| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 | 5 #include "base/bind.h" |
| 6 #include "base/bind_helpers.h" |
| 6 #include "base/callback.h" | 7 #include "base/callback.h" |
| 7 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 8 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 9 #include "base/run_loop.h" | 10 #include "base/run_loop.h" |
| 10 #include "base/values.h" | 11 #include "base/values.h" |
| 11 #include "chrome/browser/chromeos/login/user.h" | 12 #include "chrome/browser/chromeos/login/user.h" |
| 12 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" | 13 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h" |
| 13 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" | 14 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" |
| 14 #include "chrome/browser/policy/external_data_fetcher.h" | 15 #include "chrome/browser/policy/external_data_fetcher.h" |
| 15 #include "chrome/browser/policy/mock_configuration_policy_provider.h" | 16 #include "chrome/browser/policy/mock_configuration_policy_provider.h" |
| (...skipping 241 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 257 SetPolicy(onc::ONC_SOURCE_USER_POLICY, _, _, _)); | 258 SetPolicy(onc::ONC_SOURCE_USER_POLICY, _, _, _)); |
| 258 EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _, _)) | 259 EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _, _)) |
| 259 .WillRepeatedly(SetCertificateList(cert_list)); | 260 .WillRepeatedly(SetCertificateList(cert_list)); |
| 260 | 261 |
| 261 UserNetworkConfigurationUpdater* updater = | 262 UserNetworkConfigurationUpdater* updater = |
| 262 CreateNetworkConfigurationUpdaterForUserPolicy( | 263 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 263 false /* do not allow trusted certs from policy */); | 264 false /* do not allow trusted certs from policy */); |
| 264 | 265 |
| 265 // Certificates with the "Web" trust flag set should not be forwarded to the | 266 // Certificates with the "Web" trust flag set should not be forwarded to the |
| 266 // trust provider. | 267 // trust provider. |
| 267 policy::PolicyCertVerifier cert_verifier(( | 268 policy::PolicyCertVerifier cert_verifier(base::Bind(&base::DoNothing)); |
| 268 base::Closure() /* no policy cert trusted callback */)); | 269 updater->AddPolicyCertVerifier(&cert_verifier); |
| 269 updater->SetPolicyCertVerifier(&cert_verifier); | |
| 270 base::RunLoop().RunUntilIdle(); | 270 base::RunLoop().RunUntilIdle(); |
| 271 EXPECT_TRUE(cert_verifier.GetAdditionalTrustAnchors().empty()); | 271 EXPECT_TRUE(cert_verifier.GetAdditionalTrustAnchors().empty()); |
| 272 | 272 |
| 273 // |cert_verifier| must outlive the updater. | 273 updater->RemovePolicyCertVerifier(&cert_verifier); |
| 274 network_configuration_updater_.reset(); | 274 network_configuration_updater_.reset(); |
| 275 |
| 276 cert_verifier.UnsetTrustAnchorUsedCallback(); |
| 275 } | 277 } |
| 276 | 278 |
| 277 TEST_F(NetworkConfigurationUpdaterTest, AllowTrustedCertificatesFromPolicy) { | 279 TEST_F(NetworkConfigurationUpdaterTest, AllowTrustedCertificatesFromPolicy) { |
| 278 net::CertificateList cert_list; | 280 net::CertificateList cert_list; |
| 279 cert_list = | 281 cert_list = |
| 280 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), | 282 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), |
| 281 "ok_cert.pem", | 283 "ok_cert.pem", |
| 282 net::X509Certificate::FORMAT_AUTO); | 284 net::X509Certificate::FORMAT_AUTO); |
| 283 ASSERT_EQ(1u, cert_list.size()); | 285 ASSERT_EQ(1u, cert_list.size()); |
| 284 | 286 |
| 285 EXPECT_CALL(network_config_handler_, | 287 EXPECT_CALL(network_config_handler_, |
| 286 SetPolicy(onc::ONC_SOURCE_USER_POLICY, _, _, _)); | 288 SetPolicy(onc::ONC_SOURCE_USER_POLICY, _, _, _)); |
| 287 EXPECT_CALL(*certificate_importer_, | 289 EXPECT_CALL(*certificate_importer_, |
| 288 ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) | 290 ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) |
| 289 .WillRepeatedly(SetCertificateList(cert_list)); | 291 .WillRepeatedly(SetCertificateList(cert_list)); |
| 290 | 292 |
| 291 UserNetworkConfigurationUpdater* updater = | 293 UserNetworkConfigurationUpdater* updater = |
| 292 CreateNetworkConfigurationUpdaterForUserPolicy( | 294 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 293 true /* allow trusted certs from policy */); | 295 true /* allow trusted certs from policy */); |
| 294 | 296 |
| 295 // Certificates with the "Web" trust flag set should be forwarded to the | 297 // Certificates with the "Web" trust flag set should be forwarded to the |
| 296 // trust provider. | 298 // trust provider. |
| 297 policy::PolicyCertVerifier cert_verifier(( | 299 policy::PolicyCertVerifier cert_verifier(base::Bind(&base::DoNothing)); |
| 298 base::Closure() /* no policy cert trusted callback */)); | 300 updater->AddPolicyCertVerifier(&cert_verifier); |
| 299 updater->SetPolicyCertVerifier(&cert_verifier); | |
| 300 base::RunLoop().RunUntilIdle(); | 301 base::RunLoop().RunUntilIdle(); |
| 301 EXPECT_EQ(1u, cert_verifier.GetAdditionalTrustAnchors().size()); | 302 EXPECT_EQ(1u, cert_verifier.GetAdditionalTrustAnchors().size()); |
| 302 | 303 |
| 303 // |cert_verifier| must outlive the updater. | 304 updater->RemovePolicyCertVerifier(&cert_verifier); |
| 304 network_configuration_updater_.reset(); | 305 network_configuration_updater_.reset(); |
| 306 |
| 307 cert_verifier.UnsetTrustAnchorUsedCallback(); |
| 305 } | 308 } |
| 306 | 309 |
| 307 class NetworkConfigurationUpdaterTestWithParam | 310 class NetworkConfigurationUpdaterTestWithParam |
| 308 : public NetworkConfigurationUpdaterTest, | 311 : public NetworkConfigurationUpdaterTest, |
| 309 public testing::WithParamInterface<const char*> { | 312 public testing::WithParamInterface<const char*> { |
| 310 protected: | 313 protected: |
| 311 // Returns the currently tested ONC source. | 314 // Returns the currently tested ONC source. |
| 312 onc::ONCSource CurrentONCSource() { | 315 onc::ONCSource CurrentONCSource() { |
| 313 if (GetParam() == key::kOpenNetworkConfiguration) | 316 if (GetParam() == key::kOpenNetworkConfiguration) |
| 314 return onc::ONC_SOURCE_USER_POLICY; | 317 return onc::ONC_SOURCE_USER_POLICY; |
| (...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 388 policy.Erase(GetParam()); | 391 policy.Erase(GetParam()); |
| 389 UpdateProviderPolicy(policy); | 392 UpdateProviderPolicy(policy); |
| 390 } | 393 } |
| 391 | 394 |
| 392 INSTANTIATE_TEST_CASE_P(NetworkConfigurationUpdaterTestWithParamInstance, | 395 INSTANTIATE_TEST_CASE_P(NetworkConfigurationUpdaterTestWithParamInstance, |
| 393 NetworkConfigurationUpdaterTestWithParam, | 396 NetworkConfigurationUpdaterTestWithParam, |
| 394 testing::Values(key::kDeviceOpenNetworkConfiguration, | 397 testing::Values(key::kDeviceOpenNetworkConfiguration, |
| 395 key::kOpenNetworkConfiguration)); | 398 key::kOpenNetworkConfiguration)); |
| 396 | 399 |
| 397 } // namespace policy | 400 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 24153012:
Fix cyclic dependency between ProfilePolicyConnector and PrefService. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src