Chromium Code Reviews Chromium Code Reviews
Issue 23583018:
Check configuration for networks without UIData (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/network/network_connection_handler.h" | 5 #include "chromeos/network/network_connection_handler.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/json/json_reader.h" | 9 #include "base/json/json_reader.h" |
| 10 #include "chromeos/chromeos_switches.h" | 10 #include "chromeos/chromeos_switches.h" |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 48 } | 48 } |
| 49 | 49 |
| 50 void CopyStringFromDictionary(const base::DictionaryValue& source, | 50 void CopyStringFromDictionary(const base::DictionaryValue& source, |
| 51 const std::string& key, | 51 const std::string& key, |
| 52 base::DictionaryValue* dest) { | 52 base::DictionaryValue* dest) { |
| 53 std::string string_value; | 53 std::string string_value; |
| 54 if (source.GetStringWithoutPathExpansion(key, &string_value)) | 54 if (source.GetStringWithoutPathExpansion(key, &string_value)) |
| 55 dest->SetStringWithoutPathExpansion(key, string_value); | 55 dest->SetStringWithoutPathExpansion(key, string_value); |
| 56 } | 56 } |
| 57 | 57 |
| 58 std::string GetStringFromDictionary(const base::DictionaryValue& dict, | |
| 59 const std::string& key) { | |
| 60 std::string s; | |
| 61 dict.GetStringWithoutPathExpansion(key, &s); | |
| 62 return s; | |
| 63 } | |
| 64 | |
| 58 bool NetworkRequiresActivation(const NetworkState* network) { | 65 bool NetworkRequiresActivation(const NetworkState* network) { |
| 59 return (network->type() == flimflam::kTypeCellular && | 66 return (network->type() == flimflam::kTypeCellular && |
| 60 ((network->activation_state() != flimflam::kActivationStateActivated && | 67 ((network->activation_state() != flimflam::kActivationStateActivated && |
| 61 network->activation_state() != flimflam::kActivationStateUnknown))); | 68 network->activation_state() != flimflam::kActivationStateUnknown))); |
| 62 } | 69 } |
| 63 | 70 |
| 64 bool VPNIsConfigured(const std::string& service_path, | 71 bool VPNIsConfigured(const std::string& service_path, |
| 65 const std::string& provider_type, | 72 const std::string& provider_type, |
| 66 const base::DictionaryValue& provider_properties) { | 73 const base::DictionaryValue& provider_properties) { |
| 67 if (provider_type == flimflam::kProviderOpenVpn) { | 74 if (provider_type == flimflam::kProviderOpenVpn) { |
| 68 std::string hostname; | 75 std::string hostname = GetStringFromDictionary( |
| 69 provider_properties.GetStringWithoutPathExpansion( | 76 provider_properties, flimflam::kHostProperty); |
| 70 flimflam::kHostProperty, &hostname); | |
| 71 if (hostname.empty()) { | 77 if (hostname.empty()) { |
| 72 NET_LOG_EVENT("OpenVPN: No hostname", service_path); | 78 NET_LOG_EVENT("OpenVPN: No hostname", service_path); |
| 73 return false; | 79 return false; |
| 74 } | 80 } |
| 75 std::string username; | 81 std::string username = GetStringFromDictionary( |
| 76 provider_properties.GetStringWithoutPathExpansion( | 82 provider_properties, flimflam::kOpenVPNUserProperty); |
| 77 flimflam::kOpenVPNUserProperty, &username); | |
| 78 if (username.empty()) { | 83 if (username.empty()) { |
| 79 NET_LOG_EVENT("OpenVPN: No username", service_path); | 84 NET_LOG_EVENT("OpenVPN: No username", service_path); |
| 80 return false; | 85 return false; |
| 81 } | 86 } |
| 82 bool passphrase_required = false; | 87 bool passphrase_required = false; |
| 83 provider_properties.GetBooleanWithoutPathExpansion( | 88 provider_properties.GetBooleanWithoutPathExpansion( |
| 84 flimflam::kPassphraseRequiredProperty, &passphrase_required); | 89 flimflam::kPassphraseRequiredProperty, &passphrase_required); |
| 85 if (passphrase_required) { | 90 if (passphrase_required) { |
| 86 NET_LOG_EVENT("OpenVPN: Passphrase Required", service_path); | 91 NET_LOG_EVENT("OpenVPN: Passphrase Required", service_path); |
| 87 return false; | 92 return false; |
| (...skipping 278 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 366 // If 'passphrase_required' is still true, then the 'Passphrase' property | 371 // If 'passphrase_required' is still true, then the 'Passphrase' property |
| 367 // has not been set to a minimum length value. | 372 // has not been set to a minimum length value. |
| 368 bool passphrase_required = false; | 373 bool passphrase_required = false; |
| 369 service_properties.GetBooleanWithoutPathExpansion( | 374 service_properties.GetBooleanWithoutPathExpansion( |
| 370 flimflam::kPassphraseRequiredProperty, &passphrase_required); | 375 flimflam::kPassphraseRequiredProperty, &passphrase_required); |
| 371 if (passphrase_required) { | 376 if (passphrase_required) { |
| 372 ErrorCallbackForPendingRequest(service_path, kErrorPassphraseRequired); | 377 ErrorCallbackForPendingRequest(service_path, kErrorPassphraseRequired); |
| 373 return; | 378 return; |
| 374 } | 379 } |
| 375 | 380 |
| 376 std::string type, security; | 381 std::string type = GetStringFromDictionary( |
| 377 service_properties.GetStringWithoutPathExpansion( | 382 service_properties, flimflam::kTypeProperty); |
| 378 flimflam::kTypeProperty, &type); | 383 std::string security = GetStringFromDictionary( |
| 379 service_properties.GetStringWithoutPathExpansion( | 384 service_properties, flimflam::kSecurityProperty); |
| 380 flimflam::kSecurityProperty, &security); | |
| 381 bool connectable = false; | 385 bool connectable = false; |
| 382 service_properties.GetBooleanWithoutPathExpansion( | 386 service_properties.GetBooleanWithoutPathExpansion( |
| 383 flimflam::kConnectableProperty, &connectable); | 387 flimflam::kConnectableProperty, &connectable); |
| 384 | 388 |
| 385 // In case NetworkState was not available in ConnectToNetwork (e.g. it had | 389 // In case NetworkState was not available in ConnectToNetwork (e.g. it had |
| 386 // been recently configured), we need to check Connectable again. | 390 // been recently configured), we need to check Connectable again. |
| 387 if (connectable && type != flimflam::kTypeVPN) { | 391 if (connectable && type != flimflam::kTypeVPN) { |
| 388 // TODO(stevenjb): Shill needs to properly set Connectable for VPN. | 392 // TODO(stevenjb): Shill needs to properly set Connectable for VPN. |
| 389 CallShillConnect(service_path); | 393 CallShillConnect(service_path); |
| 390 return; | 394 return; |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 459 pending_requests_.erase(service_path); | 463 pending_requests_.erase(service_path); |
| 460 return; | 464 return; |
| 461 } | 465 } |
| 462 | 466 |
| 463 pkcs11_id = CertificateIsConfigured(ui_data.get()); | 467 pkcs11_id = CertificateIsConfigured(ui_data.get()); |
| 464 // Ensure the certificate is available and configured. | 468 // Ensure the certificate is available and configured. |
| 465 if (!cert_loader_->IsHardwareBacked() || pkcs11_id.empty()) { | 469 if (!cert_loader_->IsHardwareBacked() || pkcs11_id.empty()) { |
| 466 ErrorCallbackForPendingRequest(service_path, kErrorCertificateRequired); | 470 ErrorCallbackForPendingRequest(service_path, kErrorCertificateRequired); |
| 467 return; | 471 return; |
| 468 } | 472 } |
| 473 } else { | |
| 474 // Certificate is not configured in ui_data, check properties. | |
| 475 bool configured = true; | |
| 476 if (client_cert_type == client_cert::CONFIG_TYPE_OPENVPN) { | |
|
pneubeck (no reviews)
2013/08/30 11:04:08
How about putting this into a
client_cert::GetSh
stevenjb
2013/08/30 17:01:21
Yeah, I considered doing something like that origi
| |
| 477 std::string cert_id = GetStringFromDictionary( | |
| 478 service_properties, flimflam::kOpenVPNClientCertIdProperty); | |
|
pneubeck (no reviews)
2013/08/30 11:04:08
service_properties -> provider_properties
in case
stevenjb
2013/08/30 17:01:21
Bah, you're right, I keep reversing setting vs get
| |
| 479 std::string username = GetStringFromDictionary( | |
| 480 service_properties, flimflam::kOpenVPNUserProperty); | |
| 481 if (cert_id.empty() || username.empty()) | |
| 482 configured = false; | |
| 483 } else if (client_cert_type == client_cert::CONFIG_TYPE_IPSEC) { | |
| 484 std::string cert_id = GetStringFromDictionary( | |
| 485 service_properties, flimflam::kL2tpIpsecClientCertIdProperty); | |
| 486 std::string username = GetStringFromDictionary( | |
| 487 service_properties, flimflam::kL2tpIpsecUserProperty); | |
| 488 if (cert_id.empty() || username.empty()) | |
| 489 configured = false; | |
| 490 } else if (client_cert_type == client_cert::CONFIG_TYPE_EAP) { | |
| 491 std::string cert_id = GetStringFromDictionary( | |
| 492 service_properties, flimflam::kEapCertIdProperty); | |
| 493 std::string key_id = GetStringFromDictionary( | |
| 494 service_properties, flimflam::kEapKeyIdProperty); | |
| 495 std::string identity = GetStringFromDictionary( | |
| 496 service_properties, flimflam::kEapIdentityProperty); | |
| 497 if (cert_id.empty() || key_id.empty() || identity.empty()) | |
| 498 configured = false; | |
| 499 } else { | |
| 500 NOTREACHED(); | |
| 501 } | |
| 502 if (!configured) { | |
| 503 ErrorCallbackForPendingRequest(service_path, | |
| 504 kErrorConfigurationRequired); | |
| 505 return; | |
| 506 } | |
| 469 } | 507 } |
| 470 | 508 |
| 471 // The network may not be 'Connectable' because the TPM properties are not | 509 // The network may not be 'Connectable' because the TPM properties are not |
| 472 // set up, so configure tpm slot/pin before connecting. | 510 // set up, so configure tpm slot/pin before connecting. |
| 473 if (cert_loader_ && cert_loader_->IsHardwareBacked()) { | 511 if (cert_loader_ && cert_loader_->IsHardwareBacked()) { |
| 474 // Pass NULL if pkcs11_id is empty, so that it doesn't clear any | 512 // Pass NULL if pkcs11_id is empty, so that it doesn't clear any |
| 475 // previously configured client cert. | 513 // previously configured client cert. |
| 476 client_cert::SetShillProperties(client_cert_type, | 514 client_cert::SetShillProperties(client_cert_type, |
| 477 cert_loader_->tpm_token_slot(), | 515 cert_loader_->tpm_token_slot(), |
| 478 cert_loader_->tpm_user_pin(), | 516 cert_loader_->tpm_user_pin(), |
| (...skipping 236 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 715 | 753 |
| 716 void NetworkConnectionHandler::HandleShillActivateSuccess( | 754 void NetworkConnectionHandler::HandleShillActivateSuccess( |
| 717 const std::string& service_path, | 755 const std::string& service_path, |
| 718 const base::Closure& success_callback) { | 756 const base::Closure& success_callback) { |
| 719 NET_LOG_EVENT("Activate Request Sent", service_path); | 757 NET_LOG_EVENT("Activate Request Sent", service_path); |
| 720 if (!success_callback.is_null()) | 758 if (!success_callback.is_null()) |
| 721 success_callback.Run(); | 759 success_callback.Run(); |
| 722 } | 760 } |
| 723 | 761 |
| 724 } // namespace chromeos | 762 } // namespace chromeos |
| OLD | NEW |
