Chromium Code Reviews Chromium Code Reviews
Issue 16946002:
Resolve certificate references in ONC by PEM. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/cros/native_network_parser.h" | 5 #include "chrome/browser/chromeos/cros/native_network_parser.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/logging.h" | |
| 9 #include "base/strings/string_util.h" | 10 #include "base/strings/string_util.h" |
| 10 #include "base/strings/stringprintf.h" | 11 #include "base/strings/stringprintf.h" |
| 11 #include "base/values.h" | 12 #include "base/values.h" |
| 12 #include "chrome/browser/chromeos/cros/native_network_constants.h" | 13 #include "chrome/browser/chromeos/cros/native_network_constants.h" |
| 13 #include "chrome/browser/chromeos/cros/network_library.h" | 14 #include "chrome/browser/chromeos/cros/network_library.h" |
| 14 #include "chrome/browser/chromeos/login/user_manager.h" | 15 #include "chrome/browser/chromeos/login/user_manager.h" |
| 16 #include "chromeos/network/onc/onc_utils.h" | |
| 15 #include "third_party/cros_system_api/dbus/service_constants.h" | 17 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 16 | 18 |
| 17 namespace chromeos { | 19 namespace chromeos { |
| 18 | 20 |
| 19 // Local constants. | 21 // Local constants. |
| 20 namespace { | 22 namespace { |
| 21 | 23 |
| 22 const char kPostMethod[] = "post"; | 24 const char kPostMethod[] = "post"; |
| 23 | 25 |
| 24 EnumMapper<PropertyIndex>::Pair property_index_table[] = { | 26 EnumMapper<PropertyIndex>::Pair property_index_table[] = { |
| (...skipping 16 matching lines...) Expand all Loading... | |
| 41 { flimflam::kCheckPortalListProperty, PROPERTY_INDEX_CHECK_PORTAL_LIST }, | 43 { flimflam::kCheckPortalListProperty, PROPERTY_INDEX_CHECK_PORTAL_LIST }, |
| 42 { flimflam::kConnectableProperty, PROPERTY_INDEX_CONNECTABLE }, | 44 { flimflam::kConnectableProperty, PROPERTY_INDEX_CONNECTABLE }, |
| 43 { flimflam::kConnectedTechnologiesProperty, | 45 { flimflam::kConnectedTechnologiesProperty, |
| 44 PROPERTY_INDEX_CONNECTED_TECHNOLOGIES }, | 46 PROPERTY_INDEX_CONNECTED_TECHNOLOGIES }, |
| 45 { flimflam::kDefaultTechnologyProperty, PROPERTY_INDEX_DEFAULT_TECHNOLOGY }, | 47 { flimflam::kDefaultTechnologyProperty, PROPERTY_INDEX_DEFAULT_TECHNOLOGY }, |
| 46 { flimflam::kDeviceProperty, PROPERTY_INDEX_DEVICE }, | 48 { flimflam::kDeviceProperty, PROPERTY_INDEX_DEVICE }, |
| 47 { flimflam::kDevicesProperty, PROPERTY_INDEX_DEVICES }, | 49 { flimflam::kDevicesProperty, PROPERTY_INDEX_DEVICES }, |
| 48 { flimflam::kEapAnonymousIdentityProperty, | 50 { flimflam::kEapAnonymousIdentityProperty, |
| 49 PROPERTY_INDEX_EAP_ANONYMOUS_IDENTITY }, | 51 PROPERTY_INDEX_EAP_ANONYMOUS_IDENTITY }, |
| 50 { flimflam::kEapCaCertIdProperty, PROPERTY_INDEX_EAP_CA_CERT_ID }, | 52 { flimflam::kEapCaCertIdProperty, PROPERTY_INDEX_EAP_CA_CERT_ID }, |
| 51 { flimflam::kEapCaCertNssProperty, PROPERTY_INDEX_EAP_CA_CERT_NSS }, | 53 { shill::kEapCaCertPemProperty, PROPERTY_INDEX_EAP_CA_CERT_PEM }, |
| 52 { flimflam::kEapCaCertProperty, PROPERTY_INDEX_EAP_CA_CERT }, | |
| 53 { flimflam::kEapCertIdProperty, PROPERTY_INDEX_EAP_CERT_ID }, | 54 { flimflam::kEapCertIdProperty, PROPERTY_INDEX_EAP_CERT_ID }, |
| 54 { flimflam::kEapClientCertNssProperty, PROPERTY_INDEX_EAP_CLIENT_CERT_NSS }, | 55 { flimflam::kEapClientCertNssProperty, PROPERTY_INDEX_EAP_CLIENT_CERT_NSS }, |
| 55 { flimflam::kEapClientCertProperty, PROPERTY_INDEX_EAP_CLIENT_CERT }, | 56 { flimflam::kEapClientCertProperty, PROPERTY_INDEX_EAP_CLIENT_CERT }, |
| 56 { flimflam::kEapIdentityProperty, PROPERTY_INDEX_EAP_IDENTITY }, | 57 { flimflam::kEapIdentityProperty, PROPERTY_INDEX_EAP_IDENTITY }, |
| 57 { flimflam::kEapKeyIdProperty, PROPERTY_INDEX_EAP_KEY_ID }, | 58 { flimflam::kEapKeyIdProperty, PROPERTY_INDEX_EAP_KEY_ID }, |
| 58 { flimflam::kEapKeyMgmtProperty, PROPERTY_INDEX_EAP_KEY_MGMT }, | 59 { flimflam::kEapKeyMgmtProperty, PROPERTY_INDEX_EAP_KEY_MGMT }, |
| 59 { flimflam::kEapMethodProperty, PROPERTY_INDEX_EAP_METHOD }, | 60 { flimflam::kEapMethodProperty, PROPERTY_INDEX_EAP_METHOD }, |
| 60 { flimflam::kEapPasswordProperty, PROPERTY_INDEX_EAP_PASSWORD }, | 61 { flimflam::kEapPasswordProperty, PROPERTY_INDEX_EAP_PASSWORD }, |
| 61 { flimflam::kEapPhase2AuthProperty, PROPERTY_INDEX_EAP_PHASE_2_AUTH }, | 62 { flimflam::kEapPhase2AuthProperty, PROPERTY_INDEX_EAP_PHASE_2_AUTH }, |
| 62 { flimflam::kEapPinProperty, PROPERTY_INDEX_EAP_PIN }, | 63 { flimflam::kEapPinProperty, PROPERTY_INDEX_EAP_PIN }, |
| (...skipping 12 matching lines...) Expand all Loading... | |
| 75 { flimflam::kHardwareRevisionProperty, PROPERTY_INDEX_HARDWARE_REVISION }, | 76 { flimflam::kHardwareRevisionProperty, PROPERTY_INDEX_HARDWARE_REVISION }, |
| 76 { flimflam::kHomeProviderProperty, PROPERTY_INDEX_HOME_PROVIDER }, | 77 { flimflam::kHomeProviderProperty, PROPERTY_INDEX_HOME_PROVIDER }, |
| 77 { flimflam::kHostProperty, PROPERTY_INDEX_HOST }, | 78 { flimflam::kHostProperty, PROPERTY_INDEX_HOST }, |
| 78 { flimflam::kIccidProperty, PROPERTY_INDEX_ICCID }, | 79 { flimflam::kIccidProperty, PROPERTY_INDEX_ICCID }, |
| 79 { flimflam::kIdentityProperty, PROPERTY_INDEX_IDENTITY }, | 80 { flimflam::kIdentityProperty, PROPERTY_INDEX_IDENTITY }, |
| 80 { flimflam::kImeiProperty, PROPERTY_INDEX_IMEI }, | 81 { flimflam::kImeiProperty, PROPERTY_INDEX_IMEI }, |
| 81 { flimflam::kImsiProperty, PROPERTY_INDEX_IMSI }, | 82 { flimflam::kImsiProperty, PROPERTY_INDEX_IMSI }, |
| 82 { flimflam::kIsActiveProperty, PROPERTY_INDEX_IS_ACTIVE }, | 83 { flimflam::kIsActiveProperty, PROPERTY_INDEX_IS_ACTIVE }, |
| 83 { flimflam::kL2tpIpsecAuthenticationType, | 84 { flimflam::kL2tpIpsecAuthenticationType, |
| 84 PROPERTY_INDEX_IPSEC_AUTHENTICATIONTYPE }, | 85 PROPERTY_INDEX_IPSEC_AUTHENTICATIONTYPE }, |
| 85 { flimflam::kL2tpIpsecCaCertNssProperty, | 86 { shill::kL2tpIpsecCaCertPemProperty, |
| 86 PROPERTY_INDEX_L2TPIPSEC_CA_CERT_NSS }, | 87 PROPERTY_INDEX_L2TPIPSEC_CA_CERT_PEM }, |
| 87 { flimflam::kL2tpIpsecClientCertIdProperty, | 88 { flimflam::kL2tpIpsecClientCertIdProperty, |
| 88 PROPERTY_INDEX_L2TPIPSEC_CLIENT_CERT_ID }, | 89 PROPERTY_INDEX_L2TPIPSEC_CLIENT_CERT_ID }, |
| 89 { flimflam::kL2tpIpsecClientCertSlotProp, | 90 { flimflam::kL2tpIpsecClientCertSlotProp, |
| 90 PROPERTY_INDEX_L2TPIPSEC_CLIENT_CERT_SLOT }, | 91 PROPERTY_INDEX_L2TPIPSEC_CLIENT_CERT_SLOT }, |
| 91 { flimflam::kL2tpIpsecIkeVersion, PROPERTY_INDEX_IPSEC_IKEVERSION }, | 92 { flimflam::kL2tpIpsecIkeVersion, PROPERTY_INDEX_IPSEC_IKEVERSION }, |
| 92 { flimflam::kL2tpIpsecPinProperty, PROPERTY_INDEX_L2TPIPSEC_PIN }, | 93 { flimflam::kL2tpIpsecPinProperty, PROPERTY_INDEX_L2TPIPSEC_PIN }, |
| 93 { flimflam::kL2tpIpsecPskProperty, PROPERTY_INDEX_L2TPIPSEC_PSK }, | 94 { flimflam::kL2tpIpsecPskProperty, PROPERTY_INDEX_L2TPIPSEC_PSK }, |
| 94 { flimflam::kL2tpIpsecPskRequiredProperty, | 95 { flimflam::kL2tpIpsecPskRequiredProperty, |
| 95 PROPERTY_INDEX_L2TPIPSEC_PSK_REQUIRED }, | 96 PROPERTY_INDEX_L2TPIPSEC_PSK_REQUIRED }, |
| 96 { flimflam::kL2tpIpsecPasswordProperty, PROPERTY_INDEX_L2TPIPSEC_PASSWORD }, | 97 { flimflam::kL2tpIpsecPasswordProperty, PROPERTY_INDEX_L2TPIPSEC_PASSWORD }, |
| (...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 146 PROPERTY_INDEX_UNINITIALIZED_TECHNOLOGIES }, | 147 PROPERTY_INDEX_UNINITIALIZED_TECHNOLOGIES }, |
| 147 { flimflam::kUsageURLProperty, PROPERTY_INDEX_USAGE_URL }, | 148 { flimflam::kUsageURLProperty, PROPERTY_INDEX_USAGE_URL }, |
| 148 { flimflam::kOpenVPNClientCertIdProperty, | 149 { flimflam::kOpenVPNClientCertIdProperty, |
| 149 PROPERTY_INDEX_OPEN_VPN_CLIENT_CERT_ID }, | 150 PROPERTY_INDEX_OPEN_VPN_CLIENT_CERT_ID }, |
| 150 { flimflam::kOpenVPNAuthProperty, PROPERTY_INDEX_OPEN_VPN_AUTH }, | 151 { flimflam::kOpenVPNAuthProperty, PROPERTY_INDEX_OPEN_VPN_AUTH }, |
| 151 { flimflam::kOpenVPNAuthRetryProperty, PROPERTY_INDEX_OPEN_VPN_AUTHRETRY }, | 152 { flimflam::kOpenVPNAuthRetryProperty, PROPERTY_INDEX_OPEN_VPN_AUTHRETRY }, |
| 152 { flimflam::kOpenVPNAuthNoCacheProperty, | 153 { flimflam::kOpenVPNAuthNoCacheProperty, |
| 153 PROPERTY_INDEX_OPEN_VPN_AUTHNOCACHE }, | 154 PROPERTY_INDEX_OPEN_VPN_AUTHNOCACHE }, |
| 154 { flimflam::kOpenVPNAuthUserPassProperty, | 155 { flimflam::kOpenVPNAuthUserPassProperty, |
| 155 PROPERTY_INDEX_OPEN_VPN_AUTHUSERPASS }, | 156 PROPERTY_INDEX_OPEN_VPN_AUTHUSERPASS }, |
| 156 { flimflam::kOpenVPNCaCertNSSProperty, PROPERTY_INDEX_OPEN_VPN_CACERT }, | 157 { shill::kOpenVPNCaCertPemProperty, PROPERTY_INDEX_OPEN_VPN_CA_CERT_PEM }, |
| 157 { flimflam::kOpenVPNClientCertSlotProperty, | 158 { flimflam::kOpenVPNClientCertSlotProperty, |
| 158 PROPERTY_INDEX_OPEN_VPN_CLIENT_CERT_SLOT }, | 159 PROPERTY_INDEX_OPEN_VPN_CLIENT_CERT_SLOT }, |
| 159 { flimflam::kOpenVPNCipherProperty, PROPERTY_INDEX_OPEN_VPN_CIPHER }, | 160 { flimflam::kOpenVPNCipherProperty, PROPERTY_INDEX_OPEN_VPN_CIPHER }, |
| 160 { flimflam::kOpenVPNCompLZOProperty, PROPERTY_INDEX_OPEN_VPN_COMPLZO }, | 161 { flimflam::kOpenVPNCompLZOProperty, PROPERTY_INDEX_OPEN_VPN_COMPLZO }, |
| 161 { flimflam::kOpenVPNCompNoAdaptProperty, | 162 { flimflam::kOpenVPNCompNoAdaptProperty, |
| 162 PROPERTY_INDEX_OPEN_VPN_COMPNOADAPT }, | 163 PROPERTY_INDEX_OPEN_VPN_COMPNOADAPT }, |
| 163 { flimflam::kOpenVPNKeyDirectionProperty, | 164 { flimflam::kOpenVPNKeyDirectionProperty, |
| 164 PROPERTY_INDEX_OPEN_VPN_KEYDIRECTION }, | 165 PROPERTY_INDEX_OPEN_VPN_KEYDIRECTION }, |
| 165 { flimflam::kOpenVPNMgmtEnableProperty, | 166 { flimflam::kOpenVPNMgmtEnableProperty, |
| 166 PROPERTY_INDEX_OPEN_VPN_MGMT_ENABLE }, | 167 PROPERTY_INDEX_OPEN_VPN_MGMT_ENABLE }, |
| (...skipping 1063 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1230 wifi_network->set_eap_anonymous_identity(eap_anonymous_identity); | 1231 wifi_network->set_eap_anonymous_identity(eap_anonymous_identity); |
| 1231 return true; | 1232 return true; |
| 1232 } | 1233 } |
| 1233 case PROPERTY_INDEX_EAP_CERT_ID: { | 1234 case PROPERTY_INDEX_EAP_CERT_ID: { |
| 1234 std::string eap_client_cert_pkcs11_id; | 1235 std::string eap_client_cert_pkcs11_id; |
| 1235 if (!value.GetAsString(&eap_client_cert_pkcs11_id)) | 1236 if (!value.GetAsString(&eap_client_cert_pkcs11_id)) |
| 1236 break; | 1237 break; |
| 1237 wifi_network->set_eap_client_cert_pkcs11_id(eap_client_cert_pkcs11_id); | 1238 wifi_network->set_eap_client_cert_pkcs11_id(eap_client_cert_pkcs11_id); |
| 1238 return true; | 1239 return true; |
| 1239 } | 1240 } |
| 1240 case PROPERTY_INDEX_EAP_CA_CERT_NSS: { | 1241 case PROPERTY_INDEX_EAP_CA_CERT_PEM: { |
| 1241 std::string eap_server_ca_cert_nss_nickname; | 1242 std::string ca_cert_pem; |
| 1242 if (!value.GetAsString(&eap_server_ca_cert_nss_nickname)) | 1243 if (!value.GetAsString(&ca_cert_pem)) |
| 1243 break; | 1244 break; |
| 1244 wifi_network->set_eap_server_ca_cert_nss_nickname( | 1245 if (ca_cert_pem.empty()) { |
| 1245 eap_server_ca_cert_nss_nickname); | 1246 wifi_network->set_eap_server_ca_cert_fingerprint(std::string()); |
| 1247 } else { | |
| 1248 wifi_network->set_eap_server_ca_cert_fingerprint( | |
| 1249 onc::GetHexFingerprintOfPEMCert(ca_cert_pem)); | |
| 1250 } | |
| 1246 return true; | 1251 return true; |
| 1247 } | 1252 } |
| 1248 case PROPERTY_INDEX_EAP_USE_SYSTEM_CAS: { | 1253 case PROPERTY_INDEX_EAP_USE_SYSTEM_CAS: { |
| 1249 bool eap_use_system_cas; | 1254 bool eap_use_system_cas; |
| 1250 if (!value.GetAsBoolean(&eap_use_system_cas)) | 1255 if (!value.GetAsBoolean(&eap_use_system_cas)) |
| 1251 break; | 1256 break; |
| 1252 wifi_network->set_eap_use_system_cas(eap_use_system_cas); | 1257 wifi_network->set_eap_use_system_cas(eap_use_system_cas); |
| 1253 return true; | 1258 return true; |
| 1254 } | 1259 } |
| 1255 case PROPERTY_INDEX_EAP_PASSWORD: { | 1260 case PROPERTY_INDEX_EAP_PASSWORD: { |
| 1256 std::string eap_passphrase; | 1261 std::string eap_passphrase; |
| 1257 if (!value.GetAsString(&eap_passphrase)) | 1262 if (!value.GetAsString(&eap_passphrase)) |
| 1258 break; | 1263 break; |
| 1259 wifi_network->set_eap_passphrase(eap_passphrase); | 1264 wifi_network->set_eap_passphrase(eap_passphrase); |
| 1260 return true; | 1265 return true; |
| 1261 } | 1266 } |
| 1262 case PROPERTY_INDEX_EAP_CA_CERT: { | |
|
stevenjb
2013/06/27 16:50:04
Will removing this break any existing functionalit
| |
| 1263 std::string eap_cert_nickname; | |
| 1264 if (!value.GetAsString(&eap_cert_nickname)) | |
| 1265 break; | |
| 1266 wifi_network->set_eap_server_ca_cert_nss_nickname(eap_cert_nickname); | |
| 1267 return true; | |
| 1268 } | |
| 1269 case PROPERTY_INDEX_WIFI_AUTH_MODE: | 1267 case PROPERTY_INDEX_WIFI_AUTH_MODE: |
| 1270 case PROPERTY_INDEX_WIFI_PHY_MODE: | 1268 case PROPERTY_INDEX_WIFI_PHY_MODE: |
| 1271 case PROPERTY_INDEX_EAP_CLIENT_CERT: | 1269 case PROPERTY_INDEX_EAP_CLIENT_CERT: |
| 1272 case PROPERTY_INDEX_EAP_CLIENT_CERT_NSS: | 1270 case PROPERTY_INDEX_EAP_CLIENT_CERT_NSS: |
| 1273 case PROPERTY_INDEX_EAP_PRIVATE_KEY: | 1271 case PROPERTY_INDEX_EAP_PRIVATE_KEY: |
| 1274 case PROPERTY_INDEX_EAP_PRIVATE_KEY_PASSWORD: | 1272 case PROPERTY_INDEX_EAP_PRIVATE_KEY_PASSWORD: |
| 1275 case PROPERTY_INDEX_EAP_KEY_ID: | 1273 case PROPERTY_INDEX_EAP_KEY_ID: |
| 1276 case PROPERTY_INDEX_EAP_CA_CERT_ID: | 1274 case PROPERTY_INDEX_EAP_CA_CERT_ID: |
| 1277 case PROPERTY_INDEX_EAP_PIN: | 1275 case PROPERTY_INDEX_EAP_PIN: |
| 1278 case PROPERTY_INDEX_EAP_KEY_MGMT: | 1276 case PROPERTY_INDEX_EAP_KEY_MGMT: |
| (...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1372 network->set_name(name); | 1370 network->set_name(name); |
| 1373 return true; | 1371 return true; |
| 1374 } | 1372 } |
| 1375 case PROPERTY_INDEX_TYPE: { | 1373 case PROPERTY_INDEX_TYPE: { |
| 1376 std::string provider_type_string; | 1374 std::string provider_type_string; |
| 1377 if (!value.GetAsString(&provider_type_string)) | 1375 if (!value.GetAsString(&provider_type_string)) |
| 1378 break; | 1376 break; |
| 1379 network->set_provider_type(ParseProviderType(provider_type_string)); | 1377 network->set_provider_type(ParseProviderType(provider_type_string)); |
| 1380 return true; | 1378 return true; |
| 1381 } | 1379 } |
| 1382 case PROPERTY_INDEX_L2TPIPSEC_CA_CERT_NSS: | 1380 case PROPERTY_INDEX_L2TPIPSEC_CA_CERT_PEM: |
| 1383 case PROPERTY_INDEX_OPEN_VPN_CACERT: { | 1381 case PROPERTY_INDEX_OPEN_VPN_CA_CERT_PEM: { |
| 1384 std::string ca_cert_nss; | 1382 std::string ca_cert_pem; |
| 1385 if (!value.GetAsString(&ca_cert_nss)) | 1383 if (!value.GetAsString(&ca_cert_pem)) |
| 1386 break; | 1384 break; |
| 1387 network->set_ca_cert_nss(ca_cert_nss); | 1385 if (ca_cert_pem.empty()) { |
| 1386 network->set_ca_cert_fingerprint(std::string()); | |
| 1387 } else { | |
| 1388 network->set_ca_cert_fingerprint( | |
| 1389 onc::GetHexFingerprintOfPEMCert(ca_cert_pem)); | |
| 1390 } | |
| 1388 return true; | 1391 return true; |
| 1389 } | 1392 } |
| 1390 case PROPERTY_INDEX_L2TPIPSEC_PSK: { | 1393 case PROPERTY_INDEX_L2TPIPSEC_PSK: { |
| 1391 std::string psk_passphrase; | 1394 std::string psk_passphrase; |
| 1392 if (!value.GetAsString(&psk_passphrase)) | 1395 if (!value.GetAsString(&psk_passphrase)) |
| 1393 break; | 1396 break; |
| 1394 network->set_psk_passphrase(psk_passphrase); | 1397 network->set_psk_passphrase(psk_passphrase); |
| 1395 return true; | 1398 return true; |
| 1396 } | 1399 } |
| 1397 case PROPERTY_INDEX_L2TPIPSEC_PSK_REQUIRED: { | 1400 case PROPERTY_INDEX_L2TPIPSEC_PSK_REQUIRED: { |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1453 PROVIDER_TYPE_MAX)); | 1456 PROVIDER_TYPE_MAX)); |
| 1454 return &parser; | 1457 return &parser; |
| 1455 } | 1458 } |
| 1456 | 1459 |
| 1457 ProviderType NativeVirtualNetworkParser::ParseProviderType( | 1460 ProviderType NativeVirtualNetworkParser::ParseProviderType( |
| 1458 const std::string& type) { | 1461 const std::string& type) { |
| 1459 return provider_type_mapper()->Get(type); | 1462 return provider_type_mapper()->Get(type); |
| 1460 } | 1463 } |
| 1461 | 1464 |
| 1462 } // namespace chromeos | 1465 } // namespace chromeos |
| OLD | NEW |
