OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/bind_helpers.h" | 11 #include "base/bind_helpers.h" |
12 #include "base/callback.h" | 12 #include "base/callback.h" |
13 #include "base/files/file_util.h" | 13 #include "base/files/file_util.h" |
14 #include "base/location.h" | 14 #include "base/location.h" |
15 #include "base/logging.h" | 15 #include "base/logging.h" |
16 #include "base/macros.h" | 16 #include "base/macros.h" |
17 #include "base/metrics/histogram_macros.h" | 17 #include "base/metrics/histogram_macros.h" |
18 #include "base/sequenced_task_runner.h" | 18 #include "base/sequenced_task_runner.h" |
19 #include "base/stl_util.h" | 19 #include "base/stl_util.h" |
20 #include "base/strings/stringprintf.h" | 20 #include "base/strings/stringprintf.h" |
21 #include "chrome/browser/chromeos/policy/user_policy_token_loader.h" | 21 #include "chrome/browser/chromeos/policy/user_policy_token_loader.h" |
22 #include "chrome/browser/lifetime/application_lifetime.h" | |
22 #include "chromeos/cryptohome/cryptohome_parameters.h" | 23 #include "chromeos/cryptohome/cryptohome_parameters.h" |
23 #include "chromeos/dbus/cryptohome_client.h" | 24 #include "chromeos/dbus/cryptohome_client.h" |
24 #include "chromeos/dbus/session_manager_client.h" | |
25 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 25 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
26 #include "components/policy/proto/cloud_policy.pb.h" | 26 #include "components/policy/proto/cloud_policy.pb.h" |
27 #include "components/policy/proto/device_management_local.pb.h" | 27 #include "components/policy/proto/device_management_local.pb.h" |
28 #include "google_apis/gaia/gaia_auth_util.h" | 28 #include "google_apis/gaia/gaia_auth_util.h" |
29 | 29 |
30 namespace em = enterprise_management; | 30 namespace em = enterprise_management; |
31 | 31 |
32 namespace policy { | 32 namespace policy { |
33 | 33 |
34 namespace { | 34 namespace { |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
102 | 102 |
103 void UserCloudPolicyStoreChromeOS::LoadImmediately() { | 103 void UserCloudPolicyStoreChromeOS::LoadImmediately() { |
104 // This blocking D-Bus call is in the startup path and will block the UI | 104 // This blocking D-Bus call is in the startup path and will block the UI |
105 // thread. This only happens when the Profile is created synchronously, which | 105 // thread. This only happens when the Profile is created synchronously, which |
106 // on Chrome OS happens whenever the browser is restarted into the same | 106 // on Chrome OS happens whenever the browser is restarted into the same |
107 // session. That happens when the browser crashes, or right after signin if | 107 // session. That happens when the browser crashes, or right after signin if |
108 // the user has flags configured in about:flags. | 108 // the user has flags configured in about:flags. |
109 // However, on those paths we must load policy synchronously so that the | 109 // However, on those paths we must load policy synchronously so that the |
110 // Profile initialization never sees unmanaged prefs, which would lead to | 110 // Profile initialization never sees unmanaged prefs, which would lead to |
111 // data loss. http://crbug.com/263061 | 111 // data loss. http://crbug.com/263061 |
112 std::string policy_blob = | 112 std::string policy_blob; |
113 chromeos::SessionManagerClient::RetrievePolicyResponseType response_type = | |
113 session_manager_client_->BlockingRetrievePolicyForUser( | 114 session_manager_client_->BlockingRetrievePolicyForUser( |
114 cryptohome::Identification(account_id_)); | 115 cryptohome::Identification(account_id_), &policy_blob); |
115 if (policy_blob.empty()) { | 116 |
117 if (response_type == chromeos::SessionManagerClient:: | |
118 RetrievePolicyResponseType::SESSION_DOES_NOT_EXIST) { | |
Daniel Erat
2017/04/20 21:06:38
if this is unexpected, can you at least do somethi
igorcov
2017/04/21 11:36:21
Done.
| |
119 chrome::AttemptUserExit(); | |
120 return; | |
121 } | |
122 | |
123 if (response_type == | |
124 chromeos::SessionManagerClient::RetrievePolicyResponseType::SUCCESS && | |
125 policy_blob.empty()) { | |
116 // The session manager doesn't have policy, or the call failed. | 126 // The session manager doesn't have policy, or the call failed. |
emaxx
2017/04/21 00:01:52
nit: Looks like the "or the call failed" part is n
igorcov
2017/04/21 11:36:21
Done.
| |
117 NotifyStoreLoaded(); | 127 NotifyStoreLoaded(); |
118 return; | 128 return; |
119 } | 129 } |
120 | 130 |
121 std::unique_ptr<em::PolicyFetchResponse> policy( | 131 std::unique_ptr<em::PolicyFetchResponse> policy( |
122 new em::PolicyFetchResponse()); | 132 new em::PolicyFetchResponse()); |
123 if (!policy->ParseFromString(policy_blob)) { | 133 if (response_type != |
134 chromeos::SessionManagerClient::RetrievePolicyResponseType::SUCCESS || | |
135 !policy->ParseFromString(policy_blob)) { | |
124 status_ = STATUS_PARSE_ERROR; | 136 status_ = STATUS_PARSE_ERROR; |
emaxx
2017/04/21 00:01:52
The STATUS_PARSE_ERROR error is probably not the b
igorcov
2017/04/21 11:36:21
Done.
| |
125 NotifyStoreError(); | 137 NotifyStoreError(); |
126 return; | 138 return; |
127 } | 139 } |
128 | 140 |
129 std::string sanitized_username = | 141 std::string sanitized_username = |
130 cryptohome_client_->BlockingGetSanitizedUsername( | 142 cryptohome_client_->BlockingGetSanitizedUsername( |
131 cryptohome::Identification(account_id_)); | 143 cryptohome::Identification(account_id_)); |
132 if (sanitized_username.empty()) { | 144 if (sanitized_username.empty()) { |
133 status_ = STATUS_LOAD_ERROR; | 145 status_ = STATUS_LOAD_ERROR; |
134 NotifyStoreError(); | 146 NotifyStoreError(); |
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
207 } else { | 219 } else { |
208 // Load the policy right after storing it, to make sure it was accepted by | 220 // Load the policy right after storing it, to make sure it was accepted by |
209 // the session manager. An additional validation is performed after the | 221 // the session manager. An additional validation is performed after the |
210 // load; reload the key for that validation too, in case it was rotated. | 222 // load; reload the key for that validation too, in case it was rotated. |
211 ReloadPolicyKey(base::Bind(&UserCloudPolicyStoreChromeOS::Load, | 223 ReloadPolicyKey(base::Bind(&UserCloudPolicyStoreChromeOS::Load, |
212 weak_factory_.GetWeakPtr())); | 224 weak_factory_.GetWeakPtr())); |
213 } | 225 } |
214 } | 226 } |
215 | 227 |
216 void UserCloudPolicyStoreChromeOS::OnPolicyRetrieved( | 228 void UserCloudPolicyStoreChromeOS::OnPolicyRetrieved( |
217 const std::string& policy_blob) { | 229 const std::string& policy_blob, |
218 if (policy_blob.empty()) { | 230 chromeos::SessionManagerClient::RetrievePolicyResponseType response_type) { |
231 // Disallow the sign in when the Chrome OS user session has not started, which | |
232 // should always happen before the profile construction. An attempt to read | |
233 // the policy outside the session will always fail and return an empty policy | |
234 // blob. | |
235 if (response_type == chromeos::SessionManagerClient:: | |
236 RetrievePolicyResponseType::SESSION_DOES_NOT_EXIST) { | |
Daniel Erat
2017/04/20 21:06:38
same comment here about logging an error
igorcov
2017/04/21 11:36:21
Done.
| |
237 chrome::AttemptUserExit(); | |
238 return; | |
239 } | |
240 | |
241 if (policy_blob.empty() && | |
242 response_type == | |
243 chromeos::SessionManagerClient::RetrievePolicyResponseType::SUCCESS) { | |
219 // session_manager doesn't have policy. Adjust internal state and notify | 244 // session_manager doesn't have policy. Adjust internal state and notify |
220 // the world about the policy update. | 245 // the world about the policy update. |
221 policy_map_.Clear(); | 246 policy_map_.Clear(); |
222 policy_.reset(); | 247 policy_.reset(); |
223 policy_signature_public_key_.clear(); | 248 policy_signature_public_key_.clear(); |
224 NotifyStoreLoaded(); | 249 NotifyStoreLoaded(); |
225 return; | 250 return; |
226 } | 251 } |
227 | 252 |
228 std::unique_ptr<em::PolicyFetchResponse> policy( | 253 std::unique_ptr<em::PolicyFetchResponse> policy( |
229 new em::PolicyFetchResponse()); | 254 new em::PolicyFetchResponse()); |
230 if (!policy->ParseFromString(policy_blob)) { | 255 if (response_type != |
256 chromeos::SessionManagerClient::RetrievePolicyResponseType::SUCCESS || | |
257 !policy->ParseFromString(policy_blob)) { | |
231 status_ = STATUS_PARSE_ERROR; | 258 status_ = STATUS_PARSE_ERROR; |
232 NotifyStoreError(); | 259 NotifyStoreError(); |
233 return; | 260 return; |
234 } | 261 } |
235 | 262 |
236 // Load |cached_policy_key_| to verify the loaded policy. | 263 // Load |cached_policy_key_| to verify the loaded policy. |
237 if (is_active_directory_) { | 264 if (is_active_directory_) { |
238 ValidateRetrievedPolicy(std::move(policy)); | 265 ValidateRetrievedPolicy(std::move(policy)); |
239 } else { | 266 } else { |
240 EnsurePolicyKeyLoaded( | 267 EnsurePolicyKeyLoaded( |
(...skipping 134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
375 validator->ValidateUsername(account_id_.GetUserEmail(), true); | 402 validator->ValidateUsername(account_id_.GetUserEmail(), true); |
376 // The policy loaded from session manager need not be validated using the | 403 // The policy loaded from session manager need not be validated using the |
377 // verification key since it is secure, and since there may be legacy policy | 404 // verification key since it is secure, and since there may be legacy policy |
378 // data that was stored without a verification key. | 405 // data that was stored without a verification key. |
379 validator->ValidateSignature(cached_policy_key_); | 406 validator->ValidateSignature(cached_policy_key_); |
380 } | 407 } |
381 return validator; | 408 return validator; |
382 } | 409 } |
383 | 410 |
384 } // namespace policy | 411 } // namespace policy |
OLD | NEW |