| Index: chromeos/network/network_connection_handler.cc
|
| diff --git a/chromeos/network/network_connection_handler.cc b/chromeos/network/network_connection_handler.cc
|
| index 5450338022eb83b13781cfb63ef671e28adeac44..8715a02d7c3ce20cc8e096e2cb1513aae3c849b9 100644
|
| --- a/chromeos/network/network_connection_handler.cc
|
| +++ b/chromeos/network/network_connection_handler.cc
|
| @@ -22,6 +22,7 @@
|
| #include "chromeos/network/network_state_handler.h"
|
| #include "chromeos/network/network_ui_data.h"
|
| #include "chromeos/network/shill_property_util.h"
|
| +#include "chromeos/tpm_token_loader.h"
|
| #include "dbus/object_path.h"
|
| #include "net/cert/x509_certificate.h"
|
| #include "third_party/cros_system_api/dbus/service_constants.h"
|
| @@ -191,9 +192,14 @@ void NetworkConnectionHandler::OnCertificatesLoaded(
|
| if (queued_connect_) {
|
| NET_LOG_EVENT("Connecting to Queued Network",
|
| queued_connect_->service_path);
|
| - ConnectToNetwork(queued_connect_->service_path,
|
| - queued_connect_->success_callback,
|
| - queued_connect_->error_callback,
|
| + // Make a copy of |queued_connect_| parameters, because |queued_connect_|
|
| + // will get reset at the beginning of |ConnectToNetwork|.
|
| + std::string service_path = queued_connect_->service_path;
|
| + base::Closure success_callback = queued_connect_->success_callback;
|
| + network_handler::ErrorCallback error_callback =
|
| + queued_connect_->error_callback;
|
| +
|
| + ConnectToNetwork(service_path, success_callback, error_callback,
|
| false /* check_error_state */);
|
| } else if (initial_load) {
|
| // Once certificates have loaded, connect to the "best" available network.
|
| @@ -424,9 +430,10 @@ void NetworkConnectionHandler::VerifyConfiguredAndConnect(
|
| return;
|
| }
|
|
|
| - pkcs11_id = CertificateIsConfigured(ui_data.get());
|
| + pkcs11_id = CertificateIsConfigured(ui_data.get(),
|
| + cert_loader_->cert_list());
|
| // Ensure the certificate is available and configured.
|
| - if (!cert_loader_->IsHardwareBacked() || pkcs11_id.empty()) {
|
| + if (!cert_loader_->is_hardware_backed() || pkcs11_id.empty()) {
|
| ErrorCallbackForPendingRequest(service_path, kErrorCertificateRequired);
|
| return;
|
| }
|
| @@ -440,13 +447,16 @@ void NetworkConnectionHandler::VerifyConfiguredAndConnect(
|
|
|
| // The network may not be 'Connectable' because the TPM properties are not
|
| // set up, so configure tpm slot/pin before connecting.
|
| - if (cert_loader_ && cert_loader_->IsHardwareBacked()) {
|
| + if (cert_loader_ && cert_loader_->is_hardware_backed()) {
|
| + std::string tpm_user_pin;
|
| + if (TPMTokenLoader::IsInitialized())
|
| + tpm_user_pin = TPMTokenLoader::Get()->tpm_user_pin();
|
| // Pass NULL if pkcs11_id is empty, so that it doesn't clear any
|
| // previously configured client cert.
|
| client_cert::SetShillProperties(
|
| client_cert_type,
|
| base::IntToString(cert_loader_->tpm_token_slot_id()),
|
| - cert_loader_->tpm_user_pin(),
|
| + tpm_user_pin,
|
| pkcs11_id.empty() ? NULL : &pkcs11_id,
|
| &config_properties);
|
| }
|
| @@ -621,12 +631,14 @@ void NetworkConnectionHandler::CheckAllPendingRequests() {
|
| }
|
|
|
| std::string NetworkConnectionHandler::CertificateIsConfigured(
|
| - NetworkUIData* ui_data) {
|
| + NetworkUIData* ui_data,
|
| + const net::CertificateList& cert_list) {
|
| if (ui_data->certificate_pattern().Empty())
|
| return std::string();
|
| // Find the matching certificate.
|
| scoped_refptr<net::X509Certificate> matching_cert =
|
| - client_cert::GetCertificateMatch(ui_data->certificate_pattern());
|
| + client_cert::GetCertificateMatch(ui_data->certificate_pattern(),
|
| + cert_list);
|
| if (!matching_cert.get())
|
| return std::string();
|
| return CertLoader::GetPkcs11IdForCert(*matching_cert.get());
|
|
|
Chromium Code Reviews
Issue 135193007:
Use user specific NSSDatabase in CertLoader. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src