chromeos/network/firewall_hole.h

   1 // Copyright 2015 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROMEOS_NETWORK_FIREWALL_HOLE_H_
   6 #define CHROMEOS_NETWORK_FIREWALL_HOLE_H_
   7
   8 #include <stdint.h>
   9 #include <string>
  10
  11 #include "base/callback_forward.h"
  12 #include "base/memory/scoped_ptr.h"
  13 #include "chromeos/chromeos_export.h"
  14 #include "dbus/file_descriptor.h"
  15
  16 namespace chromeos {
  17
  18 // This class works with the Chrome OS permission broker to open a port in the
  19 // system firewall. It is closed on destruction.
  20 class CHROMEOS_EXPORT FirewallHole {
  21  public:
  22   enum class PortType {
  23     UDP,
  24     TCP,
  25   };
  26
  27   typedef base::Callback<void(scoped_ptr<FirewallHole>)> OpenCallback;
  28
  29   // Opens a port on the system firewall for the given network interface (or all
  30   // interfaces if |interface| is ""). The hole will be closed when the object
  31   // provided to the callback is destroyed.
  32   static void Open(PortType type,
  33                    uint16_t port,
  34                    const std::string& interface,
  35                    const OpenCallback& callback);
  36
  37   ~FirewallHole();
  38
  39  private:
  40   static void RequestPortAccess(PortType type,
  41                                 uint16_t port,
  42                                 const std::string& interface,
  43                                 dbus::ScopedFileDescriptor lifeline_local,
  44                                 dbus::ScopedFileDescriptor lifeline_remote,
  45                                 const OpenCallback& callback);
  46
  47   static void PortAccessGranted(PortType type,
  48                                 uint16_t port,
  49                                 const std::string& interface,
  50                                 dbus::ScopedFileDescriptor lifeline_fd,
  51                                 const FirewallHole::OpenCallback& callback,
  52                                 bool success);
  53
  54   FirewallHole(PortType type,
  55                uint16_t port,
  56                const std::string& interface,
  57                dbus::ScopedFileDescriptor lifeline_fd);
  58
  59   const PortType type_;
  60   const uint16_t port_;
  61   const std::string interface_;
  62
  63   // A file descriptor used by firewalld to track the lifetime of this process.
  64   dbus::ScopedFileDescriptor lifeline_fd_;
  65 };
  66
  67 }  // namespace chromeos
  68
  69 #endif  // CHROMEOS_NETWORK_FIREWALL_HOLE_H_