| OLD | NEW |
|---|
| 1 # Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 # Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 # Use of this source code is governed by a BSD-style license that can be | 2 # Use of this source code is governed by a BSD-style license that can be |
| 3 # found in the LICENSE file. | 3 # found in the LICENSE file. |
| 4 | 4 |
| 5 """A bare-bones test server for testing cloud policy support. | 5 """A bare-bones test server for testing cloud policy support. |
| 6 | 6 |
| 7 This implements a simple cloud policy test server that can be used to test | 7 This implements a simple cloud policy test server that can be used to test |
| 8 chrome's device management service client. The policy information is read from | 8 chrome's device management service client. The policy information is read from |
| 9 the file named device_management in the server's data directory. It contains | 9 the file named device_management in the server's data directory. It contains |
| 10 enforced and recommended policies for the device and user scope, and a list | 10 enforced and recommended policies for the device and user scope, and a list |
| (...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 89 | 89 |
| 90 # Device policy is only available on Chrome OS builds. | 90 # Device policy is only available on Chrome OS builds. |
| 91 try: | 91 try: |
| 92 import chrome_device_policy_pb2 as dp | 92 import chrome_device_policy_pb2 as dp |
| 93 except ImportError: | 93 except ImportError: |
| 94 dp = None | 94 dp = None |
| 95 | 95 |
| 96 # ASN.1 object identifier for PKCS#1/RSA. | 96 # ASN.1 object identifier for PKCS#1/RSA. |
| 97 PKCS1_RSA_OID = '\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01' | 97 PKCS1_RSA_OID = '\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01' |
| 98 | 98 |
| 99 # List of bad machine identifiers that trigger the |valid_serial_number_missing| | |
| 100 # flag to be set set in the policy fetch response. | |
| 101 BAD_MACHINE_IDS = [ '123490EN400015' ] | |
| 102 | |
| 103 # List of machines that trigger the server to send kiosk enrollment response | 99 # List of machines that trigger the server to send kiosk enrollment response |
| 104 # for the register request. | 100 # for the register request. |
| 105 KIOSK_MACHINE_IDS = [ 'KIOSK' ] | 101 KIOSK_MACHINE_IDS = [ 'KIOSK' ] |
| 106 | 102 |
| 107 # Dictionary containing base64-encoded policy signing keys plus per-domain | 103 # Dictionary containing base64-encoded policy signing keys plus per-domain |
| 108 # signatures. Format is: | 104 # signatures. Format is: |
| 109 # { | 105 # { |
| 110 # 'key': <base64-encoded PKCS8-format private key>, | 106 # 'key': <base64-encoded PKCS8-format private key>, |
| 111 # 'signatures': { | 107 # 'signatures': { |
| 112 # <domain1>: <base64-encdoded SHA256 signature for key + domain1> | 108 # <domain1>: <base64-encdoded SHA256 signature for key + domain1> |
| (...skipping 785 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 898 signing_key = self.server.GetKeyByVersion(signing_key_version) | 894 signing_key = self.server.GetKeyByVersion(signing_key_version) |
| 899 assert signing_key is not None | 895 assert signing_key is not None |
| 900 | 896 |
| 901 # Fill the policy data protobuf. | 897 # Fill the policy data protobuf. |
| 902 policy_data = dm.PolicyData() | 898 policy_data = dm.PolicyData() |
| 903 policy_data.policy_type = msg.policy_type | 899 policy_data.policy_type = msg.policy_type |
| 904 policy_data.timestamp = int(time.time() * 1000) | 900 policy_data.timestamp = int(time.time() * 1000) |
| 905 policy_data.request_token = token_info['device_token'] | 901 policy_data.request_token = token_info['device_token'] |
| 906 policy_data.policy_value = payload | 902 policy_data.policy_value = payload |
| 907 policy_data.machine_name = token_info['machine_name'] | 903 policy_data.machine_name = token_info['machine_name'] |
| 908 policy_data.valid_serial_number_missing = ( | |
| 909 token_info['machine_id'] in BAD_MACHINE_IDS) | |
| 910 policy_data.settings_entity_id = msg.settings_entity_id | 904 policy_data.settings_entity_id = msg.settings_entity_id |
| 911 policy_data.service_account_identity = policy.get( | 905 policy_data.service_account_identity = policy.get( |
| 912 'service_account_identity', | 906 'service_account_identity', |
| 913 'policy_testserver.py-service_account_identity') | 907 'policy_testserver.py-service_account_identity') |
| 914 invalidation_source = policy.get('invalidation_source') | 908 invalidation_source = policy.get('invalidation_source') |
| 915 if invalidation_source is not None: | 909 if invalidation_source is not None: |
| 916 policy_data.invalidation_source = invalidation_source | 910 policy_data.invalidation_source = invalidation_source |
| 917 # Since invalidation_name is type bytes in the proto, the Unicode name | 911 # Since invalidation_name is type bytes in the proto, the Unicode name |
| 918 # provided needs to be encoded as ASCII to set the correct byte pattern. | 912 # provided needs to be encoded as ASCII to set the correct byte pattern. |
| 919 invalidation_name = policy.get('invalidation_name') | 913 invalidation_name = policy.get('invalidation_name') |
| (...skipping 567 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1487 if (self.options.log_to_console): | 1481 if (self.options.log_to_console): |
| 1488 logger.addHandler(logging.StreamHandler()) | 1482 logger.addHandler(logging.StreamHandler()) |
| 1489 if (self.options.log_file): | 1483 if (self.options.log_file): |
| 1490 logger.addHandler(logging.FileHandler(self.options.log_file)) | 1484 logger.addHandler(logging.FileHandler(self.options.log_file)) |
| 1491 | 1485 |
| 1492 testserver_base.TestServerRunner.run_server(self) | 1486 testserver_base.TestServerRunner.run_server(self) |
| 1493 | 1487 |
| 1494 | 1488 |
| 1495 if __name__ == '__main__': | 1489 if __name__ == '__main__': |
| 1496 sys.exit(PolicyServerRunner().main()) | 1490 sys.exit(PolicyServerRunner().main()) |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2728463004:
Remove enterprise serial number recovery feature (Closed)
