Adding error handling to ONC validation.

chrome/browser/chromeos/cros/network_library_impl_base.cc

Index: chrome/browser/chromeos/cros/network_library_impl_base.cc
diff --git a/chrome/browser/chromeos/cros/network_library_impl_base.cc b/chrome/browser/chromeos/cros/network_library_impl_base.cc
index 89e5194b87f79d9a05fd0a09fcc83b0d4edfcd80..0339e5b2162ea4138ea1e531e7809c30941b2529 100644
--- a/chrome/browser/chromeos/cros/network_library_impl_base.cc
+++ b/chrome/browser/chromeos/cros/network_library_impl_base.cc
@@ -1077,9 +1077,18 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
                            from_policy);
 
   // Unknown fields are removed from the result.
+  std::string validator_error;
   root_dict = validator.ValidateAndRepairObject(
-      &onc::kUnencryptedConfigurationSignature,
-      *root_dict);
+      &onc::kToplevelConfigurationSignature, *root_dict, &validator_error);
+
+  if (!validator_error.empty()) {
+    if (error != NULL) {
+      *error = validator_error;
+      error->append("\n");
+    }
+    LOG(WARNING) << "ONC from source " << source
+                 << " contains errors: " << validator_error;
+  }
 
   if (root_dict.get() == NULL) {
     LOG(WARNING) << "ONC from source " << source
@@ -1096,19 +1105,16 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
       onc::kNetworkConfigurations,
       &network_configs);
 
-  // At least one of NetworkConfigurations or Certificates is required.
-  LOG_IF(WARNING, (!has_network_configurations && !has_certificates))
-      << "ONC from source " << source
-      << " has neither NetworkConfigurations nor Certificates.";
-
   if (has_certificates) {
     VLOG(2) << "ONC file has " << certificates->GetSize() << " certificates";
 
     onc::CertificateImporter cert_importer(source, allow_web_trust_from_policy);
     std::string cert_error;
     if (!cert_importer.ParseAndStoreCertificates(*certificates, &cert_error)) {
-      if (error != NULL)
-        *error = cert_error;
+      if (error != NULL) {
+        error->append(cert_error);
+        error->append("\n");
+      }
       LOG(WARNING) << "Cannot parse some of the certificates in the ONC from "
                    << "source " << source << " with error: " << cert_error;
       return false;
@@ -1130,8 +1136,10 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
       bool marked_for_removal = false;
       Network* network = parser.ParseNetwork(i, &marked_for_removal);
       if (!network) {
-        if (error != NULL)
-          *error = parser.parse_error();
+        if (error != NULL) {
+          error->append(parser.parse_error());
+          error->append("\n");
+        }
         LOG(WARNING) << "Error during parsing network at index " << i
                      << " from ONC source " << source
                      << ": " << parser.parse_error();
@@ -1143,6 +1151,11 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
       if (source == NetworkUIData::ONC_SOURCE_DEVICE_POLICY &&
           network->type() != TYPE_WIFI &&
           network->type() != TYPE_ETHERNET) {
+        if (error != NULL) {
+          error->append(l10n_util::GetStringUTF8(
+              IDS_NETWORK_CONFIG_ERROR_IGNORING_DEVICE_LEVEL_POLICY));
+          error->append("\n");
+        }
         LOG(WARNING) << "Ignoring device-level policy-pushed network of type "
                      << network->type();
         delete network;
@@ -1205,6 +1218,11 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
         if (ethernet) {
           CallConfigureService(ethernet->unique_id(), &dict);
         } else {
+          if (error != NULL) {
+            error->append(l10n_util::GetStringUTF8(
+                IDS_NETWORK_CONFIG_ERROR_IGNORING_DEVICE_LEVEL_POLICY));
+            error->append("\n");
+          }
           DLOG(WARNING) << "Tried to import ONC with an Ethernet network when "
                         << "there is no active Ethernet connection.";
         }