Updated dmserver protobuf to include autoenrollment messages.

chrome/browser/policy/proto/device_management_backend.proto

Index: chrome/browser/policy/proto/device_management_backend.proto
diff --git a/chrome/browser/policy/proto/device_management_backend.proto b/chrome/browser/policy/proto/device_management_backend.proto
index 690fb87780e45b6036896a759bb9b3924621dc5e..6545ad287d7820b02bf8ba182b1d7ab2a1ac3416 100644
--- a/chrome/browser/policy/proto/device_management_backend.proto
+++ b/chrome/browser/policy/proto/device_management_backend.proto
@@ -41,7 +41,7 @@ message DeviceRegisterRequest {
 
 // Response from server to device register request.
 message DeviceRegisterResponse {
-  // Device mangement token for this registration.  This token MUST be
+  // Device management token for this registration.  This token MUST be
   // part of HTTP Authorization header for all future requests from
   // device to server.
   required string device_management_token = 1;
@@ -121,7 +121,7 @@ message PolicyData {
 
   // The serialized value of the actual policy protobuf.  This can be
   // deserialized to an instance of, for example, ChromeSettingsProto
-  // or ChromeUserSettingsProto.
+  // or ChromeDeviceSettingsProto.
   optional bytes policy_value = 4;
 
   // The device display name assigned by the server.  It is only
@@ -163,7 +163,7 @@ message PolicyFetchResponse {
   // provide separate error code for each individual policy fetch.
 
   // We will use standard HTTP Status Code as error code.
-  optional int32  error_code = 1;
+  optional int32 error_code = 1;
 
   // Human readable error message for customer support purpose.
   optional string error_message = 2;
@@ -205,6 +205,37 @@ message DevicePolicyResponse {
   repeated PolicyFetchResponse response = 3;
 }
 
+// Request from device to server to determine whether the device is eligible
+// for enterprise enrollment. Unlike the other requests, this request is not
+// authenticated.
+message DeviceAutoEnrollmentRequest {
+  // SHA-256 hash of the device's serial number, mod 2^|modulus|.
+  // Only the lower |modulus| bits are valid, and the size in bytes is
+  // ceil(modulus/8). The first byte has the highest order bits, and the last
+  // byte has the lower bits.
+  required bytes hash = 1;
+
+  // Exponent of the power-of-2 modulus. Indicates the number of valid bits in
+  // |hash|, up to 256.
+  required int32 modulus = 2;
+}
+
+// Response from server to auto-enrollment detection request.
+message DeviceAutoEnrollmentResponse {
+  // If this field is present, all the other fields are empty and the client
+  // should send a new DeviceAutoEnrollmentRequest with a new |hash| computed
+  // using this new |modulus|. If this field is empty, the client's request
+  // was accepted.
+  optional int32 modulus = 1;
+
+  // List of hashes in the client's hash bucket. If the client's hash matches
+  // any in this list, the client device should do enterprise enrollment.
+  // If it matches none, enrollment should be optional.
+  // Each entry has exactly 256 bits (32 bytes).
+  // This field is only valid if the |modulus| field is not set.
+  repeated bytes hashes = 2;
+}
+
 // Request from the DMAgent on the device to the DMServer.  This is
 // container for all requests from device to server.  The overall HTTP
 // request MUST be in the following format:
@@ -212,7 +243,7 @@ message DevicePolicyResponse {
 // * HTTP method is POST
 // * Data mime type is application/x-protobuffer
 // * HTTP parameters are (all required, all case sensitive):
-//   * request: MUST BE one of register/unregister/policy/ping
+//   * request: MUST BE one of register/unregister/policy/ping/autoenrollment
 //   * devicetype: MUST BE "1" for Android or "2" for Chrome OS.
 //   * apptype: MUST BE Android or Chrome.
 //   * deviceid: MUST BE no more than 64-char in [\x21-\x7E].
@@ -224,6 +255,8 @@ message DevicePolicyResponse {
 //   * For unregister and policy requests
 //      Authorization: GoogleDMToken token=<dm token from register>
 //
+//   * For autoenrollment requests the Authorization header isn't used.
+//
 //   * OAuth is NOT supported yet.
 message DeviceManagementRequest {
   // Register request.
@@ -234,6 +267,13 @@ message DeviceManagementRequest {
 
   // Policy request.
   optional DevicePolicyRequest policy_request = 3;
+
+  // Update status.
+  //optional DeviceStatusReportRequest device_status_report_request = 4;
+  //optional SessionStatusReportRequest session_status_report_request = 5;

[Joao da Silva, 2011/11/16 14:36:06]

These comments are placeholders for the field IDs that are already assigned but
haven't been merged to this proto yet. They won't be included in the final patch
set.

+
+  // Auto-enrollment detection.
+  optional DeviceAutoEnrollmentRequest device_auto_enrollment_request = 6;
 }
 
 // Response from server to device.
@@ -264,4 +304,13 @@ message DeviceManagementResponse {
 
   // Policy response.
   optional DevicePolicyResponse policy_response = 5;
+
+  // Device status report response.
+  //optional DeviceStatusReportResponse device_status_report_response = 6;
+
+  // Session status report response.
+  //optional SessionStatusReportResponse session_status_report_response = 7;

[Joao da Silva, 2011/11/16 14:36:06]

These comments are placeholders for the field IDs that are already assigned but
haven't been merged to this proto yet. They won't be included in the final patch
set.

+
+  // Auto-enrollment detection response.
+  optional DeviceAutoEnrollmentResponse device_auto_enrollment_response = 8;
 }