[Chromoting] Avoid potential conflicts leading to pending reboots while upgrading the me2me host:

remoting/host/plugin/daemon_controller_win.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "remoting/host/plugin/daemon_controller.h"
 
 #include <objbase.h>
 
 #include "base/basictypes.h"
 #include "base/bind.h"
@@ skipping 33 matching lines @@
     L"ChromotingElevatedController.ElevatedController";
 
 // The COM elevation moniker for the Elevated Controller.
 const wchar_t kDaemonControllerElevationMoniker[] =
     L"Elevation:Administrator!new:"
     L"ChromotingElevatedController.ElevatedController";
 
 // Name of the Daemon Controller's worker thread.
 const char kDaemonControllerThreadName[] = "Daemon Controller thread";
 
-// The maximum interval between showing UAC prompts.
-const int kUacTimeoutSec = 15 * 60;
+// The maximum duration of keeping a reference to a privileged instance of
+// the Daemon Controller. This effectively reduces number of UAC prompts a user
+// sees.
+const int kPrivilegedTimeoutSec = 5 * 60;
+
+// The maximum duration of keeping a reference to an unprivileged instance of
+// the Daemon Controller. This interval should not be too long. If upgrade
+// happens while there is a live reference to a Daemon Controller instance
+// the old binary still can be used. So dropping the references often makes sure
+// that the old binary will go away sooner.
+const int kUnprivilegedTimeoutSec = 60;
 
 // A base::Thread implementation that initializes COM on the new thread.
 class ComThread : public base::Thread {
  public:
   explicit ComThread(const char* name);
 
   bool Start();
 
  protected:
   virtual void Init() OVERRIDE;
@@ skipping 223 matching lines @@
     }
 
     hr = CoCreateInstance(class_id, NULL, CLSCTX_LOCAL_SERVER,
                           IID_IDaemonControl, control_.ReceiveVoid());
     if (FAILED(hr)) {
       return hr;
     }
 
     // Ignore the error. IID_IDaemonControl2 is optional.
     control_.QueryInterface(IID_IDaemonControl2, control2_.ReceiveVoid());
+
+    // Release |control_| upon expiration of the timeout.
+    release_timer_.reset(new base::OneShotTimer<DaemonControllerWin>());
+    release_timer_->Start(FROM_HERE,
+                          base::TimeDelta::FromSeconds(kUnprivilegedTimeoutSec),
+                          this,
+                          &DaemonControllerWin::ReleaseController);
   }
 
   return S_OK;
 }
 
 HRESULT DaemonControllerWin::ActivateElevatedController() {
   DCHECK(worker_thread_.message_loop_proxy()->BelongsToCurrentThread());
 
   // The COM elevation is supported on Vista and above.
   if (base::win::GetVersion() < base::win::VERSION_VISTA) {
@@ skipping 23 matching lines @@
 
     // Ignore the error. IID_IDaemonControl2 is optional.
     control_.QueryInterface(IID_IDaemonControl2, control2_.ReceiveVoid());
 
     // Note that we hold a reference to an elevated instance now.
     control_is_elevated_ = true;
 
     // Release |control_| upon expiration of the timeout.
     release_timer_.reset(new base::OneShotTimer<DaemonControllerWin>());
     release_timer_->Start(FROM_HERE,
-                          base::TimeDelta::FromSeconds(kUacTimeoutSec),
+                          base::TimeDelta::FromSeconds(kPrivilegedTimeoutSec),
                           this,
                           &DaemonControllerWin::ReleaseController);
   }
 
   return S_OK;
 }
 
 void DaemonControllerWin::ReleaseController() {
   DCHECK(worker_thread_.message_loop_proxy()->BelongsToCurrentThread());
 
@@ skipping 320 matching lines @@
   done.Run(true, !!allowed, !!set_by_policy);
 }
 
 }  // namespace
 
 scoped_ptr<DaemonController> remoting::DaemonController::Create() {
   return scoped_ptr<DaemonController>(new DaemonControllerWin());
 }
 
 }  // namespace remoting