| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/bind.h" | 5 #include "base/bind.h" |
| 6 #include "base/bind_helpers.h" | 6 #include "base/bind_helpers.h" |
| 7 #include "base/callback.h" | 7 #include "base/callback.h" |
| 8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
| 9 #include "base/memory/scoped_ptr.h" | 9 #include "base/memory/scoped_ptr.h" |
| 10 #include "base/run_loop.h" | 10 #include "base/run_loop.h" |
| 11 #include "base/values.h" | 11 #include "base/values.h" |
| 12 #include "chrome/browser/chromeos/policy/device_network_configuration_updater.h" | 12 #include "chrome/browser/chromeos/policy/device_network_configuration_updater.h" |
| 13 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" | 13 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" |
| 14 #include "chrome/browser/chromeos/settings/cros_settings.h" | 14 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 15 #include "chrome/browser/chromeos/settings/device_settings_service.h" | 15 #include "chrome/browser/chromeos/settings/device_settings_service.h" |
| 16 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h" | 16 #include "chrome/browser/chromeos/settings/stub_cros_settings_provider.h" |
| 17 #include "chrome/test/base/testing_profile.h" | 17 #include "chrome/test/base/testing_profile.h" |
| 18 #include "chromeos/network/fake_network_device_handler.h" | 18 #include "chromeos/network/fake_network_device_handler.h" |
| 19 #include "chromeos/network/mock_managed_network_configuration_handler.h" | 19 #include "chromeos/network/mock_managed_network_configuration_handler.h" |
| 20 #include "chromeos/network/onc/onc_certificate_importer.h" | 20 #include "chromeos/network/onc/mock_certificate_importer.h" |
| 21 #include "chromeos/network/onc/onc_test_utils.h" | 21 #include "chromeos/network/onc/onc_test_utils.h" |
| 22 #include "chromeos/network/onc/onc_utils.h" | 22 #include "chromeos/network/onc/onc_utils.h" |
| 23 #include "components/onc/onc_constants.h" | 23 #include "components/onc/onc_constants.h" |
| 24 #include "components/policy/core/common/external_data_fetcher.h" | 24 #include "components/policy/core/common/external_data_fetcher.h" |
| 25 #include "components/policy/core/common/mock_configuration_policy_provider.h" | 25 #include "components/policy/core/common/mock_configuration_policy_provider.h" |
| 26 #include "components/policy/core/common/policy_map.h" | 26 #include "components/policy/core/common/policy_map.h" |
| 27 #include "components/policy/core/common/policy_service_impl.h" | 27 #include "components/policy/core/common/policy_service_impl.h" |
| 28 #include "components/user_manager/user.h" | 28 #include "components/user_manager/user.h" |
| 29 #include "components/user_manager/user_type.h" | 29 #include "components/user_manager/user_type.h" |
| 30 #include "content/public/test/test_browser_thread_bundle.h" | 30 #include "content/public/test/test_browser_thread_bundle.h" |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 64 return user_manager::USER_TYPE_REGULAR; | 64 return user_manager::USER_TYPE_REGULAR; |
| 65 } | 65 } |
| 66 | 66 |
| 67 private: | 67 private: |
| 68 DISALLOW_COPY_AND_ASSIGN(FakeUser); | 68 DISALLOW_COPY_AND_ASSIGN(FakeUser); |
| 69 }; | 69 }; |
| 70 | 70 |
| 71 class FakeWebTrustedCertsObserver | 71 class FakeWebTrustedCertsObserver |
| 72 : public UserNetworkConfigurationUpdater::WebTrustedCertsObserver { | 72 : public UserNetworkConfigurationUpdater::WebTrustedCertsObserver { |
| 73 public: | 73 public: |
| 74 FakeWebTrustedCertsObserver() {} | |
| 75 | |
| 76 virtual void OnTrustAnchorsChanged( | 74 virtual void OnTrustAnchorsChanged( |
| 77 const net::CertificateList& trust_anchors) OVERRIDE { | 75 const net::CertificateList& trust_anchors) OVERRIDE { |
| 78 trust_anchors_ = trust_anchors; | 76 trust_anchors_ = trust_anchors; |
| 79 } | 77 } |
| 80 net::CertificateList trust_anchors_; | 78 net::CertificateList trust_anchors_; |
| 81 | |
| 82 private: | |
| 83 DISALLOW_COPY_AND_ASSIGN(FakeWebTrustedCertsObserver); | |
| 84 }; | 79 }; |
| 85 | 80 |
| 86 class FakeNetworkDeviceHandler : public chromeos::FakeNetworkDeviceHandler { | 81 class FakeNetworkDeviceHandler : public chromeos::FakeNetworkDeviceHandler { |
| 87 public: | 82 public: |
| 88 FakeNetworkDeviceHandler() : allow_roaming_(false) {} | 83 FakeNetworkDeviceHandler() : allow_roaming_(false) {} |
| 89 | 84 |
| 90 virtual void SetCellularAllowRoaming(bool allow_roaming) OVERRIDE { | 85 virtual void SetCellularAllowRoaming(bool allow_roaming) OVERRIDE { |
| 91 allow_roaming_ = allow_roaming; | 86 allow_roaming_ = allow_roaming; |
| 92 } | 87 } |
| 93 | 88 |
| 94 bool allow_roaming_; | 89 bool allow_roaming_; |
| 95 | |
| 96 private: | |
| 97 DISALLOW_COPY_AND_ASSIGN(FakeNetworkDeviceHandler); | |
| 98 }; | |
| 99 | |
| 100 class FakeCertificateImporter : public chromeos::onc::CertificateImporter { | |
| 101 public: | |
| 102 FakeCertificateImporter() | |
| 103 : expected_onc_source_(::onc::ONC_SOURCE_UNKNOWN), call_count_(0) {} | |
| 104 virtual ~FakeCertificateImporter() {} | |
| 105 | |
| 106 void SetTrustedCertificatesResult( | |
| 107 net::CertificateList onc_trusted_certificates) { | |
| 108 onc_trusted_certificates_ = onc_trusted_certificates; | |
| 109 } | |
| 110 | |
| 111 void SetExpectedONCCertificates(const base::ListValue& certificates) { | |
| 112 expected_onc_certificates_.reset(certificates.DeepCopy()); | |
| 113 } | |
| 114 | |
| 115 void SetExpectedONCSource(::onc::ONCSource source) { | |
| 116 expected_onc_source_ = source; | |
| 117 } | |
| 118 | |
| 119 unsigned int GetAndResetImportCount() { | |
| 120 unsigned int count = call_count_; | |
| 121 call_count_ = 0; | |
| 122 return count; | |
| 123 } | |
| 124 | |
| 125 virtual void ImportCertificates(const base::ListValue& certificates, | |
| 126 ::onc::ONCSource source, | |
| 127 const DoneCallback& done_callback) OVERRIDE { | |
| 128 if (expected_onc_source_ != ::onc::ONC_SOURCE_UNKNOWN) | |
| 129 EXPECT_EQ(expected_onc_source_, source); | |
| 130 if (expected_onc_certificates_) { | |
| 131 EXPECT_TRUE(chromeos::onc::test_utils::Equals( | |
| 132 expected_onc_certificates_.get(), &certificates)); | |
| 133 } | |
| 134 ++call_count_; | |
| 135 done_callback.Run(true, onc_trusted_certificates_); | |
| 136 } | |
| 137 | |
| 138 private: | |
| 139 ::onc::ONCSource expected_onc_source_; | |
| 140 scoped_ptr<base::ListValue> expected_onc_certificates_; | |
| 141 net::CertificateList onc_trusted_certificates_; | |
| 142 unsigned int call_count_; | |
| 143 | |
| 144 DISALLOW_COPY_AND_ASSIGN(FakeCertificateImporter); | |
| 145 }; | 90 }; |
| 146 | 91 |
| 147 const char kFakeONC[] = | 92 const char kFakeONC[] = |
| 148 "{ \"NetworkConfigurations\": [" | 93 "{ \"NetworkConfigurations\": [" |
| 149 " { \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5040}\"," | 94 " { \"GUID\": \"{485d6076-dd44-6b6d-69787465725f5040}\"," |
| 150 " \"Type\": \"WiFi\"," | 95 " \"Type\": \"WiFi\"," |
| 151 " \"Name\": \"My WiFi Network\"," | 96 " \"Name\": \"My WiFi Network\"," |
| 152 " \"WiFi\": {" | 97 " \"WiFi\": {" |
| 153 " \"SSID\": \"ssid-none\"," | 98 " \"SSID\": \"ssid-none\"," |
| 154 " \"Security\": \"None\" }" | 99 " \"Security\": \"None\" }" |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 193 ACTION_P(SetCertificateList, list) { | 138 ACTION_P(SetCertificateList, list) { |
| 194 if (arg2) | 139 if (arg2) |
| 195 *arg2 = list; | 140 *arg2 = list; |
| 196 return true; | 141 return true; |
| 197 } | 142 } |
| 198 | 143 |
| 199 } // namespace | 144 } // namespace |
| 200 | 145 |
| 201 class NetworkConfigurationUpdaterTest : public testing::Test { | 146 class NetworkConfigurationUpdaterTest : public testing::Test { |
| 202 protected: | 147 protected: |
| 203 NetworkConfigurationUpdaterTest() : certificate_importer_(NULL) {} | 148 NetworkConfigurationUpdaterTest() { |
| 149 } |
| 204 | 150 |
| 205 virtual void SetUp() OVERRIDE { | 151 virtual void SetUp() OVERRIDE { |
| 206 EXPECT_CALL(provider_, IsInitializationComplete(_)) | 152 EXPECT_CALL(provider_, IsInitializationComplete(_)) |
| 207 .WillRepeatedly(Return(false)); | 153 .WillRepeatedly(Return(false)); |
| 208 provider_.Init(); | 154 provider_.Init(); |
| 209 PolicyServiceImpl::Providers providers; | 155 PolicyServiceImpl::Providers providers; |
| 210 providers.push_back(&provider_); | 156 providers.push_back(&provider_); |
| 211 policy_service_.reset(new PolicyServiceImpl(providers)); | 157 policy_service_.reset(new PolicyServiceImpl(providers)); |
| 212 | 158 |
| 213 scoped_ptr<base::DictionaryValue> fake_toplevel_onc = | 159 scoped_ptr<base::DictionaryValue> fake_toplevel_onc = |
| 214 chromeos::onc::ReadDictionaryFromJson(kFakeONC); | 160 chromeos::onc::ReadDictionaryFromJson(kFakeONC); |
| 215 | 161 |
| 216 base::ListValue* network_configs = NULL; | 162 base::ListValue* network_configs = NULL; |
| 217 fake_toplevel_onc->GetListWithoutPathExpansion( | 163 fake_toplevel_onc->GetListWithoutPathExpansion( |
| 218 onc::toplevel_config::kNetworkConfigurations, &network_configs); | 164 onc::toplevel_config::kNetworkConfigurations, &network_configs); |
| 219 AppendAll(*network_configs, &fake_network_configs_); | 165 AppendAll(*network_configs, &fake_network_configs_); |
| 220 | 166 |
| 221 base::DictionaryValue* global_config = NULL; | 167 base::DictionaryValue* global_config = NULL; |
| 222 fake_toplevel_onc->GetDictionaryWithoutPathExpansion( | 168 fake_toplevel_onc->GetDictionaryWithoutPathExpansion( |
| 223 onc::toplevel_config::kGlobalNetworkConfiguration, &global_config); | 169 onc::toplevel_config::kGlobalNetworkConfiguration, &global_config); |
| 224 fake_global_network_config_.MergeDictionary(global_config); | 170 fake_global_network_config_.MergeDictionary(global_config); |
| 225 | 171 |
| 226 base::ListValue* certs = NULL; | 172 base::ListValue* certs = NULL; |
| 227 fake_toplevel_onc->GetListWithoutPathExpansion( | 173 fake_toplevel_onc->GetListWithoutPathExpansion( |
| 228 onc::toplevel_config::kCertificates, &certs); | 174 onc::toplevel_config::kCertificates, &certs); |
| 229 AppendAll(*certs, &fake_certificates_); | 175 AppendAll(*certs, &fake_certificates_); |
| 230 | 176 |
| 231 certificate_importer_ = new FakeCertificateImporter; | 177 certificate_importer_ = |
| 178 new StrictMock<chromeos::onc::MockCertificateImporter>(); |
| 232 certificate_importer_owned_.reset(certificate_importer_); | 179 certificate_importer_owned_.reset(certificate_importer_); |
| 233 } | 180 } |
| 234 | 181 |
| 235 virtual void TearDown() OVERRIDE { | 182 virtual void TearDown() OVERRIDE { |
| 236 network_configuration_updater_.reset(); | 183 network_configuration_updater_.reset(); |
| 237 provider_.Shutdown(); | 184 provider_.Shutdown(); |
| 238 base::RunLoop().RunUntilIdle(); | 185 base::RunLoop().RunUntilIdle(); |
| 239 } | 186 } |
| 240 | 187 |
| 241 void MarkPolicyProviderInitialized() { | 188 void MarkPolicyProviderInitialized() { |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 289 FakeNetworkDeviceHandler network_device_handler_; | 236 FakeNetworkDeviceHandler network_device_handler_; |
| 290 | 237 |
| 291 // Not used directly. Required for CrosSettings. | 238 // Not used directly. Required for CrosSettings. |
| 292 chromeos::ScopedTestDeviceSettingsService scoped_device_settings_service_; | 239 chromeos::ScopedTestDeviceSettingsService scoped_device_settings_service_; |
| 293 chromeos::ScopedTestCrosSettings scoped_cros_settings_; | 240 chromeos::ScopedTestCrosSettings scoped_cros_settings_; |
| 294 | 241 |
| 295 // Ownership of certificate_importer_owned_ is passed to the | 242 // Ownership of certificate_importer_owned_ is passed to the |
| 296 // NetworkConfigurationUpdater. When that happens, |certificate_importer_| | 243 // NetworkConfigurationUpdater. When that happens, |certificate_importer_| |
| 297 // continues to point to that instance but |certificate_importer_owned_| is | 244 // continues to point to that instance but |certificate_importer_owned_| is |
| 298 // released. | 245 // released. |
| 299 FakeCertificateImporter* certificate_importer_; | 246 StrictMock<chromeos::onc::MockCertificateImporter>* certificate_importer_; |
| 300 scoped_ptr<chromeos::onc::CertificateImporter> certificate_importer_owned_; | 247 scoped_ptr<chromeos::onc::CertificateImporter> certificate_importer_owned_; |
| 301 | 248 |
| 302 StrictMock<MockConfigurationPolicyProvider> provider_; | 249 StrictMock<MockConfigurationPolicyProvider> provider_; |
| 303 scoped_ptr<PolicyServiceImpl> policy_service_; | 250 scoped_ptr<PolicyServiceImpl> policy_service_; |
| 304 FakeUser fake_user_; | 251 FakeUser fake_user_; |
| 305 | 252 |
| 306 TestingProfile profile_; | 253 TestingProfile profile_; |
| 307 | 254 |
| 308 scoped_ptr<NetworkConfigurationUpdater> network_configuration_updater_; | 255 scoped_ptr<NetworkConfigurationUpdater> network_configuration_updater_; |
| 309 content::TestBrowserThreadBundle thread_bundle_; | 256 content::TestBrowserThreadBundle thread_bundle_; |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 362 POLICY_SCOPE_USER, | 309 POLICY_SCOPE_USER, |
| 363 new base::StringValue(onc_policy), | 310 new base::StringValue(onc_policy), |
| 364 NULL); | 311 NULL); |
| 365 UpdateProviderPolicy(policy); | 312 UpdateProviderPolicy(policy); |
| 366 | 313 |
| 367 EXPECT_CALL(network_config_handler_, | 314 EXPECT_CALL(network_config_handler_, |
| 368 SetPolicy(onc::ONC_SOURCE_USER_POLICY, | 315 SetPolicy(onc::ONC_SOURCE_USER_POLICY, |
| 369 _, | 316 _, |
| 370 IsEqualTo(network_configs_repaired), | 317 IsEqualTo(network_configs_repaired), |
| 371 IsEqualTo(global_config_repaired))); | 318 IsEqualTo(global_config_repaired))); |
| 372 certificate_importer_->SetExpectedONCSource(onc::ONC_SOURCE_USER_POLICY); | 319 EXPECT_CALL(*certificate_importer_, |
| 320 ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)); |
| 373 | 321 |
| 374 CreateNetworkConfigurationUpdaterForUserPolicy( | 322 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 375 false /* do not allow trusted certs from policy */, | 323 false /* do not allow trusted certs from policy */, |
| 376 true /* set certificate importer */); | 324 true /* set certificate importer */); |
| 377 MarkPolicyProviderInitialized(); | 325 MarkPolicyProviderInitialized(); |
| 378 EXPECT_EQ(1u, certificate_importer_->GetAndResetImportCount()); | |
| 379 } | 326 } |
| 380 | 327 |
| 381 TEST_F(NetworkConfigurationUpdaterTest, | 328 TEST_F(NetworkConfigurationUpdaterTest, |
| 382 DoNotAllowTrustedCertificatesFromPolicy) { | 329 DoNotAllowTrustedCertificatesFromPolicy) { |
| 383 net::CertificateList cert_list; | 330 net::CertificateList cert_list; |
| 384 cert_list = | 331 cert_list = |
| 385 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), | 332 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), |
| 386 "ok_cert.pem", | 333 "ok_cert.pem", |
| 387 net::X509Certificate::FORMAT_AUTO); | 334 net::X509Certificate::FORMAT_AUTO); |
| 388 ASSERT_EQ(1u, cert_list.size()); | 335 ASSERT_EQ(1u, cert_list.size()); |
| 389 | 336 |
| 390 EXPECT_CALL(network_config_handler_, | 337 EXPECT_CALL(network_config_handler_, |
| 391 SetPolicy(onc::ONC_SOURCE_USER_POLICY, _, _, _)); | 338 SetPolicy(onc::ONC_SOURCE_USER_POLICY, _, _, _)); |
| 392 certificate_importer_->SetTrustedCertificatesResult(cert_list); | 339 EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _, _)) |
| 340 .WillRepeatedly(SetCertificateList(cert_list)); |
| 393 | 341 |
| 394 UserNetworkConfigurationUpdater* updater = | 342 UserNetworkConfigurationUpdater* updater = |
| 395 CreateNetworkConfigurationUpdaterForUserPolicy( | 343 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 396 false /* do not allow trusted certs from policy */, | 344 false /* do not allow trusted certs from policy */, |
| 397 true /* set certificate importer */); | 345 true /* set certificate importer */); |
| 398 MarkPolicyProviderInitialized(); | 346 MarkPolicyProviderInitialized(); |
| 399 | 347 |
| 400 // Certificates with the "Web" trust flag set should not be forwarded to | 348 // Certificates with the "Web" trust flag set should not be forwarded to |
| 401 // observers. | 349 // observers. |
| 402 FakeWebTrustedCertsObserver observer; | 350 FakeWebTrustedCertsObserver observer; |
| (...skipping 15 matching lines...) Expand all Loading... |
| 418 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) | 366 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) |
| 419 .Times(AnyNumber()); | 367 .Times(AnyNumber()); |
| 420 | 368 |
| 421 net::CertificateList cert_list; | 369 net::CertificateList cert_list; |
| 422 cert_list = | 370 cert_list = |
| 423 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), | 371 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), |
| 424 "ok_cert.pem", | 372 "ok_cert.pem", |
| 425 net::X509Certificate::FORMAT_AUTO); | 373 net::X509Certificate::FORMAT_AUTO); |
| 426 ASSERT_EQ(1u, cert_list.size()); | 374 ASSERT_EQ(1u, cert_list.size()); |
| 427 | 375 |
| 428 certificate_importer_->SetExpectedONCSource(onc::ONC_SOURCE_USER_POLICY); | 376 EXPECT_CALL(*certificate_importer_, |
| 429 certificate_importer_->SetTrustedCertificatesResult(cert_list); | 377 ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) |
| 378 .WillRepeatedly(SetCertificateList(cert_list)); |
| 430 | 379 |
| 431 UserNetworkConfigurationUpdater* updater = | 380 UserNetworkConfigurationUpdater* updater = |
| 432 CreateNetworkConfigurationUpdaterForUserPolicy( | 381 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 433 true /* allow trusted certs from policy */, | 382 true /* allow trusted certs from policy */, |
| 434 true /* set certificate importer */); | 383 true /* set certificate importer */); |
| 435 MarkPolicyProviderInitialized(); | 384 MarkPolicyProviderInitialized(); |
| 436 | 385 |
| 437 base::RunLoop().RunUntilIdle(); | 386 base::RunLoop().RunUntilIdle(); |
| 438 | 387 |
| 439 // Certificates with the "Web" trust flag set will be returned. | 388 // Certificates with the "Web" trust flag set will be returned. |
| 440 net::CertificateList trust_anchors; | 389 net::CertificateList trust_anchors; |
| 441 updater->GetWebTrustedCertificates(&trust_anchors); | 390 updater->GetWebTrustedCertificates(&trust_anchors); |
| 442 EXPECT_EQ(1u, trust_anchors.size()); | 391 EXPECT_EQ(1u, trust_anchors.size()); |
| 443 } | 392 } |
| 444 | 393 |
| 445 TEST_F(NetworkConfigurationUpdaterTest, | 394 TEST_F(NetworkConfigurationUpdaterTest, |
| 446 AllowTrustedCertificatesFromPolicyOnUpdate) { | 395 AllowTrustedCertificatesFromPolicyOnUpdate) { |
| 447 // Ignore network configuration changes. | 396 // Ignore network configuration changes. |
| 448 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) | 397 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)) |
| 449 .Times(AnyNumber()); | 398 .Times(AnyNumber()); |
| 450 | 399 |
| 451 // Start with an empty certificate list. | 400 // Start with an empty certificate list. |
| 401 EXPECT_CALL(*certificate_importer_, |
| 402 ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) |
| 403 .WillRepeatedly(SetCertificateList(net::CertificateList())); |
| 404 |
| 452 UserNetworkConfigurationUpdater* updater = | 405 UserNetworkConfigurationUpdater* updater = |
| 453 CreateNetworkConfigurationUpdaterForUserPolicy( | 406 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 454 true /* allow trusted certs from policy */, | 407 true /* allow trusted certs from policy */, |
| 455 true /* set certificate importer */); | 408 true /* set certificate importer */); |
| 456 MarkPolicyProviderInitialized(); | 409 MarkPolicyProviderInitialized(); |
| 457 | 410 |
| 458 FakeWebTrustedCertsObserver observer; | 411 FakeWebTrustedCertsObserver observer; |
| 459 updater->AddTrustedCertsObserver(&observer); | 412 updater->AddTrustedCertsObserver(&observer); |
| 460 | 413 |
| 461 base::RunLoop().RunUntilIdle(); | 414 base::RunLoop().RunUntilIdle(); |
| 462 | 415 |
| 463 // Verify that the returned certificate list is empty. | 416 // Verify that the returned certificate list is empty. |
| 417 Mock::VerifyAndClearExpectations(certificate_importer_); |
| 464 { | 418 { |
| 465 net::CertificateList trust_anchors; | 419 net::CertificateList trust_anchors; |
| 466 updater->GetWebTrustedCertificates(&trust_anchors); | 420 updater->GetWebTrustedCertificates(&trust_anchors); |
| 467 EXPECT_TRUE(trust_anchors.empty()); | 421 EXPECT_TRUE(trust_anchors.empty()); |
| 468 } | 422 } |
| 469 EXPECT_TRUE(observer.trust_anchors_.empty()); | 423 EXPECT_TRUE(observer.trust_anchors_.empty()); |
| 470 | 424 |
| 471 // Now use a non-empty certificate list to test the observer notification. | 425 // Now use a non-empty certificate list to test the observer notification. |
| 472 net::CertificateList cert_list; | 426 net::CertificateList cert_list; |
| 473 cert_list = | 427 cert_list = |
| 474 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), | 428 net::CreateCertificateListFromFile(net::GetTestCertsDirectory(), |
| 475 "ok_cert.pem", | 429 "ok_cert.pem", |
| 476 net::X509Certificate::FORMAT_AUTO); | 430 net::X509Certificate::FORMAT_AUTO); |
| 477 ASSERT_EQ(1u, cert_list.size()); | 431 ASSERT_EQ(1u, cert_list.size()); |
| 478 certificate_importer_->SetTrustedCertificatesResult(cert_list); | 432 |
| 433 EXPECT_CALL(*certificate_importer_, |
| 434 ImportCertificates(_, onc::ONC_SOURCE_USER_POLICY, _)) |
| 435 .WillOnce(SetCertificateList(cert_list)); |
| 479 | 436 |
| 480 // Change to any non-empty policy, so that updates are triggered. The actual | 437 // Change to any non-empty policy, so that updates are triggered. The actual |
| 481 // content of the policy is irrelevant. | 438 // content of the policy is irrelevant. |
| 482 PolicyMap policy; | 439 PolicyMap policy; |
| 483 policy.Set(key::kOpenNetworkConfiguration, | 440 policy.Set(key::kOpenNetworkConfiguration, |
| 484 POLICY_LEVEL_MANDATORY, | 441 POLICY_LEVEL_MANDATORY, |
| 485 POLICY_SCOPE_USER, | 442 POLICY_SCOPE_USER, |
| 486 new base::StringValue(kFakeONC), | 443 new base::StringValue(kFakeONC), |
| 487 NULL); | 444 NULL); |
| 488 UpdateProviderPolicy(policy); | 445 UpdateProviderPolicy(policy); |
| (...skipping 16 matching lines...) Expand all Loading... |
| 505 PolicyMap policy; | 462 PolicyMap policy; |
| 506 policy.Set(key::kOpenNetworkConfiguration, POLICY_LEVEL_MANDATORY, | 463 policy.Set(key::kOpenNetworkConfiguration, POLICY_LEVEL_MANDATORY, |
| 507 POLICY_SCOPE_USER, new base::StringValue(kFakeONC), NULL); | 464 POLICY_SCOPE_USER, new base::StringValue(kFakeONC), NULL); |
| 508 UpdateProviderPolicy(policy); | 465 UpdateProviderPolicy(policy); |
| 509 | 466 |
| 510 EXPECT_CALL(network_config_handler_, | 467 EXPECT_CALL(network_config_handler_, |
| 511 SetPolicy(onc::ONC_SOURCE_USER_POLICY, | 468 SetPolicy(onc::ONC_SOURCE_USER_POLICY, |
| 512 kFakeUsernameHash, | 469 kFakeUsernameHash, |
| 513 IsEqualTo(&fake_network_configs_), | 470 IsEqualTo(&fake_network_configs_), |
| 514 IsEqualTo(&fake_global_network_config_))); | 471 IsEqualTo(&fake_global_network_config_))); |
| 472 EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _ , _)).Times(0); |
| 515 | 473 |
| 516 UserNetworkConfigurationUpdater* updater = | 474 UserNetworkConfigurationUpdater* updater = |
| 517 CreateNetworkConfigurationUpdaterForUserPolicy( | 475 CreateNetworkConfigurationUpdaterForUserPolicy( |
| 518 true /* allow trusted certs from policy */, | 476 true /* allow trusted certs from policy */, |
| 519 false /* do not set certificate importer */); | 477 false /* do not set certificate importer */); |
| 520 MarkPolicyProviderInitialized(); | 478 MarkPolicyProviderInitialized(); |
| 521 | 479 |
| 522 Mock::VerifyAndClearExpectations(&network_config_handler_); | 480 Mock::VerifyAndClearExpectations(&network_config_handler_); |
| 523 EXPECT_EQ(0u, certificate_importer_->GetAndResetImportCount()); | 481 Mock::VerifyAndClearExpectations(certificate_importer_); |
| 524 | 482 |
| 525 certificate_importer_->SetExpectedONCCertificates(fake_certificates_); | 483 EXPECT_CALL(network_config_handler_, |
| 526 certificate_importer_->SetExpectedONCSource(onc::ONC_SOURCE_USER_POLICY); | 484 SetPolicy(onc::ONC_SOURCE_USER_POLICY, |
| 485 kFakeUsernameHash, |
| 486 IsEqualTo(&fake_network_configs_), |
| 487 IsEqualTo(&fake_global_network_config_))) |
| 488 .Times(0); |
| 489 EXPECT_CALL(*certificate_importer_, |
| 490 ImportCertificates(IsEqualTo(&fake_certificates_), |
| 491 onc::ONC_SOURCE_USER_POLICY, |
| 492 _)); |
| 527 | 493 |
| 528 ASSERT_TRUE(certificate_importer_owned_); | 494 ASSERT_TRUE(certificate_importer_owned_); |
| 529 updater->SetCertificateImporterForTest(certificate_importer_owned_.Pass()); | 495 updater->SetCertificateImporterForTest(certificate_importer_owned_.Pass()); |
| 530 EXPECT_EQ(1u, certificate_importer_->GetAndResetImportCount()); | |
| 531 } | 496 } |
| 532 | 497 |
| 533 class NetworkConfigurationUpdaterTestWithParam | 498 class NetworkConfigurationUpdaterTestWithParam |
| 534 : public NetworkConfigurationUpdaterTest, | 499 : public NetworkConfigurationUpdaterTest, |
| 535 public testing::WithParamInterface<const char*> { | 500 public testing::WithParamInterface<const char*> { |
| 536 protected: | 501 protected: |
| 537 // Returns the currently tested ONC source. | 502 // Returns the currently tested ONC source. |
| 538 onc::ONCSource CurrentONCSource() { | 503 onc::ONCSource CurrentONCSource() { |
| 539 if (GetParam() == key::kOpenNetworkConfiguration) | 504 if (GetParam() == key::kOpenNetworkConfiguration) |
| 540 return onc::ONC_SOURCE_USER_POLICY; | 505 return onc::ONC_SOURCE_USER_POLICY; |
| (...skipping 30 matching lines...) Expand all Loading... |
| 571 PolicyMap policy; | 536 PolicyMap policy; |
| 572 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, | 537 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, |
| 573 new base::StringValue(kFakeONC), NULL); | 538 new base::StringValue(kFakeONC), NULL); |
| 574 UpdateProviderPolicy(policy); | 539 UpdateProviderPolicy(policy); |
| 575 | 540 |
| 576 EXPECT_CALL(network_config_handler_, | 541 EXPECT_CALL(network_config_handler_, |
| 577 SetPolicy(CurrentONCSource(), | 542 SetPolicy(CurrentONCSource(), |
| 578 ExpectedUsernameHash(), | 543 ExpectedUsernameHash(), |
| 579 IsEqualTo(&fake_network_configs_), | 544 IsEqualTo(&fake_network_configs_), |
| 580 IsEqualTo(&fake_global_network_config_))); | 545 IsEqualTo(&fake_global_network_config_))); |
| 581 certificate_importer_->SetExpectedONCCertificates(fake_certificates_); | 546 EXPECT_CALL(*certificate_importer_, |
| 582 certificate_importer_->SetExpectedONCSource(CurrentONCSource()); | 547 ImportCertificates(IsEqualTo(&fake_certificates_), |
| 548 CurrentONCSource(), |
| 549 _)) |
| 550 .Times(ExpectedImportCertificatesCallCount()); |
| 583 | 551 |
| 584 CreateNetworkConfigurationUpdater(); | 552 CreateNetworkConfigurationUpdater(); |
| 585 MarkPolicyProviderInitialized(); | 553 MarkPolicyProviderInitialized(); |
| 586 EXPECT_EQ(ExpectedImportCertificatesCallCount(), | |
| 587 certificate_importer_->GetAndResetImportCount()); | |
| 588 } | 554 } |
| 589 | 555 |
| 590 TEST_P(NetworkConfigurationUpdaterTestWithParam, | 556 TEST_P(NetworkConfigurationUpdaterTestWithParam, |
| 591 PolicyNotSetBeforePolicyProviderInitialized) { | 557 PolicyNotSetBeforePolicyProviderInitialized) { |
| 592 PolicyMap policy; | 558 PolicyMap policy; |
| 593 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, | 559 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, |
| 594 new base::StringValue(kFakeONC), NULL); | 560 new base::StringValue(kFakeONC), NULL); |
| 595 UpdateProviderPolicy(policy); | 561 UpdateProviderPolicy(policy); |
| 596 | 562 |
| 563 EXPECT_CALL(network_config_handler_, |
| 564 SetPolicy(CurrentONCSource(), |
| 565 ExpectedUsernameHash(), |
| 566 IsEqualTo(&fake_network_configs_), |
| 567 IsEqualTo(&fake_global_network_config_))) |
| 568 .Times(0); |
| 569 EXPECT_CALL(*certificate_importer_, |
| 570 ImportCertificates(IsEqualTo(&fake_certificates_), |
| 571 CurrentONCSource(), |
| 572 _)) |
| 573 .Times(0); |
| 574 |
| 597 CreateNetworkConfigurationUpdater(); | 575 CreateNetworkConfigurationUpdater(); |
| 598 | 576 |
| 599 Mock::VerifyAndClearExpectations(&network_config_handler_); | 577 Mock::VerifyAndClearExpectations(&network_config_handler_); |
| 600 EXPECT_EQ(0u, certificate_importer_->GetAndResetImportCount()); | 578 Mock::VerifyAndClearExpectations(certificate_importer_); |
| 601 | 579 |
| 602 EXPECT_CALL(network_config_handler_, | 580 EXPECT_CALL(network_config_handler_, |
| 603 SetPolicy(CurrentONCSource(), | 581 SetPolicy(CurrentONCSource(), |
| 604 ExpectedUsernameHash(), | 582 ExpectedUsernameHash(), |
| 605 IsEqualTo(&fake_network_configs_), | 583 IsEqualTo(&fake_network_configs_), |
| 606 IsEqualTo(&fake_global_network_config_))); | 584 IsEqualTo(&fake_global_network_config_))); |
| 607 certificate_importer_->SetExpectedONCSource(CurrentONCSource()); | 585 EXPECT_CALL(*certificate_importer_, |
| 608 certificate_importer_->SetExpectedONCCertificates(fake_certificates_); | 586 ImportCertificates(IsEqualTo(&fake_certificates_), |
| 587 CurrentONCSource(), |
| 588 _)) |
| 589 .Times(ExpectedImportCertificatesCallCount()); |
| 609 | 590 |
| 610 MarkPolicyProviderInitialized(); | 591 MarkPolicyProviderInitialized(); |
| 611 EXPECT_EQ(ExpectedImportCertificatesCallCount(), | |
| 612 certificate_importer_->GetAndResetImportCount()); | |
| 613 } | 592 } |
| 614 | 593 |
| 615 TEST_P(NetworkConfigurationUpdaterTestWithParam, | 594 TEST_P(NetworkConfigurationUpdaterTestWithParam, |
| 616 PolicyAppliedImmediatelyIfProvidersInitialized) { | 595 PolicyAppliedImmediatelyIfProvidersInitialized) { |
| 617 MarkPolicyProviderInitialized(); | 596 MarkPolicyProviderInitialized(); |
| 618 | 597 |
| 619 PolicyMap policy; | 598 PolicyMap policy; |
| 620 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, | 599 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, |
| 621 new base::StringValue(kFakeONC), NULL); | 600 new base::StringValue(kFakeONC), NULL); |
| 622 UpdateProviderPolicy(policy); | 601 UpdateProviderPolicy(policy); |
| 623 | 602 |
| 624 EXPECT_CALL(network_config_handler_, | 603 EXPECT_CALL(network_config_handler_, |
| 625 SetPolicy(CurrentONCSource(), | 604 SetPolicy(CurrentONCSource(), |
| 626 ExpectedUsernameHash(), | 605 ExpectedUsernameHash(), |
| 627 IsEqualTo(&fake_network_configs_), | 606 IsEqualTo(&fake_network_configs_), |
| 628 IsEqualTo(&fake_global_network_config_))); | 607 IsEqualTo(&fake_global_network_config_))); |
| 629 certificate_importer_->SetExpectedONCSource(CurrentONCSource()); | 608 EXPECT_CALL(*certificate_importer_, |
| 630 certificate_importer_->SetExpectedONCCertificates(fake_certificates_); | 609 ImportCertificates(IsEqualTo(&fake_certificates_), |
| 610 CurrentONCSource(), |
| 611 _)) |
| 612 .Times(ExpectedImportCertificatesCallCount()); |
| 631 | 613 |
| 632 CreateNetworkConfigurationUpdater(); | 614 CreateNetworkConfigurationUpdater(); |
| 633 | |
| 634 EXPECT_EQ(ExpectedImportCertificatesCallCount(), | |
| 635 certificate_importer_->GetAndResetImportCount()); | |
| 636 } | 615 } |
| 637 | 616 |
| 638 TEST_P(NetworkConfigurationUpdaterTestWithParam, PolicyChange) { | 617 TEST_P(NetworkConfigurationUpdaterTestWithParam, PolicyChange) { |
| 639 // Ignore the initial updates. | 618 // Ignore the initial updates. |
| 640 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)).Times(AtLeast(1)); | 619 EXPECT_CALL(network_config_handler_, SetPolicy(_, _, _, _)).Times(AtLeast(1)); |
| 620 EXPECT_CALL(*certificate_importer_, ImportCertificates(_, _, _)) |
| 621 .Times(AtLeast(ExpectedImportCertificatesCallCount())); |
| 641 | 622 |
| 642 CreateNetworkConfigurationUpdater(); | 623 CreateNetworkConfigurationUpdater(); |
| 643 MarkPolicyProviderInitialized(); | 624 MarkPolicyProviderInitialized(); |
| 644 | 625 |
| 645 Mock::VerifyAndClearExpectations(&network_config_handler_); | 626 Mock::VerifyAndClearExpectations(&network_config_handler_); |
| 646 EXPECT_LE(ExpectedImportCertificatesCallCount(), | 627 Mock::VerifyAndClearExpectations(certificate_importer_); |
| 647 certificate_importer_->GetAndResetImportCount()); | |
| 648 | 628 |
| 649 // The Updater should update if policy changes. | 629 // The Updater should update if policy changes. |
| 650 EXPECT_CALL(network_config_handler_, | 630 EXPECT_CALL(network_config_handler_, |
| 651 SetPolicy(CurrentONCSource(), | 631 SetPolicy(CurrentONCSource(), |
| 652 _, | 632 _, |
| 653 IsEqualTo(&fake_network_configs_), | 633 IsEqualTo(&fake_network_configs_), |
| 654 IsEqualTo(&fake_global_network_config_))); | 634 IsEqualTo(&fake_global_network_config_))); |
| 655 certificate_importer_->SetExpectedONCSource(CurrentONCSource()); | 635 EXPECT_CALL(*certificate_importer_, |
| 656 certificate_importer_->SetExpectedONCCertificates(fake_certificates_); | 636 ImportCertificates(IsEqualTo(&fake_certificates_), |
| 637 CurrentONCSource(), |
| 638 _)) |
| 639 .Times(ExpectedImportCertificatesCallCount()); |
| 657 | 640 |
| 658 PolicyMap policy; | 641 PolicyMap policy; |
| 659 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, | 642 policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER, |
| 660 new base::StringValue(kFakeONC), NULL); | 643 new base::StringValue(kFakeONC), NULL); |
| 661 UpdateProviderPolicy(policy); | 644 UpdateProviderPolicy(policy); |
| 662 Mock::VerifyAndClearExpectations(&network_config_handler_); | 645 Mock::VerifyAndClearExpectations(&network_config_handler_); |
| 663 EXPECT_EQ(ExpectedImportCertificatesCallCount(), | 646 Mock::VerifyAndClearExpectations(certificate_importer_); |
| 664 certificate_importer_->GetAndResetImportCount()); | |
| 665 | 647 |
| 666 // Another update is expected if the policy goes away. | 648 // Another update is expected if the policy goes away. |
| 667 EXPECT_CALL(network_config_handler_, | 649 EXPECT_CALL(network_config_handler_, |
| 668 SetPolicy(CurrentONCSource(), _, IsEmpty(), IsEmpty())); | 650 SetPolicy(CurrentONCSource(), _, IsEmpty(), IsEmpty())); |
| 669 certificate_importer_->SetExpectedONCCertificates(base::ListValue()); | 651 EXPECT_CALL(*certificate_importer_, |
| 652 ImportCertificates(IsEmpty(), CurrentONCSource(), _)) |
| 653 .Times(ExpectedImportCertificatesCallCount()); |
| 670 | 654 |
| 671 policy.Erase(GetParam()); | 655 policy.Erase(GetParam()); |
| 672 UpdateProviderPolicy(policy); | 656 UpdateProviderPolicy(policy); |
| 673 EXPECT_EQ(ExpectedImportCertificatesCallCount(), | |
| 674 certificate_importer_->GetAndResetImportCount()); | |
| 675 } | 657 } |
| 676 | 658 |
| 677 INSTANTIATE_TEST_CASE_P(NetworkConfigurationUpdaterTestWithParamInstance, | 659 INSTANTIATE_TEST_CASE_P(NetworkConfigurationUpdaterTestWithParamInstance, |
| 678 NetworkConfigurationUpdaterTestWithParam, | 660 NetworkConfigurationUpdaterTestWithParam, |
| 679 testing::Values(key::kDeviceOpenNetworkConfiguration, | 661 testing::Values(key::kDeviceOpenNetworkConfiguration, |
| 680 key::kOpenNetworkConfiguration)); | 662 key::kOpenNetworkConfiguration)); |
| 681 | 663 |
| 682 } // namespace policy | 664 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 580283005:
Revert of Make ONCCertificateImporter async. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@nss_util_deadcode