| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/network/onc/onc_validator.h" | 5 #include "chromeos/network/onc/onc_validator.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/json/json_writer.h" | 10 #include "base/json/json_writer.h" |
| (...skipping 362 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 373 LOG(ERROR) << ErrorHeader() << "Client certificate patterns are " | 373 LOG(ERROR) << ErrorHeader() << "Client certificate patterns are " |
| 374 << "prohibited in ONC device policies."; | 374 << "prohibited in ONC device policies."; |
| 375 return true; | 375 return true; |
| 376 } | 376 } |
| 377 return false; | 377 return false; |
| 378 } | 378 } |
| 379 | 379 |
| 380 bool Validator::ValidateToplevelConfiguration( | 380 bool Validator::ValidateToplevelConfiguration( |
| 381 const base::DictionaryValue& onc_object, | 381 const base::DictionaryValue& onc_object, |
| 382 base::DictionaryValue* result) { | 382 base::DictionaryValue* result) { |
| 383 using namespace onc::toplevel_config; |
| 384 |
| 383 if (!ValidateObjectDefault(kToplevelConfigurationSignature, | 385 if (!ValidateObjectDefault(kToplevelConfigurationSignature, |
| 384 onc_object, result)) { | 386 onc_object, result)) { |
| 385 return false; | 387 return false; |
| 386 } | 388 } |
| 387 | 389 |
| 388 static const char* kValidTypes[] = | 390 static const char* kValidTypes[] = |
| 389 { kUnencryptedConfiguration, kEncryptedConfiguration, NULL }; | 391 { kUnencryptedConfiguration, |
| 390 if (FieldExistsAndHasNoValidValue(*result, kType, kValidTypes)) | 392 kEncryptedConfiguration, |
| 393 NULL }; |
| 394 if (FieldExistsAndHasNoValidValue(*result, |
| 395 kType, |
| 396 kValidTypes)) |
| 391 return false; | 397 return false; |
| 392 | 398 |
| 393 bool allRequiredExist = true; | 399 bool allRequiredExist = true; |
| 394 | 400 |
| 395 // Not part of the ONC spec yet: | 401 // Not part of the ONC spec yet: |
| 396 // We don't require the type field and default to UnencryptedConfiguration. | 402 // We don't require the type field and default to UnencryptedConfiguration. |
| 397 std::string type = kUnencryptedConfiguration; | 403 std::string type = kUnencryptedConfiguration; |
| 398 result->GetStringWithoutPathExpansion(kType, &type); | 404 result->GetStringWithoutPathExpansion(kType, &type); |
| 399 if (type == kUnencryptedConfiguration && | 405 if (type == kUnencryptedConfiguration && |
| 400 !result->HasKey(kNetworkConfigurations) && | 406 !result->HasKey(kNetworkConfigurations) && |
| 401 !result->HasKey(kCertificates)) { | 407 !result->HasKey(kCertificates)) { |
| 402 error_or_warning_found_ = true; | 408 error_or_warning_found_ = true; |
| 403 std::string message = MessageHeader(error_on_missing_field_) + | 409 std::string message = MessageHeader(error_on_missing_field_) + |
| 404 "Neither the field '" + kNetworkConfigurations + "' nor '" + | 410 "Neither the field '" + kNetworkConfigurations + |
| 405 kCertificates + "is present, but at least one is required."; | 411 "' nor '" + kCertificates + |
| 412 "is present, but at least one is required."; |
| 406 if (error_on_missing_field_) | 413 if (error_on_missing_field_) |
| 407 LOG(ERROR) << message; | 414 LOG(ERROR) << message; |
| 408 else | 415 else |
| 409 LOG(WARNING) << message; | 416 LOG(WARNING) << message; |
| 410 allRequiredExist = false; | 417 allRequiredExist = false; |
| 411 } | 418 } |
| 412 | 419 |
| 413 return !error_on_missing_field_ || allRequiredExist; | 420 return !error_on_missing_field_ || allRequiredExist; |
| 414 } | 421 } |
| 415 | 422 |
| 416 bool Validator::ValidateNetworkConfiguration( | 423 bool Validator::ValidateNetworkConfiguration( |
| 417 const base::DictionaryValue& onc_object, | 424 const base::DictionaryValue& onc_object, |
| 418 base::DictionaryValue* result) { | 425 base::DictionaryValue* result) { |
| 426 using namespace onc::network_config; |
| 427 |
| 419 if (!ValidateObjectDefault(kNetworkConfigurationSignature, | 428 if (!ValidateObjectDefault(kNetworkConfigurationSignature, |
| 420 onc_object, result)) { | 429 onc_object, result)) { |
| 421 return false; | 430 return false; |
| 422 } | 431 } |
| 423 | 432 |
| 424 static const char* kValidTypes[] = { kEthernet, kVPN, kWiFi, NULL }; | 433 static const char* kValidTypes[] = { network_type::kEthernet, |
| 425 if (FieldExistsAndHasNoValidValue(*result, kType, kValidTypes)) | 434 network_type::kVPN, |
| 435 network_type::kWiFi, |
| 436 NULL }; |
| 437 if (FieldExistsAndHasNoValidValue(*result, |
| 438 kType, |
| 439 kValidTypes)) |
| 426 return false; | 440 return false; |
| 427 | 441 |
| 428 bool allRequiredExist = RequireField(*result, kGUID); | 442 bool allRequiredExist = RequireField(*result, kGUID); |
| 429 | 443 |
| 430 bool remove = false; | 444 bool remove = false; |
| 431 result->GetBooleanWithoutPathExpansion(kRemove, &remove); | 445 result->GetBooleanWithoutPathExpansion(kRemove, &remove); |
| 432 if (!remove) { | 446 if (!remove) { |
| 433 allRequiredExist &= RequireField(*result, kName); | 447 allRequiredExist &= RequireField(*result, kName); |
| 434 allRequiredExist &= RequireField(*result, kType); | 448 allRequiredExist &= RequireField(*result, kType); |
| 435 | 449 |
| 436 std::string type; | 450 std::string type; |
| 437 result->GetStringWithoutPathExpansion(kType, &type); | 451 result->GetStringWithoutPathExpansion(kType, &type); |
| 438 | 452 |
| 439 // Prohibit anything but WiFi and Ethernet for device-level policy (which | 453 // Prohibit anything but WiFi and Ethernet for device-level policy (which |
| 440 // corresponds to shared networks). See also http://crosbug.com/28741. | 454 // corresponds to shared networks). See also http://crosbug.com/28741. |
| 441 if (onc_source_ == ONC_SOURCE_DEVICE_POLICY && | 455 if (onc_source_ == ONC_SOURCE_DEVICE_POLICY && |
| 442 type != kWiFi && | 456 type != network_type::kWiFi && |
| 443 type != kEthernet) { | 457 type != network_type::kEthernet) { |
| 444 error_or_warning_found_ = true; | 458 error_or_warning_found_ = true; |
| 445 LOG(ERROR) << ErrorHeader() << "Networks of type '" | 459 LOG(ERROR) << ErrorHeader() << "Networks of type '" |
| 446 << type << "' are prohibited in ONC device policies."; | 460 << type << "' are prohibited in ONC device policies."; |
| 447 return false; | 461 return false; |
| 448 } | 462 } |
| 449 allRequiredExist &= type.empty() || RequireField(*result, type); | 463 |
| 464 if (type == network_type::kWiFi) |
| 465 allRequiredExist &= RequireField(*result, network_config::kWiFi); |
| 466 else if (type == network_type::kEthernet) |
| 467 allRequiredExist &= RequireField(*result, network_config::kEthernet); |
| 468 else if (type == network_type::kCellular) |
| 469 allRequiredExist &= RequireField(*result, network_config::kCellular); |
| 470 else if (type == network_type::kVPN) |
| 471 allRequiredExist &= RequireField(*result, network_config::kVPN); |
| 472 else |
| 473 LOG(ERROR) << "Unknown network type " << type << " encountered"; |
| 450 } | 474 } |
| 451 | 475 |
| 452 return !error_on_missing_field_ || allRequiredExist; | 476 return !error_on_missing_field_ || allRequiredExist; |
| 453 } | 477 } |
| 454 | 478 |
| 455 bool Validator::ValidateEthernet( | 479 bool Validator::ValidateEthernet( |
| 456 const base::DictionaryValue& onc_object, | 480 const base::DictionaryValue& onc_object, |
| 457 base::DictionaryValue* result) { | 481 base::DictionaryValue* result) { |
| 458 using namespace onc::ethernet; | 482 using namespace onc::ethernet; |
| 459 if (!ValidateObjectDefault(kEthernetSignature, onc_object, result)) | 483 if (!ValidateObjectDefault(kEthernetSignature, onc_object, result)) |
| (...skipping 269 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 729 } | 753 } |
| 730 | 754 |
| 731 bool Validator::ValidateCertificate( | 755 bool Validator::ValidateCertificate( |
| 732 const base::DictionaryValue& onc_object, | 756 const base::DictionaryValue& onc_object, |
| 733 base::DictionaryValue* result) { | 757 base::DictionaryValue* result) { |
| 734 using namespace onc::certificate; | 758 using namespace onc::certificate; |
| 735 if (!ValidateObjectDefault(kCertificateSignature, onc_object, result)) | 759 if (!ValidateObjectDefault(kCertificateSignature, onc_object, result)) |
| 736 return false; | 760 return false; |
| 737 | 761 |
| 738 static const char* kValidTypes[] = { kClient, kServer, kAuthority, NULL }; | 762 static const char* kValidTypes[] = { kClient, kServer, kAuthority, NULL }; |
| 739 if (FieldExistsAndHasNoValidValue(*result, certificate::kType, kValidTypes)) | 763 if (FieldExistsAndHasNoValidValue(*result, kType, kValidTypes)) |
| 740 return false; | 764 return false; |
| 741 | 765 |
| 742 bool allRequiredExist = RequireField(*result, kGUID); | 766 bool allRequiredExist = RequireField(*result, kGUID); |
| 743 | 767 |
| 744 bool remove = false; | 768 bool remove = false; |
| 745 result->GetBooleanWithoutPathExpansion(kRemove, &remove); | 769 result->GetBooleanWithoutPathExpansion(kRemove, &remove); |
| 746 if (!remove) { | 770 if (!remove) { |
| 747 allRequiredExist &= RequireField(*result, certificate::kType); | 771 allRequiredExist &= RequireField(*result, kType); |
| 748 | 772 |
| 749 std::string type; | 773 std::string type; |
| 750 result->GetStringWithoutPathExpansion(certificate::kType, &type); | 774 result->GetStringWithoutPathExpansion(kType, &type); |
| 751 if (type == kClient) | 775 if (type == kClient) |
| 752 allRequiredExist &= RequireField(*result, kPKCS12); | 776 allRequiredExist &= RequireField(*result, kPKCS12); |
| 753 else if (type == kServer || type == kAuthority) | 777 else if (type == kServer || type == kAuthority) |
| 754 allRequiredExist &= RequireField(*result, kX509); | 778 allRequiredExist &= RequireField(*result, kX509); |
| 755 } | 779 } |
| 756 | 780 |
| 757 return !error_on_missing_field_ || allRequiredExist; | 781 return !error_on_missing_field_ || allRequiredExist; |
| 758 } | 782 } |
| 759 | 783 |
| 760 std::string Validator::WarningHeader() { | 784 std::string Validator::WarningHeader() { |
| 761 return MessageHeader(false); | 785 return MessageHeader(false); |
| 762 } | 786 } |
| 763 | 787 |
| 764 std::string Validator::ErrorHeader() { | 788 std::string Validator::ErrorHeader() { |
| 765 return MessageHeader(true); | 789 return MessageHeader(true); |
| 766 } | 790 } |
| 767 | 791 |
| 768 std::string Validator::MessageHeader(bool is_error) { | 792 std::string Validator::MessageHeader(bool is_error) { |
| 769 std::string path = path_.empty() ? "toplevel" : JoinString(path_, "."); | 793 std::string path = path_.empty() ? "toplevel" : JoinString(path_, "."); |
| 770 std::string message = "At " + path + ": "; | 794 std::string message = "At " + path + ": "; |
| 771 return message; | 795 return message; |
| 772 } | 796 } |
| 773 | 797 |
| 774 } // namespace onc | 798 } // namespace onc |
| 775 } // namespace chromeos | 799 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11962048:
This adds Cellular to the Shill to ONC translation. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src