• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "remoting/host/curtain_mode.h"
6 
7 #include <ApplicationServices/ApplicationServices.h>
8 #include <Carbon/Carbon.h>
9 #include <Security/Security.h>
10 #include <unistd.h>
11 
12 #include "base/bind.h"
13 #include "base/location.h"
14 #include "base/logging.h"
15 #include "base/mac/mac_util.h"
16 #include "base/mac/scoped_cftyperef.h"
17 #include "base/single_thread_task_runner.h"
18 #include "remoting/host/client_session_control.h"
19 
20 namespace {
21 
22 using remoting::ClientSessionControl;
23 
24 const char* kCGSessionPath =
25     "/System/Library/CoreServices/Menu Extras/User.menu/Contents/Resources/"
26     "CGSession";
27 
28 // Used to detach the current session from the local console and disconnect
29 // the connnection if it gets re-attached.
30 //
31 // Because the switch-in handler can only called on the main (UI) thread, this
32 // class installs the handler and detaches the current session from the console
33 // on the UI thread as well.
34 class SessionWatcher : public base::RefCountedThreadSafe<SessionWatcher> {
35  public:
36   SessionWatcher(
37       scoped_refptr<base::SingleThreadTaskRunner> caller_task_runner,
38       scoped_refptr<base::SingleThreadTaskRunner> ui_task_runner,
39       base::WeakPtr<ClientSessionControl> client_session_control);
40 
41   void Start();
42   void Stop();
43 
44  private:
45   friend class base::RefCountedThreadSafe<SessionWatcher>;
46   virtual ~SessionWatcher();
47 
48   // Detaches the session from the console and install the switch-in handler to
49   // detect when the session re-attaches back.
50   void ActivateCurtain();
51 
52   // Installs the switch-in handler.
53   bool InstallEventHandler();
54 
55   // Removes the switch-in handler.
56   void RemoveEventHandler();
57 
58   // Disconnects the client session.
59   void DisconnectSession();
60 
61   // Handlers for the switch-in event.
62   static OSStatus SessionActivateHandler(EventHandlerCallRef handler,
63                                          EventRef event,
64                                          void* user_data);
65 
66   // Task runner on which public methods of this class must be called.
67   scoped_refptr<base::SingleThreadTaskRunner> caller_task_runner_;
68 
69   // Task runner representing the thread receiving Carbon events.
70   scoped_refptr<base::SingleThreadTaskRunner> ui_task_runner_;
71 
72   // Used to disconnect the client session.
73   base::WeakPtr<ClientSessionControl> client_session_control_;
74 
75   EventHandlerRef event_handler_;
76 
77   DISALLOW_COPY_AND_ASSIGN(SessionWatcher);
78 };
79 
SessionWatcher(scoped_refptr<base::SingleThreadTaskRunner> caller_task_runner,scoped_refptr<base::SingleThreadTaskRunner> ui_task_runner,base::WeakPtr<ClientSessionControl> client_session_control)80 SessionWatcher::SessionWatcher(
81     scoped_refptr<base::SingleThreadTaskRunner> caller_task_runner,
82     scoped_refptr<base::SingleThreadTaskRunner> ui_task_runner,
83     base::WeakPtr<ClientSessionControl> client_session_control)
84     : caller_task_runner_(caller_task_runner),
85       ui_task_runner_(ui_task_runner),
86       client_session_control_(client_session_control),
87       event_handler_(NULL) {
88 }
89 
Start()90 void SessionWatcher::Start() {
91   DCHECK(caller_task_runner_->BelongsToCurrentThread());
92 
93   // Activate curtain asynchronously since it has to be done on the UI thread.
94   // Because the curtain activation is asynchronous, it is possible that
95   // the connection will not be curtained for a brief moment. This seems to be
96   // unaviodable as long as the curtain enforcement depends on processing of
97   // the switch-in notifications.
98   ui_task_runner_->PostTask(
99       FROM_HERE, base::Bind(&SessionWatcher::ActivateCurtain, this));
100 }
101 
Stop()102 void SessionWatcher::Stop() {
103   DCHECK(caller_task_runner_->BelongsToCurrentThread());
104 
105   client_session_control_.reset();
106   ui_task_runner_->PostTask(
107       FROM_HERE, base::Bind(&SessionWatcher::RemoveEventHandler, this));
108 }
109 
~SessionWatcher()110 SessionWatcher::~SessionWatcher() {
111   DCHECK(!event_handler_);
112 }
113 
ActivateCurtain()114 void SessionWatcher::ActivateCurtain() {
115   // Curtain mode causes problems with the login screen on Lion only (starting
116   // with 10.7.3), so disable it on that platform. There is a work-around, but
117   // it involves modifying a system Plist pertaining to power-management, so
118   // it's not something that should be done automatically. For more details,
119   // see https://discussions.apple.com/thread/3209415?start=690&tstart=0
120   //
121   // TODO(jamiewalch): If the underlying OS bug is ever fixed, we should support
122   // curtain mode on suitable versions of Lion.
123   if (base::mac::IsOSLion()) {
124     LOG(ERROR) << "Host curtaining is not supported on Mac OS X 10.7.";
125     DisconnectSession();
126     return;
127   }
128 
129   // Try to install the switch-in handler. Do this before switching out the
130   // current session so that the console session is not affected if it fails.
131   if (!InstallEventHandler()) {
132     LOG(ERROR) << "Failed to install the switch-in handler.";
133     DisconnectSession();
134     return;
135   }
136 
137   base::ScopedCFTypeRef<CFDictionaryRef> session(
138       CGSessionCopyCurrentDictionary());
139 
140   // CGSessionCopyCurrentDictionary has been observed to return NULL in some
141   // cases. Once the system is in this state, curtain mode will fail as the
142   // CGSession command thinks the session is not attached to the console. The
143   // only known remedy is logout or reboot. Since we're not sure what causes
144   // this, or how common it is, a crash report is useful in this case (note
145   // that the connection would have to be refused in any case, so this is no
146   // loss of functionality).
147   CHECK(session != NULL);
148 
149   const void* on_console = CFDictionaryGetValue(session,
150                                                 kCGSessionOnConsoleKey);
151   const void* logged_in = CFDictionaryGetValue(session, kCGSessionLoginDoneKey);
152   if (logged_in == kCFBooleanTrue && on_console == kCFBooleanTrue) {
153     pid_t child = fork();
154     if (child == 0) {
155       execl(kCGSessionPath, kCGSessionPath, "-suspend", NULL);
156       _exit(1);
157     } else if (child > 0) {
158       int status = 0;
159       waitpid(child, &status, 0);
160       if (status != 0) {
161         LOG(ERROR) << kCGSessionPath << " failed.";
162         DisconnectSession();
163         return;
164       }
165     } else {
166       LOG(ERROR) << "fork() failed.";
167       DisconnectSession();
168       return;
169     }
170   }
171 }
172 
InstallEventHandler()173 bool SessionWatcher::InstallEventHandler() {
174   DCHECK(ui_task_runner_->BelongsToCurrentThread());
175   DCHECK(!event_handler_);
176 
177   EventTypeSpec event;
178   event.eventClass = kEventClassSystem;
179   event.eventKind = kEventSystemUserSessionActivated;
180   OSStatus result = ::InstallApplicationEventHandler(
181       NewEventHandlerUPP(SessionActivateHandler), 1, &event, this,
182       &event_handler_);
183   if (result != noErr) {
184     event_handler_ = NULL;
185     DisconnectSession();
186     return false;
187   }
188 
189   return true;
190 }
191 
RemoveEventHandler()192 void SessionWatcher::RemoveEventHandler() {
193   DCHECK(ui_task_runner_->BelongsToCurrentThread());
194 
195   if (event_handler_) {
196     ::RemoveEventHandler(event_handler_);
197     event_handler_ = NULL;
198   }
199 }
200 
DisconnectSession()201 void SessionWatcher::DisconnectSession() {
202   if (!caller_task_runner_->BelongsToCurrentThread()) {
203     caller_task_runner_->PostTask(
204         FROM_HERE, base::Bind(&SessionWatcher::DisconnectSession, this));
205     return;
206   }
207 
208   if (client_session_control_)
209     client_session_control_->DisconnectSession();
210 }
211 
SessionActivateHandler(EventHandlerCallRef handler,EventRef event,void * user_data)212 OSStatus SessionWatcher::SessionActivateHandler(EventHandlerCallRef handler,
213                                                 EventRef event,
214                                                 void* user_data) {
215   static_cast<SessionWatcher*>(user_data)->DisconnectSession();
216   return noErr;
217 }
218 
219 }  // namespace
220 
221 namespace remoting {
222 
223 class CurtainModeMac : public CurtainMode {
224  public:
225   CurtainModeMac(
226       scoped_refptr<base::SingleThreadTaskRunner> caller_task_runner,
227       scoped_refptr<base::SingleThreadTaskRunner> ui_task_runner,
228       base::WeakPtr<ClientSessionControl> client_session_control);
229   virtual ~CurtainModeMac();
230 
231   // Overriden from CurtainMode.
232   virtual bool Activate() OVERRIDE;
233 
234  private:
235   scoped_refptr<SessionWatcher> session_watcher_;
236 
237   DISALLOW_COPY_AND_ASSIGN(CurtainModeMac);
238 };
239 
CurtainModeMac(scoped_refptr<base::SingleThreadTaskRunner> caller_task_runner,scoped_refptr<base::SingleThreadTaskRunner> ui_task_runner,base::WeakPtr<ClientSessionControl> client_session_control)240 CurtainModeMac::CurtainModeMac(
241     scoped_refptr<base::SingleThreadTaskRunner> caller_task_runner,
242     scoped_refptr<base::SingleThreadTaskRunner> ui_task_runner,
243     base::WeakPtr<ClientSessionControl> client_session_control)
244     : session_watcher_(new SessionWatcher(caller_task_runner,
245                                           ui_task_runner,
246                                           client_session_control)) {
247 }
248 
~CurtainModeMac()249 CurtainModeMac::~CurtainModeMac() {
250   session_watcher_->Stop();
251 }
252 
Activate()253 bool CurtainModeMac::Activate() {
254   session_watcher_->Start();
255   return true;
256 }
257 
258 // static
Create(scoped_refptr<base::SingleThreadTaskRunner> caller_task_runner,scoped_refptr<base::SingleThreadTaskRunner> ui_task_runner,base::WeakPtr<ClientSessionControl> client_session_control)259 scoped_ptr<CurtainMode> CurtainMode::Create(
260     scoped_refptr<base::SingleThreadTaskRunner> caller_task_runner,
261     scoped_refptr<base::SingleThreadTaskRunner> ui_task_runner,
262     base::WeakPtr<ClientSessionControl> client_session_control) {
263   return scoped_ptr<CurtainMode>(new CurtainModeMac(caller_task_runner,
264                                                     ui_task_runner,
265                                                     client_session_control));
266 }
267 
268 }  // namespace remoting
269