chrome/browser/chromeos/enrollment_dialog_view.cc - Issue 2828713002: Enable client certificate patterns in device ONC policy

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chrome/browser/chromeos/enrollment_dialog_view.cc

Issue 2828713002: Enable client certificate patterns in device ONC policy (Closed)

Patch Set: Rebase. Created 3 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

Index: chrome/browser/chromeos/enrollment_dialog_view.cc

diff --git a/chrome/browser/chromeos/enrollment_dialog_view.cc b/chrome/browser/chromeos/enrollment_dialog_view.cc

index 33f3af5a4bfdb2e073d95eb3517c9a7d5c812f09..bdd5572716203be605a6f578dddede3ba0763354 100644

--- a/chrome/browser/chromeos/enrollment_dialog_view.cc

+++ b/chrome/browser/chromeos/enrollment_dialog_view.cc

@@ -270,6 +270,10 @@ bool CreateEnrollmentDialog(const std::string& network_id,

Browser* browser = chrome::FindBrowserWithWindow(owning_window);

Profile* profile =

browser ? browser->profile() : ProfileManager::GetPrimaryUserProfile();

+ if (chromeos::ProfileHelper::IsSigninProfile(profile)) {

+ NET_LOG_EVENT("Skipping enrollment on sign-in profile", network_id);

emaxx 2017/04/20 20:10:39 Is this log message really helpful?

pmarko 2017/04/24 14:49:55 Done. (No, removed :-) )

+ return false;

+ }

std::string username_hash = ProfileHelper::GetUserIdHashFromProfile(profile);

onc::ONCSource onc_source = onc::ONC_SOURCE_NONE;

@@ -278,14 +282,8 @@ bool CreateEnrollmentDialog(const std::string& network_id,

->managed_network_configuration_handler()

->FindPolicyByGUID(username_hash, network_id, &onc_source);

- // We skip certificate patterns for device policy ONC so that an unmanaged

- // user can't get to the place where a cert is presented for them

- // involuntarily.

- if (!policy || onc_source == onc::ONC_SOURCE_DEVICE_POLICY)

emaxx 2017/04/20 20:10:39 We should also check whether the enrollment dialog

emaxx 2017/04/20 20:10:39 Shouldn't the "!policy" exit route be preserved? T

pmarko 2017/04/24 14:49:55 Whoops. Done.

- return false;

client_cert::ClientCertConfig cert_config;

- OncToClientCertConfig(*policy, &cert_config);

+ OncToClientCertConfig(onc_source, *policy, &cert_config);

if (cert_config.client_cert_type != onc::client_cert::kPattern)

return false;