Chromium Code Reviews Chromium Code Reviews
Issue 807723004:
Cast audio only policy enforcement support. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "extensions/browser/api/cast_channel/cast_socket.h" | 5 #include "extensions/browser/api/cast_channel/cast_socket.h" |
| 6 | 6 |
| 7 #include <stdlib.h> | 7 #include <stdlib.h> |
| 8 #include <string.h> | 8 #include <string.h> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 46 namespace { | 46 namespace { |
| 47 | 47 |
| 48 // The default keepalive delay. On Linux, keepalives probes will be sent after | 48 // The default keepalive delay. On Linux, keepalives probes will be sent after |
| 49 // the socket is idle for this length of time, and the socket will be closed | 49 // the socket is idle for this length of time, and the socket will be closed |
| 50 // after 9 failed probes. So the total idle time before close is 10 * | 50 // after 9 failed probes. So the total idle time before close is 10 * |
| 51 // kTcpKeepAliveDelaySecs. | 51 // kTcpKeepAliveDelaySecs. |
| 52 const int kTcpKeepAliveDelaySecs = 10; | 52 const int kTcpKeepAliveDelaySecs = 10; |
| 53 | 53 |
| 54 const int kMaxSelfSignedCertLifetimeInDays = 2; | 54 const int kMaxSelfSignedCertLifetimeInDays = 2; |
| 55 | 55 |
| 56 const char kAudioOnlyPolicy[] = | |
|
mark a. foltz
2015/01/12 22:01:57
This is an odd place to define a constant that is
vadimgo
2015/01/13 00:08:27
Done.
| |
| 57 {0x06, 0x0A, 0x2B, 0x06, 0x01, 0x04, 0x01, 0xD6, 0x79, 0x02, 0x05, 0x02}; | |
| 58 | |
| 56 std::string FormatTimeForLogging(base::Time time) { | 59 std::string FormatTimeForLogging(base::Time time) { |
| 57 base::Time::Exploded exploded; | 60 base::Time::Exploded exploded; |
| 58 time.UTCExplode(&exploded); | 61 time.UTCExplode(&exploded); |
| 59 return base::StringPrintf( | 62 return base::StringPrintf( |
| 60 "%04d-%02d-%02d %02d:%02d:%02d.%03d UTC", exploded.year, exploded.month, | 63 "%04d-%02d-%02d %02d:%02d:%02d.%03d UTC", exploded.year, exploded.month, |
| 61 exploded.day_of_month, exploded.hour, exploded.minute, exploded.second, | 64 exploded.day_of_month, exploded.hour, exploded.minute, exploded.second, |
| 62 exploded.millisecond); | 65 exploded.millisecond); |
| 63 } | 66 } |
| 64 | 67 |
| 65 } // namespace | 68 } // namespace |
| (...skipping 28 matching lines...) Expand all Loading... | |
| 94 auth_delegate_(this), | 97 auth_delegate_(this), |
| 95 owner_extension_id_(owner_extension_id), | 98 owner_extension_id_(owner_extension_id), |
| 96 channel_id_(0), | 99 channel_id_(0), |
| 97 ip_endpoint_(ip_endpoint), | 100 ip_endpoint_(ip_endpoint), |
| 98 channel_auth_(channel_auth), | 101 channel_auth_(channel_auth), |
| 99 net_log_(net_log), | 102 net_log_(net_log), |
| 100 logger_(logger), | 103 logger_(logger), |
| 101 connect_timeout_(timeout), | 104 connect_timeout_(timeout), |
| 102 connect_timeout_timer_(new base::OneShotTimer<CastSocketImpl>), | 105 connect_timeout_timer_(new base::OneShotTimer<CastSocketImpl>), |
| 103 is_canceled_(false), | 106 is_canceled_(false), |
| 107 has_video_out_(true), | |
| 104 connect_state_(proto::CONN_STATE_NONE), | 108 connect_state_(proto::CONN_STATE_NONE), |
| 105 error_state_(CHANNEL_ERROR_NONE), | 109 error_state_(CHANNEL_ERROR_NONE), |
| 106 ready_state_(READY_STATE_NONE) { | 110 ready_state_(READY_STATE_NONE) { |
| 107 DCHECK(net_log_); | 111 DCHECK(net_log_); |
| 108 DCHECK(channel_auth_ == CHANNEL_AUTH_TYPE_SSL || | 112 DCHECK(channel_auth_ == CHANNEL_AUTH_TYPE_SSL || |
| 109 channel_auth_ == CHANNEL_AUTH_TYPE_SSL_VERIFIED); | 113 channel_auth_ == CHANNEL_AUTH_TYPE_SSL_VERIFIED); |
| 110 net_log_source_.type = net::NetLog::SOURCE_SOCKET; | 114 net_log_source_.type = net::NetLog::SOURCE_SOCKET; |
| 111 net_log_source_.id = net_log_->NextID(); | 115 net_log_source_.id = net_log_->NextID(); |
| 112 } | 116 } |
| 113 | 117 |
| (...skipping 16 matching lines...) Expand all Loading... | |
| 130 } | 134 } |
| 131 | 135 |
| 132 int CastSocketImpl::id() const { | 136 int CastSocketImpl::id() const { |
| 133 return channel_id_; | 137 return channel_id_; |
| 134 } | 138 } |
| 135 | 139 |
| 136 void CastSocketImpl::set_id(int id) { | 140 void CastSocketImpl::set_id(int id) { |
| 137 channel_id_ = id; | 141 channel_id_ = id; |
| 138 } | 142 } |
| 139 | 143 |
| 144 void CastSocketImpl::set_has_video_out(bool has_video_out) { | |
| 145 has_video_out_ = has_video_out; | |
| 146 } | |
| 147 | |
| 140 ChannelAuthType CastSocketImpl::channel_auth() const { | 148 ChannelAuthType CastSocketImpl::channel_auth() const { |
| 141 return channel_auth_; | 149 return channel_auth_; |
| 142 } | 150 } |
| 143 | 151 |
| 144 scoped_ptr<net::TCPClientSocket> CastSocketImpl::CreateTcpSocket() { | 152 scoped_ptr<net::TCPClientSocket> CastSocketImpl::CreateTcpSocket() { |
| 145 net::AddressList addresses(ip_endpoint_); | 153 net::AddressList addresses(ip_endpoint_); |
| 146 return scoped_ptr<net::TCPClientSocket>( | 154 return scoped_ptr<net::TCPClientSocket>( |
| 147 new net::TCPClientSocket(addresses, net_log_, net_log_source_)); | 155 new net::TCPClientSocket(addresses, net_log_, net_log_source_)); |
| 148 // Options cannot be set on the TCPClientSocket yet, because the | 156 // Options cannot be set on the TCPClientSocket yet, because the |
| 149 // underlying platform socket will not be created until Bind() | 157 // underlying platform socket will not be created until Bind() |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 211 VLOG_WITH_CONNECTION(1) << "Successfully extracted peer certificate"; | 219 VLOG_WITH_CONNECTION(1) << "Successfully extracted peer certificate"; |
| 212 } | 220 } |
| 213 | 221 |
| 214 logger_->LogSocketEventWithRv( | 222 logger_->LogSocketEventWithRv( |
| 215 channel_id_, proto::DER_ENCODED_CERT_OBTAIN, result ? 1 : 0); | 223 channel_id_, proto::DER_ENCODED_CERT_OBTAIN, result ? 1 : 0); |
| 216 return result; | 224 return result; |
| 217 } | 225 } |
| 218 | 226 |
| 219 bool CastSocketImpl::VerifyChallengeReply() { | 227 bool CastSocketImpl::VerifyChallengeReply() { |
| 220 AuthResult result = AuthenticateChallengeReply(*challenge_reply_, peer_cert_); | 228 AuthResult result = AuthenticateChallengeReply(*challenge_reply_, peer_cert_); |
| 229 logger_->LogSocketChallengeReplyEvent(channel_id_, result); | |
| 221 if (result.success()) { | 230 if (result.success()) { |
| 222 VLOG(1) << result.error_message; | 231 VLOG(1) << result.error_message; |
| 232 if (has_video_out_) { | |
|
mark a. foltz
2015/01/12 22:01:57
if (HasCapability(VIDEO_OUT) && result.HasPolicy(A
mark a. foltz
2015/01/12 22:01:57
Slightly prefer to capture policy enforcement in i
vadimgo
2015/01/13 00:08:27
Done.
| |
| 233 if (result.client_auth_certificate.find(kAudioOnlyPolicy) != | |
| 234 std::string::npos) { | |
| 235 // The device claims to have a video out capability, but the certificate | |
| 236 // contains audio only policy. | |
| 237 LOG(ERROR) << "Audio only policy enforced"; | |
|
mark a. foltz
2015/01/12 22:01:57
Please add an event to logging.proto and log it he
vadimgo
2015/01/13 00:08:27
Done.
| |
| 238 return false; | |
| 239 } | |
| 240 } | |
| 223 } | 241 } |
| 224 logger_->LogSocketChallengeReplyEvent(channel_id_, result); | |
| 225 return result.success(); | 242 return result.success(); |
| 226 } | 243 } |
| 227 | 244 |
| 228 void CastSocketImpl::SetTransportForTesting( | 245 void CastSocketImpl::SetTransportForTesting( |
| 229 scoped_ptr<CastTransport> transport) { | 246 scoped_ptr<CastTransport> transport) { |
| 230 transport_ = transport.Pass(); | 247 transport_ = transport.Pass(); |
| 231 } | 248 } |
| 232 | 249 |
| 233 void CastSocketImpl::Connect(scoped_ptr<CastTransport::Delegate> delegate, | 250 void CastSocketImpl::Connect(scoped_ptr<CastTransport::Delegate> delegate, |
| 234 base::Callback<void(ChannelError)> callback) { | 251 base::Callback<void(ChannelError)> callback) { |
| (...skipping 325 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 560 void CastSocketImpl::SetErrorState(ChannelError error_state) { | 577 void CastSocketImpl::SetErrorState(ChannelError error_state) { |
| 561 VLOG_WITH_CONNECTION(1) << "SetErrorState " << error_state; | 578 VLOG_WITH_CONNECTION(1) << "SetErrorState " << error_state; |
| 562 DCHECK_EQ(CHANNEL_ERROR_NONE, error_state_); | 579 DCHECK_EQ(CHANNEL_ERROR_NONE, error_state_); |
| 563 error_state_ = error_state; | 580 error_state_ = error_state; |
| 564 logger_->LogSocketErrorState(channel_id_, ErrorStateToProto(error_state_)); | 581 logger_->LogSocketErrorState(channel_id_, ErrorStateToProto(error_state_)); |
| 565 } | 582 } |
| 566 } // namespace cast_channel | 583 } // namespace cast_channel |
| 567 } // namespace core_api | 584 } // namespace core_api |
| 568 } // namespace extensions | 585 } // namespace extensions |
| 569 #undef VLOG_WITH_CONNECTION | 586 #undef VLOG_WITH_CONNECTION |
| OLD | NEW |
