Fix ConnectionToClient to connect stubs only after authentication.

remoting/host/client_session.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef REMOTING_HOST_CLIENT_SESSION_H_
 #define REMOTING_HOST_CLIENT_SESSION_H_
 
 #include <string>
 
 #include "base/memory/ref_counted.h"
@@ skipping 123 matching lines @@
   void OnLocalMouseMoved(const webrtc::DesktopVector& position) override;
   void SetDisableInputs(bool disable_inputs) override;
   void ResetVideoPipeline() override;
 
   void SetGnubbyAuthHandlerForTesting(GnubbyAuthHandler* gnubby_auth_handler);
 
   protocol::ConnectionToClient* connection() const {
     return connection_.get();
   }
 
-  bool is_authenticated() { return auth_input_filter_.enabled();  }
+  bool is_authenticated() { return is_authenticated_;  }
 
   const std::string* client_capabilities() const {
     return client_capabilities_.get();
   }
 
  private:
   // Creates a proxy for sending clipboard events to the client.
   scoped_ptr<protocol::ClipboardStub> CreateClipboardProxy();
 
   EventHandler* event_handler_;
@@ skipping 23 matching lines @@
 
   // Filter to used to stop clipboard items sent from the client being echoed
   // back to it.  It is the final element in the clipboard (client -> host)
   // pipeline.
   protocol::ClipboardEchoFilter clipboard_echo_filter_;
 
   // Filters used to manage enabling & disabling of input & clipboard.
   protocol::InputFilter disable_input_filter_;
   protocol::ClipboardFilter disable_clipboard_filter_;
 
-  // Filters used to disable input & clipboard when we're not authenticated.
-  protocol::InputFilter auth_input_filter_;
-  protocol::ClipboardFilter auth_clipboard_filter_;
-
   // Factory for weak pointers to the client clipboard stub.
   // This must appear after |clipboard_echo_filter_|, so that it won't outlive
   // it.
   base::WeakPtrFactory<protocol::ClipboardStub> client_clipboard_factory_;
 
   // The maximum duration of this session.
   // There is no maximum if this value is <= 0.
   base::TimeDelta max_duration_;
 
   // A timer that triggers a disconnect when the maximum session duration
@@ skipping 31 matching lines @@
 
   // The pairing registry for PIN-less authentication.
   scoped_refptr<protocol::PairingRegistry> pairing_registry_;
 
   // Used to proxy gnubby auth traffic.
   scoped_ptr<GnubbyAuthHandler> gnubby_auth_handler_;
 
   // Used to manage extension functionality.
   scoped_ptr<HostExtensionSessionManager> extension_manager_;
 
+  bool is_authenticated_;

[Wez, 2015/02/07 00:40:43]

nit: Add a comment to clarify that this is true if the connection has
successfully authenticated, so it's obvious that it's not a flag indicating
whether the connection _should_ bother doing authentication. :)

[Sergey Ulanov, 2015/02/13 19:40:21]

Done.

+
   // Used to store video channel pause & lossless parameters.
   bool pause_video_;
   bool lossless_video_encode_;
   bool lossless_video_color_;
 
   // Used to disable callbacks to |this| once DisconnectSession() has been
   // called.
   base::WeakPtrFactory<ClientSessionControl> weak_factory_;
 
   DISALLOW_COPY_AND_ASSIGN(ClientSession);
 };
 
 }  // namespace remoting
 
 #endif  // REMOTING_HOST_CLIENT_SESSION_H_