Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(482)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: remoting/protocol/me2me_host_authenticator_factory.cc

Issue 10388226: This broke M20 build. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « remoting/protocol/me2me_host_authenticator_factory.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "remoting/protocol/me2me_host_authenticator_factory.h" 5 #include "remoting/protocol/me2me_host_authenticator_factory.h"
6 6
7 #include "base/base64.h" 7 #include "base/base64.h"
8 #include "base/string_util.h" 8 #include "base/string_util.h"
9 #include "crypto/rsa_private_key.h" 9 #include "crypto/rsa_private_key.h"
10 #include "remoting/protocol/channel_authenticator.h" 10 #include "remoting/protocol/channel_authenticator.h"
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after
51 return scoped_ptr<ChannelAuthenticator>(NULL); 51 return scoped_ptr<ChannelAuthenticator>(NULL);
52 } 52 }
53 53
54 protected: 54 protected:
55 State state_; 55 State state_;
56 }; 56 };
57 57
58 } // namespace 58 } // namespace
59 59
60 Me2MeHostAuthenticatorFactory::Me2MeHostAuthenticatorFactory( 60 Me2MeHostAuthenticatorFactory::Me2MeHostAuthenticatorFactory(
61 const std::string& local_jid,
61 const std::string& local_cert, 62 const std::string& local_cert,
62 const crypto::RSAPrivateKey& local_private_key, 63 const crypto::RSAPrivateKey& local_private_key,
63 const SharedSecretHash& shared_secret_hash) 64 const SharedSecretHash& shared_secret_hash)
64 : local_cert_(local_cert), 65 : local_cert_(local_cert),
65 local_private_key_(local_private_key.Copy()), 66 local_private_key_(local_private_key.Copy()),
66 shared_secret_hash_(shared_secret_hash) { 67 shared_secret_hash_(shared_secret_hash) {
68 // Verify that |local_jid| is bare.
69 DCHECK_EQ(local_jid.find('/'), std::string::npos);
70 local_jid_prefix_ = local_jid + '/';
67 } 71 }
68 72
69 Me2MeHostAuthenticatorFactory::~Me2MeHostAuthenticatorFactory() { 73 Me2MeHostAuthenticatorFactory::~Me2MeHostAuthenticatorFactory() {
70 } 74 }
71 75
72 scoped_ptr<Authenticator> Me2MeHostAuthenticatorFactory::CreateAuthenticator( 76 scoped_ptr<Authenticator> Me2MeHostAuthenticatorFactory::CreateAuthenticator(
73 const std::string& local_jid,
74 const std::string& remote_jid, 77 const std::string& remote_jid,
75 const buzz::XmlElement* first_message) { 78 const buzz::XmlElement* first_message) {
76
77 size_t slash_pos = local_jid.find('/');
78 if (slash_pos == std::string::npos) {
79 LOG(DFATAL) << "Invalid local JID:" << local_jid;
80 return scoped_ptr<Authenticator>(new RejectingAuthenticator());
81 }
82
83 // Verify that the client's jid is an ASCII string, and then check 79 // Verify that the client's jid is an ASCII string, and then check
84 // that the client has the same bare jid as the host, i.e. client's 80 // that the client has the same bare jid as the host, i.e. client's
85 // full JID starts with host's bare jid. Comparison is case 81 // full JID starts with host's bare jid. Comparison is case
86 // insensitive. 82 // insensitive.
87 if (!IsStringASCII(remote_jid) || 83 if (!IsStringASCII(remote_jid) ||
88 !StartsWithASCII(remote_jid, local_jid.substr(0, slash_pos + 1), false)) { 84 !StartsWithASCII(remote_jid, local_jid_prefix_, false)) {
89 LOG(ERROR) << "Rejecting incoming connection from " << remote_jid; 85 LOG(ERROR) << "Rejecting incoming connection from " << remote_jid;
90 return scoped_ptr<Authenticator>(new RejectingAuthenticator()); 86 return scoped_ptr<Authenticator>(new RejectingAuthenticator());
91 } 87 }
92 88
93 if (shared_secret_hash_.hash_function == AuthenticationMethod::NONE && 89 if (shared_secret_hash_.hash_function == AuthenticationMethod::NONE &&
94 shared_secret_hash_.value.empty()) { 90 shared_secret_hash_.value.empty()) {
95 // PIN isn't set. Enable V1 authentication. 91 // PIN isn't set. Enable V1 authentication.
96 if (!NegotiatingAuthenticator::IsNegotiableMessage(first_message)) { 92 if (!NegotiatingAuthenticator::IsNegotiableMessage(first_message)) {
97 return scoped_ptr<Authenticator>( 93 return scoped_ptr<Authenticator>(
98 new V1HostAuthenticator(local_cert_, *local_private_key_, 94 new V1HostAuthenticator(local_cert_, *local_private_key_,
99 "", remote_jid)); 95 "", remote_jid));
100 } 96 }
101 } 97 }
102 98
103 return NegotiatingAuthenticator::CreateForHost( 99 return NegotiatingAuthenticator::CreateForHost(
104 local_cert_, *local_private_key_, shared_secret_hash_.value, 100 local_cert_, *local_private_key_, shared_secret_hash_.value,
105 shared_secret_hash_.hash_function); 101 shared_secret_hash_.hash_function);
106 } 102 }
107 103
108 } // namespace protocol 104 } // namespace protocol
109 } // namespace remoting 105 } // namespace remoting
OLDNEW
« no previous file with comments | « remoting/protocol/me2me_host_authenticator_factory.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698