Refactor ChannelAuthenticator so that it can be used with Authenticator.

BUG=None
TEST=None


Review URL: http://codereview.chromium.org/8527018

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110051 0039d316-1c4b-4281-b951-d872f2087c98

remoting/protocol/channel_authenticator.cc

@@ -9,8 +9,7 @@
 #include "crypto/hmac.h"
 #include "net/base/io_buffer.h"
 #include "net/base/net_errors.h"
-#include "net/socket/ssl_client_socket.h"
-#include "net/socket/ssl_server_socket.h"
+#include "net/socket/ssl_socket.h"
 #include "net/socket/stream_socket.h"
 
 namespace remoting {
@@ -46,8 +45,10 @@ bool GetAuthBytes(const std::string& shared_secret,
 
 }  // namespace
 
-HostChannelAuthenticator::HostChannelAuthenticator(net::SSLServerSocket* socket)
-    : socket_(socket),
+HostChannelAuthenticator::HostChannelAuthenticator(
+    const std::string& shared_secret)
+    : shared_secret_(shared_secret),
+      socket_(NULL),
       ALLOW_THIS_IN_INITIALIZER_LIST(auth_read_callback_(
           this, &HostChannelAuthenticator::OnAuthBytesRead)) {
 }
@@ -55,10 +56,11 @@ HostChannelAuthenticator::HostChannelAuthenticator(net::SSLServerSocket* socket)
 HostChannelAuthenticator::~HostChannelAuthenticator() {
 }
 
-void HostChannelAuthenticator::Authenticate(const std::string& shared_secret,
+void HostChannelAuthenticator::Authenticate(net::SSLSocket* socket,
                                             const DoneCallback& done_callback) {
   DCHECK(CalledOnValidThread());
 
+  socket_ = socket;
   done_callback_ = done_callback;
 
   unsigned char key_material[kAuthDigestLength];
@@ -70,7 +72,7 @@ void HostChannelAuthenticator::Authenticate(const std::string& shared_secret,
     return;
   }
 
-  if (!GetAuthBytes(shared_secret,
+  if (!GetAuthBytes(shared_secret_,
                     std::string(key_material, key_material + kAuthDigestLength),
                     &auth_bytes_)) {
     done_callback.Run(FAILURE);
@@ -139,8 +141,9 @@ bool HostChannelAuthenticator::VerifyAuthBytes(
 }
 
 ClientChannelAuthenticator::ClientChannelAuthenticator(
-    net::SSLClientSocket* socket)
-    : socket_(socket),
+    const std::string& shared_secret)
+    : shared_secret_(shared_secret),
+socket_(NULL),
       ALLOW_THIS_IN_INITIALIZER_LIST(auth_write_callback_(
         this, &ClientChannelAuthenticator::OnAuthBytesWritten)) {
 }
@@ -149,10 +152,11 @@ ClientChannelAuthenticator::~ClientChannelAuthenticator() {
 }
 
 void ClientChannelAuthenticator::Authenticate(
-    const std::string& shared_secret,
+    net::SSLSocket* socket,
     const DoneCallback& done_callback) {
   DCHECK(CalledOnValidThread());
 
+  socket_ = socket;
   done_callback_ = done_callback;
 
   unsigned char key_material[kAuthDigestLength];
@@ -165,7 +169,7 @@ void ClientChannelAuthenticator::Authenticate(
   }
 
   std::string auth_bytes;
-  if (!GetAuthBytes(shared_secret,
+  if (!GetAuthBytes(shared_secret_,
                     std::string(key_material, key_material + kAuthDigestLength),
                     &auth_bytes)) {
     done_callback.Run(FAILURE);

remoting/protocol/channel_authenticator.h

@@ -15,8 +15,7 @@
 namespace net {
 class DrainableIOBuffer;
 class GrowableIOBuffer;
-class SSLClientSocket;
-class SSLServerSocket;
+class SSLSocket;
 }  // namespace net
 
 namespace remoting {
@@ -38,7 +37,7 @@ class ChannelAuthenticator : public base::NonThreadSafe {
   // when authentication is finished. Caller retains ownership of
   // |socket|. |shared_secret| is a shared secret that we use to
   // authenticate the channel.
-  virtual void Authenticate(const std::string& shared_secret,
+  virtual void Authenticate(net::SSLSocket* socket,
                             const DoneCallback& done_callback) = 0;
 
  private:
@@ -47,11 +46,11 @@ class ChannelAuthenticator : public base::NonThreadSafe {
 
 class HostChannelAuthenticator : public ChannelAuthenticator {
  public:
-  HostChannelAuthenticator(net::SSLServerSocket* socket);
+  HostChannelAuthenticator(const std::string& shared_secret);
   virtual ~HostChannelAuthenticator();
 
   // ChannelAuthenticator overrides.
-  virtual void Authenticate(const std::string& shared_secret,
+  virtual void Authenticate(net::SSLSocket* socket,
                             const DoneCallback& done_callback) OVERRIDE;
 
  private:
@@ -60,8 +59,9 @@ class HostChannelAuthenticator : public ChannelAuthenticator {
   bool HandleAuthBytesRead(int result);
   bool VerifyAuthBytes(const std::string& received_auth_bytes);
 
+  std::string shared_secret_;
   std::string auth_bytes_;
-  net::SSLServerSocket* socket_;
+  net::SSLSocket* socket_;
   DoneCallback done_callback_;
 
   scoped_refptr<net::GrowableIOBuffer> auth_read_buf_;
@@ -73,11 +73,11 @@ class HostChannelAuthenticator : public ChannelAuthenticator {
 
 class ClientChannelAuthenticator : public ChannelAuthenticator {
  public:
-  ClientChannelAuthenticator(net::SSLClientSocket* socket);
+  ClientChannelAuthenticator(const std::string& shared_secret);
   virtual ~ClientChannelAuthenticator();
 
   // ChannelAuthenticator overrides.
-  virtual void Authenticate(const std::string& shared_secret,
+  virtual void Authenticate(net::SSLSocket* socket,
                             const DoneCallback& done_callback);
 
  private:
@@ -85,12 +85,14 @@ class ClientChannelAuthenticator : public ChannelAuthenticator {
   void OnAuthBytesWritten(int result);
   bool HandleAuthBytesWritten(int result);
 
-  net::SSLClientSocket* socket_;
+  std::string shared_secret_;
+  net::SSLSocket* socket_;
   DoneCallback done_callback_;
 
   scoped_refptr<net::DrainableIOBuffer> auth_write_buf_;
 
-  net::OldCompletionCallbackImpl<ClientChannelAuthenticator> auth_write_callback_;
+  net::OldCompletionCallbackImpl<ClientChannelAuthenticator>
+      auth_write_callback_;
 
   DISALLOW_COPY_AND_ASSIGN(ClientChannelAuthenticator);
 };

remoting/protocol/jingle_session_unittest.cc

@@ -239,7 +239,7 @@ class JingleSessionTest : public testing::Test {
         EXPECT_CALL(host_connection_callback_,
                     OnStateChange(Session::CONNECTED_CHANNELS))
             .Times(AtMost(1));
-        // Expect that the connection will be closed eventually.
+        // Expect that the connection will fail.
         EXPECT_CALL(host_connection_callback_,
                     OnStateChange(Session::FAILED))
             .Times(1)

remoting/protocol/jingle_stream_connector.cc

@@ -72,8 +72,6 @@ JingleStreamConnector::JingleStreamConnector(
       initiator_(false),
       local_private_key_(NULL),
       raw_channel_(NULL),
-      ssl_client_socket_(NULL),
-      ssl_server_socket_(NULL),
       ALLOW_THIS_IN_INITIALIZER_LIST(tcp_connect_callback_(
           this, &JingleStreamConnector::OnTCPConnect)),
       ALLOW_THIS_IN_INITIALIZER_LIST(ssl_connect_callback_(
@@ -122,8 +120,8 @@ bool JingleStreamConnector::EstablishTCPConnection(net::Socket* socket) {
   adapter->SetReceiveBufferSize(kTcpReceiveBufferSize);
   adapter->SetSendBufferSize(kTcpSendBufferSize);
 
-  socket_.reset(adapter);
-  int result = socket_->Connect(&tcp_connect_callback_);
+  tcp_socket_.reset(adapter);
+  int result = tcp_socket_->Connect(&tcp_connect_callback_);
   if (result == net::ERR_IO_PENDING) {
     return true;
   } else if (result == net::OK) {
@@ -135,18 +133,18 @@ bool JingleStreamConnector::EstablishTCPConnection(net::Socket* socket) {
 }
 
 bool JingleStreamConnector::EstablishSSLConnection() {
-  DCHECK(socket_->IsConnected());
+  DCHECK(tcp_socket_->IsConnected());
 
   int result;
   if (initiator_) {
     cert_verifier_.reset(new net::CertVerifier());
 
     // Create client SSL socket.
-    ssl_client_socket_ = CreateSSLClientSocket(
-        socket_.release(), remote_cert_, cert_verifier_.get());
-    socket_.reset(ssl_client_socket_);
+    net::SSLClientSocket* socket = CreateSSLClientSocket(
+        tcp_socket_.release(), remote_cert_, cert_verifier_.get());
+    socket_.reset(socket);
 
-    result = ssl_client_socket_->Connect(&ssl_connect_callback_);
+    result = socket->Connect(&ssl_connect_callback_);
   } else {
     scoped_refptr<net::X509Certificate> cert =
         net::X509Certificate::CreateFromBytes(
@@ -158,11 +156,11 @@ bool JingleStreamConnector::EstablishSSLConnection() {
 
     // Create server SSL socket.
     net::SSLConfig ssl_config;
-    ssl_server_socket_ = net::CreateSSLServerSocket(
-        socket_.release(), cert, local_private_key_, ssl_config);
-    socket_.reset(ssl_server_socket_);
+    net::SSLServerSocket* socket = net::CreateSSLServerSocket(
+        tcp_socket_.release(), cert, local_private_key_, ssl_config);
+    socket_.reset(socket);
 
-    result = ssl_server_socket_->Handshake(&ssl_connect_callback_);
+    result = socket->Handshake(&ssl_connect_callback_);
   }
 
   if (result == net::ERR_IO_PENDING) {
@@ -205,15 +203,14 @@ void JingleStreamConnector::OnSSLConnect(int result) {
 
 void JingleStreamConnector::AuthenticateChannel() {
   if (initiator_) {
-    authenticator_.reset(new ClientChannelAuthenticator(ssl_client_socket_));
+    authenticator_.reset(
+        new ClientChannelAuthenticator(session_->shared_secret()));
   } else {
-    authenticator_.reset(new HostChannelAuthenticator(ssl_server_socket_));
+    authenticator_.reset(
+        new HostChannelAuthenticator(session_->shared_secret()));
   }
-
-  authenticator_->Authenticate(
-      session_->shared_secret(),
-      base::Bind(&JingleStreamConnector::OnAuthenticationDone,
-                 base::Unretained(this)));
+  authenticator_->Authenticate(socket_.get(), base::Bind(
+      &JingleStreamConnector::OnAuthenticationDone, base::Unretained(this)));
 }
 
 void JingleStreamConnector::OnAuthenticationDone(

remoting/protocol/jingle_stream_connector.h

@@ -20,8 +20,7 @@ class TransportChannel;
 namespace net {
 class CertVerifier;
 class StreamSocket;
-class SSLClientSocket;
-class SSLServerSocket;
+class SSLSocket;
 }  // namespace net
 
 namespace remoting {
@@ -74,11 +73,8 @@ class JingleStreamConnector : public JingleChannelConnector {
   crypto::RSAPrivateKey* local_private_key_;
 
   cricket::TransportChannel* raw_channel_;
-  scoped_ptr<net::StreamSocket> socket_;
-
-  // TODO(wez): Ugly up-casts needed so we can fetch SSL keying material.
-  net::SSLClientSocket* ssl_client_socket_;
-  net::SSLServerSocket* ssl_server_socket_;
+  scoped_ptr<net::StreamSocket> tcp_socket_;
+  scoped_ptr<net::SSLSocket> socket_;
 
   // Used to verify the certificate received in SSLClientSocket.
   scoped_ptr<net::CertVerifier> cert_verifier_;

remoting/protocol/pepper_stream_channel.cc

@@ -236,11 +236,10 @@ void PepperStreamChannel::OnSSLConnect(int result) {
 void PepperStreamChannel::AuthenticateChannel() {
   DCHECK(CalledOnValidThread());
 
-  authenticator_.reset(new ClientChannelAuthenticator(ssl_client_socket_));
-  authenticator_->Authenticate(
-      session_->shared_secret(),
-      base::Bind(&PepperStreamChannel::OnAuthenticationDone,
-                 base::Unretained(this)));
+  authenticator_.reset(
+      new ClientChannelAuthenticator(session_->shared_secret()));
+  authenticator_->Authenticate(ssl_client_socket_, base::Bind(
+      &PepperStreamChannel::OnAuthenticationDone, base::Unretained(this)));
 }
 
 void PepperStreamChannel::OnAuthenticationDone(