cert_issuer) {
-    HOST_LOG << "Policy sets third-party token URLs: "
-             << "TokenUrl: " << token_url << ", "
-             << "TokenValidationUrl: " << token_validation_url
-             << "TokenValidationCertificateIssuer: "
-             << token_validation_cert_issuer;
-    third_party_auth_config_.token_url = token_url;
-    third_party_auth_config_.token_validation_url = token_validation_url;
-    third_party_auth_config_.token_validation_cert_issuer =
-        token_validation_cert_issuer;
-    return true;
+  bool token_policy_changed = false;
+  std::string token_url_string;
+  if (policies->GetString(
+          policy_hack::PolicyWatcher::kHostTokenUrlPolicyName,
+          &token_url_string)) {
+    token_policy_changed = true;
+    third_party_auth_config_.token_url = GURL(token_url_string);
+  }
+  std::string token_validation_url_string;
+  if (policies->GetString(
+          policy_hack::PolicyWatcher::kHostTokenValidationUrlPolicyName,
+          &token_validation_url_string)) {
+    token_policy_changed = true;
+    third_party_auth_config_.token_validation_url =
+        GURL(token_validation_url_string);
+  }
+  if (policies->GetString(
+          policy_hack::PolicyWatcher::kHostTokenValidationCertIssuerPolicyName,
+          &third_party_auth_config_.token_validation_cert_issuer)) {
+    token_policy_changed = true;
   }
 
-  return false;
+  if (token_policy_changed) {
+    HOST_LOG << "Policy sets third-party token URLs: "
+             << "TokenUrl: "
+             << third_party_auth_config_.token_url << ", "
+             << "TokenValidationUrl: "
+             << third_party_auth_config_.token_validation_url << ", "
+             << "TokenValidationCertificateIssuer: "
+             << third_party_auth_config_.token_validation_cert_issuer;
+  }
+  return token_policy_changed;
 }
 
-bool HostProcess::OnPairingPolicyUpdate(bool allow_pairing) {
+bool HostProcess::OnPairingPolicyUpdate(base::DictionaryValue* policies) {
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
 
-  if (allow_pairing_ == allow_pairing)
+  if (!policies->GetBoolean(
+          policy_hack::PolicyWatcher::kHostAllowClientPairing,
+          &allow_pairing_)) {
     return false;
+  }
 
-  if (allow_pairing)
+  if (allow_pairing_)
     HOST_LOG << "Policy enables client pairing.";

[Sergey Ulanov, 2014/06/07 00:51:45]

add {} please

[rmsousa, 2014/06/07 01:09:03]

Done.

   else
     HOST_LOG << "Policy disables client pairing.";
-  allow_pairing_ = allow_pairing;
   return true;
 }
 
-bool HostProcess::OnGnubbyAuthPolicyUpdate(bool enable_gnubby_auth) {
+bool HostProcess::OnGnubbyAuthPolicyUpdate(base::DictionaryValue* policies) {
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
 
-  if (enable_gnubby_auth_ == enable_gnubby_auth)
+  if (!policies->GetBoolean(
+          policy_hack::PolicyWatcher::kHostAllowGnubbyAuthPolicyName,
+          &enable_gnubby_auth_)) {
     return false;
+  }
 
-  if (enable_gnubby_auth) {
+  if (enable_gnubby_auth_) {
     HOST_LOG << "Policy enables gnubby auth.";
   } else {
     HOST_LOG << "Policy disables gnubby auth.";
   }
-  enable_gnubby_auth_ = enable_gnubby_auth;
 
   if (desktop_environment_factory_)
-    desktop_environment_factory_->SetEnableGnubbyAuth(enable_gnubby_auth);
+    desktop_environment_factory_->SetEnableGnubbyAuth(enable_gnubby_auth_);
 
   return true;
 }
 
 void HostProcess::StartHost() {
   DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
   DCHECK(!host_);
   DCHECK(!signal_strategy_.get());
   DCHECK(state_ == HOST_INITIALIZING || state_ == HOST_STOPPING_TO_RESTART ||
          state_ == HOST_STOPPED) << state_;
@@ skipping 234 matching lines @@
   return exit_code;
 }
 
 }  // namespace remoting
 
 #if !defined(OS_WIN)
 int main(int argc, char** argv) {
   return remoting::HostMain(argc, argv);
 }
 #endif  // !defined(OS_WIN)