Make sure the device recovers from policy loss in the consumer case.

chrome/browser/chromeos/login/parallel_authenticator.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/login/parallel_authenticator.h"
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/file_path.h"
 #include "base/file_util.h"
 #include "base/logging.h"
 #include "base/path_service.h"
 #include "base/string_util.h"
 #include "chrome/browser/chromeos/boot_times_loader.h"
 #include "chrome/browser/chromeos/cros/cros_library.h"
 #include "chrome/browser/chromeos/cros/cryptohome_library.h"
+#include "chrome/browser/chromeos/cros_settings.h"
 #include "chrome/browser/chromeos/cryptohome/async_method_caller.h"
+#include "chrome/browser/chromeos/dbus/cryptohome_client.h"
+#include "chrome/browser/chromeos/dbus/dbus_thread_manager.h"
 #include "chrome/browser/chromeos/login/authentication_notification_details.h"
 #include "chrome/browser/chromeos/login/login_status_consumer.h"
 #include "chrome/browser/chromeos/login/ownership_service.h"
 #include "chrome/browser/chromeos/login/user_manager.h"
 #include "chrome/common/chrome_notification_types.h"
 #include "chrome/common/chrome_paths.h"
 #include "chrome/common/chrome_switches.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/notification_service.h"
 #include "third_party/cros_system_api/dbus/service_constants.h"
@@ skipping 134 matching lines @@
 
 }  // namespace
 
 ParallelAuthenticator::ParallelAuthenticator(LoginStatusConsumer* consumer)
     : Authenticator(consumer),
       migrate_attempted_(false),
       remove_attempted_(false),
       mount_guest_attempted_(false),
       check_key_attempted_(false),
       already_reported_success_(false),
+      owner_is_verified_(false),
+      user_can_login_(false),
       using_oauth_(
           !CommandLine::ForCurrentProcess()->HasSwitch(
               switches::kSkipOAuthLogin)) {
   // If not already owned, this is a no-op.  If it is, this loads the owner's
   // public key off of disk.
   OwnershipService::GetSharedInstance()->StartLoadOwnerKeyAttempt();
 }
 
 ParallelAuthenticator::~ParallelAuthenticator() {}
 
 void ParallelAuthenticator::AuthenticateToLogin(
     Profile* profile,
     const std::string& username,
     const std::string& password,
     const std::string& login_token,
     const std::string& login_captcha) {
   std::string canonicalized = Authenticator::Canonicalize(username);
   authentication_profile_ = profile;
   current_state_.reset(
       new AuthAttemptState(
           canonicalized,
           password,
           CrosLibrary::Get()->GetCryptohomeLibrary()->HashPassword(password),
           login_token,
           login_captcha,
           !UserManager::Get()->IsKnownUser(canonicalized)));
+  {
+    // Reset the verified flag.
+    base::AutoLock for_this_block(owner_verified_lock_);
+    owner_is_verified_ = false;
+  }
+
   const bool create_if_missing = false;
   BrowserThread::PostTask(
       BrowserThread::UI, FROM_HERE,
       base::Bind(&Mount,
                  current_state_.get(),
                  static_cast<AuthAttemptStateResolver*>(this),
                  create_if_missing));
-
   // ClientLogin authentication check should happen immediately here.
   // We should not try OAuthLogin check until the profile loads.
   if (!using_oauth_) {
     // Initiate ClientLogin-based post authentication.
     current_online_.reset(new OnlineAttempt(using_oauth_,
                                             current_state_.get(),
                                             this));
     current_online_->Initiate(profile);
   }
 }
 
 void ParallelAuthenticator::CompleteLogin(Profile* profile,
                                           const std::string& username,
                                           const std::string& password) {
   std::string canonicalized = Authenticator::Canonicalize(username);
   authentication_profile_ = profile;
   current_state_.reset(
       new AuthAttemptState(
           canonicalized,
           password,
           CrosLibrary::Get()->GetCryptohomeLibrary()->HashPassword(password),
           !UserManager::Get()->IsKnownUser(canonicalized)));
+  {
+    // Reset the verified flag.
+    base::AutoLock for_this_block(owner_verified_lock_);
+    owner_is_verified_ = false;
+  }
+
   const bool create_if_missing = false;
   BrowserThread::PostTask(
       BrowserThread::UI, FROM_HERE,
       base::Bind(&Mount,
                  current_state_.get(),
                  static_cast<AuthAttemptStateResolver*>(this),
                  create_if_missing));
 
   if (!using_oauth_) {
     // Test automation needs to disable oauth, but that leads to other
@@ skipping 132 matching lines @@
 void ParallelAuthenticator::ResyncEncryptedData() {
   remove_attempted_ = true;
   current_state_->ResetCryptohomeStatus();
   BrowserThread::PostTask(
       BrowserThread::UI, FROM_HERE,
       base::Bind(&Remove,
                  current_state_.get(),
                  static_cast<AuthAttemptStateResolver*>(this)));
 }
 
+bool ParallelAuthenticator::VerifyOwner() {
+  base::AutoLock for_this_block(owner_verified_lock_);
+  if (owner_is_verified_)
+    return true;
+  // Check if policy data is fine and continue in safe mode if needed.
+  bool is_safe_mode = false;
+  CrosSettings::Get()->GetBoolean(kPolicyMissingMitigationMode, &is_safe_mode);
+  if (!is_safe_mode) {
+    // Now we can continue with the login and report mount success.
+    user_can_login_ = true;
+    owner_is_verified_ = true;
+    return true;
+  }
+  // First we have to make sure the current user's cert store is available.
+  UserManager::Get()->LoadKeyStore();
+  // Now we can continue reading the private key.
+  BrowserThread::PostTask(
+      BrowserThread::FILE, FROM_HERE,
+      base::Bind(&ParallelAuthenticator::FinishVerifyOwnerOnFileThread, this));
+  return false;
+}
+
+void ParallelAuthenticator::FinishVerifyOwnerOnFileThread() {
+  base::AutoLock for_this_block(owner_verified_lock_);
+  // Now we can check if this user is the owner.
+  user_can_login_ =
+      OwnershipService::GetSharedInstance()->IsCurrentUserOwner();
+  owner_is_verified_ = true;
+  BrowserThread::PostTask(
+      BrowserThread::UI, FROM_HERE,
+      base::Bind(&ParallelAuthenticator::Resolve, this));
+}
+
 void ParallelAuthenticator::RetryAuth(Profile* profile,
                                       const std::string& username,
                                       const std::string& password,
                                       const std::string& login_token,
                                       const std::string& login_captcha) {
   reauth_state_.reset(
       new AuthAttemptState(
           Authenticator::Canonicalize(username),
           password,
           CrosLibrary::Get()->GetCryptohomeLibrary()->HashPassword(password),
@@ skipping 149 matching lines @@
       break;
     case LOGIN_FAILED:
       current_state_->ResetCryptohomeStatus();
       BrowserThread::PostTask(BrowserThread::UI,
                               FROM_HERE,
                               base::Bind(
                                   &ParallelAuthenticator::OnLoginFailure,
                                   this,
                                   current_state_->online_outcome()));
       break;
+    case OWNER_REQUIRED: {
+      current_state_->ResetCryptohomeStatus();
+      bool success = false;
+      DBusThreadManager::Get()->GetCryptohomeClient()->Unmount(&success);
+      if (!success) {
+        // Maybe we should reboot immediately here?
+        LOG(ERROR) << "Couldn't unmount users home!";
+      }
+      BrowserThread::PostTask(BrowserThread::UI,
+                              FROM_HERE,
+                              base::Bind(
+                                  &ParallelAuthenticator::OnLoginFailure,
+                                  this,
+                                  LoginFailure(LoginFailure::OWNER_REQUIRED)));
+      break;
+    }
     default:
       NOTREACHED();
       break;
   }
 }
 
 ParallelAuthenticator::AuthState ParallelAuthenticator::ResolveState() {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   // If we haven't mounted the user's home dir yet, we can't be done.
   // We never get past here if a cryptohome op is still pending.
@@ skipping 99 matching lines @@
   if (mount_guest_attempted_) {
     if (current_state_->username == kDemoUser)
       return DEMO_LOGIN;
     else
       return GUEST_LOGIN;
   }
   if (migrate_attempted_)
     return RECOVER_MOUNT;
   if (check_key_attempted_)
     return UNLOCK;
-  return OFFLINE_LOGIN;
+
+  if (!VerifyOwner())
+    return CONTINUE;
+  return user_can_login_ ? OFFLINE_LOGIN : OWNER_REQUIRED;
 }
 
 ParallelAuthenticator::AuthState
 ParallelAuthenticator::ResolveOnlineFailureState(
     ParallelAuthenticator::AuthState offline_state) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   if (offline_state == OFFLINE_LOGIN) {
     if (WasConnectionIssue(current_state_->online_outcome())) {
       // Couldn't do an online check, so just go with the offline result.
       return OFFLINE_LOGIN;
@@ skipping 24 matching lines @@
       return offline_state;
   }
 }
 
 void ParallelAuthenticator::ResolveLoginCompletionStatus() {
   // Shortcut online state resolution process.
   current_state_->RecordOnlineLoginStatus(LoginFailure::None());
   Resolve();
 }
 
+void ParallelAuthenticator::SetOwnerState(bool owner_check_finished,
+                                          bool check_result) {
+  base::AutoLock for_this_block(owner_verified_lock_);
+  owner_is_verified_ = owner_check_finished;
+  user_can_login_ = check_result;
+}
+
 }  // namespace chromeos