Make additional PPB APIs require ppapi::PERMISSION_SOCKET.

TCPServerSocketPrivate, TCPSocketPrivate, and UDPSocketPrivate now
require this permission in addition to a whitelisted site/URL.

Tidy code a bit while at it:
- use early returns
- use std::make_unique<>
- pull a redundant permission check

Bug: 950005
Change-Id: I6c24c39bf55c08fd538da62d1dc3a8a58610be2d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1553877
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Cr-Commit-Position: refs/heads/master@{#649205}

content/browser/renderer_host/pepper/content_browser_pepper_host_factory.cc

@@ -134,6 +134,34 @@ ContentBrowserPepperHostFactory::CreateResourceHost(
         return std::make_unique<ppapi::host::MessageFilterHost>(
             host_->GetPpapiHost(), instance, resource, udp_socket);
       }
+
+      // The following interfaces are "private" because permission will be
+      // checked against a whitelist of apps at the time of the corresponding
+      // instance's method calls (because permission check can be performed
+      // only on the UI thread).
+      case PpapiHostMsg_TCPServerSocket_CreatePrivate::ID: {
+        if (!CanCreateSocket())
+          return nullptr;
+        scoped_refptr<ppapi::host::ResourceMessageFilter> tcp_server_socket(
+            new PepperTCPServerSocketMessageFilter(this, host_, instance,
+                                                   true));
+        return std::make_unique<ppapi::host::MessageFilterHost>(
+            host_->GetPpapiHost(), instance, resource, tcp_server_socket);
+      }
+      case PpapiHostMsg_TCPSocket_CreatePrivate::ID: {
+        if (!CanCreateSocket())
+          return nullptr;
+        return CreateNewTCPSocket(instance, resource,
+                                  ppapi::TCP_SOCKET_VERSION_PRIVATE);
+      }
+      case PpapiHostMsg_UDPSocket_CreatePrivate::ID: {
+        if (!CanCreateSocket())
+          return nullptr;
+        scoped_refptr<ppapi::host::ResourceMessageFilter> udp_socket(
+            new PepperUDPSocketMessageFilter(host_, instance, true));
+        return std::make_unique<ppapi::host::MessageFilterHost>(
+            host_->GetPpapiHost(), instance, resource, udp_socket);
+      }
     }
   }
 
@@ -199,32 +227,6 @@ ContentBrowserPepperHostFactory::CreateResourceHost(
         new ppapi::host::MessageFilterHost(host_->GetPpapiHost(), instance,
                                            resource, host_resolver));
   }
-  if (message.type() == PpapiHostMsg_TCPServerSocket_CreatePrivate::ID) {
-    if (CanCreateSocket()) {
-      scoped_refptr<ppapi::host::ResourceMessageFilter> tcp_server_socket(
-          new PepperTCPServerSocketMessageFilter(this, host_, instance, true));
-      return std::unique_ptr<ppapi::host::ResourceHost>(
-          new ppapi::host::MessageFilterHost(host_->GetPpapiHost(), instance,
-                                             resource, tcp_server_socket));
-    } else {
-      return std::unique_ptr<ppapi::host::ResourceHost>();
-    }
-  }
-  if (message.type() == PpapiHostMsg_TCPSocket_CreatePrivate::ID) {
-    return CreateNewTCPSocket(instance, resource,
-                              ppapi::TCP_SOCKET_VERSION_PRIVATE);
-  }
-  if (message.type() == PpapiHostMsg_UDPSocket_CreatePrivate::ID) {
-    if (CanCreateSocket()) {
-      scoped_refptr<ppapi::host::ResourceMessageFilter> udp_socket(
-          new PepperUDPSocketMessageFilter(host_, instance, true));
-      return std::unique_ptr<ppapi::host::ResourceHost>(
-          new ppapi::host::MessageFilterHost(host_->GetPpapiHost(), instance,
-                                             resource, udp_socket));
-    } else {
-      return std::unique_ptr<ppapi::host::ResourceHost>();
-    }
-  }
   if (message.type() == PpapiHostMsg_NetworkMonitor_Create::ID) {
     return std::unique_ptr<ppapi::host::ResourceHost>(
         new PepperNetworkMonitorHost(host_, instance, resource));
@@ -272,9 +274,6 @@ ContentBrowserPepperHostFactory::CreateNewTCPSocket(
     PP_Instance instance,
     PP_Resource resource,
     ppapi::TCPSocketVersion version) {
-  if (!CanCreateSocket())
-    return std::unique_ptr<ppapi::host::ResourceHost>();
-
   scoped_refptr<ppapi::host::ResourceMessageFilter> tcp_socket(
       new PepperTCPSocketMessageFilter(this, host_, instance, version));
   if (!tcp_socket.get())

ppapi/thunk/interfaces_ppb_private_no_permissions.h

@@ -5,6 +5,9 @@
 // Please see inteface_ppb_public_stable for the documentation on the format of
 // this file.
 
+// no-include-guard-because-multiply-included
+// NOLINT(build/header_guard)
+
 #include "ppapi/thunk/interfaces_preamble.h"
 
 // These interfaces don't require private permissions. However, they only work
@@ -17,22 +20,6 @@ PROXIED_IFACE(PPB_CAMERADEVICE_PRIVATE_INTERFACE_0_1,
 
 PROXIED_IFACE(PPB_HOSTRESOLVER_PRIVATE_INTERFACE_0_1,
               PPB_HostResolver_Private_0_1)
-PROXIED_IFACE(PPB_TCPSERVERSOCKET_PRIVATE_INTERFACE_0_1,
-              PPB_TCPServerSocket_Private_0_1)
-PROXIED_IFACE(PPB_TCPSERVERSOCKET_PRIVATE_INTERFACE_0_2,
-              PPB_TCPServerSocket_Private_0_2)
-PROXIED_IFACE(PPB_TCPSOCKET_PRIVATE_INTERFACE_0_3,
-              PPB_TCPSocket_Private_0_3)
-PROXIED_IFACE(PPB_TCPSOCKET_PRIVATE_INTERFACE_0_4,
-              PPB_TCPSocket_Private_0_4)
-PROXIED_IFACE(PPB_TCPSOCKET_PRIVATE_INTERFACE_0_5,
-              PPB_TCPSocket_Private_0_5)
-PROXIED_IFACE(PPB_UDPSOCKET_PRIVATE_INTERFACE_0_2,
-              PPB_UDPSocket_Private_0_2)
-PROXIED_IFACE(PPB_UDPSOCKET_PRIVATE_INTERFACE_0_3,
-              PPB_UDPSocket_Private_0_3)
-PROXIED_IFACE(PPB_UDPSOCKET_PRIVATE_INTERFACE_0_4,
-              PPB_UDPSocket_Private_0_4)
 
 PROXIED_IFACE(PPB_NETADDRESS_PRIVATE_INTERFACE_0_1,
               PPB_NetAddress_Private_0_1)

ppapi/thunk/interfaces_ppb_public_socket.h

@@ -15,4 +15,16 @@ PROXIED_IFACE(PPB_UDPSOCKET_INTERFACE_1_0, PPB_UDPSocket_1_0)
 PROXIED_IFACE(PPB_UDPSOCKET_INTERFACE_1_1, PPB_UDPSocket_1_1)
 PROXIED_IFACE(PPB_UDPSOCKET_INTERFACE_1_2, PPB_UDPSocket_1_2)
 
+// These interfaces only work for whitelisted origins.
+PROXIED_IFACE(PPB_TCPSERVERSOCKET_PRIVATE_INTERFACE_0_1,
+              PPB_TCPServerSocket_Private_0_1)
+PROXIED_IFACE(PPB_TCPSERVERSOCKET_PRIVATE_INTERFACE_0_2,
+              PPB_TCPServerSocket_Private_0_2)
+PROXIED_IFACE(PPB_TCPSOCKET_PRIVATE_INTERFACE_0_3, PPB_TCPSocket_Private_0_3)
+PROXIED_IFACE(PPB_TCPSOCKET_PRIVATE_INTERFACE_0_4, PPB_TCPSocket_Private_0_4)
+PROXIED_IFACE(PPB_TCPSOCKET_PRIVATE_INTERFACE_0_5, PPB_TCPSocket_Private_0_5)
+PROXIED_IFACE(PPB_UDPSOCKET_PRIVATE_INTERFACE_0_2, PPB_UDPSocket_Private_0_2)
+PROXIED_IFACE(PPB_UDPSOCKET_PRIVATE_INTERFACE_0_3, PPB_UDPSocket_Private_0_3)
+PROXIED_IFACE(PPB_UDPSOCKET_PRIVATE_INTERFACE_0_4, PPB_UDPSocket_Private_0_4)
+
 #include "ppapi/thunk/interfaces_postamble.h"