| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/policy_cert_service.h" | 5 #include "chrome/browser/chromeos/policy/policy_cert_service.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/prefs/pref_service.h" | 10 #include "chrome/browser/chromeos/login/user_manager.h" |
| 11 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" |
| 11 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" | 12 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" |
| 12 #include "chrome/common/pref_names.h" | |
| 13 #include "content/public/browser/browser_thread.h" | 13 #include "content/public/browser/browser_thread.h" |
| 14 #include "net/cert/x509_certificate.h" | 14 #include "net/cert/x509_certificate.h" |
| 15 | 15 |
| 16 namespace policy { | 16 namespace policy { |
| 17 | 17 |
| 18 PolicyCertService::~PolicyCertService() { | 18 PolicyCertService::~PolicyCertService() { |
| 19 DCHECK(cert_verifier_) | 19 DCHECK(cert_verifier_) |
| 20 << "CreatePolicyCertVerifier() must be called after construction."; | 20 << "CreatePolicyCertVerifier() must be called after construction."; |
| 21 } | 21 } |
| 22 | 22 |
| 23 PolicyCertService::PolicyCertService( | 23 PolicyCertService::PolicyCertService( |
| 24 const std::string& user_id, |
| 24 UserNetworkConfigurationUpdater* net_conf_updater, | 25 UserNetworkConfigurationUpdater* net_conf_updater, |
| 25 PrefService* user_prefs) | 26 chromeos::UserManager* user_manager) |
| 26 : cert_verifier_(NULL), | 27 : cert_verifier_(NULL), |
| 28 user_id_(user_id), |
| 27 net_conf_updater_(net_conf_updater), | 29 net_conf_updater_(net_conf_updater), |
| 28 user_prefs_(user_prefs), | 30 user_manager_(user_manager), |
| 31 has_trust_anchors_(false), |
| 29 weak_ptr_factory_(this) { | 32 weak_ptr_factory_(this) { |
| 30 DCHECK(net_conf_updater_); | 33 DCHECK(net_conf_updater_); |
| 31 DCHECK(user_prefs_); | 34 DCHECK(user_manager_); |
| 32 } | 35 } |
| 33 | 36 |
| 37 PolicyCertService::PolicyCertService(const std::string& user_id, |
| 38 PolicyCertVerifier* verifier, |
| 39 chromeos::UserManager* user_manager) |
| 40 : cert_verifier_(verifier), |
| 41 user_id_(user_id), |
| 42 net_conf_updater_(NULL), |
| 43 user_manager_(user_manager), |
| 44 has_trust_anchors_(false), |
| 45 weak_ptr_factory_(this) {} |
| 46 |
| 34 scoped_ptr<PolicyCertVerifier> PolicyCertService::CreatePolicyCertVerifier() { | 47 scoped_ptr<PolicyCertVerifier> PolicyCertService::CreatePolicyCertVerifier() { |
| 35 base::Closure callback = | 48 base::Closure callback = base::Bind( |
| 36 base::Bind(&PolicyCertService::SetUsedPolicyCertificatesOnce, | 49 &PolicyCertServiceFactory::SetUsedPolicyCertificates, user_id_); |
| 37 weak_ptr_factory_.GetWeakPtr()); | |
| 38 cert_verifier_ = new PolicyCertVerifier( | 50 cert_verifier_ = new PolicyCertVerifier( |
| 39 base::Bind(base::IgnoreResult(&content::BrowserThread::PostTask), | 51 base::Bind(base::IgnoreResult(&content::BrowserThread::PostTask), |
| 40 content::BrowserThread::UI, | 52 content::BrowserThread::UI, |
| 41 FROM_HERE, | 53 FROM_HERE, |
| 42 callback)); | 54 callback)); |
| 43 // Certs are forwarded to |cert_verifier_|, thus register here after | 55 // Certs are forwarded to |cert_verifier_|, thus register here after |
| 44 // |cert_verifier_| is created. | 56 // |cert_verifier_| is created. |
| 45 net_conf_updater_->AddTrustedCertsObserver(this); | 57 net_conf_updater_->AddTrustedCertsObserver(this); |
| 46 | 58 |
| 47 // Set the current list of trust anchors. | 59 // Set the current list of trust anchors. |
| 48 net::CertificateList trust_anchors; | 60 net::CertificateList trust_anchors; |
| 49 net_conf_updater_->GetWebTrustedCertificates(&trust_anchors); | 61 net_conf_updater_->GetWebTrustedCertificates(&trust_anchors); |
| 50 OnTrustAnchorsChanged(trust_anchors); | 62 OnTrustAnchorsChanged(trust_anchors); |
| 51 | 63 |
| 52 return make_scoped_ptr(cert_verifier_); | 64 return make_scoped_ptr(cert_verifier_); |
| 53 } | 65 } |
| 54 | 66 |
| 55 void PolicyCertService::OnTrustAnchorsChanged( | 67 void PolicyCertService::OnTrustAnchorsChanged( |
| 56 const net::CertificateList& trust_anchors) { | 68 const net::CertificateList& trust_anchors) { |
| 57 DCHECK(cert_verifier_); | 69 DCHECK(cert_verifier_); |
| 70 |
| 71 // Do not use certificates installed via ONC policy if the current session has |
| 72 // multiple profiles. This is important to make sure that any possibly tainted |
| 73 // data is absolutely confined to the managed profile and never, ever leaks to |
| 74 // any other profile. |
| 75 if (!trust_anchors.empty() && user_manager_->GetLoggedInUsers().size() > 1u) { |
| 76 LOG(ERROR) << "Ignoring ONC-pushed certificates update because multiple " |
| 77 << "users are logged in."; |
| 78 return; |
| 79 } |
| 80 |
| 81 has_trust_anchors_ = !trust_anchors.empty(); |
| 82 |
| 58 // It's safe to use base::Unretained here, because it's guaranteed that | 83 // It's safe to use base::Unretained here, because it's guaranteed that |
| 59 // |cert_verifier_| outlives this object (see description of | 84 // |cert_verifier_| outlives this object (see description of |
| 60 // CreatePolicyCertVerifier). | 85 // CreatePolicyCertVerifier). |
| 61 // Note: ProfileIOData, which owns the CertVerifier is deleted by a | 86 // Note: ProfileIOData, which owns the CertVerifier is deleted by a |
| 62 // DeleteSoon on IO, i.e. after all pending tasks on IO are finished. | 87 // DeleteSoon on IO, i.e. after all pending tasks on IO are finished. |
| 63 content::BrowserThread::PostTask( | 88 content::BrowserThread::PostTask( |
| 64 content::BrowserThread::IO, | 89 content::BrowserThread::IO, |
| 65 FROM_HERE, | 90 FROM_HERE, |
| 66 base::Bind(&PolicyCertVerifier::SetTrustAnchors, | 91 base::Bind(&PolicyCertVerifier::SetTrustAnchors, |
| 67 base::Unretained(cert_verifier_), | 92 base::Unretained(cert_verifier_), |
| 68 trust_anchors)); | 93 trust_anchors)); |
| 69 } | 94 } |
| 70 | 95 |
| 71 bool PolicyCertService::UsedPolicyCertificates() const { | 96 bool PolicyCertService::UsedPolicyCertificates() const { |
| 72 return user_prefs_->GetBoolean(prefs::kUsedPolicyCertificatesOnce); | 97 return PolicyCertServiceFactory::UsedPolicyCertificates(user_id_); |
| 73 } | 98 } |
| 74 | 99 |
| 75 void PolicyCertService::Shutdown() { | 100 void PolicyCertService::Shutdown() { |
| 76 weak_ptr_factory_.InvalidateWeakPtrs(); | 101 weak_ptr_factory_.InvalidateWeakPtrs(); |
| 77 net_conf_updater_->RemoveTrustedCertsObserver(this); | 102 if (net_conf_updater_) |
| 103 net_conf_updater_->RemoveTrustedCertsObserver(this); |
| 78 OnTrustAnchorsChanged(net::CertificateList()); | 104 OnTrustAnchorsChanged(net::CertificateList()); |
| 79 net_conf_updater_ = NULL; | 105 net_conf_updater_ = NULL; |
| 80 user_prefs_ = NULL; | |
| 81 } | 106 } |
| 82 | 107 |
| 83 void PolicyCertService::SetUsedPolicyCertificatesOnce() { | 108 // static |
| 84 user_prefs_->SetBoolean(prefs::kUsedPolicyCertificatesOnce, true); | 109 scoped_ptr<PolicyCertService> PolicyCertService::CreateForTesting( |
| 110 const std::string& user_id, |
| 111 PolicyCertVerifier* verifier, |
| 112 chromeos::UserManager* user_manager) { |
| 113 return make_scoped_ptr( |
| 114 new PolicyCertService(user_id, verifier, user_manager)); |
| 85 } | 115 } |
| 86 | 116 |
| 87 } // namespace policy | 117 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 117263002:
Prevent ONC-pushed certificates from being used with multiprofiles. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master