Add firewall methods to chromeos::PermissionBrokerClient.

This patch adds DBus method wrappers to PermissionBrokerClient for the new Request(Tcp|Udp)PortAccess and Release(Tcp|Udp)Port methods supported by permission_broker. BUG=435404 Review URL: https://codereview.chromium.org/960033002 Cr-Commit-Position: refs/heads/master@{#318186}

Add firewall methods to chromeos::PermissionBrokerClient.
This patch adds DBus method wrappers to PermissionBrokerClient for the new Request(Tcp|Udp)PortAccess and Release(Tcp|Udp)Port methods supported by permission_broker. BUG=435404 Review URL: https://codereview.chromium.org/960033002 Cr-Commit-Position: refs/heads/master@{#318186}
1e6ff460 · reillyg · Commit bot · 8aa02182 · 1e6ff460 · 1e6ff460
Commit 1e6ff460 authored Feb 25, 2015 by reillyg Committed by Commit bot Feb 26, 2015
4 changed files
--- a/chromeos/dbus/fake_permission_broker_client.cc
+++ b/chromeos/dbus/fake_permission_broker_client.cc
@@ -21,4 +21,34 @@ void FakePermissionBrokerClient::RequestPathAccess(
  callback.Run(false);
 }
+void FakePermissionBrokerClient::RequestTcpPortAccess(
+    uint16 port,
+    const std::string& interface,
+    const dbus::FileDescriptor& lifeline_fd,
+    const ResultCallback& callback) {
+  callback.Run(false);
+}
+void FakePermissionBrokerClient::RequestUdpPortAccess(
+    uint16 port,
+    const std::string& interface,
+    const dbus::FileDescriptor& lifeline_fd,
+    const ResultCallback& callback) {
+  callback.Run(false);
+}
+void FakePermissionBrokerClient::ReleaseTcpPort(
+    uint16 port,
+    const std::string& interface,
+    const ResultCallback& callback) {
+  callback.Run(false);
+}
+void FakePermissionBrokerClient::ReleaseUdpPort(
+    uint16 port,
+    const std::string& interface,
+    const ResultCallback& callback) {
+  callback.Run(false);
+}
 }  // namespace chromeos
--- a/chromeos/dbus/fake_permission_broker_client.h
+++ b/chromeos/dbus/fake_permission_broker_client.h
@@ -20,6 +20,20 @@ class FakePermissionBrokerClient : public PermissionBrokerClient {
  void RequestPathAccess(const std::string& path,
                         int interface_id,
                         const ResultCallback& callback) override;
+  void RequestTcpPortAccess(uint16 port,
+                            const std::string& interface,
+                            const dbus::FileDescriptor& lifeline_fd,
+                            const ResultCallback& callback) override;
+  void RequestUdpPortAccess(uint16 port,
+                            const std::string& interface,
+                            const dbus::FileDescriptor& lifeline_fd,
+                            const ResultCallback& callback) override;
+  void ReleaseTcpPort(uint16 port,
+                      const std::string& interface,
+                      const ResultCallback& callback) override;
+  void ReleaseUdpPort(uint16 port,
+                      const std::string& interface,
+                      const ResultCallback& callback) override;
 private:
  DISALLOW_COPY_AND_ASSIGN(FakePermissionBrokerClient);

--- a/chromeos/dbus/permission_broker_client.cc
+++ b/chromeos/dbus/permission_broker_client.cc
@@ -14,7 +14,11 @@
 using permission_broker::kPermissionBrokerInterface;
 using permission_broker::kPermissionBrokerServiceName;
 using permission_broker::kPermissionBrokerServicePath;
+using permission_broker::kReleaseTcpPort;
+using permission_broker::kReleaseUdpPort;
 using permission_broker::kRequestPathAccess;
+using permission_broker::kRequestTcpPortAccess;
+using permission_broker::kRequestUdpPortAccess;
 namespace chromeos {
@@ -36,6 +40,60 @@ class PermissionBrokerClientImpl : public PermissionBrokerClient {
                                  weak_ptr_factory_.GetWeakPtr(), callback));
  }
+  void RequestTcpPortAccess(uint16 port,
+                            const std::string& interface,
+                            const dbus::FileDescriptor& lifeline_fd,
+                            const ResultCallback& callback) override {
+    dbus::MethodCall method_call(kPermissionBrokerInterface,
+                                 kRequestTcpPortAccess);
+    dbus::MessageWriter writer(&method_call);
+    writer.AppendUint16(port);
+    writer.AppendString(interface);
+    writer.AppendFileDescriptor(lifeline_fd);
+    proxy_->CallMethod(&method_call, dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
+                       base::Bind(&PermissionBrokerClientImpl::OnResponse,
+                                  weak_ptr_factory_.GetWeakPtr(), callback));
+  }
+  void RequestUdpPortAccess(uint16 port,
+                            const std::string& interface,
+                            const dbus::FileDescriptor& lifeline_fd,
+                            const ResultCallback& callback) override {
+    dbus::MethodCall method_call(kPermissionBrokerInterface,
+                                 kRequestUdpPortAccess);
+    dbus::MessageWriter writer(&method_call);
+    writer.AppendUint16(port);
+    writer.AppendString(interface);
+    writer.AppendFileDescriptor(lifeline_fd);
+    proxy_->CallMethod(&method_call, dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
+                       base::Bind(&PermissionBrokerClientImpl::OnResponse,
+                                  weak_ptr_factory_.GetWeakPtr(), callback));
+  }
+  void ReleaseTcpPort(uint16 port,
+                      const std::string& interface,
+                      const ResultCallback& callback) override {
+    dbus::MethodCall method_call(kPermissionBrokerInterface, kReleaseTcpPort);
+    dbus::MessageWriter writer(&method_call);
+    writer.AppendUint16(port);
+    writer.AppendString(interface);
+    proxy_->CallMethod(&method_call, dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
+                       base::Bind(&PermissionBrokerClientImpl::OnResponse,
+                                  weak_ptr_factory_.GetWeakPtr(), callback));
+  }
+  void ReleaseUdpPort(uint16 port,
+                      const std::string& interface,
+                      const ResultCallback& callback) override {
+    dbus::MethodCall method_call(kPermissionBrokerInterface, kReleaseUdpPort);
+    dbus::MessageWriter writer(&method_call);
+    writer.AppendUint16(port);
+    writer.AppendString(interface);
+    proxy_->CallMethod(&method_call, dbus::ObjectProxy::TIMEOUT_USE_DEFAULT,
+                       base::Bind(&PermissionBrokerClientImpl::OnResponse,
+                                  weak_ptr_factory_.GetWeakPtr(), callback));
+  }
 protected:
  void Init(dbus::Bus* bus) override {
    proxy_ =

--- a/chromeos/dbus/permission_broker_client.h
+++ b/chromeos/dbus/permission_broker_client.h
@@ -12,6 +12,10 @@
 #include "chromeos/chromeos_export.h"
 #include "chromeos/dbus/dbus_client.h"
+namespace dbus {
+class FileDescriptor;
+}
 namespace chromeos {
 // PermissionBrokerClient is used to communicate with the permission broker, a
@@ -42,6 +46,38 @@ class CHROMEOS_EXPORT PermissionBrokerClient : public DBusClient {
                                 int interface_id,
                                 const ResultCallback& callback) = 0;
+  // Requests the |port| be opened on the firewall for incoming TCP/IP
+  // connections received on |interface| (an empty string indicates all
+  // interfaces). An open pipe must be passed as |lifeline_fd| so that the
+  // permission broker can monitor the lifetime of the calling process.
+  virtual void RequestTcpPortAccess(uint16 port,
+                                    const std::string& interface,
+                                    const dbus::FileDescriptor& lifeline_fd,
+                                    const ResultCallback& callback) = 0;
+  // Requests the |port| be opened on the firewall for incoming UDP packets
+  // received on |interface| (an empty string indicates all interfaces). An open
+  // pipe must be passed as |lifeline_fd| so that the permission broker can
+  // monitor the lifetime of the calling process.
+  virtual void RequestUdpPortAccess(uint16 port,
+                                    const std::string& interface,
+                                    const dbus::FileDescriptor& lifeline_fd,
+                                    const ResultCallback& callback) = 0;
+  // Releases a request for an open firewall port for TCP/IP connections. The
+  // |port| and |interface| parameters must be the same as a previous call to
+  // RequestTcpPortAccess.
+  virtual void ReleaseTcpPort(uint16 port,
+                              const std::string& interface,
+                              const ResultCallback& callback) = 0;
+  // Releases a request for an open firewall port for UDP packets. The |port|
+  // and |interface| parameters must be the same as a previous call to
+  // RequestUdpPortAccess.
+  virtual void ReleaseUdpPort(uint16 port,
+                              const std::string& interface,
+                              const ResultCallback& callback) = 0;
 protected:
  PermissionBrokerClient();