Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(56)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/policy/device_cloud_policy_initializer.cc

Issue 2340933004: Do not try to enroll past OOBE/enrollment. (Closed)
Patch Set: Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" 5 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/bind_helpers.h" 10 #include "base/bind_helpers.h"
(...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after
142 // Use the best mechanism, which may include attestation if available. 142 // Use the best mechanism, which may include attestation if available.
143 config.auth_mechanism = EnrollmentConfig::AUTH_MECHANISM_BEST_AVAILABLE; 143 config.auth_mechanism = EnrollmentConfig::AUTH_MECHANISM_BEST_AVAILABLE;
144 break; 144 break;
145 145
146 case ZeroTouchEnrollmentMode::FORCED: 146 case ZeroTouchEnrollmentMode::FORCED:
147 // Only use attestation to authenticate since zero-touch is forced. 147 // Only use attestation to authenticate since zero-touch is forced.
148 config.auth_mechanism = EnrollmentConfig::AUTH_MECHANISM_ATTESTATION; 148 config.auth_mechanism = EnrollmentConfig::AUTH_MECHANISM_ATTESTATION;
149 break; 149 break;
150 } 150 }
151 151
152 // If OOBE is done and we are not enrolled, make sure we only try interactive
153 // enrollment.
152 const bool oobe_complete = local_state_->GetBoolean(prefs::kOobeComplete); 154 const bool oobe_complete = local_state_->GetBoolean(prefs::kOobeComplete);
155 if (oobe_complete &&
156 config.auth_mechanism == EnrollmentConfig::AUTH_MECHANISM_BEST_AVAILABLE)
157 config.auth_mechanism = EnrollmentConfig::AUTH_MECHANISM_INTERACTIVE;
xiyuan 2016/09/16 07:49:13 nit: wrap with {} since the condition takes more t
158 // If OOBE is done and we are enrolled, check for need to recover enrollment.
153 if (oobe_complete && install_attributes_->IsEnterpriseDevice()) { 159 if (oobe_complete && install_attributes_->IsEnterpriseDevice()) {
154 // Regardless what mode is applicable, the enrollment domain is fixed. 160 // Regardless what mode is applicable, the enrollment domain is fixed.
155 config.management_domain = install_attributes_->GetDomain(); 161 config.management_domain = install_attributes_->GetDomain();
156 162
157 // Enrollment has completed previously and installation-time attributes 163 // Enrollment has completed previously and installation-time attributes
158 // are in place. Enrollment recovery is required when the server 164 // are in place. Enrollment recovery is required when the server
159 // registration gets lost. 165 // registration gets lost.
160 if (local_state_->GetBoolean(prefs::kEnrollmentRecoveryRequired)) { 166 if (local_state_->GetBoolean(prefs::kEnrollmentRecoveryRequired)) {
161 LOG(WARNING) << "Enrollment recovery required according to pref."; 167 LOG(WARNING) << "Enrollment recovery required according to pref.";
162 if (DeviceCloudPolicyManagerChromeOS::GetMachineID().empty()) 168 if (DeviceCloudPolicyManagerChromeOS::GetMachineID().empty())
(...skipping 152 matching lines...) Expand 10 before | Expand all | Expand 10 after
315 if (success && (success = att_signed_data.ParseFromString(signed_data))) { 321 if (success && (success = att_signed_data.ParseFromString(signed_data))) {
316 em_signed_data.set_data(att_signed_data.data()); 322 em_signed_data.set_data(att_signed_data.data());
317 em_signed_data.set_signature(att_signed_data.signature()); 323 em_signed_data.set_signature(att_signed_data.signature());
318 em_signed_data.set_extra_data_bytes(att_signed_data.data().size() - 324 em_signed_data.set_extra_data_bytes(att_signed_data.data().size() -
319 data.size()); 325 data.size());
320 } 326 }
321 callback.Run(success, em_signed_data); 327 callback.Run(success, em_signed_data);
322 } 328 }
323 329
324 } // namespace policy 330 } // namespace policy
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698