| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/cros/network_library_impl_base.h" | 5 #include "chrome/browser/chromeos/cros/network_library_impl_base.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/json/json_writer.h" | 8 #include "base/json/json_writer.h" |
| 9 #include "base/memory/scoped_vector.h" | 9 #include "base/memory/scoped_vector.h" |
| 10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
| (...skipping 790 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 801 connect_data_.security = security; | 801 connect_data_.security = security; |
| 802 connect_data_.service_name = ssid; | 802 connect_data_.service_name = ssid; |
| 803 connect_data_.passphrase = passphrase; | 803 connect_data_.passphrase = passphrase; |
| 804 connect_data_.save_credentials = save_credentials; | 804 connect_data_.save_credentials = save_credentials; |
| 805 connect_data_.profile_type = shared ? PROFILE_SHARED : PROFILE_USER; | 805 connect_data_.profile_type = shared ? PROFILE_SHARED : PROFILE_USER; |
| 806 if (security == SECURITY_8021X) { | 806 if (security == SECURITY_8021X) { |
| 807 DCHECK(eap_config); | 807 DCHECK(eap_config); |
| 808 connect_data_.service_name = ssid; | 808 connect_data_.service_name = ssid; |
| 809 connect_data_.eap_method = eap_config->method; | 809 connect_data_.eap_method = eap_config->method; |
| 810 connect_data_.eap_auth = eap_config->auth; | 810 connect_data_.eap_auth = eap_config->auth; |
| 811 connect_data_.server_ca_cert_nss_nickname = | 811 connect_data_.server_ca_cert_fingerprint = |
| 812 eap_config->server_ca_cert_nss_nickname; | 812 eap_config->server_ca_cert_fingerprint; |
| 813 connect_data_.eap_use_system_cas = eap_config->use_system_cas; | 813 connect_data_.eap_use_system_cas = eap_config->use_system_cas; |
| 814 connect_data_.client_cert_pkcs11_id = | 814 connect_data_.client_cert_pkcs11_id = |
| 815 eap_config->client_cert_pkcs11_id; | 815 eap_config->client_cert_pkcs11_id; |
| 816 connect_data_.eap_identity = eap_config->identity; | 816 connect_data_.eap_identity = eap_config->identity; |
| 817 connect_data_.eap_anonymous_identity = eap_config->anonymous_identity; | 817 connect_data_.eap_anonymous_identity = eap_config->anonymous_identity; |
| 818 } | 818 } |
| 819 | 819 |
| 820 CallRequestWifiNetworkAndConnect(ssid, security); | 820 CallRequestWifiNetworkAndConnect(ssid, security); |
| 821 } | 821 } |
| 822 | 822 |
| 823 // 1. Connect to a virtual network with a PSK. | 823 // 1. Connect to a virtual network with a PSK. |
| 824 void NetworkLibraryImplBase::ConnectToUnconfiguredVirtualNetwork( | 824 void NetworkLibraryImplBase::ConnectToUnconfiguredVirtualNetwork( |
| 825 const std::string& service_name, | 825 const std::string& service_name, |
| 826 const std::string& server_hostname, | 826 const std::string& server_hostname, |
| 827 ProviderType provider_type, | 827 ProviderType provider_type, |
| 828 const VPNConfigData& config) { | 828 const VPNConfigData& config) { |
| 829 // Store the connection data to be used by the callback. | 829 // Store the connection data to be used by the callback. |
| 830 connect_data_.service_name = service_name; | 830 connect_data_.service_name = service_name; |
| 831 connect_data_.server_hostname = server_hostname; | 831 connect_data_.server_hostname = server_hostname; |
| 832 connect_data_.psk_key = config.psk; | 832 connect_data_.psk_key = config.psk; |
| 833 connect_data_.server_ca_cert_nss_nickname = | 833 connect_data_.server_ca_cert_fingerprint = |
| 834 config.server_ca_cert_nss_nickname; | 834 config.server_ca_cert_fingerprint; |
| 835 connect_data_.client_cert_pkcs11_id = config.client_cert_pkcs11_id; | 835 connect_data_.client_cert_pkcs11_id = config.client_cert_pkcs11_id; |
| 836 connect_data_.username = config.username; | 836 connect_data_.username = config.username; |
| 837 connect_data_.passphrase = config.user_passphrase; | 837 connect_data_.passphrase = config.user_passphrase; |
| 838 connect_data_.otp = config.otp; | 838 connect_data_.otp = config.otp; |
| 839 connect_data_.group_name = config.group_name; | 839 connect_data_.group_name = config.group_name; |
| 840 connect_data_.save_credentials = config.save_credentials; | 840 connect_data_.save_credentials = config.save_credentials; |
| 841 CallRequestVirtualNetworkAndConnect( | 841 CallRequestVirtualNetworkAndConnect( |
| 842 service_name, server_hostname, provider_type); | 842 service_name, server_hostname, provider_type); |
| 843 } | 843 } |
| 844 | 844 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 862 if (wifi->name() != data.service_name) { | 862 if (wifi->name() != data.service_name) { |
| 863 LOG(WARNING) << "WiFi network name does not match ConnectData: " | 863 LOG(WARNING) << "WiFi network name does not match ConnectData: " |
| 864 << wifi->name() << " != " << data.service_name; | 864 << wifi->name() << " != " << data.service_name; |
| 865 return; | 865 return; |
| 866 } | 866 } |
| 867 wifi->set_added(true); | 867 wifi->set_added(true); |
| 868 if (data.security == SECURITY_8021X) { | 868 if (data.security == SECURITY_8021X) { |
| 869 // Enterprise 802.1X EAP network. | 869 // Enterprise 802.1X EAP network. |
| 870 wifi->SetEAPMethod(data.eap_method); | 870 wifi->SetEAPMethod(data.eap_method); |
| 871 wifi->SetEAPPhase2Auth(data.eap_auth); | 871 wifi->SetEAPPhase2Auth(data.eap_auth); |
| 872 wifi->SetEAPServerCaCertNssNickname(data.server_ca_cert_nss_nickname); | 872 wifi->SetEAPServerCaCertFingerprint(data.server_ca_cert_fingerprint); |
| 873 wifi->SetEAPUseSystemCAs(data.eap_use_system_cas); | 873 wifi->SetEAPUseSystemCAs(data.eap_use_system_cas); |
| 874 wifi->SetEAPClientCertPkcs11Id(data.client_cert_pkcs11_id); | 874 wifi->SetEAPClientCertPkcs11Id(data.client_cert_pkcs11_id); |
| 875 wifi->SetEAPIdentity(data.eap_identity); | 875 wifi->SetEAPIdentity(data.eap_identity); |
| 876 wifi->SetEAPAnonymousIdentity(data.eap_anonymous_identity); | 876 wifi->SetEAPAnonymousIdentity(data.eap_anonymous_identity); |
| 877 wifi->SetEAPPassphrase(data.passphrase); | 877 wifi->SetEAPPassphrase(data.passphrase); |
| 878 wifi->SetSaveCredentials(data.save_credentials); | 878 wifi->SetSaveCredentials(data.save_credentials); |
| 879 } else { | 879 } else { |
| 880 // Ordinary, non-802.1X network. | 880 // Ordinary, non-802.1X network. |
| 881 wifi->SetPassphrase(data.passphrase); | 881 wifi->SetPassphrase(data.passphrase); |
| 882 } | 882 } |
| (...skipping 25 matching lines...) Expand all Loading... |
| 908 // the code to make the flow more straightforward. See crosbug.com/24636 | 908 // the code to make the flow more straightforward. See crosbug.com/24636 |
| 909 if (vpn->provider_type() == PROVIDER_TYPE_L2TP_IPSEC_PSK && | 909 if (vpn->provider_type() == PROVIDER_TYPE_L2TP_IPSEC_PSK && |
| 910 !connect_data_.client_cert_pkcs11_id.empty()) { | 910 !connect_data_.client_cert_pkcs11_id.empty()) { |
| 911 vpn->set_provider_type(PROVIDER_TYPE_L2TP_IPSEC_USER_CERT); | 911 vpn->set_provider_type(PROVIDER_TYPE_L2TP_IPSEC_USER_CERT); |
| 912 } | 912 } |
| 913 | 913 |
| 914 vpn->set_added(true); | 914 vpn->set_added(true); |
| 915 if (!data.server_hostname.empty()) | 915 if (!data.server_hostname.empty()) |
| 916 vpn->set_server_hostname(data.server_hostname); | 916 vpn->set_server_hostname(data.server_hostname); |
| 917 | 917 |
| 918 vpn->SetCACertNSS(data.server_ca_cert_nss_nickname); | 918 vpn->SetCACertFingerprint(data.server_ca_cert_fingerprint); |
| 919 switch (vpn->provider_type()) { | 919 switch (vpn->provider_type()) { |
| 920 case PROVIDER_TYPE_L2TP_IPSEC_PSK: | 920 case PROVIDER_TYPE_L2TP_IPSEC_PSK: |
| 921 vpn->SetL2TPIPsecPSKCredentials( | 921 vpn->SetL2TPIPsecPSKCredentials( |
| 922 data.psk_key, data.username, data.passphrase, data.group_name); | 922 data.psk_key, data.username, data.passphrase, data.group_name); |
| 923 break; | 923 break; |
| 924 case PROVIDER_TYPE_L2TP_IPSEC_USER_CERT: { | 924 case PROVIDER_TYPE_L2TP_IPSEC_USER_CERT: { |
| 925 vpn->SetL2TPIPsecCertCredentials( | 925 vpn->SetL2TPIPsecCertCredentials( |
| 926 data.client_cert_pkcs11_id, | 926 data.client_cert_pkcs11_id, |
| 927 data.username, data.passphrase, data.group_name); | 927 data.username, data.passphrase, data.group_name); |
| 928 break; | 928 break; |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1018 else | 1018 else |
| 1019 return false; | 1019 return false; |
| 1020 return true; | 1020 return true; |
| 1021 } | 1021 } |
| 1022 }; | 1022 }; |
| 1023 | 1023 |
| 1024 } // namespace | 1024 } // namespace |
| 1025 | 1025 |
| 1026 void NetworkLibraryImplBase::LoadOncNetworks( | 1026 void NetworkLibraryImplBase::LoadOncNetworks( |
| 1027 const base::ListValue& network_configs, | 1027 const base::ListValue& network_configs, |
| 1028 onc::ONCSource source) { | 1028 onc::ONCSource source, |
| 1029 const base::Callback<std::string(const std::string&)>& fingerprint_to_pem) { |
| 1029 VLOG(2) << __func__ << ": called on " << network_configs; | 1030 VLOG(2) << __func__ << ": called on " << network_configs; |
| 1030 NetworkProfile* profile = NULL; | 1031 NetworkProfile* profile = NULL; |
| 1031 bool from_policy = (source == onc::ONC_SOURCE_USER_POLICY || | 1032 bool from_policy = (source == onc::ONC_SOURCE_USER_POLICY || |
| 1032 source == onc::ONC_SOURCE_DEVICE_POLICY); | 1033 source == onc::ONC_SOURCE_DEVICE_POLICY); |
| 1033 | 1034 |
| 1034 // Policies are applied to a specific Shill profile. User ONC import however | 1035 // Policies are applied to a specific Shill profile. User ONC import however |
| 1035 // is applied to whatever profile Shill chooses. This should be the profile | 1036 // is applied to whatever profile Shill chooses. This should be the profile |
| 1036 // that is already associated with a network and if no profile is associated | 1037 // that is already associated with a network and if no profile is associated |
| 1037 // yet, it should be the user profile. | 1038 // yet, it should be the user profile. |
| 1038 if (from_policy) { | 1039 if (from_policy) { |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1092 const base::DictionaryValue*& entry = network_onc_map_[guid]; | 1093 const base::DictionaryValue*& entry = network_onc_map_[guid]; |
| 1093 if (entry && entry->Equals(expanded_network)) | 1094 if (entry && entry->Equals(expanded_network)) |
| 1094 continue; | 1095 continue; |
| 1095 | 1096 |
| 1096 delete entry; | 1097 delete entry; |
| 1097 entry = expanded_network; | 1098 entry = expanded_network; |
| 1098 | 1099 |
| 1099 // Configure the network. | 1100 // Configure the network. |
| 1100 scoped_ptr<base::DictionaryValue> shill_dict = | 1101 scoped_ptr<base::DictionaryValue> shill_dict = |
| 1101 onc::TranslateONCObjectToShill(&onc::kNetworkConfigurationSignature, | 1102 onc::TranslateONCObjectToShill(&onc::kNetworkConfigurationSignature, |
| 1102 *expanded_network); | 1103 *expanded_network, |
| 1104 fingerprint_to_pem); |
| 1103 | 1105 |
| 1104 // Set the ProxyConfig. | 1106 // Set the ProxyConfig. |
| 1105 const base::DictionaryValue* proxy_settings; | 1107 const base::DictionaryValue* proxy_settings; |
| 1106 if (expanded_network->GetDictionaryWithoutPathExpansion( | 1108 if (expanded_network->GetDictionaryWithoutPathExpansion( |
| 1107 onc::network_config::kProxySettings, | 1109 onc::network_config::kProxySettings, |
| 1108 &proxy_settings)) { | 1110 &proxy_settings)) { |
| 1109 scoped_ptr<base::DictionaryValue> proxy_config = | 1111 scoped_ptr<base::DictionaryValue> proxy_config = |
| 1110 onc::ConvertOncProxySettingsToProxyConfig(*proxy_settings); | 1112 onc::ConvertOncProxySettingsToProxyConfig(*proxy_settings); |
| 1111 std::string proxy_json; | 1113 std::string proxy_json; |
| 1112 base::JSONWriter::Write(proxy_config.get(), &proxy_json); | 1114 base::JSONWriter::Write(proxy_config.get(), &proxy_json); |
| (...skipping 562 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1675 GetTpmInfo(); | 1677 GetTpmInfo(); |
| 1676 return tpm_slot_; | 1678 return tpm_slot_; |
| 1677 } | 1679 } |
| 1678 | 1680 |
| 1679 const std::string& NetworkLibraryImplBase::GetTpmPin() { | 1681 const std::string& NetworkLibraryImplBase::GetTpmPin() { |
| 1680 GetTpmInfo(); | 1682 GetTpmInfo(); |
| 1681 return tpm_pin_; | 1683 return tpm_pin_; |
| 1682 } | 1684 } |
| 1683 | 1685 |
| 1684 } // namespace chromeos | 1686 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 16946002:
Resolve certificate references in ONC by PEM. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src