| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| 11 #include "base/bind_helpers.h" | 11 #include "base/bind_helpers.h" |
| 12 #include "base/callback.h" | 12 #include "base/callback.h" |
| 13 #include "base/files/file_util.h" | 13 #include "base/files/file_util.h" |
| 14 #include "base/location.h" | 14 #include "base/location.h" |
| 15 #include "base/logging.h" | 15 #include "base/logging.h" |
| 16 #include "base/macros.h" | 16 #include "base/macros.h" |
| 17 #include "base/memory/ptr_util.h" |
| 17 #include "base/metrics/histogram_macros.h" | 18 #include "base/metrics/histogram_macros.h" |
| 18 #include "base/sequenced_task_runner.h" | 19 #include "base/sequenced_task_runner.h" |
| 19 #include "base/stl_util.h" | 20 #include "base/stl_util.h" |
| 20 #include "base/strings/stringprintf.h" | 21 #include "base/strings/stringprintf.h" |
| 21 #include "chrome/browser/chromeos/policy/user_policy_token_loader.h" | 22 #include "chrome/browser/chromeos/policy/user_policy_token_loader.h" |
| 22 #include "chromeos/cryptohome/cryptohome_parameters.h" | 23 #include "chromeos/cryptohome/cryptohome_parameters.h" |
| 23 #include "chromeos/dbus/cryptohome_client.h" | 24 #include "chromeos/dbus/cryptohome_client.h" |
| 24 #include "chromeos/dbus/session_manager_client.h" | 25 #include "chromeos/dbus/session_manager_client.h" |
| 25 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 26 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| 26 #include "components/policy/proto/cloud_policy.pb.h" | 27 #include "components/policy/proto/cloud_policy.pb.h" |
| (...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 154 std::unique_ptr<UserCloudPolicyValidator> validator = CreateValidator( | 155 std::unique_ptr<UserCloudPolicyValidator> validator = CreateValidator( |
| 155 std::move(policy), CloudPolicyValidatorBase::TIMESTAMP_FULLY_VALIDATED); | 156 std::move(policy), CloudPolicyValidatorBase::TIMESTAMP_FULLY_VALIDATED); |
| 156 validator->ValidateUsername(account_id_.GetUserEmail(), true); | 157 validator->ValidateUsername(account_id_.GetUserEmail(), true); |
| 157 if (cached_policy_key_.empty()) { | 158 if (cached_policy_key_.empty()) { |
| 158 validator->ValidateInitialKey(ExtractDomain(account_id_.GetUserEmail())); | 159 validator->ValidateInitialKey(ExtractDomain(account_id_.GetUserEmail())); |
| 159 } else { | 160 } else { |
| 160 validator->ValidateSignatureAllowingRotation( | 161 validator->ValidateSignatureAllowingRotation( |
| 161 cached_policy_key_, ExtractDomain(account_id_.GetUserEmail())); | 162 cached_policy_key_, ExtractDomain(account_id_.GetUserEmail())); |
| 162 } | 163 } |
| 163 | 164 |
| 164 // Start validation. The Validator will delete itself once validation is | 165 // Start validation. |
| 165 // complete. | 166 UserCloudPolicyValidator::StartValidation( |
| 166 validator.release()->StartValidation( | 167 std::move(validator), |
| 167 base::Bind(&UserCloudPolicyStoreChromeOS::OnPolicyToStoreValidated, | 168 base::Bind(&UserCloudPolicyStoreChromeOS::OnPolicyToStoreValidated, |
| 168 weak_factory_.GetWeakPtr())); | 169 weak_factory_.GetWeakPtr())); |
| 169 } | 170 } |
| 170 | 171 |
| 171 void UserCloudPolicyStoreChromeOS::OnPolicyToStoreValidated( | 172 void UserCloudPolicyStoreChromeOS::OnPolicyToStoreValidated( |
| 172 UserCloudPolicyValidator* validator) { | 173 UserCloudPolicyValidator* validator) { |
| 173 DCHECK(!is_active_directory_); | 174 DCHECK(!is_active_directory_); |
| 174 | 175 |
| 175 validation_status_ = validator->status(); | 176 validation_status_ = validator->status(); |
| 176 | 177 |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 238 ValidateRetrievedPolicy(std::move(policy)); | 239 ValidateRetrievedPolicy(std::move(policy)); |
| 239 } else { | 240 } else { |
| 240 EnsurePolicyKeyLoaded( | 241 EnsurePolicyKeyLoaded( |
| 241 base::Bind(&UserCloudPolicyStoreChromeOS::ValidateRetrievedPolicy, | 242 base::Bind(&UserCloudPolicyStoreChromeOS::ValidateRetrievedPolicy, |
| 242 weak_factory_.GetWeakPtr(), base::Passed(&policy))); | 243 weak_factory_.GetWeakPtr(), base::Passed(&policy))); |
| 243 } | 244 } |
| 244 } | 245 } |
| 245 | 246 |
| 246 void UserCloudPolicyStoreChromeOS::ValidateRetrievedPolicy( | 247 void UserCloudPolicyStoreChromeOS::ValidateRetrievedPolicy( |
| 247 std::unique_ptr<em::PolicyFetchResponse> policy) { | 248 std::unique_ptr<em::PolicyFetchResponse> policy) { |
| 248 // Create and configure a validator for the loaded policy. | 249 UserCloudPolicyValidator::StartValidation( |
| 249 std::unique_ptr<UserCloudPolicyValidator> validator = | 250 CreateValidatorForLoad(std::move(policy)), |
| 250 CreateValidatorForLoad(std::move(policy)); | |
| 251 // Start validation. The Validator will delete itself once validation is | |
| 252 // complete. | |
| 253 validator.release()->StartValidation( | |
| 254 base::Bind(&UserCloudPolicyStoreChromeOS::OnRetrievedPolicyValidated, | 251 base::Bind(&UserCloudPolicyStoreChromeOS::OnRetrievedPolicyValidated, |
| 255 weak_factory_.GetWeakPtr())); | 252 weak_factory_.GetWeakPtr())); |
| 256 } | 253 } |
| 257 | 254 |
| 258 void UserCloudPolicyStoreChromeOS::OnRetrievedPolicyValidated( | 255 void UserCloudPolicyStoreChromeOS::OnRetrievedPolicyValidated( |
| 259 UserCloudPolicyValidator* validator) { | 256 UserCloudPolicyValidator* validator) { |
| 260 validation_status_ = validator->status(); | 257 validation_status_ = validator->status(); |
| 261 | 258 |
| 262 UMA_HISTOGRAM_ENUMERATION( | 259 UMA_HISTOGRAM_ENUMERATION( |
| 263 "Enterprise.UserPolicyValidationLoadStatus", | 260 "Enterprise.UserPolicyValidationLoadStatus", |
| (...skipping 111 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 375 validator->ValidateUsername(account_id_.GetUserEmail(), true); | 372 validator->ValidateUsername(account_id_.GetUserEmail(), true); |
| 376 // The policy loaded from session manager need not be validated using the | 373 // The policy loaded from session manager need not be validated using the |
| 377 // verification key since it is secure, and since there may be legacy policy | 374 // verification key since it is secure, and since there may be legacy policy |
| 378 // data that was stored without a verification key. | 375 // data that was stored without a verification key. |
| 379 validator->ValidateSignature(cached_policy_key_); | 376 validator->ValidateSignature(cached_policy_key_); |
| 380 } | 377 } |
| 381 return validator; | 378 return validator; |
| 382 } | 379 } |
| 383 | 380 |
| 384 } // namespace policy | 381 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2817643002:
Make CloudPolicyValidator memory management clearer (Closed)
