1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "content/browser/renderer_host/pepper/pepper_socket_utils.h"
6
7 #include <string>
8 #include <vector>
9
10 #include "base/logging.h"
11 #include "base/memory/ref_counted.h"
12 #include "base/strings/string_util.h"
13 #include "base/values.h"
14 #include "build/build_config.h"
15 #include "content/public/browser/browser_thread.h"
16 #include "content/public/browser/content_browser_client.h"
17 #include "content/public/browser/render_frame_host.h"
18 #include "content/public/browser/site_instance.h"
19 #include "content/public/common/content_client.h"
20 #include "net/base/ip_address.h"
21 #include "net/base/ip_endpoint.h"
22 #include "net/cert/x509_certificate.h"
23 #include "net/cert/x509_util.h"
24 #include "ppapi/c/private/ppb_net_address_private.h"
25 #include "ppapi/shared_impl/private/net_address_private_impl.h"
26 #include "ppapi/shared_impl/private/ppb_x509_certificate_private_shared.h"
27
28 namespace content {
29 namespace pepper_socket_utils {
30
CreateSocketPermissionRequest(SocketPermissionRequest::OperationType type,const PP_NetAddress_Private & net_addr)31 SocketPermissionRequest CreateSocketPermissionRequest(
32 SocketPermissionRequest::OperationType type,
33 const PP_NetAddress_Private& net_addr) {
34 std::string host =
35 ppapi::NetAddressPrivateImpl::DescribeNetAddress(net_addr, false);
36 uint16_t port = 0;
37 net::IPAddressBytes address;
38 ppapi::NetAddressPrivateImpl::NetAddressToIPEndPoint(
39 net_addr, &address, &port);
40 return SocketPermissionRequest(type, host, port);
41 }
42
CanUseSocketAPIs(bool external_plugin,bool private_api,const SocketPermissionRequest * params,int render_process_id,int render_frame_id)43 bool CanUseSocketAPIs(bool external_plugin,
44 bool private_api,
45 const SocketPermissionRequest* params,
46 int render_process_id,
47 int render_frame_id) {
48 DCHECK_CURRENTLY_ON(BrowserThread::UI);
49 if (!external_plugin) {
50 // Always allow socket APIs for out-process plugins (other than external
51 // plugins instantiated by the embedder through
52 // BrowserPpapiHost::CreateExternalPluginProcess).
53 return true;
54 }
55
56 RenderFrameHost* render_frame_host =
57 RenderFrameHost::FromID(render_process_id, render_frame_id);
58 if (!render_frame_host)
59 return false;
60 SiteInstance* site_instance = render_frame_host->GetSiteInstance();
61 if (!site_instance)
62 return false;
63 if (!GetContentClient()->browser()->AllowPepperSocketAPI(
64 site_instance->GetBrowserContext(),
65 site_instance->GetSiteURL(),
66 private_api,
67 params)) {
68 LOG(ERROR) << "Host " << site_instance->GetSiteURL().host()
69 << " cannot use socket API or destination is not allowed";
70 return false;
71 }
72
73 return true;
74 }
75
GetCertificateFields(const net::X509Certificate & cert,ppapi::PPB_X509Certificate_Fields * fields)76 bool GetCertificateFields(const net::X509Certificate& cert,
77 ppapi::PPB_X509Certificate_Fields* fields) {
78 const net::CertPrincipal& issuer = cert.issuer();
79 fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_COMMON_NAME,
80 std::make_unique<base::Value>(issuer.common_name));
81 fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_LOCALITY_NAME,
82 std::make_unique<base::Value>(issuer.locality_name));
83 fields->SetField(
84 PP_X509CERTIFICATE_PRIVATE_ISSUER_STATE_OR_PROVINCE_NAME,
85 std::make_unique<base::Value>(issuer.state_or_province_name));
86 fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_COUNTRY_NAME,
87 std::make_unique<base::Value>(issuer.country_name));
88 fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_NAME,
89 std::make_unique<base::Value>(
90 base::JoinString(issuer.organization_names, "\n")));
91 fields->SetField(PP_X509CERTIFICATE_PRIVATE_ISSUER_ORGANIZATION_UNIT_NAME,
92 std::make_unique<base::Value>(
93 base::JoinString(issuer.organization_unit_names, "\n")));
94
95 const net::CertPrincipal& subject = cert.subject();
96 fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_COMMON_NAME,
97 std::make_unique<base::Value>(subject.common_name));
98 fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_LOCALITY_NAME,
99 std::make_unique<base::Value>(subject.locality_name));
100 fields->SetField(
101 PP_X509CERTIFICATE_PRIVATE_SUBJECT_STATE_OR_PROVINCE_NAME,
102 std::make_unique<base::Value>(subject.state_or_province_name));
103 fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_COUNTRY_NAME,
104 std::make_unique<base::Value>(subject.country_name));
105 fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_NAME,
106 std::make_unique<base::Value>(
107 base::JoinString(subject.organization_names, "\n")));
108 fields->SetField(PP_X509CERTIFICATE_PRIVATE_SUBJECT_ORGANIZATION_UNIT_NAME,
109 std::make_unique<base::Value>(base::JoinString(
110 subject.organization_unit_names, "\n")));
111
112 const std::string& serial_number = cert.serial_number();
113 fields->SetField(PP_X509CERTIFICATE_PRIVATE_SERIAL_NUMBER,
114 base::Value::CreateWithCopiedBuffer(serial_number.data(),
115 serial_number.length()));
116 fields->SetField(
117 PP_X509CERTIFICATE_PRIVATE_VALIDITY_NOT_BEFORE,
118 std::make_unique<base::Value>(cert.valid_start().ToDoubleT()));
119 fields->SetField(
120 PP_X509CERTIFICATE_PRIVATE_VALIDITY_NOT_AFTER,
121 std::make_unique<base::Value>(cert.valid_expiry().ToDoubleT()));
122 base::StringPiece cert_der =
123 net::x509_util::CryptoBufferAsStringPiece(cert.cert_buffer());
124 fields->SetField(PP_X509CERTIFICATE_PRIVATE_RAW,
125 std::make_unique<base::Value>(base::Value::BlobStorage(
126 cert_der.begin(), cert_der.end())));
127 return true;
128 }
129
GetCertificateFields(const char * der,uint32_t length,ppapi::PPB_X509Certificate_Fields * fields)130 bool GetCertificateFields(const char* der,
131 uint32_t length,
132 ppapi::PPB_X509Certificate_Fields* fields) {
133 scoped_refptr<net::X509Certificate> cert =
134 net::X509Certificate::CreateFromBytes(der, length);
135 if (!cert.get())
136 return false;
137 return GetCertificateFields(*cert.get(), fields);
138 }
139
140 #if defined(OS_CHROMEOS)
141 namespace {
142
143 // The entire IPv4 subnet 127.0.0.0/8 is for loopback. See RFC3330.
144 const uint8_t kIPv4LocalhostPrefix[] = {127};
145
IsLoopbackAddress(const net::IPAddress & address)146 bool IsLoopbackAddress(const net::IPAddress& address) {
147 if (address.IsIPv4()) {
148 return net::IPAddressStartsWith(address, kIPv4LocalhostPrefix);
149 } else if (address.IsIPv6()) {
150 // ::1 is the only loopback address in ipv6.
151 return address == net::IPAddress::IPv6Localhost();
152 }
153 return false;
154 }
155
156 } // namespace
157
OpenFirewallHole(const net::IPEndPoint & address,chromeos::FirewallHole::PortType type,chromeos::FirewallHole::OpenCallback callback)158 void OpenFirewallHole(const net::IPEndPoint& address,
159 chromeos::FirewallHole::PortType type,
160 chromeos::FirewallHole::OpenCallback callback) {
161 if (IsLoopbackAddress(address.address())) {
162 std::move(callback).Run(nullptr);
163 return;
164 }
165
166 // TODO(sergeyu): Currently an empty string is passed as interface name, which
167 // means the port will be opened on all network interfaces. Interface name
168 // can be resolved by the address, but the best solution would be to update
169 // firewalld to allow filtering by destination address, not just destination
170 // port. iptables already support it.
171 chromeos::FirewallHole::Open(type, address.port(), std::string(),
172 std::move(callback));
173 }
174
OpenTCPFirewallHole(const net::IPEndPoint & address,chromeos::FirewallHole::OpenCallback callback)175 void OpenTCPFirewallHole(const net::IPEndPoint& address,
176 chromeos::FirewallHole::OpenCallback callback) {
177 OpenFirewallHole(address, chromeos::FirewallHole::PortType::TCP,
178 std::move(callback));
179 }
180
OpenUDPFirewallHole(const net::IPEndPoint & address,chromeos::FirewallHole::OpenCallback callback)181 void OpenUDPFirewallHole(const net::IPEndPoint& address,
182 chromeos::FirewallHole::OpenCallback callback) {
183 OpenFirewallHole(address, chromeos::FirewallHole::PortType::UDP,
184 std::move(callback));
185 }
186 #endif // defined(OS_CHROMEOS)
187
PepperTCPNetworkAnnotationTag()188 net::MutableNetworkTrafficAnnotationTag PepperTCPNetworkAnnotationTag() {
189 return net::MutableNetworkTrafficAnnotationTag(
190 net::DefineNetworkTrafficAnnotation("pepper_tcp_socket",
191 R"(
192 semantics {
193 sender: "Pepper TCP Socket"
194 description:
195 "Pepper plugins use this API to send and receive data over the "
196 "network using TCP connections. This inteface is used by Flash and "
197 "PDF viewer, and Chrome Apps which use plugins to send/receive TCP "
198 "traffic (require Chrome Apps TCP socket permission). This "
199 "interface allows creation of client and server sockets."
200 trigger:
201 "A request from a Pepper plugin."
202 data: "Any data that the plugin sends."
203 destination: OTHER
204 destination_other:
205 "Data can be sent to any destination."
206 }
207 policy {
208 cookies_allowed: NO
209 setting:
210 "These requests cannot be disabled, but will not happen if user "
211 "does not use Flash, internal PDF Viewer, or Chrome Apps that use "
212 "Pepper interface."
213 chrome_policy {
214 DefaultPluginsSetting {
215 DefaultPluginsSetting: 2
216 }
217 }
218 chrome_policy {
219 AlwaysOpenPdfExternally {
220 AlwaysOpenPdfExternally: true
221 }
222 }
223 chrome_policy {
224 ExtensionInstallBlacklist {
225 ExtensionInstallBlacklist: {
226 entries: '*'
227 }
228 }
229 }
230 })"));
231 }
232
PepperUDPNetworkAnnotationTag()233 net::MutableNetworkTrafficAnnotationTag PepperUDPNetworkAnnotationTag() {
234 return net::MutableNetworkTrafficAnnotationTag(
235 net::DefineNetworkTrafficAnnotation("pepper_udp_socket",
236 R"(
237 semantics {
238 sender: "Pepper UDP Socket"
239 description:
240 "Pepper plugins use this API to send and receive data over the "
241 "network using UDP connections. This inteface is used by Flash and "
242 "PDF viewer, and Chrome Apps which use plugins to send/receive UDP "
243 "traffic (require Chrome Apps UDP socket permission)."
244 trigger:
245 "A request from a Pepper plugin."
246 data: "Any data that the plugin sends."
247 destination: OTHER
248 destination_other:
249 "Data can be sent to any destination."
250 }
251 policy {
252 cookies_allowed: NO
253 setting:
254 "These requests cannot be disabled, but will not happen if user "
255 "does not use Flash, internal PDF Viewer, or Chrome Apps that use "
256 "Pepper interface."
257 chrome_policy {
258 DefaultPluginsSetting {
259 DefaultPluginsSetting: 2
260 }
261 }
262 chrome_policy {
263 AlwaysOpenPdfExternally {
264 AlwaysOpenPdfExternally: true
265 }
266 }
267 chrome_policy {
268 ExtensionInstallBlacklist {
269 ExtensionInstallBlacklist: {
270 entries: '*'
271 }
272 }
273 }
274 })"));
275 }
276
277 } // namespace pepper_socket_utils
278 } // namespace content
279