Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(4536)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/chromeos/cros/network_library.cc

Issue 16946002: Resolve certificate references in ONC by PEM. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fix trust update. Add a utils test. Remove X509 dependency from Shill parsing. Created 7 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/chromeos/cros/native_network_parser.cc ('K') | « chrome/browser/chromeos/cros/network_library.h ('k') | chrome/browser/chromeos/cros/network_library_impl_base.h » ('j') | chrome/browser/chromeos/cros/network_library_impl_base.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/chromeos/cros/network_library.cc
diff --git a/chrome/browser/chromeos/cros/network_library.cc b/chrome/browser/chromeos/cros/network_library.cc
index 5076cdc41023b3c855b3c86f9d51ff9e3db499fc..e8b70e92604fae404309587ae3aee38bc6ada750 100644
--- a/chrome/browser/chromeos/cros/network_library.cc
+++ b/chrome/browser/chromeos/cros/network_library.cc
@@ -16,10 +16,12 @@
#include "chrome/browser/chromeos/cros/network_library_impl_cros.h"
#include "chrome/browser/chromeos/cros/network_library_impl_stub.h"
#include "chrome/common/net/x509_certificate_model.h"
+#include "chromeos/network/cert_loader.h"
#include "chromeos/network/certificate_pattern.h"
#include "chromeos/network/certificate_pattern_matcher.h"
#include "chromeos/network/cros_network_functions.h"
#include "chromeos/network/network_state_handler.h"
+#include "chromeos/network/onc/onc_utils.h"
#include "content/public/browser/browser_thread.h"
#include "grit/ash_strings.h"
#include "grit/generated_resources.h"
@@ -591,7 +593,7 @@ VirtualNetwork::VirtualNetwork(const std::string& service_path)
VirtualNetwork::~VirtualNetwork() {}
void VirtualNetwork::EraseCredentials() {
- WipeString(&ca_cert_nss_);
+ WipeString(&ca_cert_fingerprint_);
WipeString(&psk_passphrase_);
WipeString(&client_cert_id_);
WipeString(&user_passphrase_);
@@ -619,8 +621,8 @@ void VirtualNetwork::CopyCredentialsFromRemembered(Network* remembered) {
VirtualNetwork* remembered_vpn = static_cast<VirtualNetwork*>(remembered);
VLOG(1) << "Copy VPN credentials: " << name()
<< " username: " << remembered_vpn->username();
- if (ca_cert_nss_.empty())
- ca_cert_nss_ = remembered_vpn->ca_cert_nss();
+ if (ca_cert_fingerprint_.empty())
+ ca_cert_fingerprint_ = remembered_vpn->ca_cert_fingerprint();
if (psk_passphrase_.empty())
psk_passphrase_ = remembered_vpn->psk_passphrase();
if (client_cert_id_.empty())
@@ -711,14 +713,25 @@ bool VirtualNetwork::IsUserPassphraseRequired() const {
return user_passphrase_required_ && user_passphrase_.empty();
}
-void VirtualNetwork::SetCACertNSS(const std::string& ca_cert_nss) {
- if (provider_type_ == PROVIDER_TYPE_OPEN_VPN) {
- SetStringProperty(
- flimflam::kOpenVPNCaCertNSSProperty, ca_cert_nss, &ca_cert_nss_);
- } else {
- SetStringProperty(
- flimflam::kL2tpIpsecCaCertNssProperty, ca_cert_nss, &ca_cert_nss_);
- }
+void VirtualNetwork::SetCACertFingerprint(
+ const std::string& ca_cert_fingerprint) {
+ VLOG(1) << "SetCACertFingerprint " << ca_cert_fingerprint;
+ std::string pem_encoded_cert = onc::GetPEMEncodedCertFromFingerprint(
+ NetworkHandler::Get()->cert_loader()->cert_list(), ca_cert_fingerprint);
+ if (pem_encoded_cert.empty())
stevenjb 2013/06/27 16:50:04 warning or error?
pneubeck (no reviews) 2013/06/28 17:40:06 Done.
+ return;
+
+ ca_cert_fingerprint_ = ca_cert_fingerprint;
+
+ base::ListValue pem_list;
+ pem_list.AppendString(pem_encoded_cert);
+
+ const char* shill_property;
+ if (provider_type_ == PROVIDER_TYPE_OPEN_VPN)
+ shill_property = shill::kOpenVPNCaCertPemProperty;
+ else
+ shill_property = shill::kL2tpIpsecCaCertPemProperty;
+ SetValueProperty(shill_property, pem_list);
}
void VirtualNetwork::SetL2TPIPsecPSKCredentials(
@@ -1109,6 +1122,7 @@ void WifiNetwork::SetPassphrase(const std::string& passphrase) {
void WifiNetwork::EraseCredentials() {
WipeString(&passphrase_);
WipeString(&user_passphrase_);
+ WipeString(&eap_server_ca_cert_fingerprint_);
WipeString(&eap_client_cert_pkcs11_id_);
WipeString(&eap_identity_);
WipeString(&eap_anonymous_identity_);
@@ -1182,11 +1196,16 @@ void WifiNetwork::SetEAPPhase2Auth(EAPPhase2Auth auth) {
}
}
-void WifiNetwork::SetEAPServerCaCertNssNickname(
- const std::string& nss_nickname) {
- VLOG(1) << "SetEAPServerCaCertNssNickname " << nss_nickname;
- SetOrClearStringProperty(flimflam::kEapCaCertNssProperty,
- nss_nickname, &eap_server_ca_cert_nss_nickname_);
+void WifiNetwork::SetEAPServerCaCertFingerprint(
+ const std::string& ca_cert_fingerprint) {
+ VLOG(1) << "SetEAPServerCaCertFingerprint " << ca_cert_fingerprint;
+ std::string pem_encoded_cert = onc::GetPEMEncodedCertFromFingerprint(
+ NetworkHandler::Get()->cert_loader()->cert_list(), ca_cert_fingerprint);
+ if (pem_encoded_cert.empty())
stevenjb 2013/06/27 16:50:04 warning or error?
pneubeck (no reviews) 2013/06/28 17:40:06 Done.
+ return;
+
+ eap_server_ca_cert_fingerprint_ = ca_cert_fingerprint;
+ SetStringProperty(shill::kEapCaCertPemProperty, pem_encoded_cert, NULL);
}
void WifiNetwork::SetEAPClientCertPkcs11Id(const std::string& pkcs11_id) {
« chrome/browser/chromeos/cros/native_network_parser.cc ('K') | « chrome/browser/chromeos/cros/network_library.h ('k') | chrome/browser/chromeos/cros/network_library_impl_base.h » ('j') | chrome/browser/chromeos/cros/network_library_impl_base.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698