Chromium Code Reviews Chromium Code Reviews
Issue 166903002:
Identify and repair ONC files with duplicate GUIDs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@Issue_23567011| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/network/onc/onc_validator.h" | 5 #include "chromeos/network/onc/onc_validator.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/json/json_writer.h" | 10 #include "base/json/json_writer.h" |
| (...skipping 369 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 380 error_or_warning_found_ = true; | 380 error_or_warning_found_ = true; |
| 381 std::string message = MessageHeader() + "The required field '" + field_name + | 381 std::string message = MessageHeader() + "The required field '" + field_name + |
| 382 "' is missing."; | 382 "' is missing."; |
| 383 if (error_on_missing_field_) | 383 if (error_on_missing_field_) |
| 384 LOG(ERROR) << message; | 384 LOG(ERROR) << message; |
| 385 else | 385 else |
| 386 LOG(WARNING) << message; | 386 LOG(WARNING) << message; |
| 387 return false; | 387 return false; |
| 388 } | 388 } |
| 389 | 389 |
| 390 bool Validator::CheckGuidIsUniqueAndAddToSet(const base::DictionaryValue& dict, | |
| 391 const std::string& key_guid, | |
| 392 std::set<std::string> *guids) { | |
| 393 std::string guid; | |
| 394 if (dict.GetStringWithoutPathExpansion(key_guid, &guid)) { | |
| 395 if (guids->count(guid) != 0) { | |
| 396 error_or_warning_found_ = true; | |
| 397 LOG(ERROR) << MessageHeader() << "Found a duplicate GUID."; | |
|
pneubeck (no reviews)
2014/02/17 16:07:40
nit:
since the GUID isn't a credential, we can as
| |
| 398 return false; | |
| 399 } | |
| 400 guids->insert(guid); | |
| 401 } | |
| 402 return true; | |
| 403 } | |
| 404 | |
| 390 bool Validator::IsCertPatternInDevicePolicy(const std::string& cert_type) { | 405 bool Validator::IsCertPatternInDevicePolicy(const std::string& cert_type) { |
| 391 if (cert_type == ::onc::certificate::kPattern && | 406 if (cert_type == ::onc::certificate::kPattern && |
| 392 onc_source_ == ::onc::ONC_SOURCE_DEVICE_POLICY) { | 407 onc_source_ == ::onc::ONC_SOURCE_DEVICE_POLICY) { |
| 393 error_or_warning_found_ = true; | 408 error_or_warning_found_ = true; |
| 394 LOG(ERROR) << MessageHeader() << "Client certificate patterns are " | 409 LOG(ERROR) << MessageHeader() << "Client certificate patterns are " |
| 395 << "prohibited in ONC device policies."; | 410 << "prohibited in ONC device policies."; |
| 396 return true; | 411 return true; |
| 397 } | 412 } |
| 398 return false; | 413 return false; |
| 399 } | 414 } |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 451 static const char* kValidTypes[] = { ::onc::network_type::kEthernet, | 466 static const char* kValidTypes[] = { ::onc::network_type::kEthernet, |
| 452 ::onc::network_type::kVPN, | 467 ::onc::network_type::kVPN, |
| 453 ::onc::network_type::kWiFi, | 468 ::onc::network_type::kWiFi, |
| 454 ::onc::network_type::kCellular, | 469 ::onc::network_type::kCellular, |
| 455 NULL }; | 470 NULL }; |
| 456 if (FieldExistsAndHasNoValidValue(*result, kType, kValidTypes) || | 471 if (FieldExistsAndHasNoValidValue(*result, kType, kValidTypes) || |
| 457 FieldExistsAndIsEmpty(*result, kGUID)) { | 472 FieldExistsAndIsEmpty(*result, kGUID)) { |
| 458 return false; | 473 return false; |
| 459 } | 474 } |
| 460 | 475 |
| 476 if (!CheckGuidIsUniqueAndAddToSet(*result, kGUID, &network_guids_)) | |
| 477 return false; | |
| 478 | |
| 461 bool all_required_exist = RequireField(*result, kGUID); | 479 bool all_required_exist = RequireField(*result, kGUID); |
| 462 | 480 |
| 463 bool remove = false; | 481 bool remove = false; |
| 464 result->GetBooleanWithoutPathExpansion(::onc::kRemove, &remove); | 482 result->GetBooleanWithoutPathExpansion(::onc::kRemove, &remove); |
| 465 if (!remove) { | 483 if (!remove) { |
| 466 all_required_exist &= | 484 all_required_exist &= |
| 467 RequireField(*result, kName) && RequireField(*result, kType); | 485 RequireField(*result, kName) && RequireField(*result, kType); |
| 468 | 486 |
| 469 std::string type; | 487 std::string type; |
| 470 result->GetStringWithoutPathExpansion(kType, &type); | 488 result->GetStringWithoutPathExpansion(kType, &type); |
| (...skipping 334 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 805 std::string type; | 823 std::string type; |
| 806 result->GetStringWithoutPathExpansion(kType, &type); | 824 result->GetStringWithoutPathExpansion(kType, &type); |
| 807 if (onc_source_ == ::onc::ONC_SOURCE_DEVICE_POLICY && | 825 if (onc_source_ == ::onc::ONC_SOURCE_DEVICE_POLICY && |
| 808 (type == kServer || type == kAuthority)) { | 826 (type == kServer || type == kAuthority)) { |
| 809 error_or_warning_found_ = true; | 827 error_or_warning_found_ = true; |
| 810 LOG(ERROR) << MessageHeader() << "Server and authority certificates are " | 828 LOG(ERROR) << MessageHeader() << "Server and authority certificates are " |
| 811 << "prohibited in ONC device policies."; | 829 << "prohibited in ONC device policies."; |
| 812 return false; | 830 return false; |
| 813 } | 831 } |
| 814 | 832 |
| 833 if (!CheckGuidIsUniqueAndAddToSet(*result, kGUID, &certificate_guids_)) | |
| 834 return false; | |
| 835 | |
| 815 bool all_required_exist = RequireField(*result, kGUID); | 836 bool all_required_exist = RequireField(*result, kGUID); |
| 816 | 837 |
| 817 bool remove = false; | 838 bool remove = false; |
| 818 result->GetBooleanWithoutPathExpansion(::onc::kRemove, &remove); | 839 result->GetBooleanWithoutPathExpansion(::onc::kRemove, &remove); |
| 819 if (!remove) { | 840 if (!remove) { |
| 820 all_required_exist &= RequireField(*result, kType); | 841 all_required_exist &= RequireField(*result, kType); |
| 821 | 842 |
| 822 if (type == kClient) | 843 if (type == kClient) |
| 823 all_required_exist &= RequireField(*result, kPKCS12); | 844 all_required_exist &= RequireField(*result, kPKCS12); |
| 824 else if (type == kServer || type == kAuthority) | 845 else if (type == kServer || type == kAuthority) |
| 825 all_required_exist &= RequireField(*result, kX509); | 846 all_required_exist &= RequireField(*result, kX509); |
| 826 } | 847 } |
| 827 | 848 |
| 828 return !error_on_missing_field_ || all_required_exist; | 849 return !error_on_missing_field_ || all_required_exist; |
| 829 } | 850 } |
| 830 | 851 |
| 831 std::string Validator::MessageHeader() { | 852 std::string Validator::MessageHeader() { |
| 832 std::string path = path_.empty() ? "toplevel" : JoinString(path_, "."); | 853 std::string path = path_.empty() ? "toplevel" : JoinString(path_, "."); |
| 833 std::string message = "At " + path + ": "; | 854 std::string message = "At " + path + ": "; |
| 834 return message; | 855 return message; |
| 835 } | 856 } |
| 836 | 857 |
| 837 } // namespace onc | 858 } // namespace onc |
| 838 } // namespace chromeos | 859 } // namespace chromeos |
| OLD | NEW |
