Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(444)

Side by Side Diff: remoting/host/remoting_me2me_host.cc

Issue 820133002: Reusing names of policy keys from policy_constants.h (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 12 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 // 4 //
5 // This file implements a standalone host process for Me2Me. 5 // This file implements a standalone host process for Me2Me.
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/at_exit.h" 9 #include "base/at_exit.h"
10 #include "base/bind.h" 10 #include "base/bind.h"
(...skipping 12 matching lines...) Expand all
23 #include "build/build_config.h" 23 #include "build/build_config.h"
24 #include "crypto/nss_util.h" 24 #include "crypto/nss_util.h"
25 #include "ipc/ipc_channel.h" 25 #include "ipc/ipc_channel.h"
26 #include "ipc/ipc_channel_proxy.h" 26 #include "ipc/ipc_channel_proxy.h"
27 #include "ipc/ipc_listener.h" 27 #include "ipc/ipc_listener.h"
28 #include "media/base/media.h" 28 #include "media/base/media.h"
29 #include "net/base/network_change_notifier.h" 29 #include "net/base/network_change_notifier.h"
30 #include "net/socket/client_socket_factory.h" 30 #include "net/socket/client_socket_factory.h"
31 #include "net/socket/ssl_server_socket.h" 31 #include "net/socket/ssl_server_socket.h"
32 #include "net/url_request/url_fetcher.h" 32 #include "net/url_request/url_fetcher.h"
33 #include "policy/policy_constants.h"
33 #include "remoting/base/auto_thread_task_runner.h" 34 #include "remoting/base/auto_thread_task_runner.h"
34 #include "remoting/base/breakpad.h" 35 #include "remoting/base/breakpad.h"
35 #include "remoting/base/constants.h" 36 #include "remoting/base/constants.h"
36 #include "remoting/base/logging.h" 37 #include "remoting/base/logging.h"
37 #include "remoting/base/rsa_key_pair.h" 38 #include "remoting/base/rsa_key_pair.h"
38 #include "remoting/base/service_urls.h" 39 #include "remoting/base/service_urls.h"
39 #include "remoting/base/util.h" 40 #include "remoting/base/util.h"
40 #include "remoting/host/branding.h" 41 #include "remoting/host/branding.h"
41 #include "remoting/host/chromoting_host.h" 42 #include "remoting/host/chromoting_host.h"
42 #include "remoting/host/chromoting_host_context.h" 43 #include "remoting/host/chromoting_host_context.h"
(...skipping 913 matching lines...) Expand 10 before | Expand all | Expand 10 after
956 LOG(ERROR) << "The host domain does not match the policy."; 957 LOG(ERROR) << "The host domain does not match the policy.";
957 ShutdownHost(kInvalidHostDomainExitCode); 958 ShutdownHost(kInvalidHostDomainExitCode);
958 } 959 }
959 } 960 }
960 } 961 }
961 962
962 bool HostProcess::OnHostDomainPolicyUpdate(base::DictionaryValue* policies) { 963 bool HostProcess::OnHostDomainPolicyUpdate(base::DictionaryValue* policies) {
963 // Returns true if the host has to be restarted after this policy update. 964 // Returns true if the host has to be restarted after this policy update.
964 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); 965 DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
965 966
966 if (!policies->GetString(policy_hack::PolicyWatcher::kHostDomainPolicyName, 967 if (!policies->GetString(policy::key::kRemoteAccessHostDomain,
967 &host_domain_)) { 968 &host_domain_)) {
968 return false; 969 return false;
969 } 970 }
970 971
971 ApplyHostDomainPolicy(); 972 ApplyHostDomainPolicy();
972 return false; 973 return false;
973 } 974 }
974 975
975 void HostProcess::ApplyUsernamePolicy() { 976 void HostProcess::ApplyUsernamePolicy() {
976 if (host_username_match_required_) { 977 if (host_username_match_required_) {
977 HOST_LOG << "Policy requires host username match."; 978 HOST_LOG << "Policy requires host username match.";
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
1012 } 1013 }
1013 } else { 1014 } else {
1014 HOST_LOG << "Policy does not require host username match."; 1015 HOST_LOG << "Policy does not require host username match.";
1015 } 1016 }
1016 } 1017 }
1017 1018
1018 bool HostProcess::OnUsernamePolicyUpdate(base::DictionaryValue* policies) { 1019 bool HostProcess::OnUsernamePolicyUpdate(base::DictionaryValue* policies) {
1019 // Returns false: never restart the host after this policy update. 1020 // Returns false: never restart the host after this policy update.
1020 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); 1021 DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
1021 1022
1022 if (!policies->GetBoolean( 1023 if (!policies->GetBoolean(policy::key::kRemoteAccessHostMatchUsername,
1023 policy_hack::PolicyWatcher::kHostMatchUsernamePolicyName, 1024 &host_username_match_required_)) {
1024 &host_username_match_required_)) {
1025 return false; 1025 return false;
1026 } 1026 }
1027 1027
1028 ApplyUsernamePolicy(); 1028 ApplyUsernamePolicy();
1029 return false; 1029 return false;
1030 } 1030 }
1031 1031
1032 bool HostProcess::OnNatPolicyUpdate(base::DictionaryValue* policies) { 1032 bool HostProcess::OnNatPolicyUpdate(base::DictionaryValue* policies) {
1033 // Returns true if the host has to be restarted after this policy update. 1033 // Returns true if the host has to be restarted after this policy update.
1034 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); 1034 DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
1035 1035
1036 if (!policies->GetBoolean(policy_hack::PolicyWatcher::kNatPolicyName, 1036 if (!policies->GetBoolean(policy::key::kRemoteAccessHostFirewallTraversal,
1037 &allow_nat_traversal_)) { 1037 &allow_nat_traversal_)) {
1038 return false; 1038 return false;
1039 } 1039 }
1040 1040
1041 if (allow_nat_traversal_) { 1041 if (allow_nat_traversal_) {
1042 HOST_LOG << "Policy enables NAT traversal."; 1042 HOST_LOG << "Policy enables NAT traversal.";
1043 } else { 1043 } else {
1044 HOST_LOG << "Policy disables NAT traversal."; 1044 HOST_LOG << "Policy disables NAT traversal.";
1045 } 1045 }
1046 return true; 1046 return true;
1047 } 1047 }
1048 1048
1049 bool HostProcess::OnRelayPolicyUpdate(base::DictionaryValue* policies) { 1049 bool HostProcess::OnRelayPolicyUpdate(base::DictionaryValue* policies) {
1050 // Returns true if the host has to be restarted after this policy update. 1050 // Returns true if the host has to be restarted after this policy update.
1051 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); 1051 DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
1052 1052
1053 if (!policies->GetBoolean(policy_hack::PolicyWatcher::kRelayPolicyName, 1053 if (!policies->GetBoolean(
1054 &allow_relay_)) { 1054 policy::key::kRemoteAccessHostAllowRelayedConnection,
1055 &allow_relay_)) {
1055 return false; 1056 return false;
1056 } 1057 }
1057 1058
1058 if (allow_relay_) { 1059 if (allow_relay_) {
1059 HOST_LOG << "Policy enables use of relay server."; 1060 HOST_LOG << "Policy enables use of relay server.";
1060 } else { 1061 } else {
1061 HOST_LOG << "Policy disables use of relay server."; 1062 HOST_LOG << "Policy disables use of relay server.";
1062 } 1063 }
1063 return true; 1064 return true;
1064 } 1065 }
1065 1066
1066 bool HostProcess::OnUdpPortPolicyUpdate(base::DictionaryValue* policies) { 1067 bool HostProcess::OnUdpPortPolicyUpdate(base::DictionaryValue* policies) {
1067 // Returns true if the host has to be restarted after this policy update. 1068 // Returns true if the host has to be restarted after this policy update.
1068 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); 1069 DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
1069 1070
1070 std::string udp_port_range; 1071 std::string udp_port_range;
1071 if (!policies->GetString(policy_hack::PolicyWatcher::kUdpPortRangePolicyName, 1072 if (!policies->GetString(policy::key::kRemoteAccessHostUdpPortRange,
1072 &udp_port_range)) { 1073 &udp_port_range)) {
1073 return false; 1074 return false;
1074 } 1075 }
1075 1076
1076 // Use default values if policy setting is empty or invalid. 1077 // Use default values if policy setting is empty or invalid.
1077 uint16 min_udp_port = 0; 1078 uint16 min_udp_port = 0;
1078 uint16 max_udp_port = 0; 1079 uint16 max_udp_port = 0;
1079 if (!udp_port_range.empty() && 1080 if (!udp_port_range.empty() &&
1080 !NetworkSettings::ParsePortRange(udp_port_range, &min_udp_port, 1081 !NetworkSettings::ParsePortRange(udp_port_range, &min_udp_port,
1081 &max_udp_port)) { 1082 &max_udp_port)) {
(...skipping 12 matching lines...) Expand all
1094 max_udp_port_ = max_udp_port; 1095 max_udp_port_ = max_udp_port;
1095 return true; 1096 return true;
1096 } 1097 }
1097 return false; 1098 return false;
1098 } 1099 }
1099 1100
1100 bool HostProcess::OnCurtainPolicyUpdate(base::DictionaryValue* policies) { 1101 bool HostProcess::OnCurtainPolicyUpdate(base::DictionaryValue* policies) {
1101 // Returns true if the host has to be restarted after this policy update. 1102 // Returns true if the host has to be restarted after this policy update.
1102 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); 1103 DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
1103 1104
1104 if (!policies->GetBoolean( 1105 if (!policies->GetBoolean(policy::key::kRemoteAccessHostRequireCurtain,
1105 policy_hack::PolicyWatcher::kHostRequireCurtainPolicyName, 1106 &curtain_required_)) {
1106 &curtain_required_)) {
1107 return false; 1107 return false;
1108 } 1108 }
1109 1109
1110 #if defined(OS_MACOSX) 1110 #if defined(OS_MACOSX)
1111 if (curtain_required_) { 1111 if (curtain_required_) {
1112 // When curtain mode is in effect on Mac, the host process runs in the 1112 // When curtain mode is in effect on Mac, the host process runs in the
1113 // user's switched-out session, but launchd will also run an instance at 1113 // user's switched-out session, but launchd will also run an instance at
1114 // the console login screen. Even if no user is currently logged-on, we 1114 // the console login screen. Even if no user is currently logged-on, we
1115 // can't support remote-access to the login screen because the current host 1115 // can't support remote-access to the login screen because the current host
1116 // process model disconnects the client during login, which would leave 1116 // process model disconnects the client during login, which would leave
(...skipping 19 matching lines...) Expand all
1136 if (host_) 1136 if (host_)
1137 host_->SetEnableCurtaining(curtain_required_); 1137 host_->SetEnableCurtaining(curtain_required_);
1138 return false; 1138 return false;
1139 } 1139 }
1140 1140
1141 bool HostProcess::OnHostTalkGadgetPrefixPolicyUpdate( 1141 bool HostProcess::OnHostTalkGadgetPrefixPolicyUpdate(
1142 base::DictionaryValue* policies) { 1142 base::DictionaryValue* policies) {
1143 // Returns true if the host has to be restarted after this policy update. 1143 // Returns true if the host has to be restarted after this policy update.
1144 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); 1144 DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
1145 1145
1146 if (!policies->GetString( 1146 if (!policies->GetString(policy::key::kRemoteAccessHostTalkGadgetPrefix,
1147 policy_hack::PolicyWatcher::kHostTalkGadgetPrefixPolicyName, 1147 &talkgadget_prefix_)) {
1148 &talkgadget_prefix_)) {
1149 return false; 1148 return false;
1150 } 1149 }
1151 1150
1152 HOST_LOG << "Policy sets talkgadget prefix: " << talkgadget_prefix_; 1151 HOST_LOG << "Policy sets talkgadget prefix: " << talkgadget_prefix_;
1153 return true; 1152 return true;
1154 } 1153 }
1155 1154
1156 bool HostProcess::OnHostTokenUrlPolicyUpdate(base::DictionaryValue* policies) { 1155 bool HostProcess::OnHostTokenUrlPolicyUpdate(base::DictionaryValue* policies) {
1157 // Returns true if the host has to be restarted after this policy update. 1156 // Returns true if the host has to be restarted after this policy update.
1158 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); 1157 DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
1159 1158
1160 bool token_policy_changed = false; 1159 bool token_policy_changed = false;
1161 std::string token_url_string; 1160 std::string token_url_string;
1162 if (policies->GetString( 1161 if (policies->GetString(policy::key::kRemoteAccessHostTokenUrl,
1163 policy_hack::PolicyWatcher::kHostTokenUrlPolicyName, 1162 &token_url_string)) {
1164 &token_url_string)) {
1165 token_policy_changed = true; 1163 token_policy_changed = true;
1166 third_party_auth_config_.token_url = GURL(token_url_string); 1164 third_party_auth_config_.token_url = GURL(token_url_string);
1167 } 1165 }
1168 std::string token_validation_url_string; 1166 std::string token_validation_url_string;
1169 if (policies->GetString( 1167 if (policies->GetString(policy::key::kRemoteAccessHostTokenValidationUrl,
1170 policy_hack::PolicyWatcher::kHostTokenValidationUrlPolicyName, 1168 &token_validation_url_string)) {
1171 &token_validation_url_string)) {
1172 token_policy_changed = true; 1169 token_policy_changed = true;
1173 third_party_auth_config_.token_validation_url = 1170 third_party_auth_config_.token_validation_url =
1174 GURL(token_validation_url_string); 1171 GURL(token_validation_url_string);
1175 } 1172 }
1176 if (policies->GetString( 1173 if (policies->GetString(
1177 policy_hack::PolicyWatcher::kHostTokenValidationCertIssuerPolicyName, 1174 policy::key::kRemoteAccessHostTokenValidationCertificateIssuer,
1178 &third_party_auth_config_.token_validation_cert_issuer)) { 1175 &third_party_auth_config_.token_validation_cert_issuer)) {
1179 token_policy_changed = true; 1176 token_policy_changed = true;
1180 } 1177 }
1181 1178
1182 if (token_policy_changed) { 1179 if (token_policy_changed) {
1183 HOST_LOG << "Policy sets third-party token URLs: " 1180 HOST_LOG << "Policy sets third-party token URLs: "
1184 << "TokenUrl: " 1181 << "TokenUrl: "
1185 << third_party_auth_config_.token_url << ", " 1182 << third_party_auth_config_.token_url << ", "
1186 << "TokenValidationUrl: " 1183 << "TokenValidationUrl: "
1187 << third_party_auth_config_.token_validation_url << ", " 1184 << third_party_auth_config_.token_validation_url << ", "
1188 << "TokenValidationCertificateIssuer: " 1185 << "TokenValidationCertificateIssuer: "
1189 << third_party_auth_config_.token_validation_cert_issuer; 1186 << third_party_auth_config_.token_validation_cert_issuer;
1190 } 1187 }
1191 return token_policy_changed; 1188 return token_policy_changed;
1192 } 1189 }
1193 1190
1194 bool HostProcess::OnPairingPolicyUpdate(base::DictionaryValue* policies) { 1191 bool HostProcess::OnPairingPolicyUpdate(base::DictionaryValue* policies) {
1195 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); 1192 DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
1196 1193
1197 if (!policies->GetBoolean( 1194 if (!policies->GetBoolean(policy::key::kRemoteAccessHostAllowClientPairing,
1198 policy_hack::PolicyWatcher::kHostAllowClientPairing, 1195 &allow_pairing_)) {
1199 &allow_pairing_)) {
1200 return false; 1196 return false;
1201 } 1197 }
1202 1198
1203 if (allow_pairing_) { 1199 if (allow_pairing_) {
1204 HOST_LOG << "Policy enables client pairing."; 1200 HOST_LOG << "Policy enables client pairing.";
1205 } else { 1201 } else {
1206 HOST_LOG << "Policy disables client pairing."; 1202 HOST_LOG << "Policy disables client pairing.";
1207 } 1203 }
1208 return true; 1204 return true;
1209 } 1205 }
1210 1206
1211 bool HostProcess::OnGnubbyAuthPolicyUpdate(base::DictionaryValue* policies) { 1207 bool HostProcess::OnGnubbyAuthPolicyUpdate(base::DictionaryValue* policies) {
1212 DCHECK(context_->network_task_runner()->BelongsToCurrentThread()); 1208 DCHECK(context_->network_task_runner()->BelongsToCurrentThread());
1213 1209
1214 if (!policies->GetBoolean( 1210 if (!policies->GetBoolean(policy::key::kRemoteAccessHostAllowGnubbyAuth,
1215 policy_hack::PolicyWatcher::kHostAllowGnubbyAuthPolicyName, 1211 &enable_gnubby_auth_)) {
1216 &enable_gnubby_auth_)) {
1217 return false; 1212 return false;
1218 } 1213 }
1219 1214
1220 if (enable_gnubby_auth_) { 1215 if (enable_gnubby_auth_) {
1221 HOST_LOG << "Policy enables gnubby auth."; 1216 HOST_LOG << "Policy enables gnubby auth.";
1222 } else { 1217 } else {
1223 HOST_LOG << "Policy disables gnubby auth."; 1218 HOST_LOG << "Policy disables gnubby auth.";
1224 } 1219 }
1225 1220
1226 if (desktop_environment_factory_) 1221 if (desktop_environment_factory_)
(...skipping 254 matching lines...) Expand 10 before | Expand all | Expand 10 after
1481 int exit_code = kSuccessExitCode; 1476 int exit_code = kSuccessExitCode;
1482 new HostProcess(context.Pass(), &exit_code); 1477 new HostProcess(context.Pass(), &exit_code);
1483 1478
1484 // Run the main (also UI) message loop until the host no longer needs it. 1479 // Run the main (also UI) message loop until the host no longer needs it.
1485 message_loop.Run(); 1480 message_loop.Run();
1486 1481
1487 return exit_code; 1482 return exit_code;
1488 } 1483 }
1489 1484
1490 } // namespace remoting 1485 } // namespace remoting
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698