OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/protocol/me2me_host_authenticator_factory.h" | 5 #include "remoting/protocol/me2me_host_authenticator_factory.h" |
6 | 6 |
7 #include "base/base64.h" | 7 #include "base/base64.h" |
8 #include "base/string_util.h" | 8 #include "base/string_util.h" |
9 #include "remoting/base/rsa_key_pair.h" | 9 #include "remoting/base/rsa_key_pair.h" |
10 #include "remoting/protocol/channel_authenticator.h" | 10 #include "remoting/protocol/channel_authenticator.h" |
(...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
51 NOTREACHED(); | 51 NOTREACHED(); |
52 return scoped_ptr<ChannelAuthenticator>(NULL); | 52 return scoped_ptr<ChannelAuthenticator>(NULL); |
53 } | 53 } |
54 | 54 |
55 protected: | 55 protected: |
56 State state_; | 56 State state_; |
57 }; | 57 }; |
58 | 58 |
59 } // namespace | 59 } // namespace |
60 | 60 |
61 Me2MeHostAuthenticatorFactory::Me2MeHostAuthenticatorFactory( | 61 // static |
| 62 scoped_ptr<AuthenticatorFactory> |
| 63 Me2MeHostAuthenticatorFactory::CreateWithSharedSecret( |
62 const std::string& local_cert, | 64 const std::string& local_cert, |
63 scoped_refptr<RsaKeyPair> key_pair, | 65 scoped_refptr<RsaKeyPair> key_pair, |
64 const SharedSecretHash& shared_secret_hash) | 66 const SharedSecretHash& shared_secret_hash) { |
65 : local_cert_(local_cert), | 67 scoped_ptr<Me2MeHostAuthenticatorFactory> result( |
66 key_pair_(key_pair), | 68 new Me2MeHostAuthenticatorFactory()); |
67 shared_secret_hash_(shared_secret_hash) { | 69 result->local_cert_ = local_cert; |
| 70 result->key_pair_ = key_pair; |
| 71 result->shared_secret_hash_ = shared_secret_hash; |
| 72 return scoped_ptr<AuthenticatorFactory>(result.Pass()); |
| 73 } |
| 74 |
| 75 |
| 76 // static |
| 77 scoped_ptr<AuthenticatorFactory> |
| 78 Me2MeHostAuthenticatorFactory::CreateWithThirdPartyAuth( |
| 79 const std::string& local_cert, |
| 80 scoped_refptr<RsaKeyPair> key_pair, |
| 81 scoped_ptr<ThirdPartyHostAuthenticator::TokenValidatorFactory> |
| 82 token_validator_factory) { |
| 83 scoped_ptr<Me2MeHostAuthenticatorFactory> result( |
| 84 new Me2MeHostAuthenticatorFactory()); |
| 85 result->local_cert_ = local_cert; |
| 86 result->key_pair_ = key_pair; |
| 87 result->token_validator_factory_ = token_validator_factory.Pass(); |
| 88 return scoped_ptr<AuthenticatorFactory>(result.Pass()); |
| 89 } |
| 90 |
| 91 // static |
| 92 scoped_ptr<AuthenticatorFactory> |
| 93 Me2MeHostAuthenticatorFactory::CreateRejecting() { |
| 94 return scoped_ptr<AuthenticatorFactory>(new Me2MeHostAuthenticatorFactory()); |
| 95 } |
| 96 |
| 97 Me2MeHostAuthenticatorFactory::Me2MeHostAuthenticatorFactory() { |
68 } | 98 } |
69 | 99 |
70 Me2MeHostAuthenticatorFactory::~Me2MeHostAuthenticatorFactory() { | 100 Me2MeHostAuthenticatorFactory::~Me2MeHostAuthenticatorFactory() { |
71 } | 101 } |
72 | 102 |
73 scoped_ptr<Authenticator> Me2MeHostAuthenticatorFactory::CreateAuthenticator( | 103 scoped_ptr<Authenticator> Me2MeHostAuthenticatorFactory::CreateAuthenticator( |
74 const std::string& local_jid, | 104 const std::string& local_jid, |
75 const std::string& remote_jid, | 105 const std::string& remote_jid, |
76 const buzz::XmlElement* first_message) { | 106 const buzz::XmlElement* first_message) { |
77 | 107 |
78 size_t slash_pos = local_jid.find('/'); | 108 size_t slash_pos = local_jid.find('/'); |
79 if (slash_pos == std::string::npos) { | 109 if (slash_pos == std::string::npos) { |
80 LOG(DFATAL) << "Invalid local JID:" << local_jid; | 110 LOG(DFATAL) << "Invalid local JID:" << local_jid; |
81 return scoped_ptr<Authenticator>(new RejectingAuthenticator()); | 111 return scoped_ptr<Authenticator>(new RejectingAuthenticator()); |
82 } | 112 } |
83 | 113 |
84 // Verify that the client's jid is an ASCII string, and then check | 114 // Verify that the client's jid is an ASCII string, and then check |
85 // that the client has the same bare jid as the host, i.e. client's | 115 // that the client has the same bare jid as the host, i.e. client's |
86 // full JID starts with host's bare jid. Comparison is case | 116 // full JID starts with host's bare jid. Comparison is case |
87 // insensitive. | 117 // insensitive. |
88 if (!IsStringASCII(remote_jid) || | 118 if (!IsStringASCII(remote_jid) || |
89 !StartsWithASCII(remote_jid, local_jid.substr(0, slash_pos + 1), false)) { | 119 !StartsWithASCII(remote_jid, local_jid.substr(0, slash_pos + 1), false)) { |
90 LOG(ERROR) << "Rejecting incoming connection from " << remote_jid; | 120 LOG(ERROR) << "Rejecting incoming connection from " << remote_jid; |
91 return scoped_ptr<Authenticator>(new RejectingAuthenticator()); | 121 return scoped_ptr<Authenticator>(new RejectingAuthenticator()); |
92 } | 122 } |
93 | 123 |
94 return scoped_ptr<Authenticator>(new NegotiatingHostAuthenticator( | 124 if (!local_cert_.empty() && key_pair_) { |
95 local_cert_, key_pair_, shared_secret_hash_.value, | 125 if (token_validator_factory_) { |
96 shared_secret_hash_.hash_function)); | 126 return NegotiatingHostAuthenticator::CreateWithThirdPartyAuth( |
| 127 local_cert_, key_pair_, |
| 128 token_validator_factory_->CreateTokenValidator( |
| 129 local_jid, remote_jid)); |
| 130 } |
| 131 |
| 132 return NegotiatingHostAuthenticator::CreateWithSharedSecret( |
| 133 local_cert_, key_pair_, shared_secret_hash_.value, |
| 134 shared_secret_hash_.hash_function); |
| 135 } |
| 136 |
| 137 return scoped_ptr<Authenticator>(new RejectingAuthenticator()); |
97 } | 138 } |
98 | 139 |
99 } // namespace protocol | 140 } // namespace protocol |
100 } // namespace remoting | 141 } // namespace remoting |
OLD | NEW |