OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
11 #include "base/bind_helpers.h" | 11 #include "base/bind_helpers.h" |
12 #include "base/callback.h" | 12 #include "base/callback.h" |
13 #include "base/files/file_util.h" | 13 #include "base/files/file_util.h" |
14 #include "base/location.h" | 14 #include "base/location.h" |
15 #include "base/logging.h" | 15 #include "base/logging.h" |
16 #include "base/macros.h" | 16 #include "base/macros.h" |
17 #include "base/memory/ptr_util.h" | 17 #include "base/memory/ptr_util.h" |
18 #include "base/metrics/histogram_macros.h" | 18 #include "base/metrics/histogram_macros.h" |
19 #include "base/sequenced_task_runner.h" | 19 #include "base/sequenced_task_runner.h" |
20 #include "base/stl_util.h" | 20 #include "base/stl_util.h" |
21 #include "base/strings/stringprintf.h" | 21 #include "base/strings/stringprintf.h" |
| 22 #include "chrome/browser/lifetime/application_lifetime.h" |
22 #include "chromeos/cryptohome/cryptohome_parameters.h" | 23 #include "chromeos/cryptohome/cryptohome_parameters.h" |
23 #include "chromeos/dbus/cryptohome_client.h" | 24 #include "chromeos/dbus/cryptohome_client.h" |
24 #include "chromeos/dbus/session_manager_client.h" | |
25 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 25 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
26 #include "components/policy/proto/cloud_policy.pb.h" | 26 #include "components/policy/proto/cloud_policy.pb.h" |
27 #include "google_apis/gaia/gaia_auth_util.h" | 27 #include "google_apis/gaia/gaia_auth_util.h" |
28 | 28 |
| 29 using RetrievePolicyResponseType = |
| 30 chromeos::SessionManagerClient::RetrievePolicyResponseType; |
| 31 |
29 namespace em = enterprise_management; | 32 namespace em = enterprise_management; |
30 | 33 |
31 namespace policy { | 34 namespace policy { |
32 | 35 |
33 namespace { | 36 namespace { |
34 | 37 |
35 // Path within |user_policy_key_dir_| that contains the policy key. | 38 // Path within |user_policy_key_dir_| that contains the policy key. |
36 // "%s" must be substituted with the sanitized username. | 39 // "%s" must be substituted with the sanitized username. |
37 const base::FilePath::CharType kPolicyKeyFile[] = | 40 const base::FilePath::CharType kPolicyKeyFile[] = |
38 FILE_PATH_LITERAL("%s/policy.pub"); | 41 FILE_PATH_LITERAL("%s/policy.pub"); |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
101 | 104 |
102 void UserCloudPolicyStoreChromeOS::LoadImmediately() { | 105 void UserCloudPolicyStoreChromeOS::LoadImmediately() { |
103 // This blocking D-Bus call is in the startup path and will block the UI | 106 // This blocking D-Bus call is in the startup path and will block the UI |
104 // thread. This only happens when the Profile is created synchronously, which | 107 // thread. This only happens when the Profile is created synchronously, which |
105 // on Chrome OS happens whenever the browser is restarted into the same | 108 // on Chrome OS happens whenever the browser is restarted into the same |
106 // session. That happens when the browser crashes, or right after signin if | 109 // session. That happens when the browser crashes, or right after signin if |
107 // the user has flags configured in about:flags. | 110 // the user has flags configured in about:flags. |
108 // However, on those paths we must load policy synchronously so that the | 111 // However, on those paths we must load policy synchronously so that the |
109 // Profile initialization never sees unmanaged prefs, which would lead to | 112 // Profile initialization never sees unmanaged prefs, which would lead to |
110 // data loss. http://crbug.com/263061 | 113 // data loss. http://crbug.com/263061 |
111 std::string policy_blob = | 114 std::string policy_blob; |
| 115 RetrievePolicyResponseType response_type = |
112 session_manager_client_->BlockingRetrievePolicyForUser( | 116 session_manager_client_->BlockingRetrievePolicyForUser( |
113 cryptohome::Identification(account_id_)); | 117 cryptohome::Identification(account_id_), &policy_blob); |
| 118 |
| 119 if (response_type == RetrievePolicyResponseType::SESSION_DOES_NOT_EXIST) { |
| 120 LOG(ERROR) |
| 121 << "Session manager claims that session doesn't exist; signing out"; |
| 122 chrome::AttemptUserExit(); |
| 123 return; |
| 124 } |
| 125 |
114 if (policy_blob.empty()) { | 126 if (policy_blob.empty()) { |
115 // The session manager doesn't have policy, or the call failed. | 127 // The session manager doesn't have policy, or the call failed. |
116 NotifyStoreLoaded(); | 128 NotifyStoreLoaded(); |
117 return; | 129 return; |
118 } | 130 } |
119 | 131 |
120 std::unique_ptr<em::PolicyFetchResponse> policy( | 132 std::unique_ptr<em::PolicyFetchResponse> policy( |
121 new em::PolicyFetchResponse()); | 133 new em::PolicyFetchResponse()); |
122 if (!policy->ParseFromString(policy_blob)) { | 134 if (!policy->ParseFromString(policy_blob)) { |
123 status_ = STATUS_PARSE_ERROR; | 135 status_ = STATUS_PARSE_ERROR; |
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
206 } else { | 218 } else { |
207 // Load the policy right after storing it, to make sure it was accepted by | 219 // Load the policy right after storing it, to make sure it was accepted by |
208 // the session manager. An additional validation is performed after the | 220 // the session manager. An additional validation is performed after the |
209 // load; reload the key for that validation too, in case it was rotated. | 221 // load; reload the key for that validation too, in case it was rotated. |
210 ReloadPolicyKey(base::Bind(&UserCloudPolicyStoreChromeOS::Load, | 222 ReloadPolicyKey(base::Bind(&UserCloudPolicyStoreChromeOS::Load, |
211 weak_factory_.GetWeakPtr())); | 223 weak_factory_.GetWeakPtr())); |
212 } | 224 } |
213 } | 225 } |
214 | 226 |
215 void UserCloudPolicyStoreChromeOS::OnPolicyRetrieved( | 227 void UserCloudPolicyStoreChromeOS::OnPolicyRetrieved( |
216 const std::string& policy_blob) { | 228 const std::string& policy_blob, |
| 229 RetrievePolicyResponseType response_type) { |
| 230 // Disallow the sign in when the Chrome OS user session has not started, which |
| 231 // should always happen before the profile construction. An attempt to read |
| 232 // the policy outside the session will always fail and return an empty policy |
| 233 // blob. |
| 234 if (response_type == RetrievePolicyResponseType::SESSION_DOES_NOT_EXIST) { |
| 235 LOG(ERROR) |
| 236 << "Session manager claims that session doesn't exist; signing out"; |
| 237 chrome::AttemptUserExit(); |
| 238 return; |
| 239 } |
| 240 |
217 if (policy_blob.empty()) { | 241 if (policy_blob.empty()) { |
218 // session_manager doesn't have policy. Adjust internal state and notify | 242 // session_manager doesn't have policy. Adjust internal state and notify |
219 // the world about the policy update. | 243 // the world about the policy update. |
220 policy_map_.Clear(); | 244 policy_map_.Clear(); |
221 policy_.reset(); | 245 policy_.reset(); |
222 policy_signature_public_key_.clear(); | 246 policy_signature_public_key_.clear(); |
223 NotifyStoreLoaded(); | 247 NotifyStoreLoaded(); |
224 return; | 248 return; |
225 } | 249 } |
226 | 250 |
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
369 validator->ValidateUsername(account_id_.GetUserEmail(), true); | 393 validator->ValidateUsername(account_id_.GetUserEmail(), true); |
370 // The policy loaded from session manager need not be validated using the | 394 // The policy loaded from session manager need not be validated using the |
371 // verification key since it is secure, and since there may be legacy policy | 395 // verification key since it is secure, and since there may be legacy policy |
372 // data that was stored without a verification key. | 396 // data that was stored without a verification key. |
373 validator->ValidateSignature(cached_policy_key_); | 397 validator->ValidateSignature(cached_policy_key_); |
374 } | 398 } |
375 return validator; | 399 return validator; |
376 } | 400 } |
377 | 401 |
378 } // namespace policy | 402 } // namespace policy |
OLD | NEW |