OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chromeos/network/onc/onc_validator.h" | 5 #include "chromeos/network/onc/onc_validator.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <algorithm> | 10 #include <algorithm> |
(...skipping 273 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
284 repaired_recommended->AppendString(field_name); | 284 repaired_recommended->AppendString(field_name); |
285 } | 285 } |
286 | 286 |
287 result->Set(::onc::kRecommended, repaired_recommended.release()); | 287 result->Set(::onc::kRecommended, repaired_recommended.release()); |
288 return true; | 288 return true; |
289 } | 289 } |
290 | 290 |
291 bool Validator::ValidateClientCertFields(bool allow_cert_type_none, | 291 bool Validator::ValidateClientCertFields(bool allow_cert_type_none, |
292 base::DictionaryValue* result) { | 292 base::DictionaryValue* result) { |
293 using namespace ::onc::client_cert; | 293 using namespace ::onc::client_cert; |
294 const char* const kValidCertTypes[] = {kRef, kPattern}; | 294 const char* const kValidCertTypes[] = {kRef, kPattern, kPKCS11Id}; |
295 std::vector<const char*> valid_cert_types(toVector(kValidCertTypes)); | 295 std::vector<const char*> valid_cert_types(toVector(kValidCertTypes)); |
296 if (allow_cert_type_none) | 296 if (allow_cert_type_none) |
297 valid_cert_types.push_back(kClientCertTypeNone); | 297 valid_cert_types.push_back(kClientCertTypeNone); |
298 if (FieldExistsAndHasNoValidValue(*result, kClientCertType, valid_cert_types)) | 298 if (FieldExistsAndHasNoValidValue(*result, kClientCertType, valid_cert_types)) |
299 return false; | 299 return false; |
300 | 300 |
301 std::string cert_type; | 301 std::string cert_type; |
302 result->GetStringWithoutPathExpansion(kClientCertType, &cert_type); | 302 result->GetStringWithoutPathExpansion(kClientCertType, &cert_type); |
303 | 303 |
304 bool all_required_exist = true; | 304 bool all_required_exist = true; |
305 | 305 |
306 if (cert_type == kPattern) | 306 if (cert_type == kPattern) |
307 all_required_exist &= RequireField(*result, kClientCertPattern); | 307 all_required_exist &= RequireField(*result, kClientCertPattern); |
308 else if (cert_type == kRef) | 308 else if (cert_type == kRef) |
309 all_required_exist &= RequireField(*result, kClientCertRef); | 309 all_required_exist &= RequireField(*result, kClientCertRef); |
| 310 else if (cert_type == kPKCS11Id) |
| 311 all_required_exist &= RequireField(*result, kClientCertPKCS11Id); |
310 | 312 |
311 return !error_on_missing_field_ || all_required_exist; | 313 return !error_on_missing_field_ || all_required_exist; |
312 } | 314 } |
313 | 315 |
314 namespace { | 316 namespace { |
315 | 317 |
316 std::string JoinStringRange(const std::vector<const char*>& strings, | 318 std::string JoinStringRange(const std::vector<const char*>& strings, |
317 const std::string& separator) { | 319 const std::string& separator) { |
318 std::vector<base::StringPiece> string_vector(strings.begin(), strings.end()); | 320 std::vector<base::StringPiece> string_vector(strings.begin(), strings.end()); |
319 return base::JoinString(string_vector, separator); | 321 return base::JoinString(string_vector, separator); |
(...skipping 624 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
944 return false; | 946 return false; |
945 } | 947 } |
946 | 948 |
947 if (result->HasKey(kServerCARefs) && result->HasKey(kServerCARef)) { | 949 if (result->HasKey(kServerCARefs) && result->HasKey(kServerCARef)) { |
948 error_or_warning_found_ = true; | 950 error_or_warning_found_ = true; |
949 LOG(ERROR) << MessageHeader() << "At most one of " << kServerCARefs | 951 LOG(ERROR) << MessageHeader() << "At most one of " << kServerCARefs |
950 << " and " << kServerCARef << " can be set."; | 952 << " and " << kServerCARef << " can be set."; |
951 return false; | 953 return false; |
952 } | 954 } |
953 | 955 |
954 if (!ValidateClientCertFields(false, // don't allow ClientCertType None | 956 if (!ValidateClientCertFields(true /* allow ClientCertType None */, result)) |
955 result)) { | |
956 return false; | 957 return false; |
957 } | |
958 | 958 |
959 bool all_required_exist = RequireField(*result, kOuter); | 959 bool all_required_exist = RequireField(*result, kOuter); |
960 | 960 |
961 return !error_on_missing_field_ || all_required_exist; | 961 return !error_on_missing_field_ || all_required_exist; |
962 } | 962 } |
963 | 963 |
964 bool Validator::ValidateCertificate(base::DictionaryValue* result) { | 964 bool Validator::ValidateCertificate(base::DictionaryValue* result) { |
965 using namespace ::onc::certificate; | 965 using namespace ::onc::certificate; |
966 | 966 |
967 const char* const kValidTypes[] = {kClient, kServer, kAuthority}; | 967 const char* const kValidTypes[] = {kClient, kServer, kAuthority}; |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1036 } | 1036 } |
1037 | 1037 |
1038 std::string Validator::MessageHeader() { | 1038 std::string Validator::MessageHeader() { |
1039 std::string path = path_.empty() ? "toplevel" : base::JoinString(path_, "."); | 1039 std::string path = path_.empty() ? "toplevel" : base::JoinString(path_, "."); |
1040 std::string message = "At " + path + ": "; | 1040 std::string message = "At " + path + ": "; |
1041 return message; | 1041 return message; |
1042 } | 1042 } |
1043 | 1043 |
1044 } // namespace onc | 1044 } // namespace onc |
1045 } // namespace chromeos | 1045 } // namespace chromeos |
OLD | NEW |