Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(644)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/unix_domain_server_socket_posix.cc

Issue 382143005: Supports DevTools socket access authentication based on Android permissions. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Packing parameters to a stucture Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/socket/unix_domain_server_socket_posix.h ('K') | « net/socket/unix_domain_server_socket_posix.h ('k') | net/socket/unix_domain_server_socket_posix_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/unix_domain_server_socket_posix.h" 5 #include "net/socket/unix_domain_server_socket_posix.h"
6 6
7 #include <errno.h> 7 #include <errno.h>
8 #include <sys/socket.h> 8 #include <sys/socket.h>
9 #include <sys/un.h> 9 #include <sys/un.h>
10 #include <unistd.h> 10 #include <unistd.h>
(...skipping 11 matching lines...) Expand all
22 : auth_callback_(auth_callback), 22 : auth_callback_(auth_callback),
23 use_abstract_namespace_(use_abstract_namespace) { 23 use_abstract_namespace_(use_abstract_namespace) {
24 DCHECK(!auth_callback_.is_null()); 24 DCHECK(!auth_callback_.is_null());
25 } 25 }
26 26
27 UnixDomainServerSocket::~UnixDomainServerSocket() { 27 UnixDomainServerSocket::~UnixDomainServerSocket() {
28 } 28 }
29 29
30 // static 30 // static
31 bool UnixDomainServerSocket::GetPeerIds(SocketDescriptor socket, 31 bool UnixDomainServerSocket::GetPeerIds(SocketDescriptor socket,
32 uid_t* user_id, 32 Credentials* credentials) {
33 gid_t* group_id) {
34 #if defined(OS_LINUX) || defined(OS_ANDROID) 33 #if defined(OS_LINUX) || defined(OS_ANDROID)
35 struct ucred user_cred; 34 struct ucred user_cred;
36 socklen_t len = sizeof(user_cred); 35 socklen_t len = sizeof(user_cred);
37 if (getsockopt(socket, SOL_SOCKET, SO_PEERCRED, &user_cred, &len) < 0) 36 if (getsockopt(socket, SOL_SOCKET, SO_PEERCRED, &user_cred, &len) < 0)
38 return false; 37 return false;
39 *user_id = user_cred.uid; 38 credentials->process_id = user_cred.pid;
40 *group_id = user_cred.gid; 39 credentials->user_id = user_cred.uid;
40 credentials->group_id = user_cred.gid;
41 return true; 41 return true;
42 #else 42 #else
43 return getpeereid(socket, user_id, group_id) == 0; 43 return getpeereid(socket,
44 &credentials->user_id, &credentials->group_id) == 0;
byungchul 2014/08/04 22:18:02 wrong indentation
SeRya 2014/08/05 10:32:27 Done.
44 #endif 45 #endif
45 } 46 }
46 47
47 int UnixDomainServerSocket::Listen(const IPEndPoint& address, int backlog) { 48 int UnixDomainServerSocket::Listen(const IPEndPoint& address, int backlog) {
48 NOTIMPLEMENTED(); 49 NOTIMPLEMENTED();
49 return ERR_NOT_IMPLEMENTED; 50 return ERR_NOT_IMPLEMENTED;
50 } 51 }
51 52
52 int UnixDomainServerSocket::ListenWithAddressAndPort( 53 int UnixDomainServerSocket::ListenWithAddressAndPort(
53 const std::string& unix_domain_path, 54 const std::string& unix_domain_path,
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after
123 // to the caller. 124 // to the caller.
124 rv = Accept(socket, callback); 125 rv = Accept(socket, callback);
125 if (rv != ERR_IO_PENDING) 126 if (rv != ERR_IO_PENDING)
126 callback.Run(rv); 127 callback.Run(rv);
127 } 128 }
128 129
129 bool UnixDomainServerSocket::AuthenticateAndGetStreamSocket( 130 bool UnixDomainServerSocket::AuthenticateAndGetStreamSocket(
130 scoped_ptr<StreamSocket>* socket) { 131 scoped_ptr<StreamSocket>* socket) {
131 DCHECK(accept_socket_); 132 DCHECK(accept_socket_);
132 133
133 uid_t user_id; 134 Credentials credentials;
134 gid_t group_id; 135 if (!GetPeerIds(accept_socket_->socket_fd(), &credentials) ||
135 if (!GetPeerIds(accept_socket_->socket_fd(), &user_id, &group_id) || 136 !auth_callback_.Run(credentials)) {
136 !auth_callback_.Run(user_id, group_id)) {
137 accept_socket_.reset(); 137 accept_socket_.reset();
138 return false; 138 return false;
139 } 139 }
140 140
141 socket->reset(new UnixDomainClientSocket(accept_socket_.Pass())); 141 socket->reset(new UnixDomainClientSocket(accept_socket_.Pass()));
142 return true; 142 return true;
143 } 143 }
144 144
145 } // namespace net 145 } // namespace net
OLDNEW
« net/socket/unix_domain_server_socket_posix.h ('K') | « net/socket/unix_domain_server_socket_posix.h ('k') | net/socket/unix_domain_server_socket_posix_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698