OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" | 5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
9 #include "crypto/secure_util.h" | 9 #include "crypto/secure_util.h" |
10 #include "net/base/host_port_pair.h" | 10 #include "net/base/host_port_pair.h" |
(...skipping 120 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
131 base::Unretained(this))); | 131 base::Unretained(this))); |
132 } | 132 } |
133 | 133 |
134 if (result == net::ERR_IO_PENDING) | 134 if (result == net::ERR_IO_PENDING) |
135 return; | 135 return; |
136 | 136 |
137 OnConnected(result); | 137 OnConnected(result); |
138 } | 138 } |
139 | 139 |
140 bool SslHmacChannelAuthenticator::is_ssl_server() { | 140 bool SslHmacChannelAuthenticator::is_ssl_server() { |
141 return local_key_pair_.get() != NULL; | 141 return local_key_pair_.get() != nullptr; |
142 } | 142 } |
143 | 143 |
144 void SslHmacChannelAuthenticator::OnConnected(int result) { | 144 void SslHmacChannelAuthenticator::OnConnected(int result) { |
145 if (result != net::OK) { | 145 if (result != net::OK) { |
146 LOG(WARNING) << "Failed to establish SSL connection"; | 146 LOG(WARNING) << "Failed to establish SSL connection"; |
147 NotifyError(result); | 147 NotifyError(result); |
148 return; | 148 return; |
149 } | 149 } |
150 | 150 |
151 // Generate authentication digest to write to the socket. | 151 // Generate authentication digest to write to the socket. |
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
185 if (result == net::ERR_IO_PENDING) | 185 if (result == net::ERR_IO_PENDING) |
186 break; | 186 break; |
187 if (!HandleAuthBytesWritten(result, callback_called)) | 187 if (!HandleAuthBytesWritten(result, callback_called)) |
188 break; | 188 break; |
189 } | 189 } |
190 } | 190 } |
191 | 191 |
192 void SslHmacChannelAuthenticator::OnAuthBytesWritten(int result) { | 192 void SslHmacChannelAuthenticator::OnAuthBytesWritten(int result) { |
193 DCHECK(CalledOnValidThread()); | 193 DCHECK(CalledOnValidThread()); |
194 | 194 |
195 if (HandleAuthBytesWritten(result, NULL)) | 195 if (HandleAuthBytesWritten(result, nullptr)) |
196 WriteAuthenticationBytes(NULL); | 196 WriteAuthenticationBytes(nullptr); |
197 } | 197 } |
198 | 198 |
199 bool SslHmacChannelAuthenticator::HandleAuthBytesWritten( | 199 bool SslHmacChannelAuthenticator::HandleAuthBytesWritten( |
200 int result, bool* callback_called) { | 200 int result, bool* callback_called) { |
201 if (result <= 0) { | 201 if (result <= 0) { |
202 LOG(ERROR) << "Error writing authentication: " << result; | 202 LOG(ERROR) << "Error writing authentication: " << result; |
203 if (callback_called) | 203 if (callback_called) |
204 *callback_called = false; | 204 *callback_called = false; |
205 NotifyError(result); | 205 NotifyError(result); |
206 return false; | 206 return false; |
207 } | 207 } |
208 | 208 |
209 auth_write_buf_->DidConsume(result); | 209 auth_write_buf_->DidConsume(result); |
210 if (auth_write_buf_->BytesRemaining() > 0) | 210 if (auth_write_buf_->BytesRemaining() > 0) |
211 return true; | 211 return true; |
212 | 212 |
213 auth_write_buf_ = NULL; | 213 auth_write_buf_ = nullptr; |
214 CheckDone(callback_called); | 214 CheckDone(callback_called); |
215 return false; | 215 return false; |
216 } | 216 } |
217 | 217 |
218 void SslHmacChannelAuthenticator::ReadAuthenticationBytes() { | 218 void SslHmacChannelAuthenticator::ReadAuthenticationBytes() { |
219 while (true) { | 219 while (true) { |
220 int result = | 220 int result = |
221 socket_->Read(auth_read_buf_.get(), | 221 socket_->Read(auth_read_buf_.get(), |
222 auth_read_buf_->RemainingCapacity(), | 222 auth_read_buf_->RemainingCapacity(), |
223 base::Bind(&SslHmacChannelAuthenticator::OnAuthBytesRead, | 223 base::Bind(&SslHmacChannelAuthenticator::OnAuthBytesRead, |
(...skipping 23 matching lines...) Expand all Loading... |
247 return true; | 247 return true; |
248 | 248 |
249 if (!VerifyAuthBytes(std::string( | 249 if (!VerifyAuthBytes(std::string( |
250 auth_read_buf_->StartOfBuffer(), | 250 auth_read_buf_->StartOfBuffer(), |
251 auth_read_buf_->StartOfBuffer() + kAuthDigestLength))) { | 251 auth_read_buf_->StartOfBuffer() + kAuthDigestLength))) { |
252 LOG(WARNING) << "Mismatched authentication"; | 252 LOG(WARNING) << "Mismatched authentication"; |
253 NotifyError(net::ERR_FAILED); | 253 NotifyError(net::ERR_FAILED); |
254 return false; | 254 return false; |
255 } | 255 } |
256 | 256 |
257 auth_read_buf_ = NULL; | 257 auth_read_buf_ = nullptr; |
258 CheckDone(NULL); | 258 CheckDone(nullptr); |
259 return false; | 259 return false; |
260 } | 260 } |
261 | 261 |
262 bool SslHmacChannelAuthenticator::VerifyAuthBytes( | 262 bool SslHmacChannelAuthenticator::VerifyAuthBytes( |
263 const std::string& received_auth_bytes) { | 263 const std::string& received_auth_bytes) { |
264 DCHECK(received_auth_bytes.length() == kAuthDigestLength); | 264 DCHECK(received_auth_bytes.length() == kAuthDigestLength); |
265 | 265 |
266 // Compute expected auth bytes. | 266 // Compute expected auth bytes. |
267 std::string auth_bytes = GetAuthBytes( | 267 std::string auth_bytes = GetAuthBytes( |
268 socket_.get(), is_ssl_server() ? | 268 socket_.get(), is_ssl_server() ? |
269 kClientAuthSslExporterLabel : kHostAuthSslExporterLabel, auth_key_); | 269 kClientAuthSslExporterLabel : kHostAuthSslExporterLabel, auth_key_); |
270 if (auth_bytes.empty()) | 270 if (auth_bytes.empty()) |
271 return false; | 271 return false; |
272 | 272 |
273 return crypto::SecureMemEqual(received_auth_bytes.data(), | 273 return crypto::SecureMemEqual(received_auth_bytes.data(), |
274 &(auth_bytes[0]), kAuthDigestLength); | 274 &(auth_bytes[0]), kAuthDigestLength); |
275 } | 275 } |
276 | 276 |
277 void SslHmacChannelAuthenticator::CheckDone(bool* callback_called) { | 277 void SslHmacChannelAuthenticator::CheckDone(bool* callback_called) { |
278 if (auth_write_buf_.get() == NULL && auth_read_buf_.get() == NULL) { | 278 if (auth_write_buf_.get() == nullptr && auth_read_buf_.get() == nullptr) { |
279 DCHECK(socket_.get() != NULL); | 279 DCHECK(socket_.get() != nullptr); |
280 if (callback_called) | 280 if (callback_called) |
281 *callback_called = true; | 281 *callback_called = true; |
282 | 282 |
283 CallDoneCallback(net::OK, socket_.Pass()); | 283 CallDoneCallback(net::OK, socket_.Pass()); |
284 } | 284 } |
285 } | 285 } |
286 | 286 |
287 void SslHmacChannelAuthenticator::NotifyError(int error) { | 287 void SslHmacChannelAuthenticator::NotifyError(int error) { |
288 CallDoneCallback(error, nullptr); | 288 CallDoneCallback(error, nullptr); |
289 } | 289 } |
290 | 290 |
291 void SslHmacChannelAuthenticator::CallDoneCallback( | 291 void SslHmacChannelAuthenticator::CallDoneCallback( |
292 int error, | 292 int error, |
293 scoped_ptr<net::StreamSocket> socket) { | 293 scoped_ptr<net::StreamSocket> socket) { |
294 DoneCallback callback = done_callback_; | 294 DoneCallback callback = done_callback_; |
295 done_callback_.Reset(); | 295 done_callback_.Reset(); |
296 callback.Run(error, socket.Pass()); | 296 callback.Run(error, socket.Pass()); |
297 } | 297 } |
298 | 298 |
299 } // namespace protocol | 299 } // namespace protocol |
300 } // namespace remoting | 300 } // namespace remoting |
OLD | NEW |