Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.h" | 5 #include "chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "base/strings/string_number_conversions.h" | 11 #include "base/strings/string_number_conversions.h" |
| 12 #include "chrome/browser/browser_process.h" | 12 #include "chrome/browser/browser_process.h" |
| 13 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" | 13 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" |
| 14 #include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h" | 14 #include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h" |
| 15 #include "chrome/browser/chromeos/settings/install_attributes.h" | |
| 15 #include "chromeos/chromeos_switches.h" | 16 #include "chromeos/chromeos_switches.h" |
| 17 #include "chromeos/dbus/dbus_thread_manager.h" | |
| 16 #include "chromeos/system/statistics_provider.h" | 18 #include "chromeos/system/statistics_provider.h" |
| 17 #include "components/policy/core/common/cloud/device_management_service.h" | 19 #include "components/policy/core/common/cloud/device_management_service.h" |
| 18 #include "net/url_request/url_request_context_getter.h" | 20 #include "net/url_request/url_request_context_getter.h" |
| 19 | 21 |
| 20 namespace chromeos { | 22 namespace chromeos { |
| 21 | 23 |
| 22 namespace { | 24 namespace { |
| 23 | 25 |
| 24 // Maximum time to wait before forcing a decision. Note that download time for | 26 // Maximum time to wait before forcing a decision. Note that download time for |
| 25 // state key buckets can be non-negligible, especially on 2G connections. | 27 // state key buckets can be non-negligible, especially on 2G connections. |
| (...skipping 258 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 284 state_ = new_state; | 286 state_ = new_state; |
| 285 | 287 |
| 286 // Stop the safeguard timer once a result comes in. | 288 // Stop the safeguard timer once a result comes in. |
| 287 switch (state_) { | 289 switch (state_) { |
| 288 case policy::AUTO_ENROLLMENT_STATE_IDLE: | 290 case policy::AUTO_ENROLLMENT_STATE_IDLE: |
| 289 case policy::AUTO_ENROLLMENT_STATE_PENDING: | 291 case policy::AUTO_ENROLLMENT_STATE_PENDING: |
| 290 break; | 292 break; |
| 291 case policy::AUTO_ENROLLMENT_STATE_CONNECTION_ERROR: | 293 case policy::AUTO_ENROLLMENT_STATE_CONNECTION_ERROR: |
| 292 case policy::AUTO_ENROLLMENT_STATE_SERVER_ERROR: | 294 case policy::AUTO_ENROLLMENT_STATE_SERVER_ERROR: |
| 293 case policy::AUTO_ENROLLMENT_STATE_TRIGGER_ENROLLMENT: | 295 case policy::AUTO_ENROLLMENT_STATE_TRIGGER_ENROLLMENT: |
| 294 case policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT: | |
| 295 safeguard_timer_.Stop(); | 296 safeguard_timer_.Stop(); |
| 296 break; | 297 break; |
| 298 case policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT: | |
| 299 RemoveFwmp(); | |
|
Andrew T Wilson (Slow)
2017/03/07 11:16:30
Document that RemoveFwmp() will handle calling the
igorcov
2017/03/09 12:22:56
It would possibly request to remove FWMP twice, wh
| |
| 300 return; | |
| 297 } | 301 } |
| 298 | 302 |
| 299 progress_callbacks_.Notify(state_); | 303 progress_callbacks_.Notify(state_); |
| 300 } | 304 } |
| 301 | 305 |
| 306 void AutoEnrollmentController::RemoveFwmp() { | |
| 307 DCHECK(state_ == policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); | |
|
Daniel Erat
2017/03/06 21:18:25
use DCHECK_EQ so the actual value is logged on fai
Andrew T Wilson (Slow)
2017/03/07 11:16:30
DCHECK_EQ
igorcov
2017/03/09 12:22:56
Done.
| |
| 308 | |
| 309 std::unique_ptr<chromeos::InstallAttributes> install_attributes = | |
|
Daniel Erat
2017/03/06 21:18:25
nit: auto (since the type is obvious from the Make
| |
| 310 base::MakeUnique<chromeos::InstallAttributes>( | |
|
Andrew T Wilson (Slow)
2017/03/07 11:16:30
This is something Thiemo should look at - I don't
igorcov
2017/03/09 12:22:56
I've changed this to use directly the CryptohomeCl
| |
| 311 chromeos::DBusThreadManager::Get()->GetCryptohomeClient()); | |
| 312 install_attributes->RemoveFwmpInTpm( | |
| 313 base::Bind(&AutoEnrollmentController::OnFwmpRemoved, | |
| 314 client_start_weak_factory_.GetWeakPtr())); | |
|
Andrew T Wilson (Slow)
2017/03/07 11:16:30
Why do we only call progress callbacks and stop th
igorcov
2017/03/09 12:22:56
Included in the comments of RemoveFirmwareManageme
| |
| 315 } | |
| 316 | |
| 317 void AutoEnrollmentController::OnFwmpRemoved( | |
| 318 chromeos::DBusMethodCallStatus call_status, | |
| 319 bool result, | |
| 320 const cryptohome::BaseReply& reply) { | |
| 321 if (!result) | |
| 322 LOG(ERROR) << "Failed to remove firmware management parameters"; | |
|
Andrew T Wilson (Slow)
2017/03/07 11:16:30
Any other info we can log here (does it return a m
igorcov
2017/03/09 12:22:56
Added the reply error. We can't use much from call
| |
| 323 safeguard_timer_.Stop(); | |
| 324 progress_callbacks_.Notify(state_); | |
| 325 } | |
| 326 | |
| 302 void AutoEnrollmentController::Timeout() { | 327 void AutoEnrollmentController::Timeout() { |
| 303 // TODO(mnissler): Add UMA to track results of auto-enrollment checks. | 328 // TODO(mnissler): Add UMA to track results of auto-enrollment checks. |
| 304 if (client_start_weak_factory_.HasWeakPtrs() && | 329 if (client_start_weak_factory_.HasWeakPtrs() && |
| 305 fre_requirement_ != EXPLICITLY_REQUIRED) { | 330 fre_requirement_ != EXPLICITLY_REQUIRED) { |
| 306 // If the callbacks to check ownership status or state keys are still | 331 // If the callbacks to check ownership status or state keys are still |
| 307 // pending, there's a bug in the code running on the device. No use in | 332 // pending, there's a bug in the code running on the device. No use in |
| 308 // retrying anything, need to fix that bug. | 333 // retrying anything, need to fix that bug. |
| 309 LOG(ERROR) << "Failed to start auto-enrollment check, fix the code!"; | 334 LOG(ERROR) << "Failed to start auto-enrollment check, fix the code!"; |
| 310 UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); | 335 UpdateState(policy::AUTO_ENROLLMENT_STATE_NO_ENROLLMENT); |
| 311 } else { | 336 } else { |
| 312 // This can actually happen in some cases, for example when state key | 337 // This can actually happen in some cases, for example when state key |
| 313 // generation is waiting for time sync or the server just doesn't reply and | 338 // generation is waiting for time sync or the server just doesn't reply and |
| 314 // keeps the connection open. | 339 // keeps the connection open. |
| 315 LOG(ERROR) << "AutoEnrollmentClient didn't complete within time limit."; | 340 LOG(ERROR) << "AutoEnrollmentClient didn't complete within time limit."; |
| 316 UpdateState(policy::AUTO_ENROLLMENT_STATE_CONNECTION_ERROR); | 341 UpdateState(policy::AUTO_ENROLLMENT_STATE_CONNECTION_ERROR); |
| 317 } | 342 } |
| 318 | 343 |
| 319 // Reset state. | 344 // Reset state. |
| 320 Cancel(); | 345 Cancel(); |
| 321 } | 346 } |
| 322 | 347 |
| 323 } // namespace chromeos | 348 } // namespace chromeos |
| OLD | NEW |