Adding policy support to Chrome Frame's launcher so that additional parameters can be passed to Chrome via Group Policy.

BUG=116783
TEST=See information in comment #5 of the issue.

Review URL: https://chromiumcodereview.appspot.com/9836037

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@129384 0039d316-1c4b-4281-b951-d872f2087c98

7 files changed, 154 insertions, 26 deletions

diff --git a/chrome_frame/chrome_frame_automation.cc b/chrome_frame/chrome_frame_automation.cc
index b4d3023..88f5f9c 100644
--- a/chrome_frame/chrome_frame_automation.cc
+++ b/chrome_frame/chrome_frame_automation.cc
@@ -519,7 +519,13 @@ bool ProxyFactory::ReleaseAutomationServer(void* server_id,
     Vector::ContainerType::iterator it = std::find(proxies_.container().begin(),
                                                    proxies_.container().end(),
                                                    entry);
-    proxies_.container().erase(it);
+    if (it != proxies_.container().end()) {
+      proxies_.container().erase(it);
+    } else {
+      DLOG(ERROR) << "Proxy wasn't found. Proxy map is likely empty (size="
+                  << proxies_.container().size() << ").";
+    }
+
     lock_.Release();
   }
 
diff --git a/chrome_frame/chrome_frame_launcher.gyp b/chrome_frame/chrome_frame_launcher.gyp
index 98974ea..2e317ea 100644
--- a/chrome_frame/chrome_frame_launcher.gyp
+++ b/chrome_frame/chrome_frame_launcher.gyp
@@ -1,4 +1,4 @@
-# Copyright (c) 2011 The Chromium Authors. All rights reserved.
+# Copyright (c) 2012 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
@@ -64,6 +64,7 @@
       'type': 'executable',
       'dependencies': [
         '../breakpad/breakpad.gyp:breakpad_handler',
+        '../chrome/app/policy/cloud_policy_codegen.gyp:policy',
         '../chrome/chrome.gyp:chrome_version_header',
         '../google_update/google_update.gyp:google_update',
         'chrome_frame.gyp:chrome_frame_utils',
diff --git a/chrome_frame/chrome_launcher.cc b/chrome_frame/chrome_launcher.cc
index f1a9733..88fc0da 100644
--- a/chrome_frame/chrome_launcher.cc
+++ b/chrome_frame/chrome_launcher.cc
@@ -8,6 +8,8 @@
 #include <shellapi.h>
 #include <shlwapi.h>
 
+#include "policy/policy_constants.h"
+
 // Herein lies stuff selectively stolen from Chrome. We don't pull it in
 // directly because all of it results in many things we don't want being
 // included as well.
@@ -140,6 +142,57 @@ bool IsValidCommandLine(const wchar_t* command_line) {
   return success;
 }
 
+// Looks up optionally configured launch parameters for Chrome that may have
+// been set via group policy.
+void AppendAdditionalLaunchParameters(std::wstring* command_line) {
+  static const HKEY kRootKeys[] = {
+    HKEY_LOCAL_MACHINE,
+    HKEY_CURRENT_USER
+  };
+
+  std::wstring launch_params_value_name(
+      &policy::key::kAdditionalLaunchParameters[0],
+      &policy::key::kAdditionalLaunchParameters[
+          lstrlenA(policy::key::kAdditionalLaunchParameters)]);
+
+  // Used for basic checks since CreateProcess doesn't support command lines
+  // longer than 0x8000 characters. If we surpass that length, we do not add the
+  // additional parameters.  Because we need to add a space before the
+  // extra parameters, we use 0x7fff and not 0x8000.
+  const size_t kMaxChars = 0x7FFF - command_line->size();
+  HKEY key;
+  LONG result;
+  bool found = false;
+  for (int i = 0; !found && i < arraysize(kRootKeys); ++i) {
+    result = ::RegOpenKeyExW(kRootKeys[i], policy::kRegistryMandatorySubKey, 0,
+                             KEY_QUERY_VALUE, &key);
+    if (result == ERROR_SUCCESS) {
+      DWORD size = 0;
+      DWORD type = 0;
+      result = RegQueryValueExW(key, launch_params_value_name.c_str(),
+                                0, &type, NULL, &size);
+      if (result == ERROR_SUCCESS && type == REG_SZ && size > 0 &&
+          (size / sizeof(wchar_t)) < kMaxChars) {
+        // This size includes any terminating null character or characters
+        // unless the data was stored without them, so for safety we allocate
+        // one extra char and zero out the buffer.
+        wchar_t* value = new wchar_t[(size / sizeof(wchar_t)) + 1];
+        memset(value, 0, size + sizeof(wchar_t));
+        result = RegQueryValueExW(key, launch_params_value_name.c_str(), 0,
+                                  &type, reinterpret_cast<BYTE*>(&value[0]),
+                                  &size);
+        if (result == ERROR_SUCCESS) {
+          *command_line += L' ';
+          *command_line += value;
+          found = true;
+        }
+        delete [] value;
+      }
+      ::RegCloseKey(key);
+    }
+  }
+}
+
 bool SanitizeAndLaunchChrome(const wchar_t* command_line) {
   bool success = false;
   if (IsValidCommandLine(command_line)) {
@@ -157,6 +210,9 @@ bool SanitizeAndLaunchChrome(const wchar_t* command_line) {
         command_line += args;
       }
 
+      // Append parameters that might be set by group policy.
+      AppendAdditionalLaunchParameters(&command_line);
+
       STARTUPINFO startup_info = {0};
       startup_info.cb = sizeof(startup_info);
       startup_info.dwFlags = STARTF_USESHOWWINDOW;
diff --git a/chrome_frame/chrome_launcher_utils.cc b/chrome_frame/chrome_launcher_utils.cc
index c77b9a8..0465b7b 100644
--- a/chrome_frame/chrome_launcher_utils.cc
+++ b/chrome_frame/chrome_launcher_utils.cc
@@ -15,6 +15,7 @@
 #include "chrome/common/chrome_constants.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome_frame/chrome_frame_automation.h"
+#include "chrome_frame/policy_settings.h"
 
 namespace {
 
@@ -73,6 +74,15 @@ bool CreateLaunchCommandLine(scoped_ptr<CommandLine>* command_line) {
   // Shortcut for OS versions that don't need the integrity broker.
   if (base::win::GetVersion() < base::win::VERSION_VISTA) {
     command_line->reset(new CommandLine(GetChromeExecutablePath()));
+
+    // When we do not use the Chrome Launcher, we need to add the optional extra
+    // parameters from the group policy here (this is normally done by the
+    // chrome launcher).  We don't do this when we use the launcher as the
+    // optional arguments could trip off sanitization checks and prevent Chrome
+    // from being launched.
+    const CommandLine& additional_params =
+        PolicySettings::GetInstance()->AdditionalLaunchParameters();
+    command_line->get()->AppendArguments(additional_params, false);
     return true;
   }
 
diff --git a/chrome_frame/policy_settings.cc b/chrome_frame/policy_settings.cc
index d3a6f33..bc873e8 100644
--- a/chrome_frame/policy_settings.cc
+++ b/chrome_frame/policy_settings.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2010 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -55,6 +55,10 @@ PolicySettings::RendererForUrl PolicySettings::GetRendererForContentType(
   return renderer;
 }
 
+const CommandLine& PolicySettings::AdditionalLaunchParameters() const {
+  return additional_launch_parameters_;
+}
+
 // static
 void PolicySettings::ReadUrlSettings(
     RendererForUrl* default_renderer,
@@ -117,20 +121,18 @@ void PolicySettings::ReadContentTypeSetting(
 }
 
 // static
-void PolicySettings::ReadApplicationLocaleSetting(
-    std::wstring* application_locale) {
-  DCHECK(application_locale);
-
-  application_locale->clear();
+void PolicySettings::ReadStringSetting(const char* value_name,
+                                       std::wstring* value) {
+  DCHECK(value);
+  value->clear();
   base::win::RegKey config_key;
-  std::wstring application_locale_value(
-      ASCIIToWide(policy::key::kApplicationLocaleValue));
+  std::wstring value_name_str(ASCIIToWide(value_name));
   for (int i = 0; i < arraysize(kRootKeys); ++i) {
     if ((config_key.Open(kRootKeys[i], policy::kRegistryMandatorySubKey,
                          KEY_READ) == ERROR_SUCCESS) &&
-        (config_key.ReadValue(application_locale_value.c_str(),
-                              application_locale) == ERROR_SUCCESS)) {
-        break;
+        (config_key.ReadValue(value_name_str.c_str(),
+                              value) == ERROR_SUCCESS)) {
+      break;
     }
   }
 }
@@ -140,11 +142,19 @@ void PolicySettings::RefreshFromRegistry() {
   std::vector<std::wstring> renderer_exclusion_list;
   std::vector<std::wstring> content_type_list;
   std::wstring application_locale;
+  CommandLine additional_launch_parameters(CommandLine::NO_PROGRAM);
+  std::wstring additional_parameters_str;
 
   // Read the latest settings from the registry
   ReadUrlSettings(&default_renderer, &renderer_exclusion_list);
   ReadContentTypeSetting(&content_type_list);
-  ReadApplicationLocaleSetting(&application_locale);
+  ReadStringSetting(policy::key::kApplicationLocaleValue, &application_locale);
+  ReadStringSetting(policy::key::kAdditionalLaunchParameters,
+                    &additional_parameters_str);
+  if (!additional_parameters_str.empty()) {
+    additional_parameters_str.insert(0, L"fake.exe ");
+    additional_launch_parameters.ParseFromString(additional_parameters_str);
+  }
 
   // Nofail swap in the new values.  (Note: this is all that need be protected
   // under a mutex if/when this becomes thread safe.)
@@ -154,6 +164,7 @@ void PolicySettings::RefreshFromRegistry() {
   swap(renderer_exclusion_list_, renderer_exclusion_list);
   swap(content_type_list_, content_type_list);
   swap(application_locale_, application_locale);
+  swap(additional_launch_parameters_, additional_launch_parameters);
 }
 
 // static
diff --git a/chrome_frame/policy_settings.h b/chrome_frame/policy_settings.h
index 8370b47..aaae32c 100644
--- a/chrome_frame/policy_settings.h
+++ b/chrome_frame/policy_settings.h
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -7,9 +7,10 @@
 
 #include <string>
 #include <vector>
-#include "base/memory/singleton.h"
 
 #include "base/basictypes.h"
+#include "base/command_line.h"
+#include "base/memory/singleton.h"
 
 // A simple class that reads and caches policy settings for Chrome Frame.
 // TODO(tommi): Support refreshing when new settings are pushed.
@@ -38,15 +39,22 @@ class PolicySettings {
     return application_locale_;
   }
 
+  // Contains additional parameters that can optionally be configured for the
+  // current user via the policy settings.  The program part of this command
+  // line object must not be used when appending to another command line.
+  const CommandLine& AdditionalLaunchParameters() const;
+
   // Helper functions for reading settings from the registry
   static void ReadUrlSettings(RendererForUrl* default_renderer,
       std::vector<std::wstring>* renderer_exclusion_list);
   static void ReadContentTypeSetting(
       std::vector<std::wstring>* content_type_list);
-  static void ReadApplicationLocaleSetting(std::wstring* application_locale);
+  static void ReadStringSetting(const char* value_name, std::wstring* value);
 
  protected:
-  PolicySettings() : default_renderer_(RENDERER_NOT_SPECIFIED) {
+  PolicySettings()
+      : default_renderer_(RENDERER_NOT_SPECIFIED),
+        additional_launch_parameters_(CommandLine::NO_PROGRAM) {
     RefreshFromRegistry();
   }
 
@@ -61,6 +69,7 @@ class PolicySettings {
   std::vector<std::wstring> renderer_exclusion_list_;
   std::vector<std::wstring> content_type_list_;
   std::wstring application_locale_;
+  CommandLine additional_launch_parameters_;
 
  private:
   // This ensures no construction is possible outside of the class itself.
diff --git a/chrome_frame/test/policy_settings_unittest.cc b/chrome_frame/test/policy_settings_unittest.cc
index f3d5e12..82a1598 100644
--- a/chrome_frame/test/policy_settings_unittest.cc
+++ b/chrome_frame/test/policy_settings_unittest.cc
@@ -1,4 +1,4 @@
-// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
@@ -11,6 +11,7 @@
 #include "base/win/registry.h"
 #include "chrome_frame/policy_settings.h"
 #include "chrome_frame/test/chrome_frame_test_utils.h"
+#include "content/public/common/content_switches.h"
 #include "policy/policy_constants.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
@@ -39,7 +40,8 @@ bool InitializePolicyKey(HKEY policy_root, RegKey* policy_key) {
   return policy_key->Valid();
 }
 
-void WritePolicyList(RegKey* policy_key, const wchar_t* list_name,
+void WritePolicyList(RegKey* policy_key,
+                     const wchar_t* list_name,
                      const wchar_t* values[], int count) {
   DCHECK(policy_key);
   // Remove any previous settings
@@ -76,7 +78,8 @@ bool SetRendererSettings(HKEY policy_root,
   return true;
 }
 
-bool SetCFContentTypes(HKEY policy_root, const wchar_t* content_types[],
+bool SetCFContentTypes(HKEY policy_root,
+                       const wchar_t* content_types[],
                        int count) {
   RegKey policy_key;
   if (!InitializePolicyKey(policy_root, &policy_key))
@@ -88,15 +91,16 @@ bool SetCFContentTypes(HKEY policy_root, const wchar_t* content_types[],
   return true;
 }
 
-bool SetChromeApplicationLocale(HKEY policy_root, const wchar_t* locale) {
+bool SetCFPolicyString(HKEY policy_root,
+                       const char* policy_name,
+                       const wchar_t* value) {
   RegKey policy_key;
   if (!InitializePolicyKey(policy_root, &policy_key))
     return false;
 
-  std::wstring application_locale_value(
-      ASCIIToWide(policy::key::kApplicationLocaleValue));
+  std::wstring policy_name_str(ASCIIToWide(policy_name));
   EXPECT_EQ(ERROR_SUCCESS,
-      policy_key.WriteValue(application_locale_value.c_str(), locale));
+      policy_key.WriteValue(policy_name_str.c_str(), value));
   return true;
 }
 
@@ -206,7 +210,8 @@ TEST_F(PolicySettingsTest, ApplicationLocale) {
 
   HKEY root[] = { HKEY_LOCAL_MACHINE, HKEY_CURRENT_USER };
   for (int i = 0; i < arraysize(root); ++i) {
-    SetChromeApplicationLocale(root[i], kTestApplicationLocale);
+    SetCFPolicyString(root[i], policy::key::kApplicationLocaleValue,
+                      kTestApplicationLocale);
     ResetPolicySettings();
     EXPECT_EQ(std::wstring(kTestApplicationLocale),
               PolicySettings::GetInstance()->ApplicationLocale());
@@ -214,3 +219,33 @@ TEST_F(PolicySettingsTest, ApplicationLocale) {
     DeleteChromeFramePolicyEntries(root[i]);
   }
 }
+
+TEST_F(PolicySettingsTest, AdditionalLaunchParameters) {
+  EXPECT_TRUE(PolicySettings::GetInstance()->
+      AdditionalLaunchParameters().GetProgram().empty());
+
+  std::string test_switches("--");
+  test_switches += switches::kEnableMediaStream;
+  test_switches += " --";
+  test_switches += switches::kEnableMediaSource;
+
+  HKEY root[] = { HKEY_LOCAL_MACHINE, HKEY_CURRENT_USER };
+  for (int i = 0; i < arraysize(root); ++i) {
+    SetCFPolicyString(root[i], policy::key::kAdditionalLaunchParameters,
+                      ASCIIToWide(test_switches).c_str());
+    ResetPolicySettings();
+    const CommandLine& additional_params =
+        PolicySettings::GetInstance()->AdditionalLaunchParameters();
+    EXPECT_TRUE(additional_params.HasSwitch(switches::kEnableMediaStream));
+    EXPECT_TRUE(additional_params.HasSwitch(switches::kEnableMediaSource));
+
+    FilePath program_path(FILE_PATH_LITERAL("my_chrome.exe"));
+    CommandLine new_cmd_line(program_path);
+    new_cmd_line.AppendArguments(additional_params, false);
+    EXPECT_NE(new_cmd_line.GetProgram(), additional_params.GetProgram());
+    EXPECT_TRUE(new_cmd_line.HasSwitch(switches::kEnableMediaStream));
+    EXPECT_TRUE(new_cmd_line.HasSwitch(switches::kEnableMediaSource));
+
+    DeleteChromeFramePolicyEntries(root[i]);
+  }
+}