OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" | 5 #include "remoting/protocol/ssl_hmac_channel_authenticator.h" |
6 | 6 |
7 #include "base/bind.h" | 7 #include "base/bind.h" |
8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
9 #include "crypto/secure_util.h" | 9 #include "crypto/secure_util.h" |
10 #include "net/base/host_port_pair.h" | 10 #include "net/base/host_port_pair.h" |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
58 DCHECK(CalledOnValidThread()); | 58 DCHECK(CalledOnValidThread()); |
59 DCHECK(socket->IsConnected()); | 59 DCHECK(socket->IsConnected()); |
60 | 60 |
61 done_callback_ = done_callback; | 61 done_callback_ = done_callback; |
62 | 62 |
63 int result; | 63 int result; |
64 if (is_ssl_server()) { | 64 if (is_ssl_server()) { |
65 scoped_refptr<net::X509Certificate> cert = | 65 scoped_refptr<net::X509Certificate> cert = |
66 net::X509Certificate::CreateFromBytes( | 66 net::X509Certificate::CreateFromBytes( |
67 local_cert_.data(), local_cert_.length()); | 67 local_cert_.data(), local_cert_.length()); |
68 if (!cert) { | 68 if (!cert.get()) { |
69 LOG(ERROR) << "Failed to parse X509Certificate"; | 69 LOG(ERROR) << "Failed to parse X509Certificate"; |
70 NotifyError(net::ERR_FAILED); | 70 NotifyError(net::ERR_FAILED); |
71 return; | 71 return; |
72 } | 72 } |
73 | 73 |
74 net::SSLConfig ssl_config; | 74 net::SSLConfig ssl_config; |
75 net::SSLServerSocket* server_socket = net::CreateSSLServerSocket( | 75 net::SSLServerSocket* server_socket = |
76 socket.release(), cert, local_key_pair_->private_key(), ssl_config); | 76 net::CreateSSLServerSocket(socket.release(), |
| 77 cert.get(), |
| 78 local_key_pair_->private_key(), |
| 79 ssl_config); |
77 socket_.reset(server_socket); | 80 socket_.reset(server_socket); |
78 | 81 |
79 result = server_socket->Handshake(base::Bind( | 82 result = server_socket->Handshake(base::Bind( |
80 &SslHmacChannelAuthenticator::OnConnected, base::Unretained(this))); | 83 &SslHmacChannelAuthenticator::OnConnected, base::Unretained(this))); |
81 } else { | 84 } else { |
82 cert_verifier_.reset(net::CertVerifier::CreateDefault()); | 85 cert_verifier_.reset(net::CertVerifier::CreateDefault()); |
83 | 86 |
84 net::SSLConfig::CertAndStatus cert_and_status; | 87 net::SSLConfig::CertAndStatus cert_and_status; |
85 cert_and_status.cert_status = net::CERT_STATUS_AUTHORITY_INVALID; | 88 cert_and_status.cert_status = net::CERT_STATUS_AUTHORITY_INVALID; |
86 cert_and_status.der_cert = remote_cert_; | 89 cert_and_status.der_cert = remote_cert_; |
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
146 bool callback_called = false; | 149 bool callback_called = false; |
147 WriteAuthenticationBytes(&callback_called); | 150 WriteAuthenticationBytes(&callback_called); |
148 if (!callback_called) | 151 if (!callback_called) |
149 ReadAuthenticationBytes(); | 152 ReadAuthenticationBytes(); |
150 } | 153 } |
151 | 154 |
152 void SslHmacChannelAuthenticator::WriteAuthenticationBytes( | 155 void SslHmacChannelAuthenticator::WriteAuthenticationBytes( |
153 bool* callback_called) { | 156 bool* callback_called) { |
154 while (true) { | 157 while (true) { |
155 int result = socket_->Write( | 158 int result = socket_->Write( |
156 auth_write_buf_, auth_write_buf_->BytesRemaining(), | 159 auth_write_buf_.get(), |
| 160 auth_write_buf_->BytesRemaining(), |
157 base::Bind(&SslHmacChannelAuthenticator::OnAuthBytesWritten, | 161 base::Bind(&SslHmacChannelAuthenticator::OnAuthBytesWritten, |
158 base::Unretained(this))); | 162 base::Unretained(this))); |
159 if (result == net::ERR_IO_PENDING) | 163 if (result == net::ERR_IO_PENDING) |
160 break; | 164 break; |
161 if (!HandleAuthBytesWritten(result, callback_called)) | 165 if (!HandleAuthBytesWritten(result, callback_called)) |
162 break; | 166 break; |
163 } | 167 } |
164 } | 168 } |
165 | 169 |
166 void SslHmacChannelAuthenticator::OnAuthBytesWritten(int result) { | 170 void SslHmacChannelAuthenticator::OnAuthBytesWritten(int result) { |
(...skipping 17 matching lines...) Expand all Loading... |
184 if (auth_write_buf_->BytesRemaining() > 0) | 188 if (auth_write_buf_->BytesRemaining() > 0) |
185 return true; | 189 return true; |
186 | 190 |
187 auth_write_buf_ = NULL; | 191 auth_write_buf_ = NULL; |
188 CheckDone(callback_called); | 192 CheckDone(callback_called); |
189 return false; | 193 return false; |
190 } | 194 } |
191 | 195 |
192 void SslHmacChannelAuthenticator::ReadAuthenticationBytes() { | 196 void SslHmacChannelAuthenticator::ReadAuthenticationBytes() { |
193 while (true) { | 197 while (true) { |
194 int result = socket_->Read( | 198 int result = |
195 auth_read_buf_, | 199 socket_->Read(auth_read_buf_.get(), |
196 auth_read_buf_->RemainingCapacity(), | 200 auth_read_buf_->RemainingCapacity(), |
197 base::Bind(&SslHmacChannelAuthenticator::OnAuthBytesRead, | 201 base::Bind(&SslHmacChannelAuthenticator::OnAuthBytesRead, |
198 base::Unretained(this))); | 202 base::Unretained(this))); |
199 if (result == net::ERR_IO_PENDING) | 203 if (result == net::ERR_IO_PENDING) |
200 break; | 204 break; |
201 if (!HandleAuthBytesRead(result)) | 205 if (!HandleAuthBytesRead(result)) |
202 break; | 206 break; |
203 } | 207 } |
204 } | 208 } |
205 | 209 |
206 void SslHmacChannelAuthenticator::OnAuthBytesRead(int result) { | 210 void SslHmacChannelAuthenticator::OnAuthBytesRead(int result) { |
207 DCHECK(CalledOnValidThread()); | 211 DCHECK(CalledOnValidThread()); |
208 | 212 |
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
242 socket_.get(), is_ssl_server() ? | 246 socket_.get(), is_ssl_server() ? |
243 kClientAuthSslExporterLabel : kHostAuthSslExporterLabel, auth_key_); | 247 kClientAuthSslExporterLabel : kHostAuthSslExporterLabel, auth_key_); |
244 if (auth_bytes.empty()) | 248 if (auth_bytes.empty()) |
245 return false; | 249 return false; |
246 | 250 |
247 return crypto::SecureMemEqual(received_auth_bytes.data(), | 251 return crypto::SecureMemEqual(received_auth_bytes.data(), |
248 &(auth_bytes[0]), kAuthDigestLength); | 252 &(auth_bytes[0]), kAuthDigestLength); |
249 } | 253 } |
250 | 254 |
251 void SslHmacChannelAuthenticator::CheckDone(bool* callback_called) { | 255 void SslHmacChannelAuthenticator::CheckDone(bool* callback_called) { |
252 if (auth_write_buf_ == NULL && auth_read_buf_ == NULL) { | 256 if (auth_write_buf_.get() == NULL && auth_read_buf_.get() == NULL) { |
253 DCHECK(socket_.get() != NULL); | 257 DCHECK(socket_.get() != NULL); |
254 if (callback_called) | 258 if (callback_called) |
255 *callback_called = true; | 259 *callback_called = true; |
256 done_callback_.Run(net::OK, socket_.PassAs<net::StreamSocket>()); | 260 done_callback_.Run(net::OK, socket_.PassAs<net::StreamSocket>()); |
257 } | 261 } |
258 } | 262 } |
259 | 263 |
260 void SslHmacChannelAuthenticator::NotifyError(int error) { | 264 void SslHmacChannelAuthenticator::NotifyError(int error) { |
261 done_callback_.Run(static_cast<net::Error>(error), | 265 done_callback_.Run(static_cast<net::Error>(error), |
262 scoped_ptr<net::StreamSocket>(NULL)); | 266 scoped_ptr<net::StreamSocket>(NULL)); |
263 } | 267 } |
264 | 268 |
265 } // namespace protocol | 269 } // namespace protocol |
266 } // namespace remoting | 270 } // namespace remoting |
OLD | NEW |