| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/cros/network_library.h" | 5 #include "chrome/browser/chromeos/cros/network_library.h" |
| 6 | 6 |
| 7 #include <dbus/dbus-glib.h> | 7 #include <dbus/dbus-glib.h> |
| 8 | 8 |
| 9 #include "base/i18n/icu_encoding_detection.h" | 9 #include "base/i18n/icu_encoding_detection.h" |
| 10 #include "base/i18n/icu_string_conversions.h" | 10 #include "base/i18n/icu_string_conversions.h" |
| (...skipping 716 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 727 SetOrClearStringProperty(flimflam::kL2tpIpsecClientCertSlotProperty, | 727 SetOrClearStringProperty(flimflam::kL2tpIpsecClientCertSlotProperty, |
| 728 slot, NULL); | 728 slot, NULL); |
| 729 SetOrClearStringProperty(flimflam::kL2tpIpsecPinProperty, pin, NULL); | 729 SetOrClearStringProperty(flimflam::kL2tpIpsecPinProperty, pin, NULL); |
| 730 } | 730 } |
| 731 } | 731 } |
| 732 | 732 |
| 733 void VirtualNetwork::MatchCertificatePattern(bool allow_enroll, | 733 void VirtualNetwork::MatchCertificatePattern(bool allow_enroll, |
| 734 const base::Closure& connect) { | 734 const base::Closure& connect) { |
| 735 DCHECK(client_cert_type() == CLIENT_CERT_TYPE_PATTERN); | 735 DCHECK(client_cert_type() == CLIENT_CERT_TYPE_PATTERN); |
| 736 DCHECK(!client_cert_pattern().Empty()); | 736 DCHECK(!client_cert_pattern().Empty()); |
| 737 if (client_cert_pattern().Empty()) { | 737 |
| 738 // We skip certificate patterns for device policy ONC so that an unmanaged |
| 739 // user can't get to the place where a cert is presented for them |
| 740 // involuntarily. |
| 741 if (client_cert_pattern().Empty() || |
| 742 ui_data().onc_source() == NetworkUIData::ONC_SOURCE_DEVICE_POLICY) { |
| 738 connect.Run(); | 743 connect.Run(); |
| 739 return; | 744 return; |
| 740 } | 745 } |
| 741 | 746 |
| 742 scoped_refptr<net::X509Certificate> matching_cert = | 747 scoped_refptr<net::X509Certificate> matching_cert = |
| 743 client_cert_pattern().GetMatch(); | 748 client_cert_pattern().GetMatch(); |
| 744 if (matching_cert.get()) { | 749 if (matching_cert.get()) { |
| 745 std::string client_cert_id = | 750 std::string client_cert_id = |
| 746 x509_certificate_model::GetPkcs11Id(matching_cert->os_cert_handle()); | 751 x509_certificate_model::GetPkcs11Id(matching_cert->os_cert_handle()); |
| 747 if (provider_type() == PROVIDER_TYPE_OPEN_VPN) { | 752 if (provider_type() == PROVIDER_TYPE_OPEN_VPN) { |
| 748 SetStringProperty(flimflam::kOpenVPNClientCertIdProperty, | 753 SetStringProperty(flimflam::kOpenVPNClientCertIdProperty, |
| 749 client_cert_id, &client_cert_id_); | 754 client_cert_id, &client_cert_id_); |
| 750 } else { | 755 } else { |
| 751 SetStringProperty(flimflam::kL2tpIpsecClientCertIdProperty, | 756 SetStringProperty(flimflam::kL2tpIpsecClientCertIdProperty, |
| 752 client_cert_id, &client_cert_id_); | 757 client_cert_id, &client_cert_id_); |
| 753 } | 758 } |
| 754 } else { | 759 } else { |
| 755 if (allow_enroll && enrollment_delegate()) { | 760 if (allow_enroll && enrollment_delegate()) { |
| 756 // Wrap the closure in another callback so that we can retry the | 761 // Wrap the closure in another callback so that we can retry the |
| 757 // certificate match again before actually connecting. | 762 // certificate match again before actually connecting. |
| 758 base::Closure wrapped_connect = | 763 base::Closure wrapped_connect = |
| 759 base::Bind(&VirtualNetwork::MatchCertificatePattern, | 764 base::Bind(&VirtualNetwork::MatchCertificatePattern, |
| 760 weak_pointer_factory_.GetWeakPtr(), | 765 weak_pointer_factory_.GetWeakPtr(), |
| 761 false, | 766 false, |
| 762 connect); | 767 connect); |
| 763 | 768 |
| 764 enrollment_delegate()->Enroll(client_cert_pattern().enrollment_uri_list(), | 769 enrollment_delegate()->Enroll(client_cert_pattern().enrollment_uri_list(), |
| 765 wrapped_connect); | 770 wrapped_connect); |
| 766 // Enrollment delegate will take care of running the closure at the | 771 // Enrollment delegate will take care of running the closure at the |
| 767 // appropriate time, if the user doesn't cancel. | 772 // appropriate time, if the user doesn't cancel. |
| 768 return; | 773 return; |
| 769 } | 774 } |
| 770 } | 775 } |
| 771 connect.Run(); | 776 connect.Run(); |
| 772 } | 777 } |
| 773 | 778 |
| 774 //////////////////////////////////////////////////////////////////////////////// | 779 //////////////////////////////////////////////////////////////////////////////// |
| 775 // WirelessNetwork | 780 // WirelessNetwork |
| (...skipping 567 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1343 NetworkLibrary* impl; | 1348 NetworkLibrary* impl; |
| 1344 if (stub) | 1349 if (stub) |
| 1345 impl = new NetworkLibraryImplStub(); | 1350 impl = new NetworkLibraryImplStub(); |
| 1346 else | 1351 else |
| 1347 impl = new NetworkLibraryImplCros(); | 1352 impl = new NetworkLibraryImplCros(); |
| 1348 impl->Init(); | 1353 impl->Init(); |
| 1349 return impl; | 1354 return impl; |
| 1350 } | 1355 } |
| 1351 | 1356 |
| 1352 } // namespace chromeos | 1357 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10868113:
Disable certificate patterns for device policy ONC files (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src