| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/dbus/session_manager_client.h" | 5 #include "chromeos/dbus/session_manager_client.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 #include <sys/socket.h> | 9 #include <sys/socket.h> |
| 10 | 10 |
| 11 #include "base/bind.h" | 11 #include "base/bind.h" |
| 12 #include "base/callback.h" | 12 #include "base/callback.h" |
| 13 #include "base/files/file_path.h" | 13 #include "base/files/file_path.h" |
| 14 #include "base/files/file_util.h" | 14 #include "base/files/file_util.h" |
| 15 #include "base/location.h" | 15 #include "base/location.h" |
| 16 #include "base/macros.h" | 16 #include "base/macros.h" |
| 17 #include "base/path_service.h" | 17 #include "base/path_service.h" |
| 18 #include "base/strings/string_number_conversions.h" | 18 #include "base/strings/string_number_conversions.h" |
| 19 #include "base/strings/string_util.h" | 19 #include "base/strings/string_util.h" |
| 20 #include "base/task_runner_util.h" | 20 #include "base/task_runner_util.h" |
| 21 #include "base/threading/worker_pool.h" | 21 #include "base/threading/worker_pool.h" |
| 22 #include "chromeos/chromeos_paths.h" | 22 #include "chromeos/chromeos_paths.h" |
| 23 #include "chromeos/cryptohome/cryptohome_parameters.h" |
| 23 #include "chromeos/dbus/blocking_method_caller.h" | 24 #include "chromeos/dbus/blocking_method_caller.h" |
| 24 #include "chromeos/dbus/cryptohome_client.h" | 25 #include "chromeos/dbus/cryptohome_client.h" |
| 25 #include "crypto/sha2.h" | 26 #include "crypto/sha2.h" |
| 26 #include "dbus/bus.h" | 27 #include "dbus/bus.h" |
| 27 #include "dbus/message.h" | 28 #include "dbus/message.h" |
| 28 #include "dbus/object_path.h" | 29 #include "dbus/object_path.h" |
| 29 #include "dbus/object_proxy.h" | 30 #include "dbus/object_proxy.h" |
| 30 #include "policy/proto/device_management_backend.pb.h" | 31 #include "policy/proto/device_management_backend.pb.h" |
| 31 #include "third_party/cros_system_api/dbus/service_constants.h" | 32 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 32 | 33 |
| 33 namespace chromeos { | 34 namespace chromeos { |
| 34 | 35 |
| 35 namespace { | 36 namespace { |
| 36 | 37 |
| 37 // Returns a location for |file| that is specific to the given |username|. | 38 // Returns a location for |file| that is specific to the given |cryptohome_id|. |
| 38 // These paths will be relative to DIR_USER_POLICY_KEYS, and can be used only | 39 // These paths will be relative to DIR_USER_POLICY_KEYS, and can be used only |
| 39 // to store stub files. | 40 // to store stub files. |
| 40 base::FilePath GetUserFilePath(const std::string& username, const char* file) { | 41 base::FilePath GetUserFilePath(const cryptohome::Identification& cryptohome_id, |
| 42 const char* file) { |
| 41 base::FilePath keys_path; | 43 base::FilePath keys_path; |
| 42 if (!PathService::Get(chromeos::DIR_USER_POLICY_KEYS, &keys_path)) | 44 if (!PathService::Get(chromeos::DIR_USER_POLICY_KEYS, &keys_path)) |
| 43 return base::FilePath(); | 45 return base::FilePath(); |
| 44 const std::string sanitized = | 46 const std::string sanitized = |
| 45 CryptohomeClient::GetStubSanitizedUsername(username); | 47 CryptohomeClient::GetStubSanitizedUsername(cryptohome_id); |
| 46 return keys_path.AppendASCII(sanitized).AppendASCII(file); | 48 return keys_path.AppendASCII(sanitized).AppendASCII(file); |
| 47 } | 49 } |
| 48 | 50 |
| 49 // Helper to asynchronously retrieve a file's content. | 51 // Helper to asynchronously retrieve a file's content. |
| 50 std::string GetFileContent(const base::FilePath& path) { | 52 std::string GetFileContent(const base::FilePath& path) { |
| 51 std::string result; | 53 std::string result; |
| 52 if (!path.empty()) | 54 if (!path.empty()) |
| 53 base::ReadFileToString(path, &result); | 55 base::ReadFileToString(path, &result); |
| 54 return result; | 56 return result; |
| 55 } | 57 } |
| (...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 146 &CreateValidCredConduit, local_auth_fd.get(), remote_auth_fd.get()); | 148 &CreateValidCredConduit, local_auth_fd.get(), remote_auth_fd.get()); |
| 147 | 149 |
| 148 base::WorkerPool::PostTaskAndReply( | 150 base::WorkerPool::PostTaskAndReply( |
| 149 FROM_HERE, create_credentials_conduit_closure, | 151 FROM_HERE, create_credentials_conduit_closure, |
| 150 base::Bind(&SessionManagerClientImpl::CallRestartJobWithValidFd, | 152 base::Bind(&SessionManagerClientImpl::CallRestartJobWithValidFd, |
| 151 weak_ptr_factory_.GetWeakPtr(), base::Passed(&local_auth_fd), | 153 weak_ptr_factory_.GetWeakPtr(), base::Passed(&local_auth_fd), |
| 152 base::Passed(&remote_auth_fd), argv), | 154 base::Passed(&remote_auth_fd), argv), |
| 153 false); | 155 false); |
| 154 } | 156 } |
| 155 | 157 |
| 156 void StartSession(const std::string& user_email) override { | 158 void StartSession(const cryptohome::Identification& cryptohome_id) override { |
| 157 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 159 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| 158 login_manager::kSessionManagerStartSession); | 160 login_manager::kSessionManagerStartSession); |
| 159 dbus::MessageWriter writer(&method_call); | 161 dbus::MessageWriter writer(&method_call); |
| 160 writer.AppendString(user_email); | 162 writer.AppendString(cryptohome_id.id()); |
| 161 writer.AppendString(""); // Unique ID is deprecated | 163 writer.AppendString(""); // Unique ID is deprecated |
| 162 session_manager_proxy_->CallMethod( | 164 session_manager_proxy_->CallMethod( |
| 163 &method_call, | 165 &method_call, |
| 164 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 166 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 165 base::Bind(&SessionManagerClientImpl::OnStartSession, | 167 base::Bind(&SessionManagerClientImpl::OnStartSession, |
| 166 weak_ptr_factory_.GetWeakPtr())); | 168 weak_ptr_factory_.GetWeakPtr())); |
| 167 } | 169 } |
| 168 | 170 |
| 169 void StopSession() override { | 171 void StopSession() override { |
| 170 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 172 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 231 login_manager::kSessionManagerRetrievePolicy); | 233 login_manager::kSessionManagerRetrievePolicy); |
| 232 session_manager_proxy_->CallMethod( | 234 session_manager_proxy_->CallMethod( |
| 233 &method_call, | 235 &method_call, |
| 234 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 236 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 235 base::Bind(&SessionManagerClientImpl::OnRetrievePolicy, | 237 base::Bind(&SessionManagerClientImpl::OnRetrievePolicy, |
| 236 weak_ptr_factory_.GetWeakPtr(), | 238 weak_ptr_factory_.GetWeakPtr(), |
| 237 login_manager::kSessionManagerRetrievePolicy, | 239 login_manager::kSessionManagerRetrievePolicy, |
| 238 callback)); | 240 callback)); |
| 239 } | 241 } |
| 240 | 242 |
| 241 void RetrievePolicyForUser(const std::string& username, | 243 void RetrievePolicyForUser(const cryptohome::Identification& cryptohome_id, |
| 242 const RetrievePolicyCallback& callback) override { | 244 const RetrievePolicyCallback& callback) override { |
| 243 CallRetrievePolicyByUsername( | 245 CallRetrievePolicyByUsername( |
| 244 login_manager::kSessionManagerRetrievePolicyForUser, | 246 login_manager::kSessionManagerRetrievePolicyForUser, cryptohome_id.id(), |
| 245 username, | |
| 246 callback); | 247 callback); |
| 247 } | 248 } |
| 248 | 249 |
| 249 std::string BlockingRetrievePolicyForUser( | 250 std::string BlockingRetrievePolicyForUser( |
| 250 const std::string& username) override { | 251 const cryptohome::Identification& cryptohome_id) override { |
| 251 dbus::MethodCall method_call( | 252 dbus::MethodCall method_call( |
| 252 login_manager::kSessionManagerInterface, | 253 login_manager::kSessionManagerInterface, |
| 253 login_manager::kSessionManagerRetrievePolicyForUser); | 254 login_manager::kSessionManagerRetrievePolicyForUser); |
| 254 dbus::MessageWriter writer(&method_call); | 255 dbus::MessageWriter writer(&method_call); |
| 255 writer.AppendString(username); | 256 writer.AppendString(cryptohome_id.id()); |
| 256 scoped_ptr<dbus::Response> response = | 257 scoped_ptr<dbus::Response> response = |
| 257 blocking_method_caller_->CallMethodAndBlock(&method_call); | 258 blocking_method_caller_->CallMethodAndBlock(&method_call); |
| 258 std::string policy; | 259 std::string policy; |
| 259 ExtractString(login_manager::kSessionManagerRetrievePolicyForUser, | 260 ExtractString(login_manager::kSessionManagerRetrievePolicyForUser, |
| 260 response.get(), | 261 response.get(), |
| 261 &policy); | 262 &policy); |
| 262 return policy; | 263 return policy; |
| 263 } | 264 } |
| 264 | 265 |
| 265 void RetrieveDeviceLocalAccountPolicy( | 266 void RetrieveDeviceLocalAccountPolicy( |
| (...skipping 16 matching lines...) Expand all Loading... |
| 282 policy_blob.size()); | 283 policy_blob.size()); |
| 283 session_manager_proxy_->CallMethod( | 284 session_manager_proxy_->CallMethod( |
| 284 &method_call, | 285 &method_call, |
| 285 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 286 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 286 base::Bind(&SessionManagerClientImpl::OnStorePolicy, | 287 base::Bind(&SessionManagerClientImpl::OnStorePolicy, |
| 287 weak_ptr_factory_.GetWeakPtr(), | 288 weak_ptr_factory_.GetWeakPtr(), |
| 288 login_manager::kSessionManagerStorePolicy, | 289 login_manager::kSessionManagerStorePolicy, |
| 289 callback)); | 290 callback)); |
| 290 } | 291 } |
| 291 | 292 |
| 292 void StorePolicyForUser(const std::string& username, | 293 void StorePolicyForUser(const cryptohome::Identification& cryptohome_id, |
| 293 const std::string& policy_blob, | 294 const std::string& policy_blob, |
| 294 const StorePolicyCallback& callback) override { | 295 const StorePolicyCallback& callback) override { |
| 295 CallStorePolicyByUsername(login_manager::kSessionManagerStorePolicyForUser, | 296 CallStorePolicyByUsername(login_manager::kSessionManagerStorePolicyForUser, |
| 296 username, | 297 cryptohome_id.id(), policy_blob, callback); |
| 297 policy_blob, | |
| 298 callback); | |
| 299 } | 298 } |
| 300 | 299 |
| 301 void StoreDeviceLocalAccountPolicy( | 300 void StoreDeviceLocalAccountPolicy( |
| 302 const std::string& account_name, | 301 const std::string& account_name, |
| 303 const std::string& policy_blob, | 302 const std::string& policy_blob, |
| 304 const StorePolicyCallback& callback) override { | 303 const StorePolicyCallback& callback) override { |
| 305 CallStorePolicyByUsername( | 304 CallStorePolicyByUsername( |
| 306 login_manager::kSessionManagerStoreDeviceLocalAccountPolicy, | 305 login_manager::kSessionManagerStoreDeviceLocalAccountPolicy, |
| 307 account_name, | 306 account_name, |
| 308 policy_blob, | 307 policy_blob, |
| 309 callback); | 308 callback); |
| 310 } | 309 } |
| 311 | 310 |
| 312 void SetFlagsForUser(const std::string& username, | 311 void SetFlagsForUser(const cryptohome::Identification& cryptohome_id, |
| 313 const std::vector<std::string>& flags) override { | 312 const std::vector<std::string>& flags) override { |
| 314 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 313 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| 315 login_manager::kSessionManagerSetFlagsForUser); | 314 login_manager::kSessionManagerSetFlagsForUser); |
| 316 dbus::MessageWriter writer(&method_call); | 315 dbus::MessageWriter writer(&method_call); |
| 317 writer.AppendString(username); | 316 writer.AppendString(cryptohome_id.id()); |
| 318 writer.AppendArrayOfStrings(flags); | 317 writer.AppendArrayOfStrings(flags); |
| 319 session_manager_proxy_->CallMethod( | 318 session_manager_proxy_->CallMethod( |
| 320 &method_call, | 319 &method_call, |
| 321 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 320 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 322 dbus::ObjectProxy::EmptyResponseCallback()); | 321 dbus::ObjectProxy::EmptyResponseCallback()); |
| 323 } | 322 } |
| 324 | 323 |
| 325 void GetServerBackedStateKeys(const StateKeysCallback& callback) override { | 324 void GetServerBackedStateKeys(const StateKeysCallback& callback) override { |
| 326 dbus::MethodCall method_call( | 325 dbus::MethodCall method_call( |
| 327 login_manager::kSessionManagerInterface, | 326 login_manager::kSessionManagerInterface, |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 416 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 415 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| 417 method_name); | 416 method_name); |
| 418 session_manager_proxy_->CallMethod( | 417 session_manager_proxy_->CallMethod( |
| 419 &method_call, | 418 &method_call, |
| 420 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 419 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 421 dbus::ObjectProxy::EmptyResponseCallback()); | 420 dbus::ObjectProxy::EmptyResponseCallback()); |
| 422 } | 421 } |
| 423 | 422 |
| 424 // Helper for RetrieveDeviceLocalAccountPolicy and RetrievePolicyForUser. | 423 // Helper for RetrieveDeviceLocalAccountPolicy and RetrievePolicyForUser. |
| 425 void CallRetrievePolicyByUsername(const std::string& method_name, | 424 void CallRetrievePolicyByUsername(const std::string& method_name, |
| 426 const std::string& username, | 425 const std::string& account_id, |
| 427 const RetrievePolicyCallback& callback) { | 426 const RetrievePolicyCallback& callback) { |
| 428 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 427 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| 429 method_name); | 428 method_name); |
| 430 dbus::MessageWriter writer(&method_call); | 429 dbus::MessageWriter writer(&method_call); |
| 431 writer.AppendString(username); | 430 writer.AppendString(account_id); |
| 432 session_manager_proxy_->CallMethod( | 431 session_manager_proxy_->CallMethod( |
| 433 &method_call, | 432 &method_call, |
| 434 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 433 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 435 base::Bind( | 434 base::Bind( |
| 436 &SessionManagerClientImpl::OnRetrievePolicy, | 435 &SessionManagerClientImpl::OnRetrievePolicy, |
| 437 weak_ptr_factory_.GetWeakPtr(), | 436 weak_ptr_factory_.GetWeakPtr(), |
| 438 method_name, | 437 method_name, |
| 439 callback)); | 438 callback)); |
| 440 } | 439 } |
| 441 | 440 |
| 442 void CallStorePolicyByUsername(const std::string& method_name, | 441 void CallStorePolicyByUsername(const std::string& method_name, |
| 443 const std::string& username, | 442 const std::string& account_id, |
| 444 const std::string& policy_blob, | 443 const std::string& policy_blob, |
| 445 const StorePolicyCallback& callback) { | 444 const StorePolicyCallback& callback) { |
| 446 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 445 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| 447 method_name); | 446 method_name); |
| 448 dbus::MessageWriter writer(&method_call); | 447 dbus::MessageWriter writer(&method_call); |
| 449 writer.AppendString(username); | 448 writer.AppendString(account_id); |
| 450 // static_cast does not work due to signedness. | 449 // static_cast does not work due to signedness. |
| 451 writer.AppendArrayOfBytes( | 450 writer.AppendArrayOfBytes( |
| 452 reinterpret_cast<const uint8_t*>(policy_blob.data()), | 451 reinterpret_cast<const uint8_t*>(policy_blob.data()), |
| 453 policy_blob.size()); | 452 policy_blob.size()); |
| 454 session_manager_proxy_->CallMethod( | 453 session_manager_proxy_->CallMethod( |
| 455 &method_call, | 454 &method_call, |
| 456 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 455 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 457 base::Bind( | 456 base::Bind( |
| 458 &SessionManagerClientImpl::OnStorePolicy, | 457 &SessionManagerClientImpl::OnStorePolicy, |
| 459 weak_ptr_factory_.GetWeakPtr(), | 458 weak_ptr_factory_.GetWeakPtr(), |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 537 while (array_reader.HasMoreData()) { | 536 while (array_reader.HasMoreData()) { |
| 538 dbus::MessageReader dict_entry_reader(NULL); | 537 dbus::MessageReader dict_entry_reader(NULL); |
| 539 std::string key; | 538 std::string key; |
| 540 std::string value; | 539 std::string value; |
| 541 if (!array_reader.PopDictEntry(&dict_entry_reader) || | 540 if (!array_reader.PopDictEntry(&dict_entry_reader) || |
| 542 !dict_entry_reader.PopString(&key) || | 541 !dict_entry_reader.PopString(&key) || |
| 543 !dict_entry_reader.PopString(&value)) { | 542 !dict_entry_reader.PopString(&value)) { |
| 544 LOG(ERROR) << method_name << " response is incorrect: " | 543 LOG(ERROR) << method_name << " response is incorrect: " |
| 545 << response->ToString(); | 544 << response->ToString(); |
| 546 } else { | 545 } else { |
| 547 sessions[key] = value; | 546 sessions[cryptohome::Identification::FromString(key)] = value; |
| 548 } | 547 } |
| 549 } | 548 } |
| 550 success = true; | 549 success = true; |
| 551 } | 550 } |
| 552 callback.Run(sessions, success); | 551 callback.Run(sessions, success); |
| 553 } | 552 } |
| 554 | 553 |
| 555 void ExtractString(const std::string& method_name, | 554 void ExtractString(const std::string& method_name, |
| 556 dbus::Response* response, | 555 dbus::Response* response, |
| 557 std::string* extracted) { | 556 std::string* extracted) { |
| (...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 734 } | 733 } |
| 735 void RemoveObserver(Observer* observer) override { | 734 void RemoveObserver(Observer* observer) override { |
| 736 observers_.RemoveObserver(observer); | 735 observers_.RemoveObserver(observer); |
| 737 } | 736 } |
| 738 bool HasObserver(const Observer* observer) const override { | 737 bool HasObserver(const Observer* observer) const override { |
| 739 return observers_.HasObserver(observer); | 738 return observers_.HasObserver(observer); |
| 740 } | 739 } |
| 741 bool IsScreenLocked() const override { return screen_is_locked_; } | 740 bool IsScreenLocked() const override { return screen_is_locked_; } |
| 742 void EmitLoginPromptVisible() override {} | 741 void EmitLoginPromptVisible() override {} |
| 743 void RestartJob(const std::vector<std::string>& argv) override {} | 742 void RestartJob(const std::vector<std::string>& argv) override {} |
| 744 void StartSession(const std::string& user_email) override {} | 743 void StartSession(const cryptohome::Identification& cryptohome_id) override {} |
| 745 void StopSession() override {} | 744 void StopSession() override {} |
| 746 void NotifySupervisedUserCreationStarted() override {} | 745 void NotifySupervisedUserCreationStarted() override {} |
| 747 void NotifySupervisedUserCreationFinished() override {} | 746 void NotifySupervisedUserCreationFinished() override {} |
| 748 void StartDeviceWipe() override {} | 747 void StartDeviceWipe() override {} |
| 749 void RequestLockScreen() override { | 748 void RequestLockScreen() override { |
| 750 if (delegate_) | 749 if (delegate_) |
| 751 delegate_->LockScreenForStub(); | 750 delegate_->LockScreenForStub(); |
| 752 } | 751 } |
| 753 void NotifyLockScreenShown() override { | 752 void NotifyLockScreenShown() override { |
| 754 screen_is_locked_ = true; | 753 screen_is_locked_ = true; |
| (...skipping 12 matching lines...) Expand all Loading... |
| 767 return; | 766 return; |
| 768 } | 767 } |
| 769 base::FilePath device_policy_path = | 768 base::FilePath device_policy_path = |
| 770 owner_key_path.DirName().AppendASCII("stub_device_policy"); | 769 owner_key_path.DirName().AppendASCII("stub_device_policy"); |
| 771 base::PostTaskAndReplyWithResult( | 770 base::PostTaskAndReplyWithResult( |
| 772 base::WorkerPool::GetTaskRunner(false).get(), | 771 base::WorkerPool::GetTaskRunner(false).get(), |
| 773 FROM_HERE, | 772 FROM_HERE, |
| 774 base::Bind(&GetFileContent, device_policy_path), | 773 base::Bind(&GetFileContent, device_policy_path), |
| 775 callback); | 774 callback); |
| 776 } | 775 } |
| 777 void RetrievePolicyForUser(const std::string& username, | 776 void RetrievePolicyForUser(const cryptohome::Identification& cryptohome_id, |
| 778 const RetrievePolicyCallback& callback) override { | 777 const RetrievePolicyCallback& callback) override { |
| 779 base::PostTaskAndReplyWithResult( | 778 base::PostTaskAndReplyWithResult( |
| 780 base::WorkerPool::GetTaskRunner(false).get(), | 779 base::WorkerPool::GetTaskRunner(false).get(), FROM_HERE, |
| 781 FROM_HERE, | 780 base::Bind(&GetFileContent, |
| 782 base::Bind(&GetFileContent, GetUserFilePath(username, "stub_policy")), | 781 GetUserFilePath(cryptohome_id, "stub_policy")), |
| 783 callback); | 782 callback); |
| 784 } | 783 } |
| 785 std::string BlockingRetrievePolicyForUser( | 784 std::string BlockingRetrievePolicyForUser( |
| 786 const std::string& username) override { | 785 const cryptohome::Identification& cryptohome_id) override { |
| 787 return GetFileContent(GetUserFilePath(username, "stub_policy")); | 786 return GetFileContent(GetUserFilePath(cryptohome_id, "stub_policy")); |
| 788 } | 787 } |
| 789 void RetrieveDeviceLocalAccountPolicy( | 788 void RetrieveDeviceLocalAccountPolicy( |
| 790 const std::string& account_name, | 789 const std::string& account_id, |
| 791 const RetrievePolicyCallback& callback) override { | 790 const RetrievePolicyCallback& callback) override { |
| 792 RetrievePolicyForUser(account_name, callback); | 791 RetrievePolicyForUser(cryptohome::Identification::FromString(account_id), |
| 792 callback); |
| 793 } | 793 } |
| 794 void StoreDevicePolicy(const std::string& policy_blob, | 794 void StoreDevicePolicy(const std::string& policy_blob, |
| 795 const StorePolicyCallback& callback) override { | 795 const StorePolicyCallback& callback) override { |
| 796 enterprise_management::PolicyFetchResponse response; | 796 enterprise_management::PolicyFetchResponse response; |
| 797 base::FilePath owner_key_path; | 797 base::FilePath owner_key_path; |
| 798 if (!response.ParseFromString(policy_blob) || | 798 if (!response.ParseFromString(policy_blob) || |
| 799 !PathService::Get(chromeos::FILE_OWNER_KEY, &owner_key_path)) { | 799 !PathService::Get(chromeos::FILE_OWNER_KEY, &owner_key_path)) { |
| 800 callback.Run(false); | 800 callback.Run(false); |
| 801 return; | 801 return; |
| 802 } | 802 } |
| (...skipping 11 matching lines...) Expand all Loading... |
| 814 // Note also that the owner key will be written before the device policy, | 814 // Note also that the owner key will be written before the device policy, |
| 815 // if it was present in the blob. | 815 // if it was present in the blob. |
| 816 base::FilePath device_policy_path = | 816 base::FilePath device_policy_path = |
| 817 owner_key_path.DirName().AppendASCII("stub_device_policy"); | 817 owner_key_path.DirName().AppendASCII("stub_device_policy"); |
| 818 base::WorkerPool::PostTaskAndReply( | 818 base::WorkerPool::PostTaskAndReply( |
| 819 FROM_HERE, | 819 FROM_HERE, |
| 820 base::Bind(&StoreFile, device_policy_path, policy_blob), | 820 base::Bind(&StoreFile, device_policy_path, policy_blob), |
| 821 base::Bind(callback, true), | 821 base::Bind(callback, true), |
| 822 false); | 822 false); |
| 823 } | 823 } |
| 824 void StorePolicyForUser(const std::string& username, | 824 void StorePolicyForUser(const cryptohome::Identification& cryptohome_id, |
| 825 const std::string& policy_blob, | 825 const std::string& policy_blob, |
| 826 const StorePolicyCallback& callback) override { | 826 const StorePolicyCallback& callback) override { |
| 827 // The session manager writes the user policy key to a well-known | 827 // The session manager writes the user policy key to a well-known |
| 828 // location. Do the same with the stub impl, so that user policy works and | 828 // location. Do the same with the stub impl, so that user policy works and |
| 829 // can be tested on desktop builds. | 829 // can be tested on desktop builds. |
| 830 enterprise_management::PolicyFetchResponse response; | 830 enterprise_management::PolicyFetchResponse response; |
| 831 if (!response.ParseFromString(policy_blob)) { | 831 if (!response.ParseFromString(policy_blob)) { |
| 832 callback.Run(false); | 832 callback.Run(false); |
| 833 return; | 833 return; |
| 834 } | 834 } |
| 835 | 835 |
| 836 if (response.has_new_public_key()) { | 836 if (response.has_new_public_key()) { |
| 837 base::FilePath key_path = GetUserFilePath(username, "policy.pub"); | 837 base::FilePath key_path = GetUserFilePath(cryptohome_id, "policy.pub"); |
| 838 base::WorkerPool::PostTask( | 838 base::WorkerPool::PostTask( |
| 839 FROM_HERE, | 839 FROM_HERE, |
| 840 base::Bind(&StoreFile, key_path, response.new_public_key()), | 840 base::Bind(&StoreFile, key_path, response.new_public_key()), |
| 841 false); | 841 false); |
| 842 } | 842 } |
| 843 | 843 |
| 844 // This file isn't read directly by Chrome, but is used by this class to | 844 // This file isn't read directly by Chrome, but is used by this class to |
| 845 // reload the user policy across restarts. | 845 // reload the user policy across restarts. |
| 846 base::FilePath stub_policy_path = GetUserFilePath(username, "stub_policy"); | 846 base::FilePath stub_policy_path = |
| 847 GetUserFilePath(cryptohome_id, "stub_policy"); |
| 847 base::WorkerPool::PostTaskAndReply( | 848 base::WorkerPool::PostTaskAndReply( |
| 848 FROM_HERE, | 849 FROM_HERE, |
| 849 base::Bind(&StoreFile, stub_policy_path, policy_blob), | 850 base::Bind(&StoreFile, stub_policy_path, policy_blob), |
| 850 base::Bind(callback, true), | 851 base::Bind(callback, true), |
| 851 false); | 852 false); |
| 852 } | 853 } |
| 853 void StoreDeviceLocalAccountPolicy( | 854 void StoreDeviceLocalAccountPolicy( |
| 854 const std::string& account_name, | 855 const std::string& account_id, |
| 855 const std::string& policy_blob, | 856 const std::string& policy_blob, |
| 856 const StorePolicyCallback& callback) override { | 857 const StorePolicyCallback& callback) override { |
| 857 StorePolicyForUser(account_name, policy_blob, callback); | 858 StorePolicyForUser(cryptohome::Identification::FromString(account_id), |
| 859 policy_blob, callback); |
| 858 } | 860 } |
| 859 void SetFlagsForUser(const std::string& username, | 861 void SetFlagsForUser(const cryptohome::Identification& cryptohome_id, |
| 860 const std::vector<std::string>& flags) override {} | 862 const std::vector<std::string>& flags) override {} |
| 861 | 863 |
| 862 void GetServerBackedStateKeys(const StateKeysCallback& callback) override { | 864 void GetServerBackedStateKeys(const StateKeysCallback& callback) override { |
| 863 std::vector<std::string> state_keys; | 865 std::vector<std::string> state_keys; |
| 864 for (int i = 0; i < 5; ++i) | 866 for (int i = 0; i < 5; ++i) |
| 865 state_keys.push_back(crypto::SHA256HashString(base::IntToString(i))); | 867 state_keys.push_back(crypto::SHA256HashString(base::IntToString(i))); |
| 866 | 868 |
| 867 if (!callback.is_null()) | 869 if (!callback.is_null()) |
| 868 callback.Run(state_keys); | 870 callback.Run(state_keys); |
| 869 } | 871 } |
| (...skipping 28 matching lines...) Expand all Loading... |
| 898 | 900 |
| 899 SessionManagerClient* SessionManagerClient::Create( | 901 SessionManagerClient* SessionManagerClient::Create( |
| 900 DBusClientImplementationType type) { | 902 DBusClientImplementationType type) { |
| 901 if (type == REAL_DBUS_CLIENT_IMPLEMENTATION) | 903 if (type == REAL_DBUS_CLIENT_IMPLEMENTATION) |
| 902 return new SessionManagerClientImpl(); | 904 return new SessionManagerClientImpl(); |
| 903 DCHECK_EQ(STUB_DBUS_CLIENT_IMPLEMENTATION, type); | 905 DCHECK_EQ(STUB_DBUS_CLIENT_IMPLEMENTATION, type); |
| 904 return new SessionManagerClientStubImpl(); | 906 return new SessionManagerClientStubImpl(); |
| 905 } | 907 } |
| 906 | 908 |
| 907 } // namespace chromeos | 909 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1693383003:
ChromeOS cryptohome should be able to use gaia id as user identifier. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master