| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| 11 #include "base/bind_helpers.h" | 11 #include "base/bind_helpers.h" |
| 12 #include "base/callback.h" | 12 #include "base/callback.h" |
| 13 #include "base/files/file_util.h" | 13 #include "base/files/file_util.h" |
| 14 #include "base/location.h" | 14 #include "base/location.h" |
| 15 #include "base/logging.h" | 15 #include "base/logging.h" |
| 16 #include "base/macros.h" | 16 #include "base/macros.h" |
| 17 #include "base/metrics/histogram_macros.h" | 17 #include "base/metrics/histogram_macros.h" |
| 18 #include "base/sequenced_task_runner.h" | 18 #include "base/sequenced_task_runner.h" |
| 19 #include "base/stl_util.h" | 19 #include "base/stl_util.h" |
| 20 #include "base/strings/stringprintf.h" | 20 #include "base/strings/stringprintf.h" |
| 21 #include "chrome/browser/chromeos/policy/user_policy_token_loader.h" | 21 #include "chrome/browser/chromeos/policy/user_policy_token_loader.h" |
| 22 #include "chrome/browser/lifetime/application_lifetime.h" |
| 22 #include "chromeos/cryptohome/cryptohome_parameters.h" | 23 #include "chromeos/cryptohome/cryptohome_parameters.h" |
| 23 #include "chromeos/dbus/cryptohome_client.h" | 24 #include "chromeos/dbus/cryptohome_client.h" |
| 24 #include "chromeos/dbus/session_manager_client.h" | |
| 25 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 25 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| 26 #include "components/policy/proto/cloud_policy.pb.h" | 26 #include "components/policy/proto/cloud_policy.pb.h" |
| 27 #include "components/policy/proto/device_management_local.pb.h" | 27 #include "components/policy/proto/device_management_local.pb.h" |
| 28 #include "google_apis/gaia/gaia_auth_util.h" | 28 #include "google_apis/gaia/gaia_auth_util.h" |
| 29 | 29 |
| 30 using RetrievePolicyResponseType = |
| 31 chromeos::SessionManagerClient::RetrievePolicyResponseType; |
| 32 |
| 30 namespace em = enterprise_management; | 33 namespace em = enterprise_management; |
| 31 | 34 |
| 32 namespace policy { | 35 namespace policy { |
| 33 | 36 |
| 34 namespace { | 37 namespace { |
| 35 | 38 |
| 36 // Path within |user_policy_key_dir_| that contains the policy key. | 39 // Path within |user_policy_key_dir_| that contains the policy key. |
| 37 // "%s" must be substituted with the sanitized username. | 40 // "%s" must be substituted with the sanitized username. |
| 38 const base::FilePath::CharType kPolicyKeyFile[] = | 41 const base::FilePath::CharType kPolicyKeyFile[] = |
| 39 FILE_PATH_LITERAL("%s/policy.pub"); | 42 FILE_PATH_LITERAL("%s/policy.pub"); |
| (...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 102 | 105 |
| 103 void UserCloudPolicyStoreChromeOS::LoadImmediately() { | 106 void UserCloudPolicyStoreChromeOS::LoadImmediately() { |
| 104 // This blocking D-Bus call is in the startup path and will block the UI | 107 // This blocking D-Bus call is in the startup path and will block the UI |
| 105 // thread. This only happens when the Profile is created synchronously, which | 108 // thread. This only happens when the Profile is created synchronously, which |
| 106 // on Chrome OS happens whenever the browser is restarted into the same | 109 // on Chrome OS happens whenever the browser is restarted into the same |
| 107 // session. That happens when the browser crashes, or right after signin if | 110 // session. That happens when the browser crashes, or right after signin if |
| 108 // the user has flags configured in about:flags. | 111 // the user has flags configured in about:flags. |
| 109 // However, on those paths we must load policy synchronously so that the | 112 // However, on those paths we must load policy synchronously so that the |
| 110 // Profile initialization never sees unmanaged prefs, which would lead to | 113 // Profile initialization never sees unmanaged prefs, which would lead to |
| 111 // data loss. http://crbug.com/263061 | 114 // data loss. http://crbug.com/263061 |
| 112 std::string policy_blob = | 115 std::string policy_blob; |
| 116 RetrievePolicyResponseType response_type = |
| 113 session_manager_client_->BlockingRetrievePolicyForUser( | 117 session_manager_client_->BlockingRetrievePolicyForUser( |
| 114 cryptohome::Identification(account_id_)); | 118 cryptohome::Identification(account_id_), &policy_blob); |
| 119 |
| 120 if (response_type == RetrievePolicyResponseType::SESSION_DOES_NOT_EXIST) { |
| 121 LOG(ERROR) |
| 122 << "Session manager claims that session doesn't exist; signing out"; |
| 123 chrome::AttemptUserExit(); |
| 124 return; |
| 125 } |
| 126 |
| 115 if (policy_blob.empty()) { | 127 if (policy_blob.empty()) { |
| 116 // The session manager doesn't have policy, or the call failed. | 128 // The session manager doesn't have policy, or the call failed. |
| 117 NotifyStoreLoaded(); | 129 NotifyStoreLoaded(); |
| 118 return; | 130 return; |
| 119 } | 131 } |
| 120 | 132 |
| 121 std::unique_ptr<em::PolicyFetchResponse> policy( | 133 std::unique_ptr<em::PolicyFetchResponse> policy( |
| 122 new em::PolicyFetchResponse()); | 134 new em::PolicyFetchResponse()); |
| 123 if (!policy->ParseFromString(policy_blob)) { | 135 if (!policy->ParseFromString(policy_blob)) { |
| 124 status_ = STATUS_PARSE_ERROR; | 136 status_ = STATUS_PARSE_ERROR; |
| (...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 207 } else { | 219 } else { |
| 208 // Load the policy right after storing it, to make sure it was accepted by | 220 // Load the policy right after storing it, to make sure it was accepted by |
| 209 // the session manager. An additional validation is performed after the | 221 // the session manager. An additional validation is performed after the |
| 210 // load; reload the key for that validation too, in case it was rotated. | 222 // load; reload the key for that validation too, in case it was rotated. |
| 211 ReloadPolicyKey(base::Bind(&UserCloudPolicyStoreChromeOS::Load, | 223 ReloadPolicyKey(base::Bind(&UserCloudPolicyStoreChromeOS::Load, |
| 212 weak_factory_.GetWeakPtr())); | 224 weak_factory_.GetWeakPtr())); |
| 213 } | 225 } |
| 214 } | 226 } |
| 215 | 227 |
| 216 void UserCloudPolicyStoreChromeOS::OnPolicyRetrieved( | 228 void UserCloudPolicyStoreChromeOS::OnPolicyRetrieved( |
| 217 const std::string& policy_blob) { | 229 const std::string& policy_blob, |
| 230 RetrievePolicyResponseType response_type) { |
| 231 // Disallow the sign in when the Chrome OS user session has not started, which |
| 232 // should always happen before the profile construction. An attempt to read |
| 233 // the policy outside the session will always fail and return an empty policy |
| 234 // blob. |
| 235 if (response_type == RetrievePolicyResponseType::SESSION_DOES_NOT_EXIST) { |
| 236 LOG(ERROR) |
| 237 << "Session manager claims that session doesn't exist; signing out"; |
| 238 chrome::AttemptUserExit(); |
| 239 return; |
| 240 } |
| 241 |
| 218 if (policy_blob.empty()) { | 242 if (policy_blob.empty()) { |
| 219 // session_manager doesn't have policy. Adjust internal state and notify | 243 // session_manager doesn't have policy. Adjust internal state and notify |
| 220 // the world about the policy update. | 244 // the world about the policy update. |
| 221 policy_map_.Clear(); | 245 policy_map_.Clear(); |
| 222 policy_.reset(); | 246 policy_.reset(); |
| 223 policy_signature_public_key_.clear(); | 247 policy_signature_public_key_.clear(); |
| 224 NotifyStoreLoaded(); | 248 NotifyStoreLoaded(); |
| 225 return; | 249 return; |
| 226 } | 250 } |
| 227 | 251 |
| (...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 375 validator->ValidateUsername(account_id_.GetUserEmail(), true); | 399 validator->ValidateUsername(account_id_.GetUserEmail(), true); |
| 376 // The policy loaded from session manager need not be validated using the | 400 // The policy loaded from session manager need not be validated using the |
| 377 // verification key since it is secure, and since there may be legacy policy | 401 // verification key since it is secure, and since there may be legacy policy |
| 378 // data that was stored without a verification key. | 402 // data that was stored without a verification key. |
| 379 validator->ValidateSignature(cached_policy_key_); | 403 validator->ValidateSignature(cached_policy_key_); |
| 380 } | 404 } |
| 381 return validator; | 405 return validator; |
| 382 } | 406 } |
| 383 | 407 |
| 384 } // namespace policy | 408 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2877503002:
Abandon user sign in when policy is retrieved before session started. (Closed)
