chrome/browser/policy/configuration_policy_handler_chromeos.cc - Issue 10823234: Fix ONC password filtering in about:policy.

Side by Side Diff: chrome/browser/policy/configuration_policy_handler_chromeos.cc

Issue 10823234: Fix ONC password filtering in about:policy. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 8 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/policy/configuration_policy_handler_chromeos.h"	5 #include "chrome/browser/policy/configuration_policy_handler_chromeos.h"
	pneubeck (no reviews) 2012/08/09 07:59:20 Nit: btw. the header is missing at least a forward Nit: btw. the header is missing at least a forward declaration of DictionaryValue. base/values.h should be included explicitly in .cc. 'base' namespace could be added to references to types/functions of values.h
6	6

	7 #include <algorithm>

7 #include <string>	8 #include <string>

	9 #include <vector>

8	10

9 #include "base/json/json_reader.h"	11 #include "base/json/json_reader.h"

10 #include "base/json/json_writer.h"	12 #include "base/json/json_writer.h"

11 #include "base/memory/scoped_ptr.h"	13 #include "base/memory/scoped_ptr.h"

12 #include "base/string_util.h"	14 #include "base/string_util.h"

	15 #include "chrome/browser/chromeos/cros/onc_constants.h"

13 #include "chrome/browser/chromeos/cros/onc_network_parser.h"	16 #include "chrome/browser/chromeos/cros/onc_network_parser.h"

14 #include "chrome/browser/policy/policy_error_map.h"	17 #include "chrome/browser/policy/policy_error_map.h"

15 #include "chrome/browser/policy/policy_map.h"	18 #include "chrome/browser/policy/policy_map.h"

16 #include "chrome/browser/prefs/pref_value_map.h"	19 #include "chrome/browser/prefs/pref_value_map.h"

17 #include "chrome/browser/ui/ash/chrome_launcher_prefs.h"	20 #include "chrome/browser/ui/ash/chrome_launcher_prefs.h"

18 #include "chrome/common/pref_names.h"	21 #include "chrome/common/pref_names.h"

19 #include "grit/generated_resources.h"	22 #include "grit/generated_resources.h"

20 #include "policy/policy_constants.h"	23 #include "policy/policy_constants.h"

21	24

	25 namespace onc = chromeos::onc;

	26

22 namespace policy {	27 namespace policy {

23	28

24 NetworkConfigurationPolicyHandler::NetworkConfigurationPolicyHandler(	29 NetworkConfigurationPolicyHandler::NetworkConfigurationPolicyHandler(

25 const char* policy_name,	30 const char* policy_name,

26 chromeos::NetworkUIData::ONCSource onc_source)	31 chromeos::NetworkUIData::ONCSource onc_source)

27 : TypeCheckingPolicyHandler(policy_name, Value::TYPE_STRING),	32 : TypeCheckingPolicyHandler(policy_name, Value::TYPE_STRING),

28 onc_source_(onc_source) {}	33 onc_source_(onc_source) {}

29	34

30 NetworkConfigurationPolicyHandler::~NetworkConfigurationPolicyHandler() {}	35 NetworkConfigurationPolicyHandler::~NetworkConfigurationPolicyHandler() {}

31	36

(...skipping 72 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
104 base::JSONWriter::OPTIONS_DO_NOT_ESCAPE \|	109 base::JSONWriter::OPTIONS_DO_NOT_ESCAPE \|

105 base::JSONWriter::OPTIONS_PRETTY_PRINT,	110 base::JSONWriter::OPTIONS_PRETTY_PRINT,

106 &json_string);	111 &json_string);

107 return Value::CreateStringValue(json_string);	112 return Value::CreateStringValue(json_string);

108 }	113 }

109	114

110 // static	115 // static

111 void NetworkConfigurationPolicyHandler::StripSensitiveValues(	116 void NetworkConfigurationPolicyHandler::StripSensitiveValues(

112 DictionaryValue* network_dict) {	117 DictionaryValue* network_dict) {

113 // List of settings we filter from the network dictionary.	118 // List of settings we filter from the network dictionary.

114 static const char* kFilteredSettings[] = {	119 std::vector<std::string> filtered_settings;
	pneubeck (no reviews) 2012/08/09 07:59:20 Unused? If so, also remove the comment above. Unused? If so, also remove the comment above. Mattias Nissler (ping if slow) 2012/08/09 09:09:14 Done. Show quoted text On 2012/08/09 07:59:20, pneubeck1 wrote: > Unused? If so, also remove the comment above. Done.
115 "WiFi.Passphrase",	120 static const int kMaxComponents = 4;

116 "IPsec.EAP.Password",	121 static const char* kFilteredSettings[][kMaxComponents] = {
	pneubeck (no reviews) 2012/08/09 07:59:20 Add a comment, that these are the components of a Add a comment, that these are the components of a dictionary path which are to be garbled. Each entry must be NULL-terminated. Overall, the terms "filter" and "strip" are not used correctly, IMO. Instead the sensitive data is "garbled"/"hidden"/"starred"... Mattias Nissler (ping if slow) 2012/08/09 09:09:14 Done. Show quoted text On 2012/08/09 07:59:20, pneubeck1 wrote: > Add a comment, that these are the components of a dictionary path which are to > be garbled. Each entry must be NULL-terminated. > > Overall, the terms "filter" and "strip" are not used correctly, IMO. Instead the > sensitive data is "garbled"/"hidden"/"starred"... Done.
117 "IPsec.EAP.Password",	122 { onc::kEthernet, onc::ethernet::kEAP, onc::eap::kPassword },

118 "IPsec.XAUTH.Password",	123 { onc::kVPN, onc::vpn::kIPsec, onc::vpn::kPSK },

119 "L2TP.Password",	124 { onc::kVPN, onc::vpn::kL2TP, onc::vpn::kPassword },

	125 { onc::kVPN, onc::vpn::kOpenVPN, onc::vpn::kPassword },

	126 { onc::kWiFi, onc::wifi::kEAP, onc::eap::kPassword },

	127 { onc::kWiFi, onc::wifi::kPassphrase },
	Joao da Silva 2012/08/09 07:29:33 Suggestion: align the 2nd and 3rd column entries? Suggestion: align the 2nd and 3rd column entries? Mattias Nissler (ping if slow) 2012/08/09 09:09:14 That would suggest the entries correspond to each Show quoted text On 2012/08/09 07:29:33, Joao da Silva wrote: > Suggestion: align the 2nd and 3rd column entries? That would suggest the entries correspond to each other when in fact they're not.
120 };	128 };

	129

121 // Placeholder to insert in place of the filtered setting.	130 // Placeholder to insert in place of the filtered setting.

122 static const char kPlaceholder[] = "********";	131 static const char kPlaceholder[] = "********";

123	132

124 for (size_t i = 0; i < arraysize(kFilteredSettings); ++i) {	133 for (size_t i = 0; i < arraysize(kFilteredSettings); ++i) {

125 if (network_dict->Remove(kFilteredSettings[i], NULL)) {	134 std::vector<std::string> parts(

126 network_dict->Set(kFilteredSettings[i],	135 kFilteredSettings[i],

127 Value::CreateStringValue(kPlaceholder));	136 std::find(kFilteredSettings[i],

128 }	137 kFilteredSettings[i] + kMaxComponents - 1,

	138 static_cast<const char*>(NULL)));
	Joao da Silva 2012/08/09 07:29:33 I'm not sure if the memory bots won't complain abo I'm not sure if the memory bots won't complain about reading uninitialized values; maybe add explicit NULLs? Mattias Nissler (ping if slow) 2012/08/09 09:09:14 The C++ standard says that missing elements in arr Show quoted text On 2012/08/09 07:29:33, Joao da Silva wrote: > I'm not sure if the memory bots won't complain about reading uninitialized > values; maybe add explicit NULLs? The C++ standard says that missing elements in array initializers are initialized to zeros.
	139 std::string key(JoinString(parts, '.'));

	140 if (network_dict->Remove(key, NULL))

	141 network_dict->Set(key, Value::CreateStringValue(kPlaceholder));
	pneubeck (no reviews) 2012/08/09 07:59:20 Maybe create the StringValue only once. Maybe create the StringValue only once. Mattias Nissler (ping if slow) 2012/08/09 09:09:14 No, we need fresh copies for each Set() Show quoted text On 2012/08/09 07:59:20, pneubeck1 wrote: > Maybe create the StringValue only once. No, we need fresh copies for each Set()
129 }	142 }

130 }	143 }

131	144

132 PinnedLauncherAppsPolicyHandler::PinnedLauncherAppsPolicyHandler()	145 PinnedLauncherAppsPolicyHandler::PinnedLauncherAppsPolicyHandler()

133 : ExtensionListPolicyHandler(key::kPinnedLauncherApps,	146 : ExtensionListPolicyHandler(key::kPinnedLauncherApps,

134 prefs::kPinnedLauncherApps,	147 prefs::kPinnedLauncherApps,

135 false) {}	148 false) {}

136	149

137 PinnedLauncherAppsPolicyHandler::~PinnedLauncherAppsPolicyHandler() {}	150 PinnedLauncherAppsPolicyHandler::~PinnedLauncherAppsPolicyHandler() {}

138	151

(...skipping 12 matching lines...) Expand all Loading...
151 base::DictionaryValue* app_dict = new base::DictionaryValue();	164 base::DictionaryValue* app_dict = new base::DictionaryValue();

152 app_dict->SetString(ash::kPinnedAppsPrefAppIDPath, id);	165 app_dict->SetString(ash::kPinnedAppsPrefAppIDPath, id);

153 pinned_apps_list->Append(app_dict);	166 pinned_apps_list->Append(app_dict);

154 }	167 }

155 }	168 }

156 prefs->SetValue(pref_path(), pinned_apps_list);	169 prefs->SetValue(pref_path(), pinned_apps_list);

157 }	170 }

158 }	171 }

159	172

160 } // namespace policy	173 } // namespace policy

OLD	NEW

« no previous file with comments | « no previous file | no next file » | no next file with comments »