Chromium Code Reviews Chromium Code Reviews
Issue 1853753003:
Certificate Transparency: New component for obtaining fresh STHs. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/session/user_session_manager.h" | 5 #include "chrome/browser/chromeos/login/session/user_session_manager.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <set> | 9 #include <set> |
| 10 #include <string> | 10 #include <string> |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 53 #include "chrome/browser/chromeos/login/ui/input_events_blocker.h" | 53 #include "chrome/browser/chromeos/login/ui/input_events_blocker.h" |
| 54 #include "chrome/browser/chromeos/login/ui/login_display_host.h" | 54 #include "chrome/browser/chromeos/login/ui/login_display_host.h" |
| 55 #include "chrome/browser/chromeos/login/user_flow.h" | 55 #include "chrome/browser/chromeos/login/user_flow.h" |
| 56 #include "chrome/browser/chromeos/login/users/chrome_user_manager.h" | 56 #include "chrome/browser/chromeos/login/users/chrome_user_manager.h" |
| 57 #include "chrome/browser/chromeos/login/users/supervised_user_manager.h" | 57 #include "chrome/browser/chromeos/login/users/supervised_user_manager.h" |
| 58 #include "chrome/browser/chromeos/login/wizard_controller.h" | 58 #include "chrome/browser/chromeos/login/wizard_controller.h" |
| 59 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" | 59 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" |
| 60 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 60 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
| 61 #include "chrome/browser/chromeos/settings/cros_settings.h" | 61 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 62 #include "chrome/browser/component_updater/ev_whitelist_component_installer.h" | 62 #include "chrome/browser/component_updater/ev_whitelist_component_installer.h" |
| 63 #include "chrome/browser/component_updater/sth_set_component_installer.h" | |
| 63 #include "chrome/browser/first_run/first_run.h" | 64 #include "chrome/browser/first_run/first_run.h" |
| 64 #include "chrome/browser/google/google_brand_chromeos.h" | 65 #include "chrome/browser/google/google_brand_chromeos.h" |
| 65 #include "chrome/browser/lifetime/application_lifetime.h" | 66 #include "chrome/browser/lifetime/application_lifetime.h" |
| 66 #include "chrome/browser/net/crl_set_fetcher.h" | 67 #include "chrome/browser/net/crl_set_fetcher.h" |
| 67 #include "chrome/browser/net/nss_context.h" | 68 #include "chrome/browser/net/nss_context.h" |
| 68 #include "chrome/browser/prefs/session_startup_pref.h" | 69 #include "chrome/browser/prefs/session_startup_pref.h" |
| 69 #include "chrome/browser/profiles/profile.h" | 70 #include "chrome/browser/profiles/profile.h" |
| 70 #include "chrome/browser/profiles/profile_manager.h" | 71 #include "chrome/browser/profiles/profile_manager.h" |
| 71 #include "chrome/browser/signin/account_tracker_service_factory.h" | 72 #include "chrome/browser/signin/account_tracker_service_factory.h" |
| 72 #include "chrome/browser/signin/easy_unlock_service.h" | 73 #include "chrome/browser/signin/easy_unlock_service.h" |
| (...skipping 1068 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1141 content::NotificationService::AllSources(), | 1142 content::NotificationService::AllSources(), |
| 1142 content::Details<Profile>(profile)); | 1143 content::Details<Profile>(profile)); |
| 1143 | 1144 |
| 1144 // Initialize various services only for primary user. | 1145 // Initialize various services only for primary user. |
| 1145 const user_manager::User* user = | 1146 const user_manager::User* user = |
| 1146 ProfileHelper::Get()->GetUserByProfile(profile); | 1147 ProfileHelper::Get()->GetUserByProfile(profile); |
| 1147 if (user_manager->GetPrimaryUser() == user) { | 1148 if (user_manager->GetPrimaryUser() == user) { |
| 1148 InitRlz(profile); | 1149 InitRlz(profile); |
| 1149 InitializeCerts(profile); | 1150 InitializeCerts(profile); |
| 1150 InitializeCRLSetFetcher(user); | 1151 InitializeCRLSetFetcher(user); |
| 1151 InitializeEVCertificatesWhitelistComponent(user); | 1152 InitializeCertificateTransparencyRelatedComponents(user); |
|
Sorin Jianu
2016/04/04 22:06:13
Is Related affix needed?
Why not say just Initiali
Eran Messeri
2016/04/05 15:34:06
Done.
| |
| 1152 | 1153 |
| 1153 if (arc::ArcBridgeService::GetEnabled( | 1154 if (arc::ArcBridgeService::GetEnabled( |
| 1154 base::CommandLine::ForCurrentProcess())) { | 1155 base::CommandLine::ForCurrentProcess())) { |
| 1155 DCHECK(arc::ArcServiceManager::Get()); | 1156 DCHECK(arc::ArcServiceManager::Get()); |
| 1156 arc::ArcServiceManager::Get()->OnPrimaryUserProfilePrepared( | 1157 arc::ArcServiceManager::Get()->OnPrimaryUserProfilePrepared( |
| 1157 multi_user_util::GetAccountIdFromProfile(profile)); | 1158 multi_user_util::GetAccountIdFromProfile(profile)); |
| 1158 arc::ArcAuthService::Get()->OnPrimaryUserProfilePrepared(profile); | 1159 arc::ArcAuthService::Get()->OnPrimaryUserProfilePrepared(profile); |
| 1159 } | 1160 } |
| 1160 } | 1161 } |
| 1161 | 1162 |
| (...skipping 246 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1408 base::FilePath path; | 1409 base::FilePath path; |
| 1409 path = ProfileHelper::GetProfilePathByUserIdHash(username_hash); | 1410 path = ProfileHelper::GetProfilePathByUserIdHash(username_hash); |
| 1410 component_updater::ComponentUpdateService* cus = | 1411 component_updater::ComponentUpdateService* cus = |
| 1411 g_browser_process->component_updater(); | 1412 g_browser_process->component_updater(); |
| 1412 CRLSetFetcher* crl_set = g_browser_process->crl_set_fetcher(); | 1413 CRLSetFetcher* crl_set = g_browser_process->crl_set_fetcher(); |
| 1413 if (crl_set && cus) | 1414 if (crl_set && cus) |
| 1414 crl_set->StartInitialLoad(cus, path); | 1415 crl_set->StartInitialLoad(cus, path); |
| 1415 } | 1416 } |
| 1416 } | 1417 } |
| 1417 | 1418 |
| 1418 void UserSessionManager::InitializeEVCertificatesWhitelistComponent( | 1419 void UserSessionManager::InitializeCertificateTransparencyRelatedComponents( |
| 1419 const user_manager::User* user) { | 1420 const user_manager::User* user) { |
| 1420 const std::string username_hash = user->username_hash(); | 1421 const std::string username_hash = user->username_hash(); |
| 1421 component_updater::ComponentUpdateService* cus = | 1422 component_updater::ComponentUpdateService* cus = |
| 1422 g_browser_process->component_updater(); | 1423 g_browser_process->component_updater(); |
| 1423 if (!username_hash.empty() && cus) { | 1424 if (!username_hash.empty() && cus) { |
| 1424 const base::FilePath path = | 1425 const base::FilePath path = |
| 1425 ProfileHelper::GetProfilePathByUserIdHash(username_hash); | 1426 ProfileHelper::GetProfilePathByUserIdHash(username_hash); |
| 1427 // EV whitelist | |
| 1426 RegisterEVWhitelistComponent(cus, path); | 1428 RegisterEVWhitelistComponent(cus, path); |
| 1429 | |
| 1430 // TODO(eranm): Pass the distributor to the IOThread so CT | |
| 1431 // TreeStateTracker instances can register for STH updates. | |
| 1432 scoped_ptr<net::ct::STHDistributor> distributor( | |
| 1433 new net::ct::STHDistributor()); | |
| 1434 // STH set fetcher. | |
| 1435 RegisterSTHSetComponent(cus, path, std::move(distributor)); | |
|
Sorin Jianu
2016/04/04 22:06:13
Related to the other comments, if would be nice is
Eran Messeri
2016/04/05 15:34:06
See comment in chrome_browser_main - that distribu
| |
| 1427 } | 1436 } |
| 1428 } | 1437 } |
| 1429 | 1438 |
| 1430 void UserSessionManager::OnRestoreActiveSessions( | 1439 void UserSessionManager::OnRestoreActiveSessions( |
| 1431 const SessionManagerClient::ActiveSessionsMap& sessions, | 1440 const SessionManagerClient::ActiveSessionsMap& sessions, |
| 1432 bool success) { | 1441 bool success) { |
| 1433 if (!success) { | 1442 if (!success) { |
| 1434 LOG(ERROR) << "Could not get list of active user sessions after crash."; | 1443 LOG(ERROR) << "Could not get list of active user sessions after crash."; |
| 1435 // If we could not get list of active user sessions it is safer to just | 1444 // If we could not get list of active user sessions it is safer to just |
| 1436 // sign out so that we don't get in the inconsistent state. | 1445 // sign out so that we don't get in the inconsistent state. |
| (...skipping 375 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1812 token_handle_util_.reset(); | 1821 token_handle_util_.reset(); |
| 1813 first_run::GoodiesDisplayer::Delete(); | 1822 first_run::GoodiesDisplayer::Delete(); |
| 1814 } | 1823 } |
| 1815 | 1824 |
| 1816 void UserSessionManager::CreateTokenUtilIfMissing() { | 1825 void UserSessionManager::CreateTokenUtilIfMissing() { |
| 1817 if (!token_handle_util_.get()) | 1826 if (!token_handle_util_.get()) |
| 1818 token_handle_util_.reset(new TokenHandleUtil()); | 1827 token_handle_util_.reset(new TokenHandleUtil()); |
| 1819 } | 1828 } |
| 1820 | 1829 |
| 1821 } // namespace chromeos | 1830 } // namespace chromeos |
| OLD | NEW |
