chrome/browser/chromeos/cros/native_network_parser.cc - Issue 16946002: Resolve certificate references in ONC by PEM.

Unified Diff: chrome/browser/chromeos/cros/native_network_parser.cc

Issue 16946002: Resolve certificate references in ONC by PEM. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Fix trust update. Add a utils test. Remove X509 dependency from Shill parsing. Created 7 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« no previous file with comments | « chrome/browser/chromeos/cros/mock_network_library.h ('k') | chrome/browser/chromeos/cros/network_constants.h » ('j') | chrome/browser/chromeos/cros/network_library.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/browser/chromeos/cros/native_network_parser.cc

diff --git a/chrome/browser/chromeos/cros/native_network_parser.cc b/chrome/browser/chromeos/cros/native_network_parser.cc

index 4a7637e424687b77c6c7a996ed060084490e7511..c4c06d791e38ff1c60a89de9f4e329f1901bed86 100644

--- a/chrome/browser/chromeos/cros/native_network_parser.cc

+++ b/chrome/browser/chromeos/cros/native_network_parser.cc

@@ -6,12 +6,14 @@

#include <string>

+#include "base/logging.h"

#include "base/strings/string_util.h"

#include "base/strings/stringprintf.h"

#include "base/values.h"

#include "chrome/browser/chromeos/cros/native_network_constants.h"

#include "chrome/browser/chromeos/cros/network_library.h"

#include "chrome/browser/chromeos/login/user_manager.h"

+#include "chromeos/network/onc/onc_utils.h"

#include "third_party/cros_system_api/dbus/service_constants.h"

namespace chromeos {

@@ -48,8 +50,7 @@ EnumMapper<PropertyIndex>::Pair property_index_table[] = {

{ flimflam::kEapAnonymousIdentityProperty,

PROPERTY_INDEX_EAP_ANONYMOUS_IDENTITY },

{ flimflam::kEapCaCertIdProperty, PROPERTY_INDEX_EAP_CA_CERT_ID },

- { flimflam::kEapCaCertNssProperty, PROPERTY_INDEX_EAP_CA_CERT_NSS },

- { flimflam::kEapCaCertProperty, PROPERTY_INDEX_EAP_CA_CERT },

+ { shill::kEapCaCertPemProperty, PROPERTY_INDEX_EAP_CA_CERT_PEM },

{ flimflam::kEapCertIdProperty, PROPERTY_INDEX_EAP_CERT_ID },

{ flimflam::kEapClientCertNssProperty, PROPERTY_INDEX_EAP_CLIENT_CERT_NSS },

{ flimflam::kEapClientCertProperty, PROPERTY_INDEX_EAP_CLIENT_CERT },

@@ -82,8 +83,8 @@ EnumMapper<PropertyIndex>::Pair property_index_table[] = {

{ flimflam::kIsActiveProperty, PROPERTY_INDEX_IS_ACTIVE },

{ flimflam::kL2tpIpsecAuthenticationType,

PROPERTY_INDEX_IPSEC_AUTHENTICATIONTYPE },

- { flimflam::kL2tpIpsecCaCertNssProperty,

- PROPERTY_INDEX_L2TPIPSEC_CA_CERT_NSS },

+ { shill::kL2tpIpsecCaCertPemProperty,

+ PROPERTY_INDEX_L2TPIPSEC_CA_CERT_PEM },

{ flimflam::kL2tpIpsecClientCertIdProperty,

PROPERTY_INDEX_L2TPIPSEC_CLIENT_CERT_ID },

{ flimflam::kL2tpIpsecClientCertSlotProp,

@@ -153,7 +154,7 @@ EnumMapper<PropertyIndex>::Pair property_index_table[] = {

PROPERTY_INDEX_OPEN_VPN_AUTHNOCACHE },

{ flimflam::kOpenVPNAuthUserPassProperty,

PROPERTY_INDEX_OPEN_VPN_AUTHUSERPASS },

- { flimflam::kOpenVPNCaCertNSSProperty, PROPERTY_INDEX_OPEN_VPN_CACERT },

+ { shill::kOpenVPNCaCertPemProperty, PROPERTY_INDEX_OPEN_VPN_CA_CERT_PEM },

{ flimflam::kOpenVPNClientCertSlotProperty,

PROPERTY_INDEX_OPEN_VPN_CLIENT_CERT_SLOT },

{ flimflam::kOpenVPNCipherProperty, PROPERTY_INDEX_OPEN_VPN_CIPHER },

@@ -1237,12 +1238,16 @@ bool NativeWifiNetworkParser::ParseValue(PropertyIndex index,

wifi_network->set_eap_client_cert_pkcs11_id(eap_client_cert_pkcs11_id);

return true;

}

- case PROPERTY_INDEX_EAP_CA_CERT_NSS: {

- std::string eap_server_ca_cert_nss_nickname;

- if (!value.GetAsString(&eap_server_ca_cert_nss_nickname))

+ case PROPERTY_INDEX_EAP_CA_CERT_PEM: {

+ std::string ca_cert_pem;

+ if (!value.GetAsString(&ca_cert_pem))

break;

- wifi_network->set_eap_server_ca_cert_nss_nickname(

- eap_server_ca_cert_nss_nickname);

+ if (ca_cert_pem.empty()) {

+ wifi_network->set_eap_server_ca_cert_fingerprint(std::string());

+ } else {

+ wifi_network->set_eap_server_ca_cert_fingerprint(

+ onc::GetHexFingerprintOfPEMCert(ca_cert_pem));

+ }

return true;

}

case PROPERTY_INDEX_EAP_USE_SYSTEM_CAS: {

@@ -1259,13 +1264,6 @@ bool NativeWifiNetworkParser::ParseValue(PropertyIndex index,

wifi_network->set_eap_passphrase(eap_passphrase);

return true;

}

- case PROPERTY_INDEX_EAP_CA_CERT: {

stevenjb 2013/06/27 16:50:04 Will removing this break any existing functionalit

- std::string eap_cert_nickname;

- if (!value.GetAsString(&eap_cert_nickname))

- break;

- wifi_network->set_eap_server_ca_cert_nss_nickname(eap_cert_nickname);

- return true;

- }

case PROPERTY_INDEX_WIFI_AUTH_MODE:

case PROPERTY_INDEX_WIFI_PHY_MODE:

case PROPERTY_INDEX_EAP_CLIENT_CERT:

@@ -1379,12 +1377,17 @@ bool NativeVirtualNetworkParser::ParseProviderValue(PropertyIndex index,

network->set_provider_type(ParseProviderType(provider_type_string));

return true;

}

- case PROPERTY_INDEX_L2TPIPSEC_CA_CERT_NSS:

- case PROPERTY_INDEX_OPEN_VPN_CACERT: {

- std::string ca_cert_nss;

- if (!value.GetAsString(&ca_cert_nss))

+ case PROPERTY_INDEX_L2TPIPSEC_CA_CERT_PEM:

+ case PROPERTY_INDEX_OPEN_VPN_CA_CERT_PEM: {

+ std::string ca_cert_pem;

+ if (!value.GetAsString(&ca_cert_pem))

break;

- network->set_ca_cert_nss(ca_cert_nss);

+ if (ca_cert_pem.empty()) {

+ network->set_ca_cert_fingerprint(std::string());

+ } else {

+ network->set_ca_cert_fingerprint(

+ onc::GetHexFingerprintOfPEMCert(ca_cert_pem));

+ }

return true;

}

case PROPERTY_INDEX_L2TPIPSEC_PSK: {