| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/policy_cert_service.h" | 5 #include "chrome/browser/chromeos/policy/policy_cert_service.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/prefs/pref_service.h" | 10 #include "chrome/browser/chromeos/login/user_manager.h" |
| 11 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" |
| 11 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" | 12 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" |
| 12 #include "chrome/common/pref_names.h" | |
| 13 #include "content/public/browser/browser_thread.h" | 13 #include "content/public/browser/browser_thread.h" |
| 14 #include "net/cert/x509_certificate.h" | 14 #include "net/cert/x509_certificate.h" |
| 15 | 15 |
| 16 namespace policy { | 16 namespace policy { |
| 17 | 17 |
| 18 PolicyCertService::~PolicyCertService() { | 18 PolicyCertService::~PolicyCertService() { |
| 19 DCHECK(cert_verifier_) | 19 DCHECK(cert_verifier_) |
| 20 << "CreatePolicyCertVerifier() must be called after construction."; | 20 << "CreatePolicyCertVerifier() must be called after construction."; |
| 21 } | 21 } |
| 22 | 22 |
| 23 PolicyCertService::PolicyCertService( | 23 PolicyCertService::PolicyCertService( |
| 24 const std::string& user_id, |
| 24 UserNetworkConfigurationUpdater* net_conf_updater, | 25 UserNetworkConfigurationUpdater* net_conf_updater, |
| 25 PrefService* user_prefs) | 26 chromeos::UserManager* user_manager) |
| 26 : cert_verifier_(NULL), | 27 : cert_verifier_(NULL), |
| 28 user_id_(user_id), |
| 27 net_conf_updater_(net_conf_updater), | 29 net_conf_updater_(net_conf_updater), |
| 28 user_prefs_(user_prefs), | 30 user_manager_(user_manager), |
| 31 has_trust_anchors_(false), |
| 29 weak_ptr_factory_(this) { | 32 weak_ptr_factory_(this) { |
| 30 DCHECK(net_conf_updater_); | 33 DCHECK(net_conf_updater_); |
| 31 DCHECK(user_prefs_); | 34 DCHECK(user_manager_); |
| 32 } | 35 } |
| 33 | 36 |
| 37 PolicyCertService::PolicyCertService(const std::string& user_id, |
| 38 PolicyCertVerifier* verifier) |
| 39 : cert_verifier_(verifier), |
| 40 user_id_(user_id), |
| 41 net_conf_updater_(NULL), |
| 42 user_manager_(NULL), |
| 43 has_trust_anchors_(false), |
| 44 weak_ptr_factory_(this) {} |
| 45 |
| 34 scoped_ptr<PolicyCertVerifier> PolicyCertService::CreatePolicyCertVerifier() { | 46 scoped_ptr<PolicyCertVerifier> PolicyCertService::CreatePolicyCertVerifier() { |
| 35 base::Closure callback = | 47 base::Closure callback = base::Bind( |
| 36 base::Bind(&PolicyCertService::SetUsedPolicyCertificatesOnce, | 48 &PolicyCertServiceFactory::SetUsedPolicyCertificates, user_id_); |
| 37 weak_ptr_factory_.GetWeakPtr()); | |
| 38 cert_verifier_ = new PolicyCertVerifier( | 49 cert_verifier_ = new PolicyCertVerifier( |
| 39 base::Bind(base::IgnoreResult(&content::BrowserThread::PostTask), | 50 base::Bind(base::IgnoreResult(&content::BrowserThread::PostTask), |
| 40 content::BrowserThread::UI, | 51 content::BrowserThread::UI, |
| 41 FROM_HERE, | 52 FROM_HERE, |
| 42 callback)); | 53 callback)); |
| 43 // Certs are forwarded to |cert_verifier_|, thus register here after | 54 // Certs are forwarded to |cert_verifier_|, thus register here after |
| 44 // |cert_verifier_| is created. | 55 // |cert_verifier_| is created. |
| 45 net_conf_updater_->AddTrustedCertsObserver(this); | 56 net_conf_updater_->AddTrustedCertsObserver(this); |
| 46 | 57 |
| 47 // Set the current list of trust anchors. | 58 // Set the current list of trust anchors. |
| 48 net::CertificateList trust_anchors; | 59 net::CertificateList trust_anchors; |
| 49 net_conf_updater_->GetWebTrustedCertificates(&trust_anchors); | 60 net_conf_updater_->GetWebTrustedCertificates(&trust_anchors); |
| 50 OnTrustAnchorsChanged(trust_anchors); | 61 OnTrustAnchorsChanged(trust_anchors); |
| 51 | 62 |
| 52 return make_scoped_ptr(cert_verifier_); | 63 return make_scoped_ptr(cert_verifier_); |
| 53 } | 64 } |
| 54 | 65 |
| 55 void PolicyCertService::OnTrustAnchorsChanged( | 66 void PolicyCertService::OnTrustAnchorsChanged( |
| 56 const net::CertificateList& trust_anchors) { | 67 const net::CertificateList& trust_anchors) { |
| 57 DCHECK(cert_verifier_); | 68 DCHECK(cert_verifier_); |
| 69 |
| 70 // Do not use certificates installed via ONC policy if the current session has |
| 71 // multiple profiles. This is important to make sure that any possibly tainted |
| 72 // data is absolutely confined to the managed profile and never, ever leaks to |
| 73 // any other profile. |
| 74 if (!trust_anchors.empty() && user_manager_->GetLoggedInUsers().size() > 1u) { |
| 75 LOG(ERROR) << "Ignoring ONC-pushed certificates update because multiple " |
| 76 << "users are logged in."; |
| 77 return; |
| 78 } |
| 79 |
| 80 has_trust_anchors_ = !trust_anchors.empty(); |
| 81 |
| 58 // It's safe to use base::Unretained here, because it's guaranteed that | 82 // It's safe to use base::Unretained here, because it's guaranteed that |
| 59 // |cert_verifier_| outlives this object (see description of | 83 // |cert_verifier_| outlives this object (see description of |
| 60 // CreatePolicyCertVerifier). | 84 // CreatePolicyCertVerifier). |
| 61 // Note: ProfileIOData, which owns the CertVerifier is deleted by a | 85 // Note: ProfileIOData, which owns the CertVerifier is deleted by a |
| 62 // DeleteSoon on IO, i.e. after all pending tasks on IO are finished. | 86 // DeleteSoon on IO, i.e. after all pending tasks on IO are finished. |
| 63 content::BrowserThread::PostTask( | 87 content::BrowserThread::PostTask( |
| 64 content::BrowserThread::IO, | 88 content::BrowserThread::IO, |
| 65 FROM_HERE, | 89 FROM_HERE, |
| 66 base::Bind(&PolicyCertVerifier::SetTrustAnchors, | 90 base::Bind(&PolicyCertVerifier::SetTrustAnchors, |
| 67 base::Unretained(cert_verifier_), | 91 base::Unretained(cert_verifier_), |
| 68 trust_anchors)); | 92 trust_anchors)); |
| 69 } | 93 } |
| 70 | 94 |
| 71 bool PolicyCertService::UsedPolicyCertificates() const { | 95 bool PolicyCertService::UsedPolicyCertificates() const { |
| 72 return user_prefs_->GetBoolean(prefs::kUsedPolicyCertificatesOnce); | 96 return PolicyCertServiceFactory::UsedPolicyCertificates(user_id_); |
| 73 } | 97 } |
| 74 | 98 |
| 75 void PolicyCertService::Shutdown() { | 99 void PolicyCertService::Shutdown() { |
| 76 weak_ptr_factory_.InvalidateWeakPtrs(); | 100 weak_ptr_factory_.InvalidateWeakPtrs(); |
| 77 net_conf_updater_->RemoveTrustedCertsObserver(this); | 101 if (net_conf_updater_) |
| 102 net_conf_updater_->RemoveTrustedCertsObserver(this); |
| 78 OnTrustAnchorsChanged(net::CertificateList()); | 103 OnTrustAnchorsChanged(net::CertificateList()); |
| 79 net_conf_updater_ = NULL; | 104 net_conf_updater_ = NULL; |
| 80 user_prefs_ = NULL; | |
| 81 } | 105 } |
| 82 | 106 |
| 83 void PolicyCertService::SetUsedPolicyCertificatesOnce() { | 107 // static |
| 84 user_prefs_->SetBoolean(prefs::kUsedPolicyCertificatesOnce, true); | 108 scoped_ptr<PolicyCertService> PolicyCertService::CreateForTesting( |
| 109 const std::string& user_id, |
| 110 PolicyCertVerifier* verifier) { |
| 111 return make_scoped_ptr(new PolicyCertService(user_id, verifier)); |
| 85 } | 112 } |
| 86 | 113 |
| 87 } // namespace policy | 114 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 117263002:
Prevent ONC-pushed certificates from being used with multiprofiles. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master