| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "remoting/host/chromoting_host.h" | 5 #include "remoting/host/chromoting_host.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/callback.h" | 8 #include "base/callback.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/message_loop_proxy.h" | 10 #include "base/message_loop_proxy.h" |
| (...skipping 262 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 273 protocol::Session* session, | 273 protocol::Session* session, |
| 274 protocol::SessionManager::IncomingSessionResponse* response) { | 274 protocol::SessionManager::IncomingSessionResponse* response) { |
| 275 DCHECK(context_->network_message_loop()->BelongsToCurrentThread()); | 275 DCHECK(context_->network_message_loop()->BelongsToCurrentThread()); |
| 276 | 276 |
| 277 if (state_ != kStarted) { | 277 if (state_ != kStarted) { |
| 278 *response = protocol::SessionManager::DECLINE; | 278 *response = protocol::SessionManager::DECLINE; |
| 279 return; | 279 return; |
| 280 } | 280 } |
| 281 | 281 |
| 282 if (login_backoff_.ShouldRejectRequest()) { | 282 if (login_backoff_.ShouldRejectRequest()) { |
| 283 *response = protocol::SessionManager::DISABLED; | 283 *response = protocol::SessionManager::OVERLOAD; |
| 284 return; | 284 return; |
| 285 } | 285 } |
| 286 | 286 |
| 287 // Backoff incoming connections until the new connection is | 287 // We treat each incoming connection as a failure to authenticate, |
| 288 // authenticated. Is is neccessary to prevent the attack when | 288 // and clear the backoff when a connection successfully |
| 289 // multiple connections are initiated at the same time and all of | 289 // authenticates. This allows the backoff to protect from parallel |
| 290 // them try to authenticate simultaneously. | 290 // connection attempts as well as sequential ones. |
| 291 login_backoff_.InformOfRequest(false); | 291 login_backoff_.InformOfRequest(false); |
| 292 | 292 |
| 293 protocol::SessionConfig config; | 293 protocol::SessionConfig config; |
| 294 if (!protocol_config_->Select(session->candidate_config(), &config)) { | 294 if (!protocol_config_->Select(session->candidate_config(), &config)) { |
| 295 LOG(WARNING) << "Rejecting connection from " << session->jid() | 295 LOG(WARNING) << "Rejecting connection from " << session->jid() |
| 296 << " because no compatible configuration has been found."; | 296 << " because no compatible configuration has been found."; |
| 297 *response = protocol::SessionManager::INCOMPATIBLE; | 297 *response = protocol::SessionManager::INCOMPATIBLE; |
| 298 return; | 298 return; |
| 299 } | 299 } |
| 300 | 300 |
| (...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 409 OnShutdown()); | 409 OnShutdown()); |
| 410 | 410 |
| 411 for (std::vector<base::Closure>::iterator it = shutdown_tasks_.begin(); | 411 for (std::vector<base::Closure>::iterator it = shutdown_tasks_.begin(); |
| 412 it != shutdown_tasks_.end(); ++it) { | 412 it != shutdown_tasks_.end(); ++it) { |
| 413 it->Run(); | 413 it->Run(); |
| 414 } | 414 } |
| 415 shutdown_tasks_.clear(); | 415 shutdown_tasks_.clear(); |
| 416 } | 416 } |
| 417 | 417 |
| 418 } // namespace remoting | 418 } // namespace remoting |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 9860045:
Address remaining nits for r129104. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src