| Index: chrome/browser/chromeos/cros/network_library.cc
|
| diff --git a/chrome/browser/chromeos/cros/network_library.cc b/chrome/browser/chromeos/cros/network_library.cc
|
| index 5076cdc41023b3c855b3c86f9d51ff9e3db499fc..e8b70e92604fae404309587ae3aee38bc6ada750 100644
|
| --- a/chrome/browser/chromeos/cros/network_library.cc
|
| +++ b/chrome/browser/chromeos/cros/network_library.cc
|
| @@ -16,10 +16,12 @@
|
| #include "chrome/browser/chromeos/cros/network_library_impl_cros.h"
|
| #include "chrome/browser/chromeos/cros/network_library_impl_stub.h"
|
| #include "chrome/common/net/x509_certificate_model.h"
|
| +#include "chromeos/network/cert_loader.h"
|
| #include "chromeos/network/certificate_pattern.h"
|
| #include "chromeos/network/certificate_pattern_matcher.h"
|
| #include "chromeos/network/cros_network_functions.h"
|
| #include "chromeos/network/network_state_handler.h"
|
| +#include "chromeos/network/onc/onc_utils.h"
|
| #include "content/public/browser/browser_thread.h"
|
| #include "grit/ash_strings.h"
|
| #include "grit/generated_resources.h"
|
| @@ -591,7 +593,7 @@ VirtualNetwork::VirtualNetwork(const std::string& service_path)
|
| VirtualNetwork::~VirtualNetwork() {}
|
|
|
| void VirtualNetwork::EraseCredentials() {
|
| - WipeString(&ca_cert_nss_);
|
| + WipeString(&ca_cert_fingerprint_);
|
| WipeString(&psk_passphrase_);
|
| WipeString(&client_cert_id_);
|
| WipeString(&user_passphrase_);
|
| @@ -619,8 +621,8 @@ void VirtualNetwork::CopyCredentialsFromRemembered(Network* remembered) {
|
| VirtualNetwork* remembered_vpn = static_cast<VirtualNetwork*>(remembered);
|
| VLOG(1) << "Copy VPN credentials: " << name()
|
| << " username: " << remembered_vpn->username();
|
| - if (ca_cert_nss_.empty())
|
| - ca_cert_nss_ = remembered_vpn->ca_cert_nss();
|
| + if (ca_cert_fingerprint_.empty())
|
| + ca_cert_fingerprint_ = remembered_vpn->ca_cert_fingerprint();
|
| if (psk_passphrase_.empty())
|
| psk_passphrase_ = remembered_vpn->psk_passphrase();
|
| if (client_cert_id_.empty())
|
| @@ -711,14 +713,25 @@ bool VirtualNetwork::IsUserPassphraseRequired() const {
|
| return user_passphrase_required_ && user_passphrase_.empty();
|
| }
|
|
|
| -void VirtualNetwork::SetCACertNSS(const std::string& ca_cert_nss) {
|
| - if (provider_type_ == PROVIDER_TYPE_OPEN_VPN) {
|
| - SetStringProperty(
|
| - flimflam::kOpenVPNCaCertNSSProperty, ca_cert_nss, &ca_cert_nss_);
|
| - } else {
|
| - SetStringProperty(
|
| - flimflam::kL2tpIpsecCaCertNssProperty, ca_cert_nss, &ca_cert_nss_);
|
| - }
|
| +void VirtualNetwork::SetCACertFingerprint(
|
| + const std::string& ca_cert_fingerprint) {
|
| + VLOG(1) << "SetCACertFingerprint " << ca_cert_fingerprint;
|
| + std::string pem_encoded_cert = onc::GetPEMEncodedCertFromFingerprint(
|
| + NetworkHandler::Get()->cert_loader()->cert_list(), ca_cert_fingerprint);
|
| + if (pem_encoded_cert.empty())
|
| + return;
|
| +
|
| + ca_cert_fingerprint_ = ca_cert_fingerprint;
|
| +
|
| + base::ListValue pem_list;
|
| + pem_list.AppendString(pem_encoded_cert);
|
| +
|
| + const char* shill_property;
|
| + if (provider_type_ == PROVIDER_TYPE_OPEN_VPN)
|
| + shill_property = shill::kOpenVPNCaCertPemProperty;
|
| + else
|
| + shill_property = shill::kL2tpIpsecCaCertPemProperty;
|
| + SetValueProperty(shill_property, pem_list);
|
| }
|
|
|
| void VirtualNetwork::SetL2TPIPsecPSKCredentials(
|
| @@ -1109,6 +1122,7 @@ void WifiNetwork::SetPassphrase(const std::string& passphrase) {
|
| void WifiNetwork::EraseCredentials() {
|
| WipeString(&passphrase_);
|
| WipeString(&user_passphrase_);
|
| + WipeString(&eap_server_ca_cert_fingerprint_);
|
| WipeString(&eap_client_cert_pkcs11_id_);
|
| WipeString(&eap_identity_);
|
| WipeString(&eap_anonymous_identity_);
|
| @@ -1182,11 +1196,16 @@ void WifiNetwork::SetEAPPhase2Auth(EAPPhase2Auth auth) {
|
| }
|
| }
|
|
|
| -void WifiNetwork::SetEAPServerCaCertNssNickname(
|
| - const std::string& nss_nickname) {
|
| - VLOG(1) << "SetEAPServerCaCertNssNickname " << nss_nickname;
|
| - SetOrClearStringProperty(flimflam::kEapCaCertNssProperty,
|
| - nss_nickname, &eap_server_ca_cert_nss_nickname_);
|
| +void WifiNetwork::SetEAPServerCaCertFingerprint(
|
| + const std::string& ca_cert_fingerprint) {
|
| + VLOG(1) << "SetEAPServerCaCertFingerprint " << ca_cert_fingerprint;
|
| + std::string pem_encoded_cert = onc::GetPEMEncodedCertFromFingerprint(
|
| + NetworkHandler::Get()->cert_loader()->cert_list(), ca_cert_fingerprint);
|
| + if (pem_encoded_cert.empty())
|
| + return;
|
| +
|
| + eap_server_ca_cert_fingerprint_ = ca_cert_fingerprint;
|
| + SetStringProperty(shill::kEapCaCertPemProperty, pem_encoded_cert, NULL);
|
| }
|
|
|
| void WifiNetwork::SetEAPClientCertPkcs11Id(const std::string& pkcs11_id) {
|
|
|
Chromium Code Reviews
Issue 16946002:
Resolve certificate references in ONC by PEM. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src