Don't upload extension IDs in the cloud policy protocol.

chrome/browser/policy/test/policy_testserver.py

 # Copyright (c) 2012 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
 """A bare-bones test server for testing cloud policy support.
 
 This implements a simple cloud policy test server that can be used to test
 chrome's device management service client. The policy information is read from
 the file named device_management in the server's data directory. It contains
 enforced and recommended policies for the device and user scope, and a list
@@ skipping 39 matching lines @@
   "robot_api_auth_code": "fake_auth_code",
   "invalidation_source": 1025,
   "invalidation_name": "UENUPOL"
 }
 
 """
 
 import base64
 import BaseHTTPServer
 import cgi
+import glob
 import google.protobuf.text_format
 import hashlib
 import logging
 import os
 import random
 import re
 import sys
 import time
 import tlslite
 import tlslite.api
@@ skipping 369 matching lines @@
       return error
 
     key_update_request = msg.device_state_key_update_request
     if len(key_update_request.server_backed_state_key) > 0:
       self.server.UpdateStateKeys(token_info['device_token'],
                                   key_update_request.server_backed_state_key)
 
     response = dm.DeviceManagementResponse()
     for request in msg.policy_request.request:
       fetch_response = response.policy_response.response.add()
-      if (request.policy_type in
+      if (request.policy_type not in

[Mattias Nissler (ping if slow), 2014/04/25 11:51:46]

The logic here is rather convoluted now. Can't we just remove support for the
'ping' request type here (we're not using it anyways) and then make the code do
this:

if one-of-the-standard-policy-types:
  ProcessCloudPolicy
elif extension-policy:
  ProcessCloudPolicy for extensions
else:
  error

[Joao da Silva, 2014/04/28 11:56:12]

Done.

              ('google/android/user',
               'google/chrome/extension',
               'google/chromeos/device',
               'google/chromeos/publicaccount',
               'google/chromeos/user',
               'google/chrome/user',
               'google/ios/user')):
-        if request_type != 'policy':
-          fetch_response.error_code = 400
-          fetch_response.error_message = 'Invalid request type'
-        else:
-          self.ProcessCloudPolicy(request, token_info, fetch_response)
-      else:
         fetch_response.error_code = 400
         fetch_response.error_message = 'Invalid policy_type'
+      elif request_type != 'policy':
+        fetch_response.error_code = 400
+        fetch_response.error_message = 'Invalid request type'
+      elif request.policy_type == 'google/chrome/extension':
+        # Send one PolicyFetchResponse for each extension that has
+        # configuration data at the server.
+        del response.policy_response.response[-1]
+        ids = self.server.ListMatchingComponents('google/chrome/extension')
+        for settings_entity_id in ids:
+          fake_request = dm.PolicyFetchRequest()
+          # Copy the extension policy request, to trigger the same signature
+          # type in the response.

[Mattias Nissler (ping if slow), 2014/04/25 11:51:46]

Why not just use |request|?

[Joao da Silva, 2014/04/28 11:56:12]

Done.

+          fake_request.CopyFrom(request)
+          fake_request.settings_entity_id = settings_entity_id
+          fetch_response = response.policy_response.response.add()
+          self.ProcessCloudPolicy(fake_request, token_info, fetch_response)
+          # Don't do key rotations for these messages.
+          fetch_response.ClearField('new_public_key')
+          fetch_response.ClearField('new_public_key_signature')
+          fetch_response.ClearField('new_public_key_verification_signature')
+      else:
+        self.ProcessCloudPolicy(request, token_info, fetch_response)
 
     return (200, response)
 
   def ProcessAutoEnrollment(self, msg):
     """Handles an auto-enrollment check request.
 
     The reply depends on the value of the modulus:
       1: replies with no new modulus and the sha256 hash of "0"
       2: replies with a new modulus, 4.
       4: replies with a new modulus, 2.
@@ skipping 574 matching lines @@
       policy_selector: the policy type and settings entity id, joined by '/'.
 
     Returns:
       The filename corresponding to the policy_selector, without a file
       extension.
     """
     sanitized_policy_selector = re.sub('[^A-Za-z0-9.@-]', '_', policy_selector)
     return os.path.join(self.data_dir or '',
                         'policy_%s' % sanitized_policy_selector)
 
+  def ListMatchingComponents(self, policy_type):
+    """Returns a list of settings entity IDs that have a configuration file.
+
+    Args:
+      policy_type: the policy type to look for. Only settings entity IDs for
+      file selectors that match this policy_type will be returned.
+
+    Returns:
+      A list of settings entity IDs for the given |policy_type| that have a
+      configuration file in this server (either as a .bin, .txt or .data file).
+    """
+    base_name = self.GetBaseFilename(policy_type)
+    files = glob.glob('%s_*.*' % base_name)
+    len_base_name = len(base_name) + 1
+    return [ file[len_base_name:file.rfind('.')] for file in files ]
+
   def ReadPolicyFromDataDir(self, policy_selector, proto_message):
     """Tries to read policy payload from a file in the data directory.
 
     First checks for a binary rendition of the policy protobuf in
     <data_dir>/policy_<sanitized_policy_selector>.bin. If that exists, returns
     it. If that file doesn't exist, tries
     <data_dir>/policy_<sanitized_policy_selector>.txt and decodes that as a
     protobuf using proto_message. If that fails as well, returns None.
 
     Args:
@@ skipping 115 matching lines @@
     if (self.options.log_to_console):
       logger.addHandler(logging.StreamHandler())
     if (self.options.log_file):
       logger.addHandler(logging.FileHandler(self.options.log_file))
 
     testserver_base.TestServerRunner.run_server(self)
 
 
 if __name__ == '__main__':
   sys.exit(PolicyServerRunner().main())