Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(118)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: remoting/protocol/me2me_host_authenticator_factory.cc

Issue 10332285: Reland 137824 - was reverted by mistake (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « remoting/protocol/me2me_host_authenticator_factory.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "remoting/protocol/me2me_host_authenticator_factory.h" 5 #include "remoting/protocol/me2me_host_authenticator_factory.h"
6 6
7 #include "base/base64.h" 7 #include "base/base64.h"
8 #include "base/string_util.h" 8 #include "base/string_util.h"
9 #include "crypto/rsa_private_key.h" 9 #include "crypto/rsa_private_key.h"
10 #include "remoting/protocol/channel_authenticator.h" 10 #include "remoting/protocol/channel_authenticator.h"
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after
51 return scoped_ptr<ChannelAuthenticator>(NULL); 51 return scoped_ptr<ChannelAuthenticator>(NULL);
52 } 52 }
53 53
54 protected: 54 protected:
55 State state_; 55 State state_;
56 }; 56 };
57 57
58 } // namespace 58 } // namespace
59 59
60 Me2MeHostAuthenticatorFactory::Me2MeHostAuthenticatorFactory( 60 Me2MeHostAuthenticatorFactory::Me2MeHostAuthenticatorFactory(
61 const std::string& local_jid,
62 const std::string& local_cert, 61 const std::string& local_cert,
63 const crypto::RSAPrivateKey& local_private_key, 62 const crypto::RSAPrivateKey& local_private_key,
64 const SharedSecretHash& shared_secret_hash) 63 const SharedSecretHash& shared_secret_hash)
65 : local_cert_(local_cert), 64 : local_cert_(local_cert),
66 local_private_key_(local_private_key.Copy()), 65 local_private_key_(local_private_key.Copy()),
67 shared_secret_hash_(shared_secret_hash) { 66 shared_secret_hash_(shared_secret_hash) {
68 // Verify that |local_jid| is bare.
69 DCHECK_EQ(local_jid.find('/'), std::string::npos);
70 local_jid_prefix_ = local_jid + '/';
71 } 67 }
72 68
73 Me2MeHostAuthenticatorFactory::~Me2MeHostAuthenticatorFactory() { 69 Me2MeHostAuthenticatorFactory::~Me2MeHostAuthenticatorFactory() {
74 } 70 }
75 71
76 scoped_ptr<Authenticator> Me2MeHostAuthenticatorFactory::CreateAuthenticator( 72 scoped_ptr<Authenticator> Me2MeHostAuthenticatorFactory::CreateAuthenticator(
73 const std::string& local_jid,
77 const std::string& remote_jid, 74 const std::string& remote_jid,
78 const buzz::XmlElement* first_message) { 75 const buzz::XmlElement* first_message) {
76
77 size_t slash_pos = local_jid.find('/');
78 if (slash_pos == std::string::npos) {
79 LOG(DFATAL) << "Invalid local JID:" << local_jid;
80 return scoped_ptr<Authenticator>(new RejectingAuthenticator());
81 }
82
79 // Verify that the client's jid is an ASCII string, and then check 83 // Verify that the client's jid is an ASCII string, and then check
80 // that the client has the same bare jid as the host, i.e. client's 84 // that the client has the same bare jid as the host, i.e. client's
81 // full JID starts with host's bare jid. Comparison is case 85 // full JID starts with host's bare jid. Comparison is case
82 // insensitive. 86 // insensitive.
83 if (!IsStringASCII(remote_jid) || 87 if (!IsStringASCII(remote_jid) ||
84 !StartsWithASCII(remote_jid, local_jid_prefix_, false)) { 88 !StartsWithASCII(remote_jid, local_jid.substr(0, slash_pos + 1), false)) {
85 LOG(ERROR) << "Rejecting incoming connection from " << remote_jid; 89 LOG(ERROR) << "Rejecting incoming connection from " << remote_jid;
86 return scoped_ptr<Authenticator>(new RejectingAuthenticator()); 90 return scoped_ptr<Authenticator>(new RejectingAuthenticator());
87 } 91 }
88 92
89 if (shared_secret_hash_.hash_function == AuthenticationMethod::NONE && 93 if (shared_secret_hash_.hash_function == AuthenticationMethod::NONE &&
90 shared_secret_hash_.value.empty()) { 94 shared_secret_hash_.value.empty()) {
91 // PIN isn't set. Enable V1 authentication. 95 // PIN isn't set. Enable V1 authentication.
92 if (!NegotiatingAuthenticator::IsNegotiableMessage(first_message)) { 96 if (!NegotiatingAuthenticator::IsNegotiableMessage(first_message)) {
93 return scoped_ptr<Authenticator>( 97 return scoped_ptr<Authenticator>(
94 new V1HostAuthenticator(local_cert_, *local_private_key_, 98 new V1HostAuthenticator(local_cert_, *local_private_key_,
95 "", remote_jid)); 99 "", remote_jid));
96 } 100 }
97 } 101 }
98 102
99 return NegotiatingAuthenticator::CreateForHost( 103 return NegotiatingAuthenticator::CreateForHost(
100 local_cert_, *local_private_key_, shared_secret_hash_.value, 104 local_cert_, *local_private_key_, shared_secret_hash_.value,
101 shared_secret_hash_.hash_function); 105 shared_secret_hash_.hash_function);
102 } 106 }
103 107
104 } // namespace protocol 108 } // namespace protocol
105 } // namespace remoting 109 } // namespace remoting
OLDNEW
« no previous file with comments | « remoting/protocol/me2me_host_authenticator_factory.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698