Don't upload extension IDs in the cloud policy protocol.

chrome/browser/policy/test/policy_testserver.py

 # Copyright (c) 2012 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
 """A bare-bones test server for testing cloud policy support.
 
 This implements a simple cloud policy test server that can be used to test
 chrome's device management service client. The policy information is read from
 the file named device_management in the server's data directory. It contains
 enforced and recommended policies for the device and user scope, and a list
@@ skipping 39 matching lines @@
   "robot_api_auth_code": "fake_auth_code",
   "invalidation_source": 1025,
   "invalidation_name": "UENUPOL"
 }
 
 """
 
 import base64
 import BaseHTTPServer
 import cgi
+import glob
 import google.protobuf.text_format
 import hashlib
 import logging
 import os
 import random
 import re
 import sys
 import time
 import tlslite
 import tlslite.api
@@ skipping 200 matching lines @@
                   self.headers.getheader('Authorization', ''))
     logging.debug('oauth token -> ' + str(self.GetUniqueParam('oauth_token')))
     logging.debug('deviceid -> ' + str(self.GetUniqueParam('deviceid')))
     self.DumpMessage('Request', rmsg)
 
     request_type = self.GetUniqueParam('request')
     # Check server side requirements, as defined in
     # device_management_backend.proto.
     if (self.GetUniqueParam('devicetype') != '2' or
         self.GetUniqueParam('apptype') != 'Chrome' or
-        (request_type != 'ping' and
-         len(self.GetUniqueParam('deviceid')) >= 64) or
+        len(self.GetUniqueParam('deviceid')) >= 64 or
         len(self.GetUniqueParam('agent')) >= 64):
       return (400, 'Invalid request parameter')
     if request_type == 'register':
       response = self.ProcessRegister(rmsg.register_request)
     elif request_type == 'api_authorization':
       response = self.ProcessApiAuthorization(rmsg.service_api_access_request)
     elif request_type == 'unregister':
       response = self.ProcessUnregister(rmsg.unregister_request)
-    elif request_type == 'policy' or request_type == 'ping':
+    elif request_type == 'policy':
       response = self.ProcessPolicy(rmsg, request_type)
     elif request_type == 'enterprise_check':
       response = self.ProcessAutoEnrollment(rmsg.auto_enrollment_request)
     elif request_type == 'device_state_retrieval':
       response = self.ProcessDeviceStateRetrievalRequest(
           rmsg.device_state_retrieval_request)
     else:
       return (400, 'Invalid request parameter')
 
     self.DumpMessage('Response', response[1])
     return (response[0], response[1].SerializeToString())
 
   def CreatePolicyForExternalPolicyData(self, policy_key):
     """Returns an ExternalPolicyData protobuf for policy_key.
 
     If there is policy data for policy_key then the download url will be
     set so that it points to that data, and the appropriate hash is also set.
     Otherwise, the protobuf will be empty.
 
     Args:
-      policy_key: the policy type and settings entity id, joined by '/'.
+      policy_key: The policy type and settings entity id, joined by '/'.
 
     Returns:
       A serialized ExternalPolicyData.
     """
     settings = ep.ExternalPolicyData()
     data = self.server.ReadPolicyDataFromDataDir(policy_key)
     if data:
       settings.download_url = urlparse.urljoin(
           self.server.GetBaseURL(), 'externalpolicydata?key=%s' % policy_key)
       settings.secure_hash = hashlib.sha256(data).digest()
@@ skipping 116 matching lines @@
     if not token_info:
       return error
 
     key_update_request = msg.device_state_key_update_request
     if len(key_update_request.server_backed_state_key) > 0:
       self.server.UpdateStateKeys(token_info['device_token'],
                                   key_update_request.server_backed_state_key)
 
     response = dm.DeviceManagementResponse()
     for request in msg.policy_request.request:
-      fetch_response = response.policy_response.response.add()
       if (request.policy_type in
              ('google/android/user',
-              'google/chrome/extension',
               'google/chromeos/device',
               'google/chromeos/publicaccount',
               'google/chromeos/user',
               'google/chrome/user',
               'google/ios/user')):
-        if request_type != 'policy':
-          fetch_response.error_code = 400
-          fetch_response.error_message = 'Invalid request type'
-        else:
-          self.ProcessCloudPolicy(request, token_info, fetch_response)
+        fetch_response = response.policy_response.response.add()
+        self.ProcessCloudPolicy(request, token_info, fetch_response)
+      elif request.policy_type == 'google/chrome/extension':
+        self.ProcessCloudPolicyForExtensions(
+            request, response.policy_response, token_info)
       else:
         fetch_response.error_code = 400
         fetch_response.error_message = 'Invalid policy_type'
 
     return (200, response)
 
   def ProcessAutoEnrollment(self, msg):
     """Handles an auto-enrollment check request.
 
     The reply depends on the value of the modulus:
@@ skipping 53 matching lines @@
       for field in FIELDS:
         if field in state:
           setattr(device_state_retrieval_response, field, state[field])
 
     response = dm.DeviceManagementResponse()
     response.device_state_retrieval_response.CopyFrom(
         device_state_retrieval_response)
     return (200, response)
 
   def SetProtobufMessageField(self, group_message, field, field_value):
-    '''Sets a field in a protobuf message.
+    """Sets a field in a protobuf message.
 
     Args:
       group_message: The protobuf message.
       field: The field of the message to set, it should be a member of
           group_message.DESCRIPTOR.fields.
       field_value: The value to set.
-    '''
+    """
     if field.label == field.LABEL_REPEATED:
       assert type(field_value) == list
       entries = group_message.__getattribute__(field.name)
       if field.message_type is None:
         for list_item in field_value:
           entries.append(list_item)
       else:
         # This field is itself a protobuf.
         sub_type = field.message_type
         for sub_value in field_value:
@@ skipping 17 matching lines @@
       assert type(field_value) == list
       entries = group_message.__getattribute__(field.name).entries
       for list_item in field_value:
         entries.append(list_item)
       return
     else:
       raise Exception('Unknown field type %s' % field.type)
     group_message.__setattr__(field.name, field_value)
 
   def GatherDevicePolicySettings(self, settings, policies):
-    '''Copies all the policies from a dictionary into a protobuf of type
+    """Copies all the policies from a dictionary into a protobuf of type
     CloudDeviceSettingsProto.
 
     Args:
       settings: The destination ChromeDeviceSettingsProto protobuf.
       policies: The source dictionary containing policies in JSON format.
-    '''
+    """
     for group in settings.DESCRIPTOR.fields:
       # Create protobuf message for group.
       group_message = eval('dp.' + group.message_type.name + '()')
       # Indicates if at least one field was set in |group_message|.
       got_fields = False
       # Iterate over fields of the message and feed them from the
       # policy config file.
       for field in group_message.DESCRIPTOR.fields:
         field_value = None
         if field.name in policies:
           got_fields = True
           field_value = policies[field.name]
           self.SetProtobufMessageField(group_message, field, field_value)
       if got_fields:
         settings.__getattribute__(group.name).CopyFrom(group_message)
 
   def GatherUserPolicySettings(self, settings, policies):
-    '''Copies all the policies from a dictionary into a protobuf of type
+    """Copies all the policies from a dictionary into a protobuf of type
     CloudPolicySettings.
 
     Args:
       settings: The destination: a CloudPolicySettings protobuf.
       policies: The source: a dictionary containing policies under keys
           'recommended' and 'mandatory'.
-    '''
+    """
     for field in settings.DESCRIPTOR.fields:
       # |field| is the entry for a specific policy in the top-level
       # CloudPolicySettings proto.
 
       # Look for this policy's value in the mandatory or recommended dicts.
       if field.name in policies.get('mandatory', {}):
         mode = cp.PolicyOptions.MANDATORY
         value = policies['mandatory'][field.name]
       elif field.name in policies.get('recommended', {}):
         mode = cp.PolicyOptions.RECOMMENDED
         value = policies['recommended'][field.name]
       else:
         continue
 
       # Create protobuf message for this policy.
       policy_message = eval('cp.' + field.message_type.name + '()')
       policy_message.policy_options.mode = mode
       field_descriptor = policy_message.DESCRIPTOR.fields_by_name['value']
       self.SetProtobufMessageField(policy_message, field_descriptor, value)
       settings.__getattribute__(field.name).CopyFrom(policy_message)
 
+  def ProcessCloudPolicyForExtensions(self, request, response, token_info):
+    """Handles a request for policy for extensions.
+
+    A request for policy for extensions is slightly different from the other
+    cloud policy requests, because it can trigger 0, one or many
+    PolicyFetchResponse messages in the response.
+
+    Args:
+      request: The PolicyFetchRequest that triggered this handler.
+      response: The DevicePolicyResponse message for the response. Multiple
+      PolicyFetchResponses will be appended to this message.
+      token_info: The token extracted from the request.
+    """
+    # Send one PolicyFetchResponse for each extension that has
+    # configuration data at the server.
+    ids = self.server.ListMatchingComponents('google/chrome/extension')
+    for settings_entity_id in ids:
+      # Reuse the extension policy request, to trigger the same signature
+      # type in the response.
+      request.settings_entity_id = settings_entity_id
+      fetch_response = response.response.add()
+      self.ProcessCloudPolicy(request, token_info, fetch_response)
+      # Don't do key rotations for these messages.
+      fetch_response.ClearField('new_public_key')
+      fetch_response.ClearField('new_public_key_signature')
+      fetch_response.ClearField('new_public_key_verification_signature')
+
   def ProcessCloudPolicy(self, msg, token_info, response):
     """Handles a cloud policy request. (New protocol for policy requests.)
 
     Encodes the policy into protobuf representation, signs it and constructs
     the response.
 
     Args:
       msg: The CloudPolicyRequest message received from the client.
-      token_info: the token extracted from the request.
+      token_info: The token extracted from the request.
       response: A PolicyFetchResponse message that should be filled with the
                 response data.
     """
 
     if msg.machine_id:
       self.server.UpdateMachineId(token_info['device_token'], msg.machine_id)
 
     # Response is only given if the scope is specified in the config file.
     # Normally 'google/chromeos/device', 'google/chromeos/user' and
     # 'google/chromeos/publicaccount' should be accepted.
@@ skipping 387 matching lines @@
   def WriteClientState(self):
     """Writes the client state back to the file."""
     if self.client_state_file is not None:
       json_data = json.dumps(self._registered_tokens)
       open(self.client_state_file, 'w').write(json_data)
 
   def GetBaseFilename(self, policy_selector):
     """Returns the base filename for the given policy_selector.
 
     Args:
-      policy_selector: the policy type and settings entity id, joined by '/'.
+      policy_selector: The policy type and settings entity id, joined by '/'.
 
     Returns:
       The filename corresponding to the policy_selector, without a file
       extension.
     """
     sanitized_policy_selector = re.sub('[^A-Za-z0-9.@-]', '_', policy_selector)
     return os.path.join(self.data_dir or '',
                         'policy_%s' % sanitized_policy_selector)
 
+  def ListMatchingComponents(self, policy_type):
+    """Returns a list of settings entity IDs that have a configuration file.
+
+    Args:
+      policy_type: The policy type to look for. Only settings entity IDs for
+      file selectors That match this policy_type will be returned.
+
+    Returns:
+      A list of settings entity IDs for the given |policy_type| that have a
+      configuration file in this server (either as a .bin, .txt or .data file).
+    """
+    base_name = self.GetBaseFilename(policy_type)
+    files = glob.glob('%s_*.*' % base_name)
+    len_base_name = len(base_name) + 1
+    return [ file[len_base_name:file.rfind('.')] for file in files ]
+
   def ReadPolicyFromDataDir(self, policy_selector, proto_message):
     """Tries to read policy payload from a file in the data directory.
 
     First checks for a binary rendition of the policy protobuf in
     <data_dir>/policy_<sanitized_policy_selector>.bin. If that exists, returns
     it. If that file doesn't exist, tries
     <data_dir>/policy_<sanitized_policy_selector>.txt and decodes that as a
     protobuf using proto_message. If that fails as well, returns None.
 
     Args:
@@ skipping 115 matching lines @@
     if (self.options.log_to_console):
       logger.addHandler(logging.StreamHandler())
     if (self.options.log_file):
       logger.addHandler(logging.FileHandler(self.options.log_file))
 
     testserver_base.TestServerRunner.run_server(self)
 
 
 if __name__ == '__main__':
   sys.exit(PolicyServerRunner().main())