OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/policy/core/common/cloud/user_cloud_policy_store.h" | 5 #include "components/policy/core/common/cloud/user_cloud_policy_store.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
79 policy::PolicyLoadResult result; | 79 policy::PolicyLoadResult result; |
80 // If the backing file does not exist, just return. We don't verify the key | 80 // If the backing file does not exist, just return. We don't verify the key |
81 // path here, because the key is optional (the validation code will fail if | 81 // path here, because the key is optional (the validation code will fail if |
82 // the key does not exist but the loaded policy is unsigned). | 82 // the key does not exist but the loaded policy is unsigned). |
83 if (!base::PathExists(policy_path)) { | 83 if (!base::PathExists(policy_path)) { |
84 result.status = policy::LOAD_RESULT_NO_POLICY_FILE; | 84 result.status = policy::LOAD_RESULT_NO_POLICY_FILE; |
85 return result; | 85 return result; |
86 } | 86 } |
87 std::string data; | 87 std::string data; |
88 | 88 |
89 if (!base::ReadFileToString(policy_path, &data, kPolicySizeLimit) || | 89 if (!base::ReadFileToStringWithMaxSize(policy_path, &data, |
| 90 kPolicySizeLimit) || |
90 !result.policy.ParseFromString(data)) { | 91 !result.policy.ParseFromString(data)) { |
91 LOG(WARNING) << "Failed to read or parse policy data from " | 92 LOG(WARNING) << "Failed to read or parse policy data from " |
92 << policy_path.value(); | 93 << policy_path.value(); |
93 result.status = policy::LOAD_RESULT_LOAD_ERROR; | 94 result.status = policy::LOAD_RESULT_LOAD_ERROR; |
94 return result; | 95 return result; |
95 } | 96 } |
96 | 97 |
97 if (!base::ReadFileToString(key_path, &data, kKeySizeLimit) || | 98 if (!base::ReadFileToStringWithMaxSize(key_path, &data, kKeySizeLimit) || |
98 !result.key.ParseFromString(data)) { | 99 !result.key.ParseFromString(data)) { |
99 // Log an error on missing key data, but do not trigger a load failure | 100 // Log an error on missing key data, but do not trigger a load failure |
100 // for now since there are still old unsigned cached policy blobs in the | 101 // for now since there are still old unsigned cached policy blobs in the |
101 // wild with no associated key (see kMetricPolicyHasVerifiedCachedKey UMA | 102 // wild with no associated key (see kMetricPolicyHasVerifiedCachedKey UMA |
102 // stat below). | 103 // stat below). |
103 LOG(ERROR) << "Failed to read or parse key data from " << key_path.value(); | 104 LOG(ERROR) << "Failed to read or parse key data from " << key_path.value(); |
104 result.key.clear_signing_key(); | 105 result.key.clear_signing_key(); |
105 } | 106 } |
106 | 107 |
107 // Track the occurrence of valid cached keys - when this ratio gets high | 108 // Track the occurrence of valid cached keys - when this ratio gets high |
(...skipping 343 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
451 std::move(validator->payload())); | 452 std::move(validator->payload())); |
452 | 453 |
453 // If the key was rotated, update our local cache of the key. | 454 // If the key was rotated, update our local cache of the key. |
454 if (validator->policy()->has_new_public_key()) | 455 if (validator->policy()->has_new_public_key()) |
455 policy_key_ = validator->policy()->new_public_key(); | 456 policy_key_ = validator->policy()->new_public_key(); |
456 status_ = STATUS_OK; | 457 status_ = STATUS_OK; |
457 NotifyStoreLoaded(); | 458 NotifyStoreLoaded(); |
458 } | 459 } |
459 | 460 |
460 } // namespace policy | 461 } // namespace policy |
OLD | NEW |