Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(47)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chromeos/network/onc/onc_certificate_importer.h

Issue 11970012: Add a check for server and CA certificates in device policies to the ONC validator. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Initial patch. Created 7 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chromeos/docs/onc_spec.html ('K') | « chromeos/docs/onc_spec.html ('k') | chromeos/network/onc/onc_certificate_importer.cc » ('j') | chromeos/network/onc/onc_certificate_importer.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_IMPORTER_H_ 5 #ifndef CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_IMPORTER_H_
6 #define CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_IMPORTER_H_ 6 #define CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_IMPORTER_H_
7 7
8 #include <string> 8 #include <string>
9 #include <vector> 9 #include <vector>
10 10
(...skipping 20 matching lines...) Expand all
31 // imports) into the certificate store. In particular, the GUID of certificates 31 // imports) into the certificate store. In particular, the GUID of certificates
32 // is stored together with the certificate as Nickname. 32 // is stored together with the certificate as Nickname.
33 class CHROMEOS_EXPORT CertificateImporter { 33 class CHROMEOS_EXPORT CertificateImporter {
34 public: 34 public:
35 enum ParseResult { 35 enum ParseResult {
36 IMPORT_OK, 36 IMPORT_OK,
37 IMPORT_INCOMPLETE, 37 IMPORT_INCOMPLETE,
38 IMPORT_FAILED, 38 IMPORT_FAILED,
39 }; 39 };
40 40
41 // Certificates pushed from a policy source with Web trust are only imported 41 // During import with ParseCertificate(), Web trust is only applied to Server
42 // with ParseCertificate() if the |allow_web_trust_from_policy| permission is 42 // and Authority certificates with the Trust attribute "Web" if the
43 // granted. 43 // |allow_web_trust| permission is granted, otherwise the attribute is
44 CertificateImporter(ONCSource onc_source, 44 // ignored.
45 bool allow_web_trust_from_policy); 45 explicit CertificateImporter(bool allow_web_trust);
46 46
47 // Parses and stores the certificates in |onc_certificates| into the 47 // Parses and stores the certificates in |onc_certificates| into the
48 // certificate store. If the "Remove" field of a certificate is enabled, then 48 // certificate store. If the "Remove" field of a certificate is enabled, then
49 // removes the certificate from the store instead of importing. Returns the 49 // removes the certificate from the store instead of importing. Returns the
50 // result of the parse operation. In case of IMPORT_INCOMPLETE, some of the 50 // result of the parse operation. In case of IMPORT_INCOMPLETE, some of the
51 // certificates may be stored/removed successfully while others had errors. 51 // certificates may be stored/removed successfully while others had errors.
52 // If no error occurred, returns IMPORT_OK. 52 // If no error occurred, returns IMPORT_OK.
53 ParseResult ParseAndStoreCertificates( 53 ParseResult ParseAndStoreCertificates(
54 const base::ListValue& onc_certificates); 54 const base::ListValue& onc_certificates);
55 55
(...skipping 13 matching lines...) Expand all
69 69
70 private: 70 private:
71 bool ParseServerOrCaCertificate(const std::string& cert_type, 71 bool ParseServerOrCaCertificate(const std::string& cert_type,
72 const std::string& guid, 72 const std::string& guid,
73 const base::DictionaryValue& certificate); 73 const base::DictionaryValue& certificate);
74 74
75 bool ParseClientCertificate(const std::string& guid, 75 bool ParseClientCertificate(const std::string& guid,
76 const base::DictionaryValue& certificate); 76 const base::DictionaryValue& certificate);
77 77
78 // Where the ONC blob comes from. 78 // Where the ONC blob comes from.
79 ONCSource onc_source_; 79 ONCSource onc_source_;
Joao da Silva 2013/01/16 15:03:57 This field isn't used anymore.
pneubeck (no reviews) 2013/01/16 15:18:04 Done.
80 80
81 // Whether certificates with Web trust should be stored when pushed from a 81 // Whether certificates with Trust attribute "Web" should be stored with web
82 // policy source. 82 // trust.
83 bool allow_web_trust_from_policy_; 83 bool allow_web_trust_;
84 84
85 DISALLOW_COPY_AND_ASSIGN(CertificateImporter); 85 DISALLOW_COPY_AND_ASSIGN(CertificateImporter);
86 }; 86 };
87 87
88 } // namespace onc 88 } // namespace onc
89 } // namespace chromeos 89 } // namespace chromeos
90 90
91 #endif // CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_IMPORTER_H_ 91 #endif // CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_IMPORTER_H_
OLDNEW
« chromeos/docs/onc_spec.html ('K') | « chromeos/docs/onc_spec.html ('k') | chromeos/network/onc/onc_certificate_importer.cc » ('j') | chromeos/network/onc/onc_certificate_importer.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698