Chromium Code Reviews Chromium Code Reviews
Issue 2767253006:
Set HexSSID in network config before matching it against policies (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/network/managed_network_configuration_handler_impl.h" | 5 #include "chromeos/network/managed_network_configuration_handler_impl.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 336 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 347 service_path, *shill_dictionary, | 347 service_path, *shill_dictionary, |
| 348 NetworkConfigurationObserver::SOURCE_USER_ACTION, callback, | 348 NetworkConfigurationObserver::SOURCE_USER_ACTION, callback, |
| 349 error_callback); | 349 error_callback); |
| 350 } | 350 } |
| 351 | 351 |
| 352 void ManagedNetworkConfigurationHandlerImpl::CreateConfiguration( | 352 void ManagedNetworkConfigurationHandlerImpl::CreateConfiguration( |
| 353 const std::string& userhash, | 353 const std::string& userhash, |
| 354 const base::DictionaryValue& properties, | 354 const base::DictionaryValue& properties, |
| 355 const network_handler::ServiceResultCallback& callback, | 355 const network_handler::ServiceResultCallback& callback, |
| 356 const network_handler::ErrorCallback& error_callback) const { | 356 const network_handler::ErrorCallback& error_callback) const { |
| 357 // Validate the ONC dictionary. We are liberal and ignore unknown field | |
| 358 // names. User settings are only partial ONC, thus we ignore missing fields. | |
| 359 onc::Validator validator(false, // Ignore unknown fields. | |
| 360 false, // Ignore invalid recommended field names. | |
| 361 false, // Ignore missing fields. | |
| 362 false); // This ONC does not come from policy. | |
| 363 | |
| 364 onc::Validator::Result validation_result; | |
| 365 std::unique_ptr<base::DictionaryValue> validated_properties = | |
| 366 validator.ValidateAndRepairObject(&onc::kNetworkConfigurationSignature, | |
| 367 properties, &validation_result); | |
| 368 | |
| 369 if (validation_result == onc::Validator::INVALID) { | |
| 370 InvokeErrorCallback("", error_callback, kInvalidUserSettings); | |
| 371 return; | |
| 372 } | |
| 373 | |
| 374 if (validation_result == onc::Validator::VALID_WITH_WARNINGS) | |
| 375 LOG(WARNING) << "Validation of ONC user settings produced warnings."; | |
| 376 | |
| 377 // Fill in HexSSID field from contents of SSID field if not set already - this | |
| 378 // is required to properly match the configuration against existing policies. | |
| 379 if (validated_properties) { | |
| 380 onc::FillInHexSSIDFieldsInOncObject(onc::kNetworkConfigurationSignature, | |
| 381 validated_properties.get()); | |
| 382 } | |
| 383 | |
| 384 // Make user the network is not configured through a user policy. | |
| 357 const Policies* policies = GetPoliciesForUser(userhash); | 385 const Policies* policies = GetPoliciesForUser(userhash); |
| 358 if (!policies) { | 386 if (!policies) { |
| 359 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); | 387 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); |
| 360 return; | 388 return; |
| 361 } | 389 } |
| 362 | 390 |
| 363 if (policy_util::FindMatchingPolicy(policies->per_network_config, | 391 if (policy_util::FindMatchingPolicy(policies->per_network_config, |
| 364 properties)) { | 392 *validated_properties)) { |
| 365 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); | 393 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); |
| 366 return; | 394 return; |
| 367 } | 395 } |
| 396 | |
| 397 // Make user the network is not configured through a device policy. | |
| 398 policies = GetPoliciesForUser(""); | |
|
tbarzic
2017/03/24 19:35:17
I'm not 100% sure this is right, but not allowing
| |
| 399 if (!policies) { | |
| 400 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); | |
| 401 return; | |
| 402 } | |
| 403 | |
| 404 if (policy_util::FindMatchingPolicy(policies->per_network_config, | |
| 405 *validated_properties)) { | |
| 406 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); | |
| 407 return; | |
| 408 } | |
| 368 | 409 |
| 369 const NetworkProfile* profile = | 410 const NetworkProfile* profile = |
| 370 network_profile_handler_->GetProfileForUserhash(userhash); | 411 network_profile_handler_->GetProfileForUserhash(userhash); |
| 371 if (!profile) { | 412 if (!profile) { |
| 372 InvokeErrorCallback("", error_callback, kProfileNotInitialized); | 413 InvokeErrorCallback("", error_callback, kProfileNotInitialized); |
| 373 return; | 414 return; |
| 374 } | 415 } |
| 375 | 416 |
| 376 // TODO(pneubeck): In case of WiFi, check that no other configuration for the | 417 // TODO(pneubeck): In case of WiFi, check that no other configuration for the |
| 377 // same {SSID, mode, security} exists. We don't support such multiple | 418 // same {SSID, mode, security} exists. We don't support such multiple |
| 378 // configurations, yet. | 419 // configurations, yet. |
| 379 | 420 |
| 380 // Generate a new GUID for this configuration. Ignore the maybe provided GUID | 421 // Generate a new GUID for this configuration. Ignore the maybe provided GUID |
| 381 // in |properties| as it is not our own and from an untrusted source. | 422 // in |properties| as it is not our own and from an untrusted source. |
| 382 std::string guid = base::GenerateGUID(); | 423 std::string guid = base::GenerateGUID(); |
| 383 std::unique_ptr<base::DictionaryValue> shill_dictionary( | 424 std::unique_ptr<base::DictionaryValue> shill_dictionary( |
| 384 policy_util::CreateShillConfiguration(*profile, guid, | 425 policy_util::CreateShillConfiguration(*profile, guid, |
| 385 NULL, // no global policy | 426 NULL, // no global policy |
| 386 NULL, // no network policy | 427 NULL, // no network policy |
| 387 &properties)); | 428 validated_properties.get())); |
| 388 | 429 |
| 389 network_configuration_handler_->CreateShillConfiguration( | 430 network_configuration_handler_->CreateShillConfiguration( |
| 390 *shill_dictionary, NetworkConfigurationObserver::SOURCE_USER_ACTION, | 431 *shill_dictionary, NetworkConfigurationObserver::SOURCE_USER_ACTION, |
| 391 callback, error_callback); | 432 callback, error_callback); |
| 392 } | 433 } |
| 393 | 434 |
| 394 void ManagedNetworkConfigurationHandlerImpl::RemoveConfiguration( | 435 void ManagedNetworkConfigurationHandlerImpl::RemoveConfiguration( |
| 395 const std::string& service_path, | 436 const std::string& service_path, |
| 396 const base::Closure& callback, | 437 const base::Closure& callback, |
| 397 const network_handler::ErrorCallback& error_callback) const { | 438 const network_handler::ErrorCallback& error_callback) const { |
| (...skipping 454 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 852 std::unique_ptr<base::DictionaryValue> network_properties, | 893 std::unique_ptr<base::DictionaryValue> network_properties, |
| 853 GetDevicePropertiesCallback send_callback, | 894 GetDevicePropertiesCallback send_callback, |
| 854 const std::string& error_name, | 895 const std::string& error_name, |
| 855 std::unique_ptr<base::DictionaryValue> error_data) { | 896 std::unique_ptr<base::DictionaryValue> error_data) { |
| 856 NET_LOG_ERROR("Error getting device properties", service_path); | 897 NET_LOG_ERROR("Error getting device properties", service_path); |
| 857 send_callback.Run(service_path, std::move(network_properties)); | 898 send_callback.Run(service_path, std::move(network_properties)); |
| 858 } | 899 } |
| 859 | 900 |
| 860 | 901 |
| 861 } // namespace chromeos | 902 } // namespace chromeos |
| OLD | NEW |
