| Index: chrome/browser/profiles/profile_io_data.cc
|
| diff --git a/chrome/browser/profiles/profile_io_data.cc b/chrome/browser/profiles/profile_io_data.cc
|
| index ff66f912d7aed54c85d0a58c95ec2ff1d91e956b..f6ea978bc2715770b129604da9230aee934e1c05 100644
|
| --- a/chrome/browser/profiles/profile_io_data.cc
|
| +++ b/chrome/browser/profiles/profile_io_data.cc
|
| @@ -90,11 +90,19 @@
|
|
|
| #if defined(OS_CHROMEOS)
|
| #include "chrome/browser/chromeos/drive/drive_protocol_handler.h"
|
| +#include "chrome/browser/chromeos/login/user.h"
|
| +#include "chrome/browser/chromeos/login/user_manager.h"
|
| +#include "chrome/browser/chromeos/net/client_cert_store_chromeos.h"
|
| #include "chrome/browser/chromeos/policy/policy_cert_verifier.h"
|
| #include "chrome/browser/chromeos/settings/cros_settings.h"
|
| #include "chrome/browser/policy/profile_policy_connector.h"
|
| #include "chrome/browser/policy/profile_policy_connector_factory.h"
|
| +#include "chromeos/dbus/cryptohome_client.h"
|
| +#include "chromeos/dbus/dbus_thread_manager.h"
|
| #include "chromeos/settings/cros_settings_names.h"
|
| +#include "content/public/browser/nss_context.h"
|
| +#include "crypto/nss_util.h"
|
| +#include "crypto/nss_util_internal.h"
|
| #endif // defined(OS_CHROMEOS)
|
|
|
| using content::BrowserContext;
|
| @@ -240,7 +248,72 @@ scoped_ptr<policy::PolicyCertVerifier> CreatePolicyCertVerifier(
|
| connector->SetPolicyCertVerifier(cert_verifier.get());
|
| return cert_verifier.Pass();
|
| }
|
| -#endif
|
| +
|
| +void DidGetTPMInfoForUserOnUIThread(const std::string& username_hash,
|
| + chromeos::DBusMethodCallStatus call_status,
|
| + const std::string& label,
|
| + const std::string& user_pin,
|
| + int slot_id) {
|
| + DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
|
| + if (call_status == chromeos::DBUS_METHOD_CALL_FAILURE) {
|
| + NOTREACHED() << "dbus error getting TPM info for " << username_hash;
|
| + return;
|
| + }
|
| + VLOG(1) << __func__ << " "<< username_hash << " " << slot_id;
|
| + BrowserThread::PostTask(
|
| + BrowserThread::IO,
|
| + FROM_HERE,
|
| + base::Bind(
|
| + &crypto::InitializeTPMForChromeOSUser, username_hash, slot_id));
|
| +}
|
| +
|
| +void GetTPMInfoForUserOnUIThread(const std::string& username,
|
| + const std::string& username_hash) {
|
| + DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
|
| + VLOG(1) << __func__ << " " << username << " " << username_hash;
|
| + chromeos::DBusThreadManager::Get()
|
| + ->GetCryptohomeClient()
|
| + ->Pkcs11GetTpmTokenInfoForUser(
|
| + username,
|
| + base::Bind(&DidGetTPMInfoForUserOnUIThread, username_hash));
|
| +}
|
| +
|
| +void StartTPMSlotInitializionOnIOThread(const std::string& username,
|
| + const std::string& username_hash) {
|
| + DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
|
| + VLOG(1) << __func__ << " " << username << " " << username_hash;
|
| +
|
| + BrowserThread::PostTask(
|
| + BrowserThread::UI,
|
| + FROM_HERE,
|
| + base::Bind(&GetTPMInfoForUserOnUIThread, username, username_hash));
|
| +}
|
| +
|
| +void StartNSSInitOnIOThread(const std::string& username,
|
| + const std::string& username_hash,
|
| + const base::FilePath& path,
|
| + bool is_primary_user) {
|
| + DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
|
| + VLOG(1) << "username:" << username << " hash:" << username_hash
|
| + << " is_primary_user:" << is_primary_user;
|
| +
|
| + if (!crypto::InitializeNSSForChromeOSUser(
|
| + username, username_hash, is_primary_user, path))
|
| + return;
|
| +
|
| + if (crypto::IsTPMTokenEnabledForNSS()) {
|
| + if (crypto::IsTPMTokenReady()) {
|
| + StartTPMSlotInitializionOnIOThread(username, username_hash);
|
| + } else {
|
| + VLOG(1) << "waiting for tpm ready ...";
|
| + crypto::OnTPMReady(base::Bind(
|
| + &StartTPMSlotInitializionOnIOThread, username, username_hash));
|
| + }
|
| + } else {
|
| + crypto::InitializePrivateSoftwareSlotForChromeOSUser(username_hash);
|
| + }
|
| +}
|
| +#endif // defined(OS_CHROMEOS)
|
| } // namespace
|
|
|
| void ProfileIOData::InitializeOnUIThread(Profile* profile) {
|
| @@ -298,6 +371,23 @@ void ProfileIOData::InitializeOnUIThread(Profile* profile) {
|
| #endif
|
| #if defined(OS_CHROMEOS)
|
| params->cert_verifier = CreatePolicyCertVerifier(profile);
|
| + chromeos::UserManager* user_manager = chromeos::UserManager::Get();
|
| + if (user_manager) {
|
| + chromeos::User* user = user_manager->GetUserByProfile(profile);
|
| + if (user) {
|
| + params->username_hash = user->username_hash();
|
| + bool is_primary_user = (user_manager->GetPrimaryUser() == user);
|
| + BrowserThread::PostTask(BrowserThread::IO,
|
| + FROM_HERE,
|
| + base::Bind(&StartNSSInitOnIOThread,
|
| + user->email(),
|
| + user->username_hash(),
|
| + profile->GetPath(),
|
| + is_primary_user));
|
| + }
|
| + }
|
| + if (params->username_hash.empty())
|
| + LOG(WARNING) << "no username_hash";
|
| #endif
|
|
|
| params->profile = profile;
|
| @@ -714,7 +804,10 @@ net::URLRequestContext* ProfileIOData::ResourceContext::GetRequestContext() {
|
|
|
| scoped_ptr<net::ClientCertStore>
|
| ProfileIOData::ResourceContext::CreateClientCertStore() {
|
| -#if !defined(USE_OPENSSL)
|
| +#if defined(OS_CHROMEOS)
|
| + return scoped_ptr<net::ClientCertStore>(
|
| + new chromeos::ClientCertStoreChromeOS(this));
|
| +#elif !defined(USE_OPENSSL)
|
| return scoped_ptr<net::ClientCertStore>(new net::ClientCertStoreImpl());
|
| #else
|
| // OpenSSL does not use the ClientCertStore infrastructure. On Android client
|
| @@ -842,6 +935,9 @@ void ProfileIOData::Init(content::ProtocolHandlerMap* protocol_handlers) const {
|
| profile_params_->cert_verifier->InitializeOnIOThread();
|
| cert_verifier_ = profile_params_->cert_verifier.Pass();
|
| main_request_context_->set_cert_verifier(cert_verifier_.get());
|
| +
|
| + content::SetChromeOSUserForResourceContext(resource_context_.get(),
|
| + profile_params_->username_hash);
|
| #else
|
| main_request_context_->set_cert_verifier(
|
| io_thread_globals->cert_verifier.get());
|
|
|
Chromium Code Reviews
Issue 18121007:
*WIP* Store NSS slots per profile. Move keygen to chrome. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src