From c6e584c20129f8745e6fc9170a220eb58e13e172 Mon Sep 17 00:00:00 2001 From: "dilmah@chromium.org" Date: Wed, 18 May 2011 11:58:44 +0000 Subject: Private API for extensions like ssh-client that need access to websocket-to-tcp proxy. Access to TCP is obtained in following way: (1) extension requests authentication token via call to private API like: chrome.webSocketProxyPrivate.getPassportForTCP('netbsd.org', 25, callback); if API validates this request then extension obtains some string token (in callback). (2) open websocket connection to local websocket-to-tcp proxy ws://127.0.0.1:10101/tcpproxy (3) pass header containing hostname, port and token obtained at step (1) (4) communicate (in base64 encoding at this moment). Proxy (running in chrome process) verifies those tokens by calls to InternalAuthVerification::VerifyPassport Passports are one-time; no passport can be reused. Passports expire in short period of time (20 seconds). BUG=chromium-os:9667 TEST=unit_test,apitest Review URL: http://codereview.chromium.org/6683060 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@85757 0039d316-1c4b-4281-b951-d872f2087c98 --- chrome/browser/chromeos/web_socket_proxy.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'chrome/browser/chromeos/web_socket_proxy.h') diff --git a/chrome/browser/chromeos/web_socket_proxy.h b/chrome/browser/chromeos/web_socket_proxy.h index 9f15cbc..09e783a 100644 --- a/chrome/browser/chromeos/web_socket_proxy.h +++ b/chrome/browser/chromeos/web_socket_proxy.h @@ -16,14 +16,15 @@ namespace chromeos { class WebSocketProxy { public: - static const size_t kReadBufferLimit = 6 * 1024 * 1024; + static const size_t kReadBufferLimit = 12 * 1024 * 1024; // Limits incoming websocket headers in initial stage of connection. static const size_t kHeaderLimit = 32 * 1024; // Limits number of simultaneously open connections. - static const size_t kConnPoolLimit = 1000; + static const size_t kConnPoolLimit = 40; + // Empty |allowed_origins| vector disables check for origin. WebSocketProxy( const std::vector& allowed_origins, struct sockaddr* addr, int addr_len); -- cgit v1.1