OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chromeos/network/network_cert_migrator.h" | 5 #include "chromeos/network/network_cert_migrator.h" |
6 | 6 |
7 #include <cert.h> | 7 #include <cert.h> |
8 #include <string> | 8 #include <string> |
9 | 9 |
10 #include "base/bind.h" | 10 #include "base/bind.h" |
(...skipping 111 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
122 return; | 122 return; |
123 } | 123 } |
124 | 124 |
125 // OpenVPN configuration doesn't have a slot id to migrate. | 125 // OpenVPN configuration doesn't have a slot id to migrate. |
126 if (config_type == chromeos::client_cert::CONFIG_TYPE_OPENVPN) | 126 if (config_type == chromeos::client_cert::CONFIG_TYPE_OPENVPN) |
127 return; | 127 return; |
128 | 128 |
129 int real_slot_id = -1; | 129 int real_slot_id = -1; |
130 scoped_refptr<net::X509Certificate> cert = | 130 scoped_refptr<net::X509Certificate> cert = |
131 FindCertificateWithPkcs11Id(pkcs11_id, &real_slot_id); | 131 FindCertificateWithPkcs11Id(pkcs11_id, &real_slot_id); |
132 if (!cert) { | 132 if (!cert.get()) { |
133 LOG(WARNING) << "No matching cert found, removing the certificate " | 133 LOG(WARNING) << "No matching cert found, removing the certificate " |
134 "configuration from network " << service_path; | 134 "configuration from network " << service_path; |
135 chromeos::client_cert::SetEmptyShillProperties(config_type, | 135 chromeos::client_cert::SetEmptyShillProperties(config_type, |
136 new_properties); | 136 new_properties); |
137 return; | 137 return; |
138 } | 138 } |
139 if (real_slot_id == -1) { | 139 if (real_slot_id == -1) { |
140 LOG(WARNING) << "Found a certificate without slot id."; | 140 LOG(WARNING) << "Found a certificate without slot id."; |
141 return; | 141 return; |
142 } | 142 } |
143 | 143 |
144 if (cert && real_slot_id != configured_slot_id) { | 144 if (cert.get() && real_slot_id != configured_slot_id) { |
145 VLOG(1) << "Network " << service_path | 145 VLOG(1) << "Network " << service_path |
146 << " is configured with no or an incorrect slot id."; | 146 << " is configured with no or an incorrect slot id."; |
147 chromeos::client_cert::SetShillProperties( | 147 chromeos::client_cert::SetShillProperties( |
148 config_type, real_slot_id, pkcs11_id, new_properties); | 148 config_type, real_slot_id, pkcs11_id, new_properties); |
149 } | 149 } |
150 } | 150 } |
151 | 151 |
152 void MigrateNssProperties(const std::string& service_path, | 152 void MigrateNssProperties(const std::string& service_path, |
153 const base::DictionaryValue& properties, | 153 const base::DictionaryValue& properties, |
154 base::DictionaryValue* new_properties) { | 154 base::DictionaryValue* new_properties) { |
(...skipping 12 matching lines...) Expand all Loading... |
167 "Network.MigrationNssToPem", uma_type, UMA_NETWORK_TYPE_SIZE); | 167 "Network.MigrationNssToPem", uma_type, UMA_NETWORK_TYPE_SIZE); |
168 | 168 |
169 if (pem_property && !pem_property->empty()) { | 169 if (pem_property && !pem_property->empty()) { |
170 VLOG(2) << "PEM already exists, clearing NSS property."; | 170 VLOG(2) << "PEM already exists, clearing NSS property."; |
171 ClearNssProperty(nss_key, new_properties); | 171 ClearNssProperty(nss_key, new_properties); |
172 return; | 172 return; |
173 } | 173 } |
174 | 174 |
175 scoped_refptr<net::X509Certificate> cert = | 175 scoped_refptr<net::X509Certificate> cert = |
176 FindCertificateWithNickname(nickname); | 176 FindCertificateWithNickname(nickname); |
177 if (!cert) { | 177 if (!cert.get()) { |
178 VLOG(2) << "No matching cert found."; | 178 VLOG(2) << "No matching cert found."; |
179 return; | 179 return; |
180 } | 180 } |
181 | 181 |
182 std::string pem_encoded; | 182 std::string pem_encoded; |
183 if (!net::X509Certificate::GetPEMEncoded(cert->os_cert_handle(), | 183 if (!net::X509Certificate::GetPEMEncoded(cert->os_cert_handle(), |
184 &pem_encoded)) { | 184 &pem_encoded)) { |
185 LOG(ERROR) << "PEM encoding failed."; | 185 LOG(ERROR) << "PEM encoding failed."; |
186 return; | 186 return; |
187 } | 187 } |
(...skipping 164 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
352 | 352 |
353 void NetworkCertMigrator::OnCertificatesLoaded( | 353 void NetworkCertMigrator::OnCertificatesLoaded( |
354 const net::CertificateList& cert_list, | 354 const net::CertificateList& cert_list, |
355 bool initial_load) { | 355 bool initial_load) { |
356 // Maybe there are networks referring to certs that were not loaded before but | 356 // Maybe there are networks referring to certs that were not loaded before but |
357 // are now. | 357 // are now. |
358 NetworkListChanged(); | 358 NetworkListChanged(); |
359 } | 359 } |
360 | 360 |
361 } // namespace chromeos | 361 } // namespace chromeos |
OLD | NEW |