Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(23)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.cc

Issue 184373002: Skip timestamp validation for cached Chrome OS user policy. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebase. Created 6 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/bind_helpers.h" 8 #include "base/bind_helpers.h"
9 #include "base/callback.h" 9 #include "base/callback.h"
10 #include "base/file_util.h" 10 #include "base/file_util.h"
(...skipping 238 matching lines...) Expand 10 before | Expand all | Expand 10 after
249 status_ = STATUS_LOAD_ERROR; 249 status_ = STATUS_LOAD_ERROR;
250 NotifyStoreError(); 250 NotifyStoreError();
251 return; 251 return;
252 } 252 }
253 253
254 policy_key_path_ = user_policy_key_dir_.Append( 254 policy_key_path_ = user_policy_key_dir_.Append(
255 base::StringPrintf(kPolicyKeyFile, sanitized_username.c_str())); 255 base::StringPrintf(kPolicyKeyFile, sanitized_username.c_str()));
256 LoadPolicyKey(policy_key_path_, &policy_key_); 256 LoadPolicyKey(policy_key_path_, &policy_key_);
257 policy_key_loaded_ = true; 257 policy_key_loaded_ = true;
258 258
259 scoped_ptr<UserCloudPolicyValidator> validator = 259 scoped_ptr<UserCloudPolicyValidator> validator = CreateValidator(
260 CreateValidator(policy.Pass(), 260 policy.Pass(), CloudPolicyValidatorBase::TIMESTAMP_NOT_BEFORE);
261 CloudPolicyValidatorBase::TIMESTAMP_REQUIRED);
262 validator->ValidateUsername(username_, true); 261 validator->ValidateUsername(username_, true);
263 const bool allow_rotation = false; 262 const bool allow_rotation = false;
264 validator->ValidateSignature( 263 validator->ValidateSignature(
265 policy_key_, 264 policy_key_,
266 GetPolicyVerificationKey(), 265 GetPolicyVerificationKey(),
267 ExtractDomain(sanitized_username), 266 ExtractDomain(sanitized_username),
268 allow_rotation); 267 allow_rotation);
269 validator->RunValidation(); 268 validator->RunValidation();
270 OnRetrievedPolicyValidated(validator.get()); 269 OnRetrievedPolicyValidated(validator.get());
271 } 270 }
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after
369 // Load |policy_key_| to verify the loaded policy. 368 // Load |policy_key_| to verify the loaded policy.
370 EnsurePolicyKeyLoaded( 369 EnsurePolicyKeyLoaded(
371 base::Bind(&UserCloudPolicyStoreChromeOS::ValidateRetrievedPolicy, 370 base::Bind(&UserCloudPolicyStoreChromeOS::ValidateRetrievedPolicy,
372 weak_factory_.GetWeakPtr(), 371 weak_factory_.GetWeakPtr(),
373 base::Passed(&policy))); 372 base::Passed(&policy)));
374 } 373 }
375 374
376 void UserCloudPolicyStoreChromeOS::ValidateRetrievedPolicy( 375 void UserCloudPolicyStoreChromeOS::ValidateRetrievedPolicy(
377 scoped_ptr<em::PolicyFetchResponse> policy) { 376 scoped_ptr<em::PolicyFetchResponse> policy) {
378 // Create and configure a validator for the loaded policy. 377 // Create and configure a validator for the loaded policy.
379 scoped_ptr<UserCloudPolicyValidator> validator = 378 scoped_ptr<UserCloudPolicyValidator> validator = CreateValidator(
380 CreateValidator(policy.Pass(), 379 policy.Pass(), CloudPolicyValidatorBase::TIMESTAMP_NOT_BEFORE);
381 CloudPolicyValidatorBase::TIMESTAMP_REQUIRED);
382 validator->ValidateUsername(username_, true); 380 validator->ValidateUsername(username_, true);
383 const bool allow_rotation = false; 381 const bool allow_rotation = false;
384 validator->ValidateSignature(policy_key_, 382 validator->ValidateSignature(policy_key_,
385 GetPolicyVerificationKey(), 383 GetPolicyVerificationKey(),
386 ExtractDomain(username_), 384 ExtractDomain(username_),
387 allow_rotation); 385 allow_rotation);
388 // Start validation. The Validator will delete itself once validation is 386 // Start validation. The Validator will delete itself once validation is
389 // complete. 387 // complete.
390 validator.release()->StartValidation( 388 validator.release()->StartValidation(
391 base::Bind(&UserCloudPolicyStoreChromeOS::OnRetrievedPolicyValidated, 389 base::Bind(&UserCloudPolicyStoreChromeOS::OnRetrievedPolicyValidated,
(...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after
562 !sanitized_username.empty()) { 560 !sanitized_username.empty()) {
563 policy_key_path_ = user_policy_key_dir_.Append( 561 policy_key_path_ = user_policy_key_dir_.Append(
564 base::StringPrintf(kPolicyKeyFile, sanitized_username.c_str())); 562 base::StringPrintf(kPolicyKeyFile, sanitized_username.c_str()));
565 } else { 563 } else {
566 SampleValidationFailure(VALIDATION_FAILURE_DBUS); 564 SampleValidationFailure(VALIDATION_FAILURE_DBUS);
567 } 565 }
568 ReloadPolicyKey(callback); 566 ReloadPolicyKey(callback);
569 } 567 }
570 568
571 } // namespace policy 569 } // namespace policy
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698