Chromium Code Reviews Chromium Code Reviews
Issue 23451044:
Add an Ethernet EAP policy. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/net/onc_utils.h" | 5 #include "chrome/browser/chromeos/net/onc_utils.h" |
| 6 | 6 |
| 7 #include "base/bind_helpers.h" | 7 #include "base/bind_helpers.h" |
| 8 #include "base/json/json_writer.h" | 8 #include "base/json/json_writer.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/prefs/pref_service.h" | 10 #include "base/prefs/pref_service.h" |
| 11 #include "base/values.h" | 11 #include "base/values.h" |
| 12 #include "chrome/browser/chromeos/login/user.h" | 12 #include "chrome/browser/chromeos/login/user.h" |
| 13 #include "chrome/browser/chromeos/login/user_manager.h" | 13 #include "chrome/browser/chromeos/login/user_manager.h" |
| 14 #include "chrome/browser/chromeos/ui_proxy_config.h" | 14 #include "chrome/browser/chromeos/ui_proxy_config.h" |
| 15 #include "chrome/browser/prefs/proxy_config_dictionary.h" | 15 #include "chrome/browser/prefs/proxy_config_dictionary.h" |
| 16 #include "chrome/common/pref_names.h" | 16 #include "chrome/common/pref_names.h" |
| 17 #include "chromeos/network/favorite_state.h" | 17 #include "chromeos/network/favorite_state.h" |
| 18 #include "chromeos/network/managed_network_configuration_handler.h" | 18 #include "chromeos/network/managed_network_configuration_handler.h" |
| 19 #include "chromeos/network/network_configuration_handler.h" | 19 #include "chromeos/network/network_configuration_handler.h" |
| 20 #include "chromeos/network/network_handler.h" | 20 #include "chromeos/network/network_handler.h" |
| 21 #include "chromeos/network/network_profile.h" | 21 #include "chromeos/network/network_profile.h" |
| 22 #include "chromeos/network/network_profile_handler.h" | 22 #include "chromeos/network/network_profile_handler.h" |
| 23 #include "chromeos/network/network_state_handler.h" | |
| 23 #include "chromeos/network/network_ui_data.h" | 24 #include "chromeos/network/network_ui_data.h" |
| 24 #include "chromeos/network/onc/onc_normalizer.h" | 25 #include "chromeos/network/onc/onc_normalizer.h" |
| 25 #include "chromeos/network/onc/onc_signature.h" | 26 #include "chromeos/network/onc/onc_signature.h" |
| 26 #include "chromeos/network/onc/onc_translator.h" | 27 #include "chromeos/network/onc/onc_translator.h" |
| 27 #include "chromeos/network/onc/onc_utils.h" | 28 #include "chromeos/network/onc/onc_utils.h" |
| 29 #include "chromeos/network/shill_property_util.h" | |
| 28 #include "net/base/host_port_pair.h" | 30 #include "net/base/host_port_pair.h" |
| 29 #include "net/proxy/proxy_bypass_rules.h" | 31 #include "net/proxy/proxy_bypass_rules.h" |
| 30 #include "net/proxy/proxy_server.h" | 32 #include "net/proxy/proxy_server.h" |
| 31 #include "third_party/cros_system_api/dbus/service_constants.h" | 33 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 32 #include "url/gurl.h" | 34 #include "url/gurl.h" |
| 33 | 35 |
| 34 namespace chromeos { | 36 namespace chromeos { |
| 35 namespace onc { | 37 namespace onc { |
| 36 | 38 |
| 37 namespace { | 39 namespace { |
| (...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 245 | 247 |
| 246 namespace { | 248 namespace { |
| 247 | 249 |
| 248 const base::DictionaryValue* GetNetworkConfigByGUID( | 250 const base::DictionaryValue* GetNetworkConfigByGUID( |
| 249 const base::ListValue& network_configs, | 251 const base::ListValue& network_configs, |
| 250 const std::string& guid) { | 252 const std::string& guid) { |
| 251 for (base::ListValue::const_iterator it = network_configs.begin(); | 253 for (base::ListValue::const_iterator it = network_configs.begin(); |
| 252 it != network_configs.end(); ++it) { | 254 it != network_configs.end(); ++it) { |
| 253 const base::DictionaryValue* network = NULL; | 255 const base::DictionaryValue* network = NULL; |
| 254 (*it)->GetAsDictionary(&network); | 256 (*it)->GetAsDictionary(&network); |
| 257 DCHECK(network); | |
| 258 | |
| 255 std::string current_guid; | 259 std::string current_guid; |
| 256 network->GetStringWithoutPathExpansion(onc::network_config::kGUID, | 260 network->GetStringWithoutPathExpansion(onc::network_config::kGUID, |
| 257 ¤t_guid); | 261 ¤t_guid); |
| 258 if (current_guid == guid) | 262 if (current_guid == guid) |
| 259 return network; | 263 return network; |
| 260 } | 264 } |
| 261 return NULL; | 265 return NULL; |
| 262 } | 266 } |
| 263 | 267 |
| 268 const base::DictionaryValue* GetNetworkConfigForEthernetWithoutEAP( | |
| 269 const base::ListValue& network_configs) { | |
| 270 VLOG(2) << "Search for ethernet policy without EAP."; | |
| 271 for (base::ListValue::const_iterator it = network_configs.begin(); | |
| 272 it != network_configs.end(); ++it) { | |
| 273 const base::DictionaryValue* network = NULL; | |
| 274 (*it)->GetAsDictionary(&network); | |
| 275 DCHECK(network); | |
| 276 | |
| 277 std::string type; | |
| 278 network->GetStringWithoutPathExpansion(onc::network_config::kType, &type); | |
| 279 if (type != onc::network_type::kEthernet) | |
| 280 continue; | |
| 281 | |
| 282 const base::DictionaryValue* ethernet = NULL; | |
| 283 network->GetDictionaryWithoutPathExpansion(onc::network_config::kEthernet, | |
| 284 ðernet); | |
|
stevenjb
2013/09/28 00:37:45
if (!ethernet) handle error
pneubeck (no reviews)
2013/09/30 20:08:31
The dictionary comes from policy, where it is vali
| |
| 285 | |
| 286 std::string auth; | |
| 287 ethernet->GetStringWithoutPathExpansion(onc::ethernet::kAuthentication, | |
| 288 &auth); | |
| 289 if (auth == onc::ethernet::kNone) | |
| 290 return network; | |
| 291 } | |
| 292 return NULL; | |
| 293 } | |
| 294 | |
| 295 const base::DictionaryValue* GetNetworkConfigForNetworkFromOnc( | |
| 296 const base::ListValue& network_configs, | |
| 297 const FavoriteState& favorite) { | |
| 298 // In all cases except Ethernet, we use the GUID of |network|. | |
| 299 if (!favorite.Matches(NetworkTypePattern::Ethernet())) | |
| 300 return GetNetworkConfigByGUID(network_configs, favorite.guid()); | |
| 301 | |
| 302 // Ethernet is always shared and thus cannot store a GUID per user. Thus we | |
| 303 // search for any Ethernet policy intead of a matching GUID. | |
| 304 // EthernetEAP service contains only the EAP parameters and stores the GUID of | |
| 305 // the respective ONC policy. The EthernetEAP service itself is however never | |
| 306 // in state "connected". An EthernetEAP policy must be applied, if an Ethernet | |
| 307 // service is connected using the EAP parameters. | |
| 308 const FavoriteState* ethernet_eap = NULL; | |
| 309 if (NetworkHandler::IsInitialized()) { | |
| 310 ethernet_eap = | |
| 311 NetworkHandler::Get()->network_state_handler()->GetEAPForEthernet( | |
| 312 favorite.path()); | |
| 313 } | |
| 314 | |
| 315 // The GUID associated with the EthernetEAP service refers to the ONC policy | |
| 316 // with "Authentication: 8021X". | |
| 317 if (ethernet_eap) | |
| 318 return GetNetworkConfigByGUID(network_configs, ethernet_eap->guid()); | |
| 319 | |
| 320 // Otherwise, EAP is not used and instead the Ethernet policy with | |
| 321 // "Authentication: None" applies. | |
| 322 return GetNetworkConfigForEthernetWithoutEAP(network_configs); | |
| 323 } | |
| 324 | |
| 264 const base::DictionaryValue* GetPolicyForNetworkFromPref( | 325 const base::DictionaryValue* GetPolicyForNetworkFromPref( |
| 265 const PrefService* pref_service, | 326 const PrefService* pref_service, |
| 266 const char* pref_name, | 327 const char* pref_name, |
| 267 const FavoriteState& favorite) { | 328 const FavoriteState& favorite) { |
| 268 if (!pref_service) { | 329 if (!pref_service) { |
| 269 VLOG(2) << "No pref service"; | 330 VLOG(2) << "No pref service"; |
| 270 return NULL; | 331 return NULL; |
| 271 } | 332 } |
| 272 | 333 |
| 273 const PrefService::Preference* preference = | 334 const PrefService::Preference* preference = |
| (...skipping 17 matching lines...) Expand all Loading... | |
| 291 return NULL; | 352 return NULL; |
| 292 } | 353 } |
| 293 VLOG(2) << "Preference with policy found."; | 354 VLOG(2) << "Preference with policy found."; |
| 294 const base::Value* onc_policy_value = preference->GetValue(); | 355 const base::Value* onc_policy_value = preference->GetValue(); |
| 295 DCHECK(onc_policy_value); | 356 DCHECK(onc_policy_value); |
| 296 | 357 |
| 297 const base::ListValue* onc_policy = NULL; | 358 const base::ListValue* onc_policy = NULL; |
| 298 onc_policy_value->GetAsList(&onc_policy); | 359 onc_policy_value->GetAsList(&onc_policy); |
| 299 DCHECK(onc_policy); | 360 DCHECK(onc_policy); |
| 300 | 361 |
| 301 return GetNetworkConfigByGUID(*onc_policy, favorite.guid()); | 362 return GetNetworkConfigForNetworkFromOnc(*onc_policy, favorite); |
| 302 } | 363 } |
| 303 | 364 |
| 304 } // namespace | 365 } // namespace |
| 305 | 366 |
| 306 const base::DictionaryValue* GetPolicyForFavoriteNetwork( | 367 const base::DictionaryValue* GetPolicyForFavoriteNetwork( |
| 307 const PrefService* profile_prefs, | 368 const PrefService* profile_prefs, |
| 308 const PrefService* local_state_prefs, | 369 const PrefService* local_state_prefs, |
| 309 const FavoriteState& favorite, | 370 const FavoriteState& favorite, |
| 310 onc::ONCSource* onc_source) { | 371 onc::ONCSource* onc_source) { |
| 311 VLOG(2) << "GetPolicyForFavorite: " << favorite.path(); | 372 VLOG(2) << "GetPolicyForFavoriteNetwork: " << favorite.path(); |
| 312 *onc_source = onc::ONC_SOURCE_NONE; | 373 *onc_source = onc::ONC_SOURCE_NONE; |
| 313 | 374 |
| 314 const base::DictionaryValue* network_policy = GetPolicyForNetworkFromPref( | 375 const base::DictionaryValue* network_policy = GetPolicyForNetworkFromPref( |
| 315 profile_prefs, prefs::kOpenNetworkConfiguration, favorite); | 376 profile_prefs, prefs::kOpenNetworkConfiguration, favorite); |
| 316 if (network_policy) { | 377 if (network_policy) { |
| 317 VLOG(1) << "Network " << favorite.path() << " is managed by user policy."; | 378 VLOG(1) << "Network " << favorite.path() << " is managed by user policy."; |
| 318 *onc_source = onc::ONC_SOURCE_USER_POLICY; | 379 *onc_source = onc::ONC_SOURCE_USER_POLICY; |
| 319 return network_policy; | 380 return network_policy; |
| 320 } | 381 } |
| 321 network_policy = GetPolicyForNetworkFromPref( | 382 network_policy = GetPolicyForNetworkFromPref( |
| (...skipping 11 matching lines...) Expand all Loading... | |
| 333 const PrefService* local_state_prefs, | 394 const PrefService* local_state_prefs, |
| 334 const FavoriteState& network) { | 395 const FavoriteState& network) { |
| 335 onc::ONCSource ignored_onc_source; | 396 onc::ONCSource ignored_onc_source; |
| 336 const base::DictionaryValue* policy = onc::GetPolicyForFavoriteNetwork( | 397 const base::DictionaryValue* policy = onc::GetPolicyForFavoriteNetwork( |
| 337 profile_prefs, local_state_prefs, network, &ignored_onc_source); | 398 profile_prefs, local_state_prefs, network, &ignored_onc_source); |
| 338 return policy != NULL; | 399 return policy != NULL; |
| 339 } | 400 } |
| 340 | 401 |
| 341 } // namespace onc | 402 } // namespace onc |
| 342 } // namespace chromeos | 403 } // namespace chromeos |
| OLD | NEW |
