| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/login/auth/cryptohome_authenticator.h" | 5 #include "chromeos/login/auth/cryptohome_authenticator.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 640 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 651 if (consumer_) | 651 if (consumer_) |
| 652 consumer_->OnOffTheRecordAuthSuccess(); | 652 consumer_->OnOffTheRecordAuthSuccess(); |
| 653 } | 653 } |
| 654 | 654 |
| 655 void CryptohomeAuthenticator::OnPasswordChangeDetected() { | 655 void CryptohomeAuthenticator::OnPasswordChangeDetected() { |
| 656 DCHECK(task_runner_->RunsTasksOnCurrentThread()); | 656 DCHECK(task_runner_->RunsTasksOnCurrentThread()); |
| 657 if (consumer_) | 657 if (consumer_) |
| 658 consumer_->OnPasswordChangeDetected(); | 658 consumer_->OnPasswordChangeDetected(); |
| 659 } | 659 } |
| 660 | 660 |
| 661 void CryptohomeAuthenticator::OnOldEncryptionDetected() { |
| 662 DCHECK(task_runner_->RunsTasksOnCurrentThread()); |
| 663 if (consumer_) |
| 664 consumer_->OnOldEncryptionDetected(); |
| 665 } |
| 666 |
| 661 void CryptohomeAuthenticator::OnAuthFailure(const AuthFailure& error) { | 667 void CryptohomeAuthenticator::OnAuthFailure(const AuthFailure& error) { |
| 662 DCHECK(task_runner_->RunsTasksOnCurrentThread()); | 668 DCHECK(task_runner_->RunsTasksOnCurrentThread()); |
| 663 | 669 |
| 664 // OnAuthFailure will be called again with the same |error| | 670 // OnAuthFailure will be called again with the same |error| |
| 665 // after the cryptohome has been removed. | 671 // after the cryptohome has been removed. |
| 666 if (remove_user_data_on_failure_) { | 672 if (remove_user_data_on_failure_) { |
| 667 delayed_login_failure_ = &error; | 673 delayed_login_failure_ = &error; |
| 668 RemoveEncryptedData(); | 674 RemoveEncryptedData(); |
| 669 return; | 675 return; |
| 670 } | 676 } |
| (...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 849 // Maybe we should reboot immediately here? | 855 // Maybe we should reboot immediately here? |
| 850 LOGIN_LOG(ERROR) << "Couldn't unmount users home!"; | 856 LOGIN_LOG(ERROR) << "Couldn't unmount users home!"; |
| 851 } | 857 } |
| 852 task_runner_->PostTask( | 858 task_runner_->PostTask( |
| 853 FROM_HERE, | 859 FROM_HERE, |
| 854 base::Bind(&CryptohomeAuthenticator::OnAuthFailure, | 860 base::Bind(&CryptohomeAuthenticator::OnAuthFailure, |
| 855 this, | 861 this, |
| 856 AuthFailure(AuthFailure::OWNER_REQUIRED))); | 862 AuthFailure(AuthFailure::OWNER_REQUIRED))); |
| 857 break; | 863 break; |
| 858 } | 864 } |
| 865 case FAILED_OLD_ENCRYPTION: |
| 866 // In this case, we tried to create/mount cryptohome and failed |
| 867 // because the file system is encrypted in old format. |
| 868 // Chrome will show a screen which asks user to migrate the encryption. |
| 869 task_runner_->PostTask( |
| 870 FROM_HERE, |
| 871 base::Bind(&CryptohomeAuthenticator::OnOldEncryptionDetected, this)); |
| 872 break; |
| 859 default: | 873 default: |
| 860 NOTREACHED(); | 874 NOTREACHED(); |
| 861 break; | 875 break; |
| 862 } | 876 } |
| 863 } | 877 } |
| 864 | 878 |
| 865 CryptohomeAuthenticator::~CryptohomeAuthenticator() { | 879 CryptohomeAuthenticator::~CryptohomeAuthenticator() { |
| 866 } | 880 } |
| 867 | 881 |
| 868 CryptohomeAuthenticator::AuthState CryptohomeAuthenticator::ResolveState() { | 882 CryptohomeAuthenticator::AuthState CryptohomeAuthenticator::ResolveState() { |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 921 return NEED_OLD_PW; | 935 return NEED_OLD_PW; |
| 922 if (check_key_attempted_) | 936 if (check_key_attempted_) |
| 923 return LOGIN_FAILED; | 937 return LOGIN_FAILED; |
| 924 | 938 |
| 925 if (current_state_->cryptohome_code() == | 939 if (current_state_->cryptohome_code() == |
| 926 cryptohome::MOUNT_ERROR_TPM_NEEDS_REBOOT) { | 940 cryptohome::MOUNT_ERROR_TPM_NEEDS_REBOOT) { |
| 927 // Critical TPM error detected, reboot needed. | 941 // Critical TPM error detected, reboot needed. |
| 928 return FAILED_TPM; | 942 return FAILED_TPM; |
| 929 } | 943 } |
| 930 | 944 |
| 945 if (current_state_->cryptohome_code() == |
| 946 cryptohome::MOUNT_ERROR_OLD_ENCRYPTION) { |
| 947 return FAILED_OLD_ENCRYPTION; |
| 948 } |
| 949 |
| 931 // Return intermediate states in the following case: | 950 // Return intermediate states in the following case: |
| 932 // when there is an online result to use; | 951 // when there is an online result to use; |
| 933 // This is the case after user finishes Gaia login; | 952 // This is the case after user finishes Gaia login; |
| 934 if (current_state_->online_complete()) { | 953 if (current_state_->online_complete()) { |
| 935 if (current_state_->cryptohome_code() == | 954 if (current_state_->cryptohome_code() == |
| 936 cryptohome::MOUNT_ERROR_KEY_FAILURE) { | 955 cryptohome::MOUNT_ERROR_KEY_FAILURE) { |
| 937 // If we tried a mount but they used the wrong key, we may need to | 956 // If we tried a mount but they used the wrong key, we may need to |
| 938 // ask the user for their old password. We'll only know once we've | 957 // ask the user for their old password. We'll only know once we've |
| 939 // done the online check. | 958 // done the online check. |
| 940 return POSSIBLE_PW_CHANGE; | 959 return POSSIBLE_PW_CHANGE; |
| (...skipping 63 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1004 Resolve(); | 1023 Resolve(); |
| 1005 } | 1024 } |
| 1006 | 1025 |
| 1007 void CryptohomeAuthenticator::SetOwnerState(bool owner_check_finished, | 1026 void CryptohomeAuthenticator::SetOwnerState(bool owner_check_finished, |
| 1008 bool check_result) { | 1027 bool check_result) { |
| 1009 owner_is_verified_ = owner_check_finished; | 1028 owner_is_verified_ = owner_check_finished; |
| 1010 user_can_login_ = check_result; | 1029 user_can_login_ = check_result; |
| 1011 } | 1030 } |
| 1012 | 1031 |
| 1013 } // namespace chromeos | 1032 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2779933002:
Add a screen to migrate filesystem encryption from eCryptfs to ext4 crypto. (Closed)
