chromium/src
0
Fork 0
Code Activity

This moves the ONC parsing code into chromeos/network/onc

Browse Source 
so that it can be used there without violating dependency
rules.

(Using the "refactoring" OWNERS TBR rule...)

BUG=none
TEST=ran unit tests
TBR=jhawkins@chromium.org


Review URL: https://chromiumcodereview.appspot.com/11299236

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@172446 0039d316-1c4b-4281-b951-d872f2087c98
This commit is contained in:
gspencer@chromium.org
2012-12-11 23:02:54 +00:00
parent 6ba4d65ab5
commit 01c988df2e
95 changed files with 877 additions and 840 deletions
chrome
app
chromeos_strings.grdp
browser
chromeos
cros
mock_network_library.hnetwork_library.ccnetwork_library.hnetwork_library_impl_base.ccnetwork_library_impl_base.hnetwork_library_impl_stub.ccnetwork_library_unittest.ccnetwork_ui_data.ccnetwork_ui_data.hnetwork_ui_data_unittest.cconc_constants.honc_network_parser.cconc_network_parser.honc_network_parser_unittest.cc
login
existing_user_controller_browsertest.cclogin_browsertest.ccnetwork_screen_browsertest.ccscreen_locker_browsertest.ccupdate_screen_browsertest.cc
network_settings
onc_signature.honc_utils.h
options
vpn_config_view.ccwifi_config_view.ccwimax_config_view.cc
proxy_config_service_impl.cc
policy
configuration_policy_handler_chromeos.ccconfiguration_policy_handler_chromeos.hconfiguration_policy_handler_chromeos_unittest.ccconfiguration_policy_handler_list.ccnetwork_configuration_updater.ccnetwork_configuration_updater.hnetwork_configuration_updater_unittest.cc
ui
webui
net_internals
net_internals_ui.cc
options
chromeos
internet_options_handler.cc
chrome_browser_chromeos.gypichrome_tests_unit.gypi
chromeos
DEPSchromeos.gypchromeos_test_utils.ccchromeos_test_utils.h
network
network_event_log.ccnetwork_event_log.hnetwork_event_log_unittest.cc
onc
onc_certificate_importer.cconc_certificate_importer.honc_certificate_importer_unittest.cconc_constants.cconc_constants.honc_mapper.cconc_mapper.honc_merger.cconc_merger.honc_merger_unittest.cconc_normalizer.cconc_normalizer.honc_normalizer_unittest.cconc_signature.cconc_signature.honc_test_utils.cconc_test_utils.honc_translation_tables.cconc_translation_tables.honc_translator.honc_translator_onc_to_shill.cconc_translator_shill_to_onc.cconc_translator_unittest.cconc_utils.cconc_utils.honc_utils_unittest.cconc_validator.cconc_validator.honc_validator_unittest.cc
test
data
network
broken-encrypted-iterations.oncbroken-encrypted-zero-iterations.onccertificate-client-update.onccertificate-client.onccertificate-server-update.onccertificate-server.onccertificate-web-authority-update.onccertificate-web-authority.oncdecrypted.oncdevice_policy.oncencrypted.oncinvalid_settings_with_repairs.jsonpolicy.oncpolicy_without_recommended.oncsettings_with_normalization.jsonshill_ethernet.jsonshill_l2tpipsec.jsonshill_openvpn.jsonuser.oncvalid.oncvalid_l2tpipsec.oncvalid_openvpn.onc

60
chrome/app/chromeos_strings.grdp

@ -144,15 +144,6 @@ Press any key to continue exploring.
<message name="IDS_OFFERS_CONSENT_INFOBAR_DISABLE_BUTTON" desc="Disable button label.">
Deny
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_NETWORK_NOT_A_JSON_DICTIONARY" desc="Error for network configuration: Configuration is not a valid JSON dictionary.">
The configuration is not a valid JSON dictionary.
</message>
<message name="IDS_NETWORK_CONFIG_LOADING_ERROR" desc="Error message for loading network configuration file.">
Error loading network configuration file: <ph name="error">$1<ex>Unknown error</ex></ph>
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_UNKNOWN" desc="Error for network configuration: Unknown error.">
Unknown error
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_INCORRECT_PASSWORD" desc="Error for network configuration: Incorrect password.">
Incorrect password
</message>
@ -162,57 +153,6 @@ Press any key to continue exploring.
<message name="IDS_NETWORK_CONFIG_ERROR_NETWORK_PROP_DICT_MALFORMED" desc="Error for network configuration: Network property dictionary malformed.">
Network property dictionary malformed
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_NETWORK_EAP_DICT_MALFORMED" desc="Error for network configuration: Network EAP dictionary malformed.">
Network EAP dictionary malformed
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_NETWORK_DELETE" desc="Error for network configuration: Network delete error.">
Network delete error
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_NETWORK_IMPORT" desc="Error for network configuration: Network import error.">
Network import error
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_CERT_GUID_MISSING" desc="Error for network configuration: Certificateg GUID missing.">
Certificate GUID missing
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_CERT_GUID_COLLISION" desc="Error for network configuration: GUID is taken by a different certificate.">
Certificate GUID collision
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_CERT_TYPE_MISSING" desc="Error for network configuration: Certificate type missing.">
Certificate type missing
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_CERT_TRUST_INVALID" desc="Error for network configuration: Certificate trust invalid.">
Certificate trust invalid
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_CERT_TRUST_UNKNOWN" desc="Error for network configuration: Certificate trust unknown.">
Certificate trust unknown
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_CERT_DATA_MISSING" desc="Error for network configuration: Certificate data missing.">
Certificate data missing
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_CERT_DATA_MALFORMED" desc="Error for network configuration: Certificate data malformed.">
Certificate data malformed
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_CERT_DELETE" desc="Error for network configuration: Certificate delete error.">
Certificate delete error
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_CERT_IMPORT" desc="Error for network configuration: Certificate import error.">
Certificate import error
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_MALFORMED" desc="Displayed when importing an encrypted ONC file and the ONC file is malformed.">
Encrypted ONC file is malformed.
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNSUPPORTED_ENCRYPTION" desc="Displayed when importing an encrypted ONC file and the ONC file uses an encryption protocol that is not supported.">
Encrypted ONC file uses an unsupported encryption scheme.
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNABLE_TO_DECODE" desc="Displayed when importing an encrypted ONC file and the encryption parameters are not able to be parsed.">
Unable to parse some parameters in the encrypted ONC file.
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNABLE_TO_DECRYPT" desc="Displayed when importing an encrypted ONC file and it is not able to be decrypted.">
Unable to decrypt the encrypted ONC file.
</message>
<message name="IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_TOO_MANY_ITERATIONS" desc="Displayed when importing an encrypted ONC file and the iteration count is too large.">
Passphrase iteration count is too large.
</message>
<message name="IDS_NETWORK_ENROLLMENT_HANDLER_TITLE" desc="Title of the window for generating a new network certificate.">
Obtain network certificate
</message>

8
chrome/browser/chromeos/cros/mock_network_library.h

@ -8,6 +8,7 @@
#include <string>
#include "chrome/browser/chromeos/cros/network_library.h"
#include "chromeos/network/onc/onc_constants.h"
#include "testing/gmock/include/gmock/gmock.h"
namespace chromeos {
@ -187,11 +188,10 @@ class MockNetworkLibrary : public NetworkLibrary {
const std::string&,
int));
MOCK_METHOD0(SwitchToPreferredNetwork, void(void));
MOCK_METHOD5(LoadOncNetworks, bool(const std::string&,
MOCK_METHOD4(LoadOncNetworks, bool(const std::string&,
const std::string&,
NetworkUIData::ONCSource,
bool,
std::string*));
onc::ONCSource,
bool));
MOCK_METHOD2(SetActiveNetwork, bool(ConnectionType, const std::string&));
};

2
chrome/browser/chromeos/cros/network_library.cc

@ -751,7 +751,7 @@ void VirtualNetwork::MatchCertificatePattern(bool allow_enroll,
// user can't get to the place where a cert is presented for them
// involuntarily.
if (client_cert_pattern().Empty() ||
ui_data().onc_source() == NetworkUIData::ONC_SOURCE_DEVICE_POLICY) {
ui_data().onc_source() == onc::ONC_SOURCE_DEVICE_POLICY) {
connect.Run();
return;
}

6
chrome/browser/chromeos/cros/network_library.h

@ -19,6 +19,7 @@
#include "chrome/browser/chromeos/cros/cros_network_functions.h"
#include "chrome/browser/chromeos/cros/network_constants.h"
#include "chrome/browser/chromeos/cros/network_ui_data.h"
#include "chromeos/network/onc/onc_constants.h"
#include "googleurl/src/gurl.h"
namespace base {
@ -1689,9 +1690,8 @@ class NetworkLibrary {
// the error message.
virtual bool LoadOncNetworks(const std::string& onc_blob,
const std::string& passcode,
NetworkUIData::ONCSource source,
bool allow_web_trust_from_policy,
std::string* error) = 0;
onc::ONCSource source,
bool allow_web_trust_from_policy) = 0;
// This sets the active network for the network type. Note: priority order
// is unchanged (i.e. if a wifi network is set to active, but an ethernet

82
chrome/browser/chromeos/cros/network_library_impl_base.cc

@ -9,13 +9,13 @@
#include "base/memory/scoped_vector.h"
#include "base/stl_util.h"
#include "chrome/browser/chromeos/cros/native_network_parser.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/cros/onc_network_parser.h"
#include "chrome/browser/chromeos/network_login_observer.h"
#include "chrome/browser/chromeos/network_settings/onc_certificate_importer.h"
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chrome/browser/chromeos/network_settings/onc_utils.h"
#include "chrome/browser/chromeos/network_settings/onc_validator.h"
#include "chromeos/network/onc/onc_certificate_importer.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_signature.h"
#include "chromeos/network/onc/onc_utils.h"
#include "chromeos/network/onc/onc_validator.h"
#include "content/public/browser/browser_thread.h"
#include "crypto/nss_util.h" // crypto::GetTPMTokenInfo() for 802.1X and VPN.
#include "grit/generated_resources.h"
@ -34,14 +34,14 @@ const int kNetworkNotifyDelayMs = 50;
// How long we should remember that cellular plan payment was received.
const int kRecentPlanPaymentHours = 6;
NetworkProfileType GetProfileTypeForSource(NetworkUIData::ONCSource source) {
NetworkProfileType GetProfileTypeForSource(onc::ONCSource source) {
switch (source) {
case NetworkUIData::ONC_SOURCE_DEVICE_POLICY:
case onc::ONC_SOURCE_DEVICE_POLICY:
return PROFILE_SHARED;
case NetworkUIData::ONC_SOURCE_USER_POLICY:
case onc::ONC_SOURCE_USER_POLICY:
return PROFILE_USER;
case NetworkUIData::ONC_SOURCE_NONE:
case NetworkUIData::ONC_SOURCE_USER_IMPORT:
case onc::ONC_SOURCE_NONE:
case onc::ONC_SOURCE_USER_IMPORT:
return PROFILE_NONE;
}
NOTREACHED() << "Unknown ONC source " << source;
@ -364,7 +364,7 @@ const Network* NetworkLibraryImplBase::connected_network() const {
return result;
}
// Connecting order in logical prefernce.
// Connecting order in logical preference.
const Network* NetworkLibraryImplBase::connecting_network() const {
if (ethernet_connecting())
return ethernet_network();
@ -1023,12 +1023,11 @@ void NetworkLibraryImplBase::SwitchToPreferredNetwork() {
bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
const std::string& passphrase,
NetworkUIData::ONCSource source,
bool allow_web_trust_from_policy,
std::string* error) {
onc::ONCSource source,
bool allow_web_trust_from_policy) {
NetworkProfile* profile = NULL;
bool from_policy = (source == NetworkUIData::ONC_SOURCE_USER_POLICY ||
source == NetworkUIData::ONC_SOURCE_DEVICE_POLICY);
bool from_policy = (source == onc::ONC_SOURCE_USER_POLICY ||
source == onc::ONC_SOURCE_DEVICE_POLICY);
// Policies are applied to a specific Shill profile. User ONC import however
// is applied to whatever profile Shill chooses. This should be the profile
@ -1037,20 +1036,19 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
if (from_policy) {
profile = GetProfileForType(GetProfileTypeForSource(source));
if (profile == NULL) {
DLOG(WARNING) << "Profile for ONC source " << source << " doesn't exist.";
DLOG(WARNING) << "Profile for ONC source "
<< onc::GetSourceAsString(source)
<< " doesn't exist.";
return false;
}
}
VLOG(2) << __func__ << ": called on " << onc_blob;
std::string json_error;
scoped_ptr<base::DictionaryValue> root_dict =
onc::ReadDictionaryFromJson(onc_blob, &json_error);
onc::ReadDictionaryFromJson(onc_blob);
if (root_dict.get() == NULL) {
if (error != NULL)
*error = json_error;
LOG(WARNING) << "ONC loaded from ONC source " << source
<< " is not a valid json dictionary: " << json_error;
LOG(WARNING) << "ONC loaded from " << onc::GetSourceAsString(source)
<< " is not a valid JSON dictionary.";
return false;
}
@ -1058,13 +1056,10 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
std::string onc_type;
root_dict->GetStringWithoutPathExpansion(onc::kType, &onc_type);
if (onc_type == onc::kEncryptedConfiguration) {
std::string decrypt_error;
root_dict = onc::Decrypt(passphrase, *root_dict, &decrypt_error);
root_dict = onc::Decrypt(passphrase, *root_dict);
if (root_dict.get() == NULL) {
if (error != NULL)
*error = decrypt_error;
LOG(WARNING) << "Couldn't decrypt the ONC from source " << source
<< " with error: " << decrypt_error;
LOG(WARNING) << "Couldn't decrypt the ONC from "
<< onc::GetSourceAsString(source);
return false;
}
}
@ -1105,12 +1100,10 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
VLOG(2) << "ONC file has " << certificates->GetSize() << " certificates";
onc::CertificateImporter cert_importer(source, allow_web_trust_from_policy);
std::string cert_error;
if (!cert_importer.ParseAndStoreCertificates(*certificates, &cert_error)) {
if (error != NULL)
*error = cert_error;
if (cert_importer.ParseAndStoreCertificates(*certificates) !=
onc::CertificateImporter::IMPORT_OK) {
LOG(WARNING) << "Cannot parse some of the certificates in the ONC from "
<< "source " << source << " with error: " << cert_error;
<< onc::GetSourceAsString(source);
return false;
}
}
@ -1130,17 +1123,14 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
bool marked_for_removal = false;
Network* network = parser.ParseNetwork(i, &marked_for_removal);
if (!network) {
if (error != NULL)
*error = parser.parse_error();
LOG(WARNING) << "Error during parsing network at index " << i
<< " from ONC source " << source
<< ": " << parser.parse_error();
<< " from ONC source " << onc::GetSourceAsString(source);
return false;
}
// Disallow anything but WiFi and Ethernet for device-level policy (which
// corresponds to shared networks). See also http://crosbug.com/28741.
if (source == NetworkUIData::ONC_SOURCE_DEVICE_POLICY &&
if (source == onc::ONC_SOURCE_DEVICE_POLICY &&
network->type() != TYPE_WIFI &&
network->type() != TYPE_ETHERNET) {
LOG(WARNING) << "Ignoring device-level policy-pushed network of type "
@ -1150,7 +1140,7 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
}
networks.push_back(network);
if (!(source == NetworkUIData::ONC_SOURCE_USER_IMPORT &&
if (!(source == onc::ONC_SOURCE_USER_IMPORT &&
marked_for_removal)) {
added_onc_map[network->unique_id()] = parser.GetNetworkConfig(i);
}
@ -1178,7 +1168,7 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
// Don't configure a network that is supposed to be removed. For
// policy-managed networks, the "remove" functionality of ONC is ignored.
if (source == NetworkUIData::ONC_SOURCE_USER_IMPORT &&
if (source == onc::ONC_SOURCE_USER_IMPORT &&
removal_ids.find(network->unique_id()) != removal_ids.end()) {
continue;
}
@ -1222,7 +1212,7 @@ bool NetworkLibraryImplBase::LoadOncNetworks(const std::string& onc_blob,
// ONC blob. We first collect the networks and do the actual deletion later
// because ForgetNetwork() changes the remembered network vectors.
ForgetNetworksById(source, network_ids, false);
} else if (source == NetworkUIData::ONC_SOURCE_USER_IMPORT) {
} else if (source == onc::ONC_SOURCE_USER_IMPORT) {
if (removal_ids.empty())
return true;
@ -1368,7 +1358,7 @@ void NetworkLibraryImplBase::DeleteNetwork(Network* network) {
}
void NetworkLibraryImplBase::ForgetNetworksById(
NetworkUIData::ONCSource source,
onc::ONCSource source,
std::set<std::string> ids,
bool if_found) {
std::vector<std::string> to_be_forgotten;
@ -1405,9 +1395,9 @@ bool NetworkLibraryImplBase::ValidateRememberedNetwork(Network* network) {
// available to LoadOncNetworks(), which can happen due to the asynchronous
// communication between shill and NetworkLibrary. Just tell shill to
// delete the network now.
const NetworkUIData::ONCSource source = network->ui_data().onc_source();
if (source == NetworkUIData::ONC_SOURCE_USER_POLICY ||
source == NetworkUIData::ONC_SOURCE_DEVICE_POLICY) {
const onc::ONCSource source = network->ui_data().onc_source();
if (source == onc::ONC_SOURCE_USER_POLICY ||
source == onc::ONC_SOURCE_DEVICE_POLICY) {
NetworkSourceMap::const_iterator network_id_set(
network_source_map_.find(source));
if (network_id_set != network_source_map_.end() &&

12
chrome/browser/chromeos/cros/network_library_impl_base.h

@ -9,6 +9,7 @@
#include <set>
#include "chrome/browser/chromeos/cros/network_library.h"
#include "chromeos/network/onc/onc_constants.h"
namespace chromeos {
@ -43,7 +44,7 @@ class NetworkLibraryImplBase : public NetworkLibrary {
virtual void CallConfigureService(const std::string& identifier,
const DictionaryValue* info) = 0;
// Called from NetworkConnectStart.
// Calls NetworkConnectCompleted when the connection attept completes.
// Calls NetworkConnectCompleted when the connection attempt completes.
virtual void CallConnectToNetwork(Network* network) = 0;
// Called from DeleteRememberedNetwork.
virtual void CallDeleteRememberedNetwork(
@ -233,9 +234,8 @@ class NetworkLibraryImplBase : public NetworkLibrary {
virtual void SwitchToPreferredNetwork() OVERRIDE;
virtual bool LoadOncNetworks(const std::string& onc_blob,
const std::string& passphrase,
NetworkUIData::ONCSource source,
bool allow_web_trust_from_policy,
std::string* error) OVERRIDE;
onc::ONCSource source,
bool allow_web_trust_from_policy) OVERRIDE;
virtual bool SetActiveNetwork(ConnectionType type,
const std::string& service_path) OVERRIDE;
@ -251,7 +251,7 @@ class NetworkLibraryImplBase : public NetworkLibrary {
typedef std::map<std::string, int> PriorityMap;
typedef std::map<std::string, NetworkDevice*> NetworkDeviceMap;
typedef std::map<std::string, const base::DictionaryValue*> NetworkOncMap;
typedef std::map<NetworkUIData::ONCSource,
typedef std::map<onc::ONCSource,
std::set<std::string> > NetworkSourceMap;
struct NetworkProfile {
@ -317,7 +317,7 @@ class NetworkLibraryImplBase : public NetworkLibrary {
// When |if_found| is true, then it forgets networks that appear in |ids|.
// When |if_found| is false, it removes networks that do NOT appear in |ids|.
// |source| is the import source of the data.
void ForgetNetworksById(NetworkUIData::ONCSource source,
void ForgetNetworksById(onc::ONCSource source,
std::set<std::string> ids,
bool if_found);

10
chrome/browser/chromeos/cros/network_library_impl_stub.cc

@ -179,7 +179,7 @@ void NetworkLibraryImplStub::Init() {
wifi7->SetEAPIdentity("enterprise@example.com");
wifi7->SetEAPPassphrase("password");
NetworkUIData wifi7_ui_data;
wifi7_ui_data.set_onc_source(NetworkUIData::ONC_SOURCE_DEVICE_POLICY);
wifi7_ui_data.set_onc_source(onc::ONC_SOURCE_DEVICE_POLICY);
wifi7->set_ui_data(wifi7_ui_data);
AddStubNetwork(wifi7, PROFILE_USER);
@ -211,7 +211,7 @@ void NetworkLibraryImplStub::Init() {
cellular3->set_activation_state(ACTIVATION_STATE_ACTIVATED);
cellular3->set_network_technology(NETWORK_TECHNOLOGY_EVDO);
NetworkUIData cellular3_ui_data;
cellular3_ui_data.set_onc_source(NetworkUIData::ONC_SOURCE_USER_POLICY);
cellular3_ui_data.set_onc_source(onc::ONC_SOURCE_USER_POLICY);
cellular3->set_ui_data(cellular3_ui_data);
AddStubNetwork(cellular3, PROFILE_NONE);
@ -221,7 +221,7 @@ void NetworkLibraryImplStub::Init() {
cellular4->set_activation_state(ACTIVATION_STATE_ACTIVATED);
cellular4->set_network_technology(NETWORK_TECHNOLOGY_GSM);
NetworkUIData cellular4_ui_data;
cellular4_ui_data.set_onc_source(NetworkUIData::ONC_SOURCE_USER_POLICY);
cellular4_ui_data.set_onc_source(onc::ONC_SOURCE_USER_POLICY);
cellular4->set_ui_data(cellular4_ui_data);
AddStubNetwork(cellular4, PROFILE_NONE);
@ -265,7 +265,7 @@ void NetworkLibraryImplStub::Init() {
vpn4->set_server_hostname("vpn4server.fake.com");
vpn4->set_provider_type(PROVIDER_TYPE_OPEN_VPN);
NetworkUIData vpn4_ui_data;
vpn4_ui_data.set_onc_source(NetworkUIData::ONC_SOURCE_DEVICE_POLICY);
vpn4_ui_data.set_onc_source(onc::ONC_SOURCE_DEVICE_POLICY);
vpn4->set_ui_data(vpn4_ui_data);
AddStubNetwork(vpn4, PROFILE_USER);
@ -301,7 +301,7 @@ void NetworkLibraryImplStub::Init() {
" ],"
" \"Certificates\": []"
"}");
// LoadOncNetworks(test_blob, "", NetworkUIData::ONC_SOURCE_USER_IMPORT, NULL);
// LoadOncNetworks(test_blob, "", onc::ONC_SOURCE_USER_IMPORT, NULL);
}
bool NetworkLibraryImplStub::IsCros() const {

26
chrome/browser/chromeos/cros/network_library_unittest.cc

@ -17,11 +17,11 @@
#include "base/path_service.h"
#include "chrome/browser/chromeos/cros/cros_library.h"
#include "chrome/browser/chromeos/cros/network_library.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/cros/onc_network_parser.h"
#include "chrome/browser/chromeos/network_settings/onc_certificate_importer.h"
#include "chrome/browser/chromeos/network_settings/onc_utils.h"
#include "chrome/common/chrome_paths.h"
#include "chromeos/network/onc/onc_certificate_importer.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_utils.h"
#include "crypto/nss_util.h"
#include "net/base/crypto_module.h"
#include "net/base/nss_cert_database.h"
@ -156,7 +156,6 @@ class NetworkLibraryStubTest : public testing::Test {
scoped_ptr<base::ListValue>* certificates,
scoped_ptr<base::ListValue>* network_configs) {
FilePath path;
std::string error;
PathService::Get(chrome::DIR_TEST_DATA, &path);
path = path.AppendASCII("chromeos").AppendASCII("cros").Append(filename);
ASSERT_TRUE(file_util::PathExists(path))
@ -166,9 +165,8 @@ class NetworkLibraryStubTest : public testing::Test {
<< "Unable to read test data file " << path.value();
scoped_ptr<base::DictionaryValue> root =
onc::ReadDictionaryFromJson(contents, &error);
CHECK(root.get() != NULL) << "ONC is not a valid json dictionary: "
<< error;
onc::ReadDictionaryFromJson(contents);
CHECK(root.get() != NULL) << "ONC is not a valid JSON dictionary.";
base::ListValue* certificates_ptr;
CHECK(root->GetListWithoutPathExpansion(onc::kCertificates,
@ -304,12 +302,13 @@ TEST_F(NetworkLibraryStubTest, NetworkConnectOncWifi) {
scoped_ptr<base::ListValue> certificates;
GetTestData("cert-pattern.onc", &certificates, &network_configs);
onc::CertificateImporter importer(NetworkUIData::ONC_SOURCE_USER_IMPORT,
onc::CertificateImporter importer(onc::ONC_SOURCE_USER_IMPORT,
false /* don't allow webtrust */);
EXPECT_TRUE(importer.ParseAndStoreCertificates(*certificates, NULL));
EXPECT_EQ(onc::CertificateImporter::IMPORT_OK,
importer.ParseAndStoreCertificates(*certificates));
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
ASSERT_TRUE(parser.parse_error().empty());
EXPECT_EQ(1, parser.GetNetworkConfigsSize());
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));
@ -340,12 +339,13 @@ TEST_F(NetworkLibraryStubTest, NetworkConnectOncVPN) {
scoped_ptr<base::ListValue> certificates;
GetTestData("cert-pattern-vpn.onc", &certificates, &network_configs);
onc::CertificateImporter importer(NetworkUIData::ONC_SOURCE_USER_IMPORT,
onc::CertificateImporter importer(onc::ONC_SOURCE_USER_IMPORT,
false /* don't allow webtrust */);
EXPECT_TRUE(importer.ParseAndStoreCertificates(*certificates, NULL));
EXPECT_EQ(onc::CertificateImporter::IMPORT_OK,
importer.ParseAndStoreCertificates(*certificates));
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
ASSERT_TRUE(parser.parse_error().empty());
EXPECT_EQ(1, parser.GetNetworkConfigsSize());
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));

18
chrome/browser/chromeos/cros/network_ui_data.cc

@ -15,11 +15,11 @@ const char NetworkUIData::kKeyCertificatePattern[] = "certificate_pattern";
const char NetworkUIData::kKeyCertificateType[] = "certificate_type";
// Property names for per-property data stored under |kKeyProperties|.
const EnumMapper<NetworkUIData::ONCSource>::Pair
const EnumMapper<onc::ONCSource>::Pair
NetworkUIData::kONCSourceTable[] = {
{ "user_import", NetworkUIData::ONC_SOURCE_USER_IMPORT },
{ "device_policy", NetworkUIData::ONC_SOURCE_DEVICE_POLICY },
{ "user_policy", NetworkUIData::ONC_SOURCE_USER_POLICY },
{ "user_import", onc::ONC_SOURCE_USER_IMPORT },
{ "device_policy", onc::ONC_SOURCE_DEVICE_POLICY },
{ "user_policy", onc::ONC_SOURCE_USER_POLICY },
};
// Property names for per-property data stored under |kKeyProperties|.
@ -35,7 +35,7 @@ const char NetworkPropertyUIData::kKeyController[] = "controller";
const char NetworkPropertyUIData::kKeyDefaultValue[] = "default_value";
NetworkUIData::NetworkUIData()
: onc_source_(ONC_SOURCE_NONE),
: onc_source_(onc::ONC_SOURCE_NONE),
certificate_type_(CLIENT_CERT_TYPE_NONE) {
}
@ -44,7 +44,7 @@ NetworkUIData::NetworkUIData(const DictionaryValue& dict) {
if (dict.GetString(kKeyONCSource, &source)) {
onc_source_ = GetONCSourceMapper().Get(source);
} else {
onc_source_ = ONC_SOURCE_NONE;
onc_source_ = onc::ONC_SOURCE_NONE;
}
const DictionaryValue* cert_dict = NULL;
if (dict.GetDictionary(kKeyCertificatePattern, &cert_dict) && cert_dict)
@ -87,10 +87,10 @@ void NetworkUIData::FillDictionary(base::DictionaryValue* dict) const {
}
// static
EnumMapper<NetworkUIData::ONCSource>& NetworkUIData::GetONCSourceMapper() {
CR_DEFINE_STATIC_LOCAL(EnumMapper<ONCSource>, mapper,
EnumMapper<onc::ONCSource>& NetworkUIData::GetONCSourceMapper() {
CR_DEFINE_STATIC_LOCAL(EnumMapper<onc::ONCSource>, mapper,
(kONCSourceTable, arraysize(kONCSourceTable),
ONC_SOURCE_NONE));
onc::ONC_SOURCE_NONE));
return mapper;
}

24
chrome/browser/chromeos/cros/network_ui_data.h

@ -13,6 +13,7 @@
#include "chrome/browser/chromeos/cros/certificate_pattern.h"
#include "chrome/browser/chromeos/cros/enum_mapper.h"
#include "chrome/browser/chromeos/cros/network_constants.h"
#include "chromeos/network/onc/onc_constants.h"
namespace chromeos {
@ -25,23 +26,16 @@ class NetworkPropertyUIData;
// |network|:
//
// NetworkUIData ui_data;
// ui_data.set_onc_source(NetworkUIData::ONC_SOURCE_USER_IMPORT);
// ui_data.set_onc_source(onc::ONC_SOURCE_USER_IMPORT);
// ui_data.FillDictionary(network->ui_data());
class NetworkUIData {
public:
// Indicates from which source an ONC blob comes from.
enum ONCSource {
ONC_SOURCE_NONE,
ONC_SOURCE_USER_IMPORT,
ONC_SOURCE_DEVICE_POLICY,
ONC_SOURCE_USER_POLICY,
};
NetworkUIData();
explicit NetworkUIData(const base::DictionaryValue& dict);
~NetworkUIData();
void set_onc_source(ONCSource onc_source) { onc_source_ = onc_source; }
ONCSource onc_source() const { return onc_source_; }
void set_onc_source(onc::ONCSource onc_source) { onc_source_ = onc_source; }
onc::ONCSource onc_source() const { return onc_source_; }
void set_certificate_pattern(const CertificatePattern& pattern) {
certificate_pattern_ = pattern;
@ -56,8 +50,8 @@ class NetworkUIData {
return certificate_type_;
}
bool is_managed() const {
return onc_source_ == ONC_SOURCE_DEVICE_POLICY ||
onc_source_ == ONC_SOURCE_USER_POLICY;
return onc_source_ == onc::ONC_SOURCE_DEVICE_POLICY ||
onc_source_ == onc::ONC_SOURCE_USER_POLICY;
}
// Fills in |dict| with the currently configured values. This will write the
@ -76,14 +70,14 @@ class NetworkUIData {
static const char kKeyCertificateType[];
private:
static EnumMapper<ONCSource>& GetONCSourceMapper();
static EnumMapper<onc::ONCSource>& GetONCSourceMapper();
static EnumMapper<ClientCertType>& GetClientCertMapper();
CertificatePattern certificate_pattern_;
ONCSource onc_source_;
onc::ONCSource onc_source_;
ClientCertType certificate_type_;
static const EnumMapper<NetworkUIData::ONCSource>::Pair kONCSourceTable[];
static const EnumMapper<onc::ONCSource>::Pair kONCSourceTable[];
static const EnumMapper<ClientCertType>::Pair kClientCertTable[];
};

11
chrome/browser/chromeos/cros/network_ui_data_unittest.cc

@ -35,21 +35,20 @@ TEST_F(NetworkUIDataTest, ONCSource) {
ui_data_dict.SetString(NetworkUIData::kKeyONCSource, "user_import");
{
NetworkUIData ui_data(ui_data_dict);
EXPECT_EQ(NetworkUIData::ONC_SOURCE_USER_IMPORT,
ui_data.onc_source());
EXPECT_EQ(onc::ONC_SOURCE_USER_IMPORT, ui_data.onc_source());
EXPECT_FALSE(ui_data.is_managed());
}
ui_data_dict.SetString(NetworkUIData::kKeyONCSource, "device_policy");
{
NetworkUIData ui_data(ui_data_dict);
EXPECT_EQ(NetworkUIData::ONC_SOURCE_DEVICE_POLICY, ui_data.onc_source());
EXPECT_EQ(onc::ONC_SOURCE_DEVICE_POLICY, ui_data.onc_source());
EXPECT_TRUE(ui_data.is_managed());
}
ui_data_dict.SetString(NetworkUIData::kKeyONCSource, "user_policy");
{
NetworkUIData ui_data(ui_data_dict);
EXPECT_EQ(NetworkUIData::ONC_SOURCE_USER_POLICY, ui_data.onc_source());
EXPECT_EQ(onc::ONC_SOURCE_USER_POLICY, ui_data.onc_source());
EXPECT_TRUE(ui_data.is_managed());
}
}
@ -135,7 +134,7 @@ TEST_F(NetworkUIDataTest, ParseOncProperty) {
NetworkPropertyUIData prop;
ui_data.set_onc_source(NetworkUIData::ONC_SOURCE_USER_IMPORT);
ui_data.set_onc_source(onc::ONC_SOURCE_USER_IMPORT);
ui_data.FillDictionary(&ui_data_dict);
NetworkUIData empty_data;
@ -151,7 +150,7 @@ TEST_F(NetworkUIDataTest, ParseOncProperty) {
prop.ParseOncProperty(ui_data, &onc, "c");
CheckProperty(prop, NULL, false, false, true);
ui_data.set_onc_source(NetworkUIData::ONC_SOURCE_USER_POLICY);
ui_data.set_onc_source(onc::ONC_SOURCE_USER_POLICY);
ui_data.FillDictionary(&ui_data_dict);
prop.ParseOncProperty(ui_data, &onc, "a");

210
chrome/browser/chromeos/cros/onc_constants.h

@ -1,210 +0,0 @@
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_CHROMEOS_CROS_ONC_CONSTANTS_H_
#define CHROME_BROWSER_CHROMEOS_CROS_ONC_CONSTANTS_H_
namespace chromeos {
// Constants for ONC properties.
namespace onc {
// Top Level ONC.
extern const char kCertificates[];
extern const char kEncryptedConfiguration[];
extern const char kNetworkConfigurations[];
extern const char kUnencryptedConfiguration[];
// This is no ONC key or value but used for logging only.
// TODO(pneubeck): Remove.
extern const char kNetworkConfiguration[];
// Common keys/values.
extern const char kRecommended[];
extern const char kRemove[];
// NetworkConfiguration.
// TODO(pneubeck): Put into namespace.
extern const char kCellular[];
extern const char kEthernet[];
extern const char kGUID[];
extern const char kIPConfigs[];
extern const char kName[];
extern const char kNameServers[];
extern const char kProxySettings[];
extern const char kSearchDomains[];
extern const char kType[];
extern const char kVPN[];
extern const char kWiFi[];
namespace ipconfig {
extern const char kGateway[];
extern const char kIPAddress[];
extern const char kIPv4[];
extern const char kIPv6[];
extern const char kRoutingPrefix[];
extern const char kType[];
} // namespace ipconfig
namespace ethernet {
extern const char kAuthentication[];
extern const char kEAP[];
extern const char kNone[];
extern const char k8021X[];
} // namespace ethernet
namespace wifi {
extern const char kAutoConnect[];
extern const char kEAP[];
extern const char kHiddenSSID[];
extern const char kNone[];
extern const char kPassphrase[];
extern const char kProxyURL[];
extern const char kSecurity[];
extern const char kSSID[];
extern const char kWEP_PSK[];
extern const char kWEP_8021X[];
extern const char kWPA_PSK[];
extern const char kWPA_EAP[];
} // namespace wifi
namespace certificate {
extern const char kAuthority[];
extern const char kClient[];
extern const char kCommonName[];
extern const char kEmailAddress[];
extern const char kEnrollmentURI[];
extern const char kIssuerCARef[];
extern const char kIssuer[];
extern const char kLocality[];
extern const char kNone[];
extern const char kOrganization[];
extern const char kOrganizationalUnit[];
extern const char kPKCS12[];
extern const char kPattern[];
extern const char kRef[];
extern const char kServer[];
extern const char kSubject[];
extern const char kTrust[];
extern const char kType[];
extern const char kWeb[];
extern const char kX509[];
} // namespace certificate
namespace encrypted {
extern const char kAES256[];
extern const char kCipher[];
extern const char kCiphertext[];
extern const char kHMACMethod[];
extern const char kHMAC[];
extern const char kIV[];
extern const char kIterations[];
extern const char kPBKDF2[];
extern const char kSHA1[];
extern const char kSalt[];
extern const char kStretch[];
extern const char kType[];
} // namespace encrypted
namespace eap {
extern const char kAnonymousIdentity[];
extern const char kAutomatic[];
extern const char kClientCertPattern[];
extern const char kClientCertRef[];
extern const char kClientCertType[];
extern const char kEAP_AKA[];
extern const char kEAP_FAST[];
extern const char kEAP_SIM[];
extern const char kEAP_TLS[];
extern const char kEAP_TTLS[];
extern const char kIdentity[];
extern const char kInner[];
extern const char kLEAP[];
extern const char kMD5[];
extern const char kMSCHAPv2[];
extern const char kOuter[];
extern const char kPAP[];
extern const char kPEAP[];
extern const char kPassword[];
extern const char kSaveCredentials[];
extern const char kServerCARef[];
extern const char kUseSystemCAs[];
} // namespace eap
namespace vpn {
extern const char kAuthNoCache[];
extern const char kAuthRetry[];
extern const char kAuth[];
extern const char kAuthenticationType[];
extern const char kCert[];
extern const char kCipher[];
extern const char kClientCertPattern[];
extern const char kClientCertRef[];
extern const char kClientCertType[];
extern const char kCompLZO[];
extern const char kCompNoAdapt[];
extern const char kEAP[];
extern const char kGroup[];
extern const char kHost[];
extern const char kIKEVersion[];
extern const char kIPsec[];
extern const char kKeyDirection[];
extern const char kL2TP[];
extern const char kNsCertType[];
extern const char kOpenVPN[];
extern const char kPSK[];
extern const char kPassword[];
extern const char kPort[];
extern const char kProto[];
extern const char kPushPeerInfo[];
extern const char kRemoteCertEKU[];
extern const char kRemoteCertKU[];
extern const char kRemoteCertTLS[];
extern const char kRenegSec[];
extern const char kSaveCredentials[];
extern const char kServerCARef[];
extern const char kServerCertRef[];
extern const char kServerPollTimeout[];
extern const char kShaper[];
extern const char kStaticChallenge[];
extern const char kTLSAuthContents[];
extern const char kTLSRemote[];
extern const char kTypeL2TP_IPsec[];
extern const char kType[];
extern const char kUsername[];
extern const char kVerb[];
extern const char kXAUTH[];
} // namespace vpn
namespace openvpn {
extern const char kNone[];
extern const char kInteract[];
extern const char kNoInteract[];
extern const char kServer[];
} // namespace openvpn
namespace substitutes {
extern const char kEmailField[];
extern const char kLoginIDField[];
} // namespace substitutes
namespace proxy {
extern const char kDirect[];
extern const char kExcludeDomains[];
extern const char kFtp[];
extern const char kHost[];
extern const char kHttp[];
extern const char kHttps[];
extern const char kManual[];
extern const char kPAC[];
extern const char kPort[];
extern const char kSocks[];
extern const char kType[];
extern const char kWPAD[];
} // namespace proxy
} // namespace onc
} // namespace chromeos
#endif // CHROME_BROWSER_CHROMEOS_CROS_ONC_CONSTANTS_H_

20
chrome/browser/chromeos/cros/onc_network_parser.cc

@ -9,7 +9,6 @@
#include "base/base64.h"
#include "base/json/json_string_value_serializer.h"
#include "chrome/browser/chromeos/login/user_manager.h"
#include "base/json/json_writer.h" // for debug output only.
#include "base/stringprintf.h"
#include "base/values.h"
@ -18,13 +17,14 @@
#include "chrome/browser/chromeos/cros/native_network_constants.h"
#include "chrome/browser/chromeos/cros/native_network_parser.h"
#include "chrome/browser/chromeos/cros/network_library.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/network_settings/onc_certificate_importer.h"
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chrome/browser/chromeos/network_settings/onc_validator.h"
#include "chrome/browser/chromeos/login/user_manager.h"
#include "chrome/browser/chromeos/proxy_config_service_impl.h"
#include "chrome/browser/prefs/proxy_config_dictionary.h"
#include "chrome/common/net/x509_certificate_model.h"
#include "chromeos/network/onc/onc_certificate_importer.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_signature.h"
#include "chromeos/network/onc/onc_validator.h"
#include "content/public/browser/browser_thread.h"
#include "crypto/encryptor.h"
#include "crypto/hmac.h"
@ -281,7 +281,7 @@ bool GetAsListOfStrings(const base::Value& value,
// -------------------- OncNetworkParser --------------------
OncNetworkParser::OncNetworkParser(const base::ListValue& network_configs,
NetworkUIData::ONCSource onc_source)
onc::ONCSource onc_source)
: NetworkParser(get_onc_mapper()),
onc_source_(onc_source),
network_configs_(network_configs.DeepCopy()) {
@ -458,7 +458,7 @@ bool OncNetworkParser::ParseNestedObject(Network* network,
// static
std::string OncNetworkParser::GetUserExpandedValue(
const base::Value& value,
NetworkUIData::ONCSource source) {
onc::ONCSource source) {
std::string string_value;
if (!value.GetAsString(&string_value))
return string_value;
@ -467,8 +467,8 @@ std::string OncNetworkParser::GetUserExpandedValue(
if (!content::BrowserThread::IsMessageLoopValid(content::BrowserThread::UI))
return string_value;
if (source != NetworkUIData::ONC_SOURCE_USER_POLICY &&
source != NetworkUIData::ONC_SOURCE_USER_IMPORT) {
if (source != onc::ONC_SOURCE_USER_POLICY &&
source != onc::ONC_SOURCE_USER_IMPORT) {
return string_value;
}
@ -857,7 +857,7 @@ bool OncNetworkParser::ParseClientCertPattern(OncNetworkParser* parser,
Network* network) {
// Ignore certificate patterns for device policy ONC so that an unmanaged user
// won't have a certificate presented for them involuntarily.
if (parser->onc_source() == NetworkUIData::ONC_SOURCE_DEVICE_POLICY)
if (parser->onc_source() == onc::ONC_SOURCE_DEVICE_POLICY)
return false;
// Only WiFi and VPN have this type.

9
chrome/browser/chromeos/cros/onc_network_parser.h

@ -14,6 +14,7 @@
#include "base/values.h"
#include "chrome/browser/chromeos/cros/network_parser.h"
#include "chrome/browser/chromeos/cros/network_ui_data.h"
#include "chromeos/network/onc/onc_constants.h"
namespace base {
class DictionaryValue;
@ -54,7 +55,7 @@ class OncNetworkParser : public NetworkParser {
Network*);
OncNetworkParser(const base::ListValue& network_configs,
NetworkUIData::ONCSource onc_source);
onc::ONCSource onc_source);
virtual ~OncNetworkParser();
static const EnumMapper<PropertyIndex>* property_mapper();
@ -85,11 +86,11 @@ class OncNetworkParser : public NetworkParser {
// Expands |value| with user account specific paramaters.
static std::string GetUserExpandedValue(const base::Value& value,
NetworkUIData::ONCSource source);
onc::ONCSource source);
const std::string& parse_error() const { return parse_error_; }
NetworkUIData::ONCSource onc_source() const { return onc_source_; }
onc::ONCSource onc_source() const { return onc_source_; }
protected:
OncNetworkParser();
@ -181,7 +182,7 @@ class OncNetworkParser : public NetworkParser {
std::string parse_error_;
// Where the ONC blob comes from.
NetworkUIData::ONCSource onc_source_;
onc::ONCSource onc_source_;
scoped_ptr<base::ListValue> network_configs_;

36
chrome/browser/chromeos/cros/onc_network_parser_unittest.cc

@ -20,15 +20,15 @@
#include "chrome/browser/chromeos/cros/certificate_pattern.h"
#include "chrome/browser/chromeos/cros/cros_library.h"
#include "chrome/browser/chromeos/cros/network_library.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/login/mock_user_manager.h"
#include "chrome/browser/chromeos/network_settings/onc_utils.h"
#include "chrome/browser/net/pref_proxy_config_tracker_impl.h"
#include "chrome/common/chrome_paths.h"
#include "chrome/common/net/x509_certificate_model.h"
#include "chrome/test/base/testing_browser_process.h"
#include "chrome/test/base/testing_pref_service.h"
#include "chromeos/dbus/dbus_thread_manager.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_utils.h"
#include "content/public/test/test_browser_thread.h"
#include "crypto/nss_util.h"
#include "net/base/cert_type.h"
@ -77,7 +77,6 @@ class OncNetworkParserTest : public testing::Test {
virtual scoped_ptr<base::ListValue> ReadNetworkConfigs(
const std::string& filename) {
FilePath path;
std::string error;
PathService::Get(chrome::DIR_TEST_DATA, &path);
path = path.AppendASCII("chromeos").AppendASCII("cros").Append(filename);
CHECK(file_util::PathExists(path))
@ -87,9 +86,8 @@ class OncNetworkParserTest : public testing::Test {
<< "Unable to read test data file " << path.value();
scoped_ptr<base::DictionaryValue> root =
onc::ReadDictionaryFromJson(contents, &error);
CHECK(root.get() != NULL) << "ONC is not a valid json dictionary: "
<< error;
onc::ReadDictionaryFromJson(contents);
CHECK(root.get() != NULL) << "ONC is not a valid JSON dictionary.";
base::ListValue* network_configs;
CHECK(root->GetListWithoutPathExpansion(onc::kNetworkConfigurations,
@ -191,7 +189,7 @@ void OncNetworkParserTest::TestProxySettings(const std::string filename,
// Parse Network Configuration including ProxySettings dictionary.
scoped_ptr<base::ListValue> network_configs = ReadNetworkConfigs(filename);
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));
ASSERT_TRUE(network.get());
@ -213,7 +211,7 @@ TEST_F(OncNetworkParserTest, TestCreateNetworkWifi) {
scoped_ptr<base::ListValue> network_configs =
ReadNetworkConfigs("network-wifi.onc");
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
EXPECT_EQ(1, parser.GetNetworkConfigsSize());
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));
@ -234,7 +232,7 @@ TEST_F(OncNetworkParserTest, TestCreateNetworkEthernet) {
scoped_ptr<base::ListValue> network_configs =
ReadNetworkConfigs("network-ethernet.onc");
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
EXPECT_GE(parser.GetNetworkConfigsSize(), 1);
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));
@ -249,7 +247,7 @@ TEST_F(OncNetworkParserTest, TestLoadWifiCertificatePattern) {
scoped_ptr<base::ListValue> network_configs =
ReadNetworkConfigs("cert-pattern.onc");
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
ASSERT_TRUE(parser.parse_error().empty());
EXPECT_EQ(1, parser.GetNetworkConfigsSize());
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));
@ -277,7 +275,7 @@ TEST_F(OncNetworkParserTest, TestLoadVPNCertificatePattern) {
scoped_ptr<base::ListValue> network_configs =
ReadNetworkConfigs("cert-pattern-vpn.onc");
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
ASSERT_TRUE(parser.parse_error().empty());
EXPECT_EQ(1, parser.GetNetworkConfigsSize());
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));
@ -301,7 +299,7 @@ TEST_F(OncNetworkParserTest, TestNoCertificatePatternForDevicePolicy) {
scoped_ptr<base::ListValue> network_configs =
ReadNetworkConfigs("cert-pattern.onc");
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_DEVICE_POLICY);
onc::ONC_SOURCE_DEVICE_POLICY);
// Make sure we fail when parsing a certificate pattern from a device policy
// ONC file.
@ -326,7 +324,7 @@ TEST_F(OncNetworkParserTest, TestCreateNetworkWifiEAP1) {
scoped_ptr<base::ListValue> network_configs =
ReadNetworkConfigs("network-wifi-eap1.onc");
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
EXPECT_EQ(1, parser.GetNetworkConfigsSize());
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));
@ -349,7 +347,7 @@ TEST_F(OncNetworkParserTest, TestCreateNetworkWifiEAP2) {
scoped_ptr<base::ListValue> network_configs =
ReadNetworkConfigs("network-wifi-eap2.onc");
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
EXPECT_EQ(1, parser.GetNetworkConfigsSize());
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));
@ -374,7 +372,7 @@ TEST_F(OncNetworkParserTest, TestCreateNetworkUnknownFields) {
scoped_ptr<base::ListValue> network_configs =
ReadNetworkConfigs("network-unknown-fields.onc");
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));
ASSERT_TRUE(network.get());
@ -389,7 +387,7 @@ TEST_F(OncNetworkParserTest, TestCreateNetworkOpenVPN) {
scoped_ptr<base::ListValue> network_configs =
ReadNetworkConfigs("network-openvpn.onc");
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
EXPECT_EQ(1, parser.GetNetworkConfigsSize());
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));
@ -447,7 +445,7 @@ TEST_F(OncNetworkParserTest, TestCreateNetworkL2TPIPsec) {
scoped_ptr<base::ListValue> network_configs =
ReadNetworkConfigs("network-l2tp-ipsec.onc");
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
EXPECT_EQ(1, parser.GetNetworkConfigsSize());
scoped_ptr<Network> network(parser.ParseNetwork(0, NULL));
@ -548,7 +546,7 @@ TEST(OncNetworkParserUserExpansionTest, GetUserExpandedValue) {
.Times(2)
.WillRepeatedly(Return(false));
NetworkUIData::ONCSource source = NetworkUIData::ONC_SOURCE_USER_IMPORT;
onc::ONCSource source = onc::ONC_SOURCE_USER_IMPORT;
// Setup environment needed by UserManager.
MessageLoop loop;
@ -585,7 +583,7 @@ TEST_F(OncNetworkParserTest, TestRemoveNetworkWifi) {
scoped_ptr<base::ListValue> network_configs =
ReadNetworkConfigs("network-wifi-remove.onc");
OncNetworkParser parser(*network_configs,
NetworkUIData::ONC_SOURCE_USER_IMPORT);
onc::ONC_SOURCE_USER_IMPORT);
EXPECT_EQ(1, parser.GetNetworkConfigsSize());
bool marked_for_removal = false;
scoped_ptr<Network> network(parser.ParseNetwork(0, &marked_for_removal));

2
chrome/browser/chromeos/login/existing_user_controller_browsertest.cc

@ -137,7 +137,7 @@ class ExistingUserControllerTest : public CrosInProcessBrowserTest {
mock_network_library_ = cros_mock_->mock_network_library();
EXPECT_CALL(*mock_network_library_, AddUserActionObserver(_))
.Times(AnyNumber());
EXPECT_CALL(*mock_network_library_, LoadOncNetworks(_, _, _, _, _))
EXPECT_CALL(*mock_network_library_, LoadOncNetworks(_, _, _, _))
.WillRepeatedly(Return(true));
MockSessionManagerClient* mock_session_manager_client =

2
chrome/browser/chromeos/login/login_browsertest.cc

@ -47,7 +47,7 @@ class LoginTestBase : public CrosInProcessBrowserTest {
.WillRepeatedly(Return(false));
EXPECT_CALL(*mock_network_library_, AddUserActionObserver(_))
.Times(AnyNumber());
EXPECT_CALL(*mock_network_library_, LoadOncNetworks(_, _, _, _, _))
EXPECT_CALL(*mock_network_library_, LoadOncNetworks(_, _, _, _))
.WillRepeatedly(Return(true));
}

2
chrome/browser/chromeos/login/network_screen_browsertest.cc

@ -69,7 +69,7 @@ class NetworkScreenTest : public WizardInProcessBrowserTest {
.Times(AnyNumber());
EXPECT_CALL(*mock_network_library_, FindEthernetDevice())
.Times(AnyNumber());
EXPECT_CALL(*mock_network_library_, LoadOncNetworks(_, _, _, _, _))
EXPECT_CALL(*mock_network_library_, LoadOncNetworks(_, _, _, _))
.WillRepeatedly(Return(true));
cros_mock_->SetStatusAreaMocksExpectations();

2
chrome/browser/chromeos/login/screen_locker_browsertest.cc

@ -133,7 +133,7 @@ class ScreenLockerTest : public CrosInProcessBrowserTest {
cros_mock_->mock_network_library();
EXPECT_CALL(*mock_network_library, AddUserActionObserver(_))
.Times(AnyNumber());
EXPECT_CALL(*mock_network_library, LoadOncNetworks(_, _, _, _, _))
EXPECT_CALL(*mock_network_library, LoadOncNetworks(_, _, _, _))
.WillRepeatedly(Return(true));
}

2
chrome/browser/chromeos/login/update_screen_browsertest.cc

@ -83,7 +83,7 @@ class UpdateScreenTest : public WizardInProcessBrowserTest {
.Times(AnyNumber());
EXPECT_CALL(*mock_network_library_, FindEthernetDevice())
.Times(AnyNumber());
EXPECT_CALL(*mock_network_library_, LoadOncNetworks(_, _, _, _, _))
EXPECT_CALL(*mock_network_library_, LoadOncNetworks(_, _, _, _))
.WillRepeatedly(Return(true));
}

53
chrome/browser/chromeos/network_settings/onc_signature.h

@ -1,53 +0,0 @@
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_SIGNATURE_H_
#define CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_SIGNATURE_H_
#include <string>
#include "base/values.h"
namespace chromeos {
namespace onc {
struct OncValueSignature;
struct OncFieldSignature {
const char* onc_field_name;
const char* shill_property_name;
const OncValueSignature* value_signature;
};
struct OncValueSignature {
base::Value::Type onc_type;
const OncFieldSignature* fields;
const OncValueSignature* onc_array_entry_signature;
};
const OncFieldSignature* GetFieldSignature(const OncValueSignature& signature,
const std::string& onc_field_name);
extern const OncValueSignature kRecommendedSignature;
extern const OncValueSignature kEAPSignature;
extern const OncValueSignature kIssuerSubjectPatternSignature;
extern const OncValueSignature kCertificatePatternSignature;
extern const OncValueSignature kIPsecSignature;
extern const OncValueSignature kL2TPSignature;
extern const OncValueSignature kOpenVPNSignature;
extern const OncValueSignature kVPNSignature;
extern const OncValueSignature kEthernetSignature;
extern const OncValueSignature kIPConfigSignature;
extern const OncValueSignature kProxyLocationSignature;
extern const OncValueSignature kProxyManualSignature;
extern const OncValueSignature kProxySettingsSignature;
extern const OncValueSignature kWiFiSignature;
extern const OncValueSignature kCertificateSignature;
extern const OncValueSignature kNetworkConfigurationSignature;
extern const OncValueSignature kUnencryptedConfigurationSignature;
} // namespace onc
} // namespace chromeos
#endif // CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_SIGNATURE_H_

38
chrome/browser/chromeos/network_settings/onc_utils.h

@ -1,38 +0,0 @@
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_UTILS_H_
#define CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_UTILS_H_
#include <string>
#include "base/memory/scoped_ptr.h"
namespace base {
class DictionaryValue;
}
namespace chromeos {
namespace onc {
// Parses |json| according to the JSON format. If |json| is a JSON formatted
// dictionary, the function returns the dictionary as a DictionaryValue and
// doesn't modify |error|. Otherwise returns NULL and sets |error| to a
// translated error message.
scoped_ptr<base::DictionaryValue> ReadDictionaryFromJson(
const std::string& json,
std::string* error);
// Decrypt the given EncryptedConfiguration |onc| (see the ONC specification)
// using |passphrase|. The resulting UnencryptedConfiguration is returned and
// |error| is not modified. If an error occurs, returns NULL and if additionally
// |error| is not NULL, |error| is set to a user readable error message.
scoped_ptr<base::DictionaryValue> Decrypt(const std::string& passphrase,
const base::DictionaryValue& onc,
std::string* error);
} // chromeos
} // onc
#endif // CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_UTILS_H_

2
chrome/browser/chromeos/options/vpn_config_view.cc

@ -8,10 +8,10 @@
#include "base/stringprintf.h"
#include "base/utf_string_conversions.h"
#include "chrome/browser/chromeos/cros/cros_library.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/enrollment_dialog_view.h"
#include "chrome/browser/profiles/profile_manager.h"
#include "chrome/common/net/x509_certificate_model.h"
#include "chromeos/network/onc/onc_constants.h"
#include "grit/chromium_strings.h"
#include "grit/generated_resources.h"
#include "grit/locale_settings.h"

2
chrome/browser/chromeos/options/wifi_config_view.cc

@ -9,10 +9,10 @@
#include "base/utf_string_conversions.h"
#include "chrome/browser/chromeos/cros/cros_library.h"
#include "chrome/browser/chromeos/cros/network_library.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/enrollment_dialog_view.h"
#include "chrome/browser/chromeos/login/user_manager.h"
#include "chrome/browser/profiles/profile_manager.h"
#include "chromeos/network/onc/onc_constants.h"
#include "grit/chromium_strings.h"
#include "grit/generated_resources.h"
#include "grit/locale_settings.h"

2
chrome/browser/chromeos/options/wimax_config_view.cc

@ -9,11 +9,11 @@
#include "base/utf_string_conversions.h"
#include "chrome/browser/chromeos/cros/cros_library.h"
#include "chrome/browser/chromeos/cros/network_library.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/enrollment_dialog_view.h"
#include "chrome/browser/chromeos/login/user_manager.h"
#include "chrome/browser/chromeos/login/wizard_controller.h"
#include "chrome/browser/profiles/profile_manager.h"
#include "chromeos/network/onc/onc_constants.h"
#include "grit/chromium_strings.h"
#include "grit/generated_resources.h"
#include "grit/locale_settings.h"

2
chrome/browser/chromeos/proxy_config_service_impl.cc

@ -11,7 +11,6 @@
#include "base/logging.h"
#include "base/string_util.h"
#include "chrome/browser/chromeos/cros/cros_library.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/login/user_manager.h"
#include "chrome/browser/chromeos/settings/cros_settings.h"
#include "chrome/browser/chromeos/settings/cros_settings_names.h"
@ -22,6 +21,7 @@
#include "chrome/browser/profiles/profile_manager.h"
#include "chrome/common/chrome_notification_types.h"
#include "chrome/common/pref_names.h"
#include "chromeos/network/onc/onc_constants.h"
#include "content/public/browser/notification_service.h"
#include "grit/generated_resources.h"
#include "ui/base/l10n/l10n_util.h"

16
chrome/browser/policy/configuration_policy_handler_chromeos.cc

@ -12,14 +12,14 @@
#include "base/prefs/pref_value_map.h"
#include "base/string_util.h"
#include "base/values.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chrome/browser/chromeos/network_settings/onc_utils.h"
#include "chrome/browser/chromeos/network_settings/onc_validator.h"
#include "chrome/browser/policy/policy_error_map.h"
#include "chrome/browser/policy/policy_map.h"
#include "chrome/browser/ui/ash/chrome_launcher_prefs.h"
#include "chrome/common/pref_names.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_signature.h"
#include "chromeos/network/onc/onc_utils.h"
#include "chromeos/network/onc/onc_validator.h"
#include "grit/generated_resources.h"
#include "policy/policy_constants.h"
@ -33,7 +33,7 @@ namespace policy {
NetworkConfigurationPolicyHandler::NetworkConfigurationPolicyHandler(
const char* policy_name,
chromeos::NetworkUIData::ONCSource onc_source)
chromeos::onc::ONCSource onc_source)
: TypeCheckingPolicyHandler(policy_name, base::Value::TYPE_STRING),
onc_source_(onc_source) {}
@ -49,12 +49,10 @@ bool NetworkConfigurationPolicyHandler::CheckPolicySettings(
if (value) {
std::string onc_blob;
value->GetAsString(&onc_blob);
std::string json_error;
scoped_ptr<base::DictionaryValue> root_dict =
onc::ReadDictionaryFromJson(onc_blob, &json_error);
onc::ReadDictionaryFromJson(onc_blob);
if (root_dict.get() == NULL) {
errors->AddError(policy_name(), IDS_POLICY_NETWORK_CONFIG_PARSE_ERROR,
json_error);
errors->AddError(policy_name(), IDS_POLICY_NETWORK_CONFIG_PARSE_ERROR);
return false;
}

5
chrome/browser/policy/configuration_policy_handler_chromeos.h

@ -7,6 +7,7 @@
#include "chrome/browser/chromeos/cros/network_ui_data.h"
#include "chrome/browser/policy/configuration_policy_handler.h"
#include "chromeos/network/onc/onc_constants.h"
namespace base {
class DictionaryValue;
@ -22,7 +23,7 @@ class NetworkConfigurationPolicyHandler : public TypeCheckingPolicyHandler {
public:
NetworkConfigurationPolicyHandler(
const char* policy_name,
chromeos::NetworkUIData::ONCSource onc_source);
chromeos::onc::ONCSource onc_source);
virtual ~NetworkConfigurationPolicyHandler();
// ConfigurationPolicyHandler methods:
@ -43,7 +44,7 @@ class NetworkConfigurationPolicyHandler : public TypeCheckingPolicyHandler {
// their values with placeholders.
static void MaskSensitiveValues(base::DictionaryValue* network_dict);
chromeos::NetworkUIData::ONCSource onc_source_;
chromeos::onc::ONCSource onc_source_;
DISALLOW_COPY_AND_ASSIGN(NetworkConfigurationPolicyHandler);
};

10
chrome/browser/policy/configuration_policy_handler_chromeos_unittest.cc

@ -18,7 +18,7 @@ TEST(NetworkConfigurationPolicyHandlerTest, Empty) {
PolicyMap policy_map;
NetworkConfigurationPolicyHandler handler(
key::kOpenNetworkConfiguration,
chromeos::NetworkUIData::ONC_SOURCE_USER_POLICY);
chromeos::onc::ONC_SOURCE_USER_POLICY);
PolicyErrorMap errors;
EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
EXPECT_TRUE(errors.GetErrors(key::kOpenNetworkConfiguration).empty());
@ -46,7 +46,7 @@ TEST(NetworkConfigurationPolicyHandlerTest, ValidONC) {
Value::CreateStringValue(kTestONC));
NetworkConfigurationPolicyHandler handler(
key::kOpenNetworkConfiguration,
chromeos::NetworkUIData::ONC_SOURCE_USER_POLICY);
chromeos::onc::ONC_SOURCE_USER_POLICY);
PolicyErrorMap errors;
EXPECT_TRUE(handler.CheckPolicySettings(policy_map, &errors));
EXPECT_TRUE(errors.GetErrors(key::kOpenNetworkConfiguration).empty());
@ -60,7 +60,7 @@ TEST(NetworkConfigurationPolicyHandlerTest, WrongType) {
Value::CreateBooleanValue(false));
NetworkConfigurationPolicyHandler handler(
key::kOpenNetworkConfiguration,
chromeos::NetworkUIData::ONC_SOURCE_USER_POLICY);
chromeos::onc::ONC_SOURCE_USER_POLICY);
PolicyErrorMap errors;
EXPECT_FALSE(handler.CheckPolicySettings(policy_map, &errors));
EXPECT_FALSE(errors.GetErrors(key::kOpenNetworkConfiguration).empty());
@ -75,7 +75,7 @@ TEST(NetworkConfigurationPolicyHandlerTest, JSONParseError) {
Value::CreateStringValue(kTestONC));
NetworkConfigurationPolicyHandler handler(
key::kOpenNetworkConfiguration,
chromeos::NetworkUIData::ONC_SOURCE_USER_POLICY);
chromeos::onc::ONC_SOURCE_USER_POLICY);
PolicyErrorMap errors;
EXPECT_FALSE(handler.CheckPolicySettings(policy_map, &errors));
EXPECT_FALSE(errors.GetErrors(key::kOpenNetworkConfiguration).empty());
@ -103,7 +103,7 @@ TEST(NetworkConfigurationPolicyHandlerTest, Sanitization) {
Value::CreateStringValue(kTestONC));
NetworkConfigurationPolicyHandler handler(
key::kOpenNetworkConfiguration,
chromeos::NetworkUIData::ONC_SOURCE_USER_POLICY);
chromeos::onc::ONC_SOURCE_USER_POLICY);
PolicyErrorMap errors;
handler.PrepareForDisplaying(&policy_map);
const Value* sanitized = policy_map.GetValue(key::kOpenNetworkConfiguration);

5
chrome/browser/policy/configuration_policy_handler_list.cc

@ -12,6 +12,7 @@
#include "chrome/browser/policy/policy_map.h"
#include "chrome/common/extensions/extension.h"
#include "chrome/common/pref_names.h"
#include "chromeos/network/onc/onc_constants.h"
#include "grit/generated_resources.h"
#include "policy/policy_constants.h"
@ -408,11 +409,11 @@ ConfigurationPolicyHandlerList::ConfigurationPolicyHandlerList() {
handlers_.push_back(
new NetworkConfigurationPolicyHandler(
key::kDeviceOpenNetworkConfiguration,
chromeos::NetworkUIData::ONC_SOURCE_DEVICE_POLICY));
chromeos::onc::ONC_SOURCE_DEVICE_POLICY));
handlers_.push_back(
new NetworkConfigurationPolicyHandler(
key::kOpenNetworkConfiguration,
chromeos::NetworkUIData::ONC_SOURCE_USER_POLICY));
chromeos::onc::ONC_SOURCE_USER_POLICY));
handlers_.push_back(new PinnedLauncherAppsPolicyHandler());
#endif // defined(OS_CHROMEOS)
}

16
chrome/browser/policy/network_configuration_updater.cc

@ -10,6 +10,7 @@
#include "base/bind_helpers.h"
#include "chrome/browser/chromeos/cros/network_library.h"
#include "chrome/browser/policy/policy_map.h"
#include "chromeos/network/onc/onc_constants.h"
#include "policy/policy_constants.h"
namespace policy {
@ -31,12 +32,12 @@ NetworkConfigurationUpdater::NetworkConfigurationUpdater(
key::kDeviceOpenNetworkConfiguration,
base::Bind(&NetworkConfigurationUpdater::OnPolicyChanged,
base::Unretained(this),
chromeos::NetworkUIData::ONC_SOURCE_DEVICE_POLICY));
chromeos::onc::ONC_SOURCE_DEVICE_POLICY));
policy_change_registrar_.Observe(
key::kOpenNetworkConfiguration,
base::Bind(&NetworkConfigurationUpdater::OnPolicyChanged,
base::Unretained(this),
chromeos::NetworkUIData::ONC_SOURCE_USER_POLICY));
chromeos::onc::ONC_SOURCE_USER_POLICY));
network_library_->AddNetworkProfileObserver(this);
@ -60,7 +61,7 @@ void NetworkConfigurationUpdater::OnUserPolicyInitialized() {
}
void NetworkConfigurationUpdater::OnPolicyChanged(
chromeos::NetworkUIData::ONCSource onc_source,
chromeos::onc::ONCSource onc_source,
const base::Value* previous,
const base::Value* current) {
VLOG(1) << "Policy for ONC source " << onc_source << " changed.";
@ -69,16 +70,16 @@ void NetworkConfigurationUpdater::OnPolicyChanged(
void NetworkConfigurationUpdater::ApplyNetworkConfigurations() {
ApplyNetworkConfiguration(key::kDeviceOpenNetworkConfiguration,
chromeos::NetworkUIData::ONC_SOURCE_DEVICE_POLICY);
chromeos::onc::ONC_SOURCE_DEVICE_POLICY);
if (user_policy_initialized_) {
ApplyNetworkConfiguration(key::kOpenNetworkConfiguration,
chromeos::NetworkUIData::ONC_SOURCE_USER_POLICY);
chromeos::onc::ONC_SOURCE_USER_POLICY);
}
}
void NetworkConfigurationUpdater::ApplyNetworkConfiguration(
const std::string& policy_key,
chromeos::NetworkUIData::ONCSource onc_source) {
chromeos::onc::ONCSource onc_source) {
VLOG(1) << "Apply policy for ONC source " << onc_source;
const PolicyMap& policies = policy_service_->GetPolicies(POLICY_DOMAIN_CHROME,
std::string());
@ -97,9 +98,8 @@ void NetworkConfigurationUpdater::ApplyNetworkConfiguration(
if (new_network_config.empty())
new_network_config = kEmptyConfiguration;
std::string unused_error;
network_library_->LoadOncNetworks(new_network_config, "", onc_source,
allow_web_trust_, &unused_error);
allow_web_trust_);
}
} // namespace policy

5
chrome/browser/policy/network_configuration_updater.h

@ -11,6 +11,7 @@
#include "chrome/browser/chromeos/cros/network_library.h"
#include "chrome/browser/chromeos/cros/network_ui_data.h"
#include "chrome/browser/policy/policy_service.h"
#include "chromeos/network/onc/onc_constants.h"
namespace base {
class Value;
@ -54,7 +55,7 @@ class NetworkConfigurationUpdater
private:
// Callback that's called by |policy_service_| if the respective ONC policy
// changed.
void OnPolicyChanged(chromeos::NetworkUIData::ONCSource onc_source,
void OnPolicyChanged(chromeos::onc::ONCSource onc_source,
const base::Value* previous,
const base::Value* current);
@ -66,7 +67,7 @@ class NetworkConfigurationUpdater
// Push the policy stored at |policy_key| for |onc_source| to
// |network_library_|.
void ApplyNetworkConfiguration(const std::string& policy_key,
chromeos::NetworkUIData::ONCSource onc_source);
chromeos::onc::ONCSource onc_source);
// Wraps the policy service we read network configuration from.
PolicyChangeRegistrar policy_change_registrar_;

29
chrome/browser/policy/network_configuration_updater_unittest.cc

@ -9,6 +9,7 @@
#include "chrome/browser/policy/mock_configuration_policy_provider.h"
#include "chrome/browser/policy/policy_map.h"
#include "chrome/browser/policy/policy_service_impl.h"
#include "chromeos/network/onc/onc_constants.h"
#include "policy/policy_constants.h"
#include "testing/gmock/include/gmock/gmock.h"
#include "testing/gtest/include/gtest/gtest.h"
@ -42,13 +43,13 @@ class NetworkConfigurationUpdaterTest
}
// Maps configuration policy name to corresponding ONC source.
static chromeos::NetworkUIData::ONCSource NameToONCSource(
static chromeos::onc::ONCSource NameToONCSource(
const std::string& name) {
if (name == key::kDeviceOpenNetworkConfiguration)
return chromeos::NetworkUIData::ONC_SOURCE_DEVICE_POLICY;
return chromeos::onc::ONC_SOURCE_DEVICE_POLICY;
if (name == key::kOpenNetworkConfiguration)
return chromeos::NetworkUIData::ONC_SOURCE_USER_POLICY;
return chromeos::NetworkUIData::ONC_SOURCE_NONE;
return chromeos::onc::ONC_SOURCE_USER_POLICY;
return chromeos::onc::ONC_SOURCE_NONE;
}
chromeos::MockNetworkLibrary network_library_;
@ -69,7 +70,7 @@ TEST_P(NetworkConfigurationUpdaterTest, InitialUpdates) {
const char* device_onc = GetParam() == key::kDeviceOpenNetworkConfiguration ?
kFakeONC : kEmptyConfiguration;
EXPECT_CALL(network_library_, LoadOncNetworks(
device_onc, "", chromeos::NetworkUIData::ONC_SOURCE_DEVICE_POLICY, _, _));
device_onc, "", chromeos::onc::ONC_SOURCE_DEVICE_POLICY, _));
{
NetworkConfigurationUpdater updater(policy_service_.get(),
@ -79,9 +80,9 @@ TEST_P(NetworkConfigurationUpdaterTest, InitialUpdates) {
// After the user policy is initialized, we always push both policies to the
// NetworkLibrary.
EXPECT_CALL(network_library_, LoadOncNetworks(
kFakeONC, "", NameToONCSource(GetParam()), _, _));
kFakeONC, "", NameToONCSource(GetParam()), _));
EXPECT_CALL(network_library_, LoadOncNetworks(
kEmptyConfiguration, "", Ne(NameToONCSource(GetParam())), _, _));
kEmptyConfiguration, "", Ne(NameToONCSource(GetParam())), _));
EXPECT_CALL(network_library_, RemoveNetworkProfileObserver(_));
@ -95,7 +96,7 @@ TEST_P(NetworkConfigurationUpdaterTest, AllowWebTrust) {
EXPECT_CALL(network_library_, AddNetworkProfileObserver(_));
// Initially web trust is disabled.
EXPECT_CALL(network_library_, LoadOncNetworks(_, _, _, false, _))
EXPECT_CALL(network_library_, LoadOncNetworks(_, _, _, false))
.Times(AtLeast(0));
NetworkConfigurationUpdater updater(policy_service_.get(),
&network_library_);
@ -103,7 +104,7 @@ TEST_P(NetworkConfigurationUpdaterTest, AllowWebTrust) {
Mock::VerifyAndClearExpectations(&network_library_);
// Web trust should be forwarded to LoadOncNetworks.
EXPECT_CALL(network_library_, LoadOncNetworks(_, _, _, true, _))
EXPECT_CALL(network_library_, LoadOncNetworks(_, _, _, true))
.Times(AtLeast(0));
updater.set_allow_web_trust(true);
@ -124,7 +125,7 @@ TEST_P(NetworkConfigurationUpdaterTest, PolicyChange) {
EXPECT_CALL(network_library_, AddNetworkProfileObserver(_));
// Ignore the initial updates.
EXPECT_CALL(network_library_, LoadOncNetworks(_, _, _, _, _))
EXPECT_CALL(network_library_, LoadOncNetworks(_, _, _, _))
.Times(AtLeast(0));
NetworkConfigurationUpdater updater(policy_service_.get(),
&network_library_);
@ -133,11 +134,11 @@ TEST_P(NetworkConfigurationUpdaterTest, PolicyChange) {
// We should update if policy changes.
EXPECT_CALL(network_library_, LoadOncNetworks(
kFakeONC, "", NameToONCSource(GetParam()), _, _));
kFakeONC, "", NameToONCSource(GetParam()), _));
// In the current implementation, we always apply both policies.
EXPECT_CALL(network_library_, LoadOncNetworks(
kEmptyConfiguration, "", Ne(NameToONCSource(GetParam())), _, _));
kEmptyConfiguration, "", Ne(NameToONCSource(GetParam())), _));
PolicyMap policy;
policy.Set(GetParam(), POLICY_LEVEL_MANDATORY, POLICY_SCOPE_USER,
@ -149,11 +150,11 @@ TEST_P(NetworkConfigurationUpdaterTest, PolicyChange) {
// implementation, we always apply both policies.
EXPECT_CALL(network_library_, LoadOncNetworks(
kEmptyConfiguration, "",
chromeos::NetworkUIData::ONC_SOURCE_DEVICE_POLICY, _, _));
chromeos::onc::ONC_SOURCE_DEVICE_POLICY, _));
EXPECT_CALL(network_library_, LoadOncNetworks(
kEmptyConfiguration, "",
chromeos::NetworkUIData::ONC_SOURCE_USER_POLICY, _, _));
chromeos::onc::ONC_SOURCE_USER_POLICY, _));
EXPECT_CALL(network_library_, RemoveNetworkProfileObserver(_));

13
chrome/browser/ui/webui/net_internals/net_internals_ui.cc

@ -79,6 +79,7 @@
#include "chrome/browser/chromeos/system/syslogs_provider.h"
#include "chromeos/dbus/dbus_thread_manager.h"
#include "chromeos/dbus/debug_daemon_client.h"
#include "chromeos/network/onc/onc_constants.h"
#endif
#if defined(OS_WIN)
#include "chrome/browser/net/service_providers_win.h"
@ -1491,10 +1492,12 @@ void NetInternalsMessageHandler::OnImportONCFile(const ListValue* list) {
std::string error;
chromeos::NetworkLibrary* cros_network =
chromeos::CrosLibrary::Get()->GetNetworkLibrary();
cros_network->LoadOncNetworks(onc_blob, passcode,
chromeos::NetworkUIData::ONC_SOURCE_USER_IMPORT,
false, // allow_web_trust_from_policy
&error);
if (!cros_network->LoadOncNetworks(onc_blob, passcode,
chromeos::onc::ONC_SOURCE_USER_IMPORT,
false)) { // allow web trust from policy
LOG(ERROR) << "Unable to load ONC.";
error = "Unable to load ONC configuration.";
}
// Now that we've added the networks, we need to rescan them so they'll be
// available from the menu more immediately.
@ -1505,7 +1508,7 @@ void NetInternalsMessageHandler::OnImportONCFile(const ListValue* list) {
}
void NetInternalsMessageHandler::OnStoreDebugLogs(const ListValue* list) {
DCHECK(!list);
DCHECK(list);
StoreDebugLogs(
base::Bind(&NetInternalsMessageHandler::OnStoreDebugLogsCompleted,
AsWeakPtr()));

2
chrome/browser/ui/webui/options/chromeos/internet_options_handler.cc

@ -30,7 +30,6 @@
#include "chrome/browser/chromeos/cros/cros_library.h"
#include "chrome/browser/chromeos/cros/cros_network_functions.h"
#include "chrome/browser/chromeos/cros/network_library.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/enrollment_dialog_view.h"
#include "chrome/browser/chromeos/mobile_config.h"
#include "chrome/browser/chromeos/options/network_config_view.h"
@ -50,6 +49,7 @@
#include "chrome/common/chrome_notification_types.h"
#include "chrome/common/chrome_switches.h"
#include "chrome/common/time_format.h"
#include "chromeos/network/onc/onc_constants.h"
#include "content/public/browser/notification_service.h"
#include "content/public/browser/web_contents.h"
#include "content/public/browser/web_ui.h"

20
chrome/chrome_browser_chromeos.gypi

@ -175,8 +175,6 @@
'browser/chromeos/cros/network_parser.h',
'browser/chromeos/cros/network_ui_data.cc',
'browser/chromeos/cros/network_ui_data.h',
'browser/chromeos/cros/onc_constants.cc',
'browser/chromeos/cros/onc_constants.h',
'browser/chromeos/cros/onc_network_parser.cc',
'browser/chromeos/cros/onc_network_parser.h',
'browser/chromeos/cros/sms_watcher.cc',
@ -512,24 +510,6 @@
'browser/chromeos/network_login_observer.h',
'browser/chromeos/network_message_observer.cc',
'browser/chromeos/network_message_observer.h',
'browser/chromeos/network_settings/onc_certificate_importer.cc',
'browser/chromeos/network_settings/onc_mapper.cc',
'browser/chromeos/network_settings/onc_mapper.h',
'browser/chromeos/network_settings/onc_merger.cc',
'browser/chromeos/network_settings/onc_merger.h',
'browser/chromeos/network_settings/onc_normalizer.cc',
'browser/chromeos/network_settings/onc_normalizer.h',
'browser/chromeos/network_settings/onc_signature.cc',
'browser/chromeos/network_settings/onc_signature.h',
'browser/chromeos/network_settings/onc_translation_tables.cc',
'browser/chromeos/network_settings/onc_translation_tables.h',
'browser/chromeos/network_settings/onc_translator.h',
'browser/chromeos/network_settings/onc_translator_onc_to_shill.cc',
'browser/chromeos/network_settings/onc_translator_shill_to_onc.cc',
'browser/chromeos/network_settings/onc_utils.cc',
'browser/chromeos/network_settings/onc_utils.h',
'browser/chromeos/network_settings/onc_validator.cc',
'browser/chromeos/network_settings/onc_validator.h',
'browser/chromeos/notifications/balloon_view_host_chromeos.cc',
'browser/chromeos/notifications/balloon_view_host_chromeos.h',
'browser/chromeos/offline/offline_load_page.cc',

8
chrome/chrome_tests_unit.gypi

@ -594,14 +594,6 @@
'browser/chromeos/memory/oom_priority_manager_unittest.cc',
'browser/chromeos/mobile_config_unittest.cc',
'browser/chromeos/net/network_portal_detector_unittest.cc',
'browser/chromeos/network_settings/onc_certificate_importer_unittest.cc',
'browser/chromeos/network_settings/onc_merger_unittest.cc',
'browser/chromeos/network_settings/onc_normalizer_unittest.cc',
'browser/chromeos/network_settings/onc_test_utils.cc',
'browser/chromeos/network_settings/onc_test_utils.h',
'browser/chromeos/network_settings/onc_translator_unittest.cc',
'browser/chromeos/network_settings/onc_utils_unittest.cc',
'browser/chromeos/network_settings/onc_validator_unittest.cc',
'browser/chromeos/offline/offline_load_page_unittest.cc',
'browser/chromeos/preferences_unittest.cc',
'browser/chromeos/process_proxy/process_output_watcher_unittest.cc',

1
chromeos/DEPS

@ -1,4 +1,5 @@
include_rules = [
"+crypto",
"+net",
"+third_party/cros_system_api",
"+third_party/libxml",

35
chromeos/chromeos.gyp

@ -13,6 +13,7 @@
'dependencies': [
'../base/base.gyp:base',
'../build/linux/system.gyp:dbus',
'../build/linux/system.gyp:ssl',
'../dbus/dbus.gyp:dbus',
'../net/net.gyp:net',
'../third_party/libxml/libxml.gyp:libxml',
@ -142,6 +143,27 @@
'network/network_state_handler.h',
'network/network_state_handler_observer.cc',
'network/network_state_handler_observer.h',
'network/onc/onc_certificate_importer.cc',
'network/onc/onc_certificate_importer.h',
'network/onc/onc_constants.cc',
'network/onc/onc_constants.h',
'network/onc/onc_mapper.cc',
'network/onc/onc_mapper.h',
'network/onc/onc_merger.cc',
'network/onc/onc_merger.h',
'network/onc/onc_normalizer.cc',
'network/onc/onc_normalizer.h',
'network/onc/onc_signature.cc',
'network/onc/onc_signature.h',
'network/onc/onc_translation_tables.cc',
'network/onc/onc_translation_tables.h',
'network/onc/onc_translator.h',
'network/onc/onc_translator_onc_to_shill.cc',
'network/onc/onc_translator_shill_to_onc.cc',
'network/onc/onc_utils.cc',
'network/onc/onc_utils.h',
'network/onc/onc_validator.cc',
'network/onc/onc_validator.h',
'network/shill_property_handler.cc',
'network/shill_property_handler.h',
'network/shill_service_observer.cc',
@ -166,6 +188,8 @@
'chromeos',
],
'sources': [
'chromeos_test_utils.cc',
'chromeos_test_utils.h',
'cryptohome/mock_async_method_caller.cc',
'cryptohome/mock_async_method_caller.h',
'dbus/mock_bluetooth_adapter_client.cc',
@ -263,7 +287,10 @@
'../base/base.gyp:run_all_unittests',
'../base/base.gyp:test_support_base',
'../build/linux/system.gyp:dbus',
'../build/linux/system.gyp:ssl',
'../crypto/crypto.gyp:crypto',
'../dbus/dbus.gyp:dbus_test_support',
'../net/net.gyp:net',
'../testing/gmock.gyp:gmock',
'../testing/gtest.gyp:gtest',
'chromeos_test_support',
@ -298,6 +325,14 @@
'network/network_event_log_unittest.cc',
'network/network_sms_handler_unittest.cc',
'network/network_state_handler_unittest.cc',
'network/onc/onc_certificate_importer_unittest.cc',
'network/onc/onc_merger_unittest.cc',
'network/onc/onc_normalizer_unittest.cc',
'network/onc/onc_test_utils.cc',
'network/onc/onc_test_utils.h',
'network/onc/onc_translator_unittest.cc',
'network/onc/onc_utils_unittest.cc',
'network/onc/onc_validator_unittest.cc',
'network/shill_property_handler_unittest.cc',
'power/power_state_override_unittest.cc',
],

32
chromeos/chromeos_test_utils.cc Normal file

@ -0,0 +1,32 @@
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chromeos/chromeos_test_utils.h"
#include "base/file_path.h"
#include "base/file_util.h"
#include "base/path_service.h"
namespace chromeos {
namespace test_utils {
bool GetTestDataPath(const std::string& component,
const std::string& filename,
FilePath* data_dir) {
FilePath path;
if (!PathService::Get(base::DIR_SOURCE_ROOT, &path))
return false;
path = path.Append(FILE_PATH_LITERAL("chromeos"));
path = path.Append(FILE_PATH_LITERAL("test"));
path = path.Append(FILE_PATH_LITERAL("data"));
if (!file_util::PathExists(path)) // We don't want to create this.
return false;
DCHECK(data_dir);
path = path.Append(component);
*data_dir = path.Append(filename);
return true;
}
} // namespace test_utils
} // namespace chromeos

23
chromeos/chromeos_test_utils.h Normal file

@ -0,0 +1,23 @@
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROMEOS_CHROMEOS_TEST_UTILS_H_
#define CHROMEOS_CHROMEOS_TEST_UTILS_H_
#include <string>
class FilePath;
namespace chromeos {
namespace test_utils {
// Returns the path to the given test data file for this library.
bool GetTestDataPath(const std::string& component,
const std::string& filename,
FilePath* data_dir);
} // namespace test_utils
} // namespace chromeos
#endif // CHROMEOS_CHROMEOS_TEST_UTILS_H_

2
chromeos/network/network_event_log.cc

@ -43,7 +43,7 @@ LogEntry::LogEntry(const std::string& module,
std::string LogEntry::ToString() const {
std::string line;
line += "[" + UTF16ToUTF8(base::TimeFormatShortDateAndTime(time)) + "]";
line += " " + module + "." + event;
line += " " + module + ":" + event;
if (!description.empty())
line += ": " + description;
if (count > 1)

14
chromeos/network/network_event_log.h

@ -9,6 +9,7 @@
#include <string>
#include "base/basictypes.h"
#include "base/stringprintf.h"
#include "base/time.h"
#include "chromeos/chromeos_export.h"
@ -45,6 +46,19 @@ CHROMEOS_EXPORT void AddEntry(const std::string& module,
// output the events. If |max_events| > 0, limits how many events are output.
CHROMEOS_EXPORT std::string GetAsString(StringOrder order, size_t max_events);
// Macros to make logging format more consistent.
#define NET_LOG(module, message) \
::chromeos::network_event_log::AddEntry( \
module, \
std::string(__FILE__) + ":" + ::base::StringPrintf("%d",__LINE__) + \
" (" + std::string(__func__) + ")", \
message)
#define NET_LOG_WARNING(module, message) \
NET_LOG(module, std::string("WARNING:") + message)
#define NET_LOG_ERROR(module, message) \
NET_LOG(module, std::string("ERROR:") + message)
} // namespace network_event_log
} // namespace chromeos

20
chromeos/network/network_event_log_unittest.cc

@ -60,34 +60,34 @@ TEST_F(NetworkEventLogTest, TestNetworkEvents) {
network_event_log::AddEntry("module3", "event3", "description3");
const std::string expected_output_oldest_first(
"module1.event1: description1\n"
"module2.event2: description2\n"
"module3.event3: description3 (2)\n");
"module1:event1: description1\n"
"module2:event2: description2\n"
"module3:event3: description3 (2)\n");
std::string output_oldest_first = network_event_log::GetAsString(
network_event_log::OLDEST_FIRST, 0);
output_oldest_first = SkipTime(output_oldest_first);
EXPECT_EQ(expected_output_oldest_first, output_oldest_first);
const std::string expected_output_oldest_first_short(
"module2.event2: description2\n"
"module3.event3: description3 (2)\n");
"module2:event2: description2\n"
"module3:event3: description3 (2)\n");
std::string output_oldest_first_short = network_event_log::GetAsString(
network_event_log::OLDEST_FIRST, 2);
output_oldest_first_short = SkipTime(output_oldest_first_short);
EXPECT_EQ(expected_output_oldest_first_short, output_oldest_first_short);
const std::string expected_output_newest_first(
"module3.event3: description3 (2)\n"
"module2.event2: description2\n"
"module1.event1: description1\n");
"module3:event3: description3 (2)\n"
"module2:event2: description2\n"
"module1:event1: description1\n");
std::string output_newest_first = network_event_log::GetAsString(
network_event_log::NEWEST_FIRST, 0);
output_newest_first = SkipTime(output_newest_first);
EXPECT_EQ(expected_output_newest_first, output_newest_first);
const std::string expected_output_newest_first_short(
"module3.event3: description3 (2)\n"
"module2.event2: description2\n");
"module3:event3: description3 (2)\n"
"module2:event2: description2\n");
std::string output_newest_first_short = network_event_log::GetAsString(
network_event_log::NEWEST_FIRST, 2);
output_newest_first_short = SkipTime(output_newest_first_short);

130
chrome/browser/chromeos/network_settings/onc_certificate_importer.cc → chromeos/network/onc/onc_certificate_importer.cc

@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_certificate_importer.h"
#include "chromeos/network/onc/onc_certificate_importer.h"
#include <cert.h>
#include <keyhi.h>
@ -10,14 +10,17 @@
#include "base/base64.h"
#include "base/logging.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "grit/generated_resources.h"
#include "base/values.h"
#include "chromeos/network/network_event_log.h"
#include "chromeos/network/onc/onc_constants.h"
#include "net/base/crypto_module.h"
#include "net/base/net_errors.h"
#include "net/base/nss_cert_database.h"
#include "net/base/pem_tokenizer.h"
#include "net/base/x509_certificate.h"
#include "ui/base/l10n/l10n_util.h"
#define ONC_LOG_WARNING(message) NET_LOG_WARNING("ONC", message)
#define ONC_LOG_ERROR(message) NET_LOG_ERROR("ONC", message)
namespace {
@ -32,57 +35,48 @@ namespace chromeos {
namespace onc {
CertificateImporter::CertificateImporter(
NetworkUIData::ONCSource onc_source,
ONCSource onc_source,
bool allow_web_trust_from_policy)
: onc_source_(onc_source),
allow_web_trust_from_policy_(allow_web_trust_from_policy) {
}
bool CertificateImporter::ParseAndStoreCertificates(
const base::ListValue& certificates, std::string* error) {
error_.clear();
CertificateImporter::ParseResult CertificateImporter::ParseAndStoreCertificates(
const base::ListValue& certificates) {
for (size_t i = 0; i < certificates.GetSize(); ++i) {
const base::DictionaryValue* certificate = NULL;
if (!certificates.GetDictionary(i, &certificate)) {
if (error) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_CERT_DATA_MALFORMED);
}
return false;
ONC_LOG_ERROR("Certificate data malformed");
return i > 0 ? IMPORT_INCOMPLETE : IMPORT_FAILED;
}
if (VLOG_IS_ON(2))
VLOG(2) << "Parsing certificate at index " << i << ": " << *certificate;
if (ParseAndStoreCertificate(*certificate)) {
VLOG(2) << "Successfully imported certificate at index " << i;
continue;
if (!ParseAndStoreCertificate(*certificate)) {
ONC_LOG_ERROR(
base::StringPrintf("Cannot parse certificate at index %zu", i));
return i > 0 ? IMPORT_INCOMPLETE : IMPORT_FAILED;
}
LOG(WARNING) << "Cannot parse certificate at index " << i << ": " << error_;
if (error)
*error = error_;
return false;
VLOG(2) << "Successfully imported certificate at index " << i;
}
return true;
return IMPORT_OK;
}
bool CertificateImporter::ParseAndStoreCertificate(
const base::DictionaryValue& certificate) {
// Get out the attributes of the given certificate.
std::string guid;
if (!certificate.GetString(kGUID, &guid) || guid.empty()) {
LOG(WARNING) << "Certificate missing GUID identifier";
error_ = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_CERT_GUID_MISSING);
ONC_LOG_ERROR("Certificate missing GUID identifier");
return false;
}
bool remove = false;
if (certificate.GetBoolean(kRemove, &remove) && remove) {
if (!DeleteCertAndKeyByNickname(guid)) {
error_ = l10n_util::GetStringUTF8(IDS_NETWORK_CONFIG_ERROR_CERT_DELETE);
ONC_LOG_WARNING("Unable to delete certificate");
return false;
} else {
return true;
@ -98,8 +92,7 @@ bool CertificateImporter::ParseAndStoreCertificate(
if (cert_type == certificate::kClient)
return ParseClientCertificate(guid, certificate);
LOG(WARNING) << "ONC File: certificate of unknown type: " << cert_type;
error_ = l10n_util::GetStringUTF8(IDS_NETWORK_CONFIG_ERROR_CERT_TYPE_MISSING);
ONC_LOG_ERROR("Certificate of unknown type: " + cert_type);
return false;
}
@ -166,9 +159,9 @@ bool CertificateImporter::ParseServerOrCaCertificate(
const std::string& guid,
const base::DictionaryValue& certificate) {
// Device policy can't import certificates.
if (onc_source_ == NetworkUIData::ONC_SOURCE_DEVICE_POLICY) {
LOG(WARNING) << "Refusing to import certificate from device policy";
// This isn't a parsing error, so just return NULL here.
if (onc_source_ == ONC_SOURCE_DEVICE_POLICY) {
// This isn't a parsing error.
ONC_LOG_WARNING("Refusing to import certificate from device policy.");
return true;
}
@ -178,9 +171,7 @@ bool CertificateImporter::ParseServerOrCaCertificate(
for (size_t i = 0; i < trust_list->GetSize(); ++i) {
std::string trust_type;
if (!trust_list->GetString(i, &trust_type)) {
LOG(WARNING) << "ONC File: certificate trust is invalid";
error_ = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_CERT_TRUST_INVALID);
ONC_LOG_ERROR("Certificate trust is invalid");
return false;
}
if (trust_type == certificate::kWeb) {
@ -188,10 +179,7 @@ bool CertificateImporter::ParseServerOrCaCertificate(
// identification.
web_trust = true;
} else {
LOG(WARNING) << "ONC File: certificate contains unknown "
<< "trust type: " << trust_type;
error_ = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_CERT_TRUST_UNKNOWN);
ONC_LOG_ERROR("Certificate contains unknown trust type " + trust_type);
return false;
}
}
@ -199,7 +187,7 @@ bool CertificateImporter::ParseServerOrCaCertificate(
// Web trust is only granted to certificates imported for a managed user
// on a managed device.
if (onc_source_ == NetworkUIData::ONC_SOURCE_USER_POLICY &&
if (onc_source_ == ONC_SOURCE_USER_POLICY &&
web_trust && !allow_web_trust_from_policy_) {
LOG(WARNING) << "Web trust not granted for certificate: " << guid;
web_trust = false;
@ -208,10 +196,9 @@ bool CertificateImporter::ParseServerOrCaCertificate(
std::string x509_data;
if (!certificate.GetString(certificate::kX509, &x509_data) ||
x509_data.empty()) {
LOG(WARNING) << "ONC File: certificate missing appropriate "
<< "certificate data for type: " << cert_type;
error_ = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_CERT_DATA_MISSING);
ONC_LOG_ERROR(
"Certificate missing appropriate certificate data for type: " +
cert_type);
return false;
}
@ -229,10 +216,7 @@ bool CertificateImporter::ParseServerOrCaCertificate(
// strings. For this to work, there has to be no white space, and it has to
// only contain the base64-encoded data.
if (!base::Base64Decode(x509_data, &decoded_x509)) {
LOG(WARNING) << "Unable to base64 decode X509 data: \""
<< x509_data << "\".";
error_ = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_CERT_DATA_MALFORMED);
ONC_LOG_ERROR("Unable to base64 decode X509 data: " + x509_data);
return false;
}
} else {
@ -245,9 +229,7 @@ bool CertificateImporter::ParseServerOrCaCertificate(
decoded_x509.size(),
guid.c_str());
if (!x509_cert.get()) {
LOG(WARNING) << "Unable to create X509 certificate from bytes.";
error_ = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_CERT_DATA_MALFORMED);
ONC_LOG_ERROR("Unable to create X509 certificate from bytes.");
return false;
}
@ -273,7 +255,7 @@ bool CertificateImporter::ParseServerOrCaCertificate(
net::NSSCertDatabase* cert_database = net::NSSCertDatabase::GetInstance();
if (x509_cert->os_cert_handle()->isperm) {
if (!cert_database->DeleteCertAndKey(x509_cert.get())) {
error_ = l10n_util::GetStringUTF8(IDS_NETWORK_CONFIG_ERROR_CERT_DELETE);
ONC_LOG_ERROR("Unable to delete X509 certificate.");
return false;
}
@ -284,9 +266,7 @@ bool CertificateImporter::ParseServerOrCaCertificate(
decoded_x509.size(),
guid.c_str());
if (!x509_cert.get()) {
LOG(WARNING) << "Unable to create X509 certificate from bytes.";
error_ = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_CERT_DATA_MALFORMED);
ONC_LOG_ERROR("Unable to create X509 certificate from bytes.");
return false;
}
DCHECK(!x509_cert->os_cert_handle()->isperm);
@ -298,9 +278,7 @@ bool CertificateImporter::ParseServerOrCaCertificate(
net::CertificateList certs;
ListCertsWithNickname(guid, &certs);
if (!certs.empty()) {
LOG(WARNING) << "Cert GUID is already in use: " << guid;
error_ = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_CERT_GUID_COLLISION);
ONC_LOG_ERROR("Certificate GUID is already in use: " + guid);
return false;
}
@ -317,16 +295,12 @@ bool CertificateImporter::ParseServerOrCaCertificate(
success = cert_database->ImportCACerts(cert_list, trust, &failures);
if (!failures.empty()) {
LOG(WARNING) << "ONC File: Error ("
<< net::ErrorToString(failures[0].net_error)
<< ") importing " << cert_type << " certificate";
error_ = l10n_util::GetStringUTF8(IDS_NETWORK_CONFIG_ERROR_CERT_IMPORT);
ONC_LOG_ERROR("Error (" + net::ErrorToString(failures[0].net_error) +
") importing " + cert_type + " certificate");
return false;
}
if (!success) {
LOG(WARNING) << "ONC File: Unknown error importing " << cert_type
<< " certificate";
error_ = l10n_util::GetStringUTF8(IDS_NETWORK_CONFIG_ERROR_UNKNOWN);
ONC_LOG_ERROR("Unknown error importing " + cert_type + " certificate.");
return false;
}
@ -339,19 +313,14 @@ bool CertificateImporter::ParseClientCertificate(
std::string pkcs12_data;
if (!certificate.GetString(certificate::kPKCS12, &pkcs12_data) ||
pkcs12_data.empty()) {
LOG(WARNING) << "ONC File: PKCS12 data is missing for Client "
<< "certificate";
error_ = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_CERT_DATA_MISSING);
ONC_LOG_ERROR("PKCS12 data is missing for client certificate.");
return false;
}
std::string decoded_pkcs12;
if (!base::Base64Decode(pkcs12_data, &decoded_pkcs12)) {
LOG(WARNING) << "Unable to base64 decode PKCS#12 data: \""
<< pkcs12_data << "\".";
error_ = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_CERT_DATA_MALFORMED);
ONC_LOG_ERROR(
"Unable to base64 decode PKCS#12 data: \"" + pkcs12_data + "\".");
return false;
}
@ -360,23 +329,22 @@ bool CertificateImporter::ParseClientCertificate(
scoped_refptr<net::CryptoModule> module(cert_database->GetPrivateModule());
net::CertificateList imported_certs;
int result = cert_database->ImportFromPKCS12(
int import_result = cert_database->ImportFromPKCS12(
module.get(), decoded_pkcs12, string16(), false, &imported_certs);
if (result != net::OK) {
LOG(WARNING) << "ONC File: Unable to import Client certificate"
<< " (error " << net::ErrorToString(result) << ").";
error_ = l10n_util::GetStringUTF8(IDS_NETWORK_CONFIG_ERROR_CERT_IMPORT);
if (import_result != net::OK) {
ONC_LOG_ERROR("Unable to import client certificate (error " +
net::ErrorToString(import_result) + ").");
return false;
}
if (imported_certs.size() == 0) {
LOG(WARNING) << "ONC File: PKCS12 data contains no importable certificates";
ONC_LOG_WARNING("PKCS12 data contains no importable certificates.");
return true;
}
if (imported_certs.size() != 1) {
LOG(WARNING) << "ONC File: PKCS12 data contains more than one certificate."
<< "Only the first one will be imported.";
ONC_LOG_WARNING("ONC File: PKCS12 data contains more than one certificate. "
"Only the first one will be imported.");
}
scoped_refptr<net::X509Certificate> cert_result = imported_certs[0];
@ -391,7 +359,7 @@ bool CertificateImporter::ParseClientCertificate(
PK11_SetPrivateKeyNickname(private_key, const_cast<char*>(guid.c_str()));
SECKEY_DestroyPrivateKey(private_key);
} else {
LOG(WARNING) << "ONC File: Unable to find private key for cert";
ONC_LOG_WARNING("Unable to find private key for certificate.");
}
return true;
}

50
chrome/browser/chromeos/network_settings/onc_certificate_importer.h → chromeos/network/onc/onc_certificate_importer.h

@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_CERTIFICATE_IMPORTER_H_
#define CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_CERTIFICATE_IMPORTER_H_
#ifndef CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_IMPORTER_H_
#define CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_IMPORTER_H_
#include <string>
#include <vector>
@ -11,7 +11,8 @@
#include "base/basictypes.h"
#include "base/memory/ref_counted.h"
#include "base/memory/scoped_ptr.h"
#include "chrome/browser/chromeos/cros/network_ui_data.h"
#include "chromeos/chromeos_export.h"
#include "chromeos/network/onc/onc_constants.h"
namespace base {
class DictionaryValue;
@ -29,25 +30,31 @@ namespace onc {
// This class handles certificate imports from ONC (both policy and user
// imports) into the certificate store. In particular, the GUID of certificates
// is stored together with the certificate as Nickname.
class CertificateImporter {
class CHROMEOS_EXPORT CertificateImporter {
public:
enum ParseResult {
IMPORT_OK,
IMPORT_INCOMPLETE,
IMPORT_FAILED,
};
// Certificates pushed from a policy source with Web trust are only imported
// with ParseCertificate() if the |allow_web_trust_from_policy| permission is
// granted.
CertificateImporter(NetworkUIData::ONCSource onc_source,
CertificateImporter(ONCSource onc_source,
bool allow_web_trust_from_policy);
// Parses and stores the certificates in |onc_certificates| into the
// certificate store. If the "Remove" field of a certificate is enabled, then
// removes the certificate from the store instead of importing. Returns false
// and sets |error| to a user readable message if an error occured. In that
// case, some of the certificates may already be stored/removed. Otherwise, if
// no error occured, returns true and doesn't modify |error|.
bool ParseAndStoreCertificates(const base::ListValue& onc_certificates,
std::string* error);
// removes the certificate from the store instead of importing. Returns the
// result of the parse operation. In case of IMPORT_INCOMPLETE, some of the
// certificates may be stored/removed successfully while others had errors.
// If no error occurred, returns IMPORT_OK.
ParseResult ParseAndStoreCertificates(
const base::ListValue& onc_certificates);
// Parses and stores/removes |certificate| in/from the certificate
// store. Returns false if an error occured. Returns true otherwise.
// store. Returns true if the operation succeeded.
bool ParseAndStoreCertificate(const base::DictionaryValue& certificate);
// Lists the certificates that have the string |label| as their certificate
@ -61,27 +68,24 @@ class CertificateImporter {
static bool DeleteCertAndKeyByNickname(const std::string& label);
private:
bool ParseServerOrCaCertificate(
const std::string& cert_type,
const std::string& guid,
const base::DictionaryValue& certificate);
bool ParseClientCertificate(
const std::string& guid,
const base::DictionaryValue& certificate);
bool ParseServerOrCaCertificate(const std::string& cert_type,
const std::string& guid,
const base::DictionaryValue& certificate);
bool ParseClientCertificate(const std::string& guid,
const base::DictionaryValue& certificate);
// Where the ONC blob comes from.
NetworkUIData::ONCSource onc_source_;
ONCSource onc_source_;
// Whether certificates with Web trust should be stored when pushed from a
// policy source.
bool allow_web_trust_from_policy_;
std::string error_;
DISALLOW_COPY_AND_ASSIGN(CertificateImporter);
};
} // chromeos
} // onc
#endif // CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_CERTIFICATE_IMPORTER_H_
#endif // CHROMEOS_NETWORK_ONC_ONC_CERTIFICATE_IMPORTER_H_

58
chrome/browser/chromeos/network_settings/onc_certificate_importer_unittest.cc → chromeos/network/onc/onc_certificate_importer_unittest.cc

@ -2,9 +2,10 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_certificate_importer.h"
#include "chromeos/network/onc/onc_certificate_importer.h"
#include <cert.h>
#include <certdb.h>
#include <keyhi.h>
#include <pk11pub.h>
#include <string>
@ -12,9 +13,8 @@
#include "base/logging.h"
#include "base/string_number_conversions.h"
#include "base/values.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/network_settings/onc_test_utils.h"
#include "chrome/common/net/x509_certificate_model.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_test_utils.h"
#include "crypto/nss_util.h"
#include "net/base/cert_type.h"
#include "net/base/crypto_module.h"
@ -22,18 +22,39 @@
#include "net/base/x509_certificate.h"
#include "testing/gtest/include/gtest/gtest.h"
namespace {
net::CertType GetCertType(const net::X509Certificate* cert) {
DCHECK(cert);
return x509_certificate_model::GetType(cert->os_cert_handle());
}
} // namespace
namespace chromeos {
namespace onc {
#if defined(USE_NSS)
// In NSS 3.13, CERTDB_VALID_PEER was renamed CERTDB_TERMINAL_RECORD. So we use
// the new name of the macro.
#if !defined(CERTDB_TERMINAL_RECORD)
#define CERTDB_TERMINAL_RECORD CERTDB_VALID_PEER
#endif
net::CertType GetCertType(net::X509Certificate::OSCertHandle cert) {
CERTCertTrust trust = {0};
CERT_GetCertTrust(cert, &trust);
unsigned all_flags = trust.sslFlags | trust.emailFlags |
trust.objectSigningFlags;
if (cert->nickname && (all_flags & CERTDB_USER))
return net::USER_CERT;
if ((all_flags & CERTDB_VALID_CA) || CERT_IsCACert(cert, NULL))
return net::CA_CERT;
// TODO(mattm): http://crbug.com/128633.
if (trust.sslFlags & CERTDB_TERMINAL_RECORD)
return net::SERVER_CERT;
return net::UNKNOWN_CERT;
}
#else
net::CertType GetCertType(net::X509Certificate::OSCertHandle cert) {
NOTIMPLEMENTED();
return net::UNKNOWN_CERT;
}
#endif // USE_NSS
class ONCCertificateImporterTest : public testing::Test {
public:
virtual void SetUp() {
@ -68,16 +89,15 @@ class ONCCertificateImporterTest : public testing::Test {
certificates->GetDictionary(0, &certificate);
certificate->GetStringWithoutPathExpansion(kGUID, guid);
CertificateImporter importer(NetworkUIData::ONC_SOURCE_USER_IMPORT,
false /* don't allow webtrust */);
std::string error;
EXPECT_TRUE(importer.ParseAndStoreCertificates(*certificates, &error));
EXPECT_TRUE(error.empty());
CertificateImporter importer(ONC_SOURCE_USER_IMPORT,
false /* don't allow web trust */);
EXPECT_EQ(CertificateImporter::IMPORT_OK,
importer.ParseAndStoreCertificates(*certificates));
net::CertificateList result_list;
CertificateImporter::ListCertsWithNickname(*guid, &result_list);
ASSERT_EQ(1ul, result_list.size());
EXPECT_EQ(expected_type, GetCertType(result_list[0].get()));
EXPECT_EQ(expected_type, GetCertType(result_list[0]->os_cert_handle()));
}
scoped_refptr<net::CryptoModule> slot_;

2
chrome/browser/chromeos/cros/onc_constants.cc → chromeos/network/onc/onc_constants.cc

@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chromeos/network/onc/onc_constants.h"
namespace chromeos {

220
chromeos/network/onc/onc_constants.h Normal file

@ -0,0 +1,220 @@
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROMEOS_NETWORK_ONC_ONC_CONSTANTS_H_
#define CHROMEOS_NETWORK_ONC_ONC_CONSTANTS_H_
#include "chromeos/chromeos_export.h"
namespace chromeos {
// Constants for ONC properties.
namespace onc {
// Indicates from which source an ONC blob comes from.
enum ONCSource {
ONC_SOURCE_NONE,
ONC_SOURCE_USER_IMPORT,
ONC_SOURCE_DEVICE_POLICY,
ONC_SOURCE_USER_POLICY,
};
// Top Level ONC.
CHROMEOS_EXPORT extern const char kCertificates[];
CHROMEOS_EXPORT extern const char kEncryptedConfiguration[];
CHROMEOS_EXPORT extern const char kNetworkConfigurations[];
CHROMEOS_EXPORT extern const char kUnencryptedConfiguration[];
// This is no ONC key or value but used for logging only.
// TODO(pneubeck): Remove.
CHROMEOS_EXPORT extern const char kNetworkConfiguration[];
// Common keys/values.
CHROMEOS_EXPORT extern const char kRecommended[];
CHROMEOS_EXPORT extern const char kRemove[];
// NetworkConfiguration.
// TODO(pneubeck): Put into namespace.
CHROMEOS_EXPORT extern const char kCellular[];
CHROMEOS_EXPORT extern const char kEthernet[];
CHROMEOS_EXPORT extern const char kGUID[];
CHROMEOS_EXPORT extern const char kIPConfigs[];
CHROMEOS_EXPORT extern const char kName[];
CHROMEOS_EXPORT extern const char kNameServers[];
CHROMEOS_EXPORT extern const char kProxySettings[];
CHROMEOS_EXPORT extern const char kSearchDomains[];
CHROMEOS_EXPORT extern const char kType[];
CHROMEOS_EXPORT extern const char kVPN[];
CHROMEOS_EXPORT extern const char kWiFi[];
namespace ipconfig {
CHROMEOS_EXPORT extern const char kGateway[];
CHROMEOS_EXPORT extern const char kIPAddress[];
CHROMEOS_EXPORT extern const char kIPv4[];
CHROMEOS_EXPORT extern const char kIPv6[];
CHROMEOS_EXPORT extern const char kRoutingPrefix[];
CHROMEOS_EXPORT extern const char kType[];
} // namespace ipconfig
namespace ethernet {
CHROMEOS_EXPORT extern const char kAuthentication[];
CHROMEOS_EXPORT extern const char kEAP[];
CHROMEOS_EXPORT extern const char kNone[];
CHROMEOS_EXPORT extern const char k8021X[];
} // namespace ethernet
namespace wifi {
CHROMEOS_EXPORT extern const char kAutoConnect[];
CHROMEOS_EXPORT extern const char kEAP[];
CHROMEOS_EXPORT extern const char kHiddenSSID[];
CHROMEOS_EXPORT extern const char kNone[];
CHROMEOS_EXPORT extern const char kPassphrase[];
CHROMEOS_EXPORT extern const char kProxyURL[];
CHROMEOS_EXPORT extern const char kSecurity[];
CHROMEOS_EXPORT extern const char kSSID[];
CHROMEOS_EXPORT extern const char kWEP_PSK[];
CHROMEOS_EXPORT extern const char kWEP_8021X[];
CHROMEOS_EXPORT extern const char kWPA_PSK[];
CHROMEOS_EXPORT extern const char kWPA_EAP[];
} // namespace wifi
namespace certificate {
CHROMEOS_EXPORT extern const char kAuthority[];
CHROMEOS_EXPORT extern const char kClient[];
CHROMEOS_EXPORT extern const char kCommonName[];
CHROMEOS_EXPORT extern const char kEmailAddress[];
CHROMEOS_EXPORT extern const char kEnrollmentURI[];
CHROMEOS_EXPORT extern const char kIssuerCARef[];
CHROMEOS_EXPORT extern const char kIssuer[];
CHROMEOS_EXPORT extern const char kLocality[];
CHROMEOS_EXPORT extern const char kNone[];
CHROMEOS_EXPORT extern const char kOrganization[];
CHROMEOS_EXPORT extern const char kOrganizationalUnit[];
CHROMEOS_EXPORT extern const char kPKCS12[];
CHROMEOS_EXPORT extern const char kPattern[];
CHROMEOS_EXPORT extern const char kRef[];
CHROMEOS_EXPORT extern const char kServer[];
CHROMEOS_EXPORT extern const char kSubject[];
CHROMEOS_EXPORT extern const char kTrust[];
CHROMEOS_EXPORT extern const char kType[];
CHROMEOS_EXPORT extern const char kWeb[];
CHROMEOS_EXPORT extern const char kX509[];
} // namespace certificate
namespace encrypted {
CHROMEOS_EXPORT extern const char kAES256[];
CHROMEOS_EXPORT extern const char kCipher[];
CHROMEOS_EXPORT extern const char kCiphertext[];
CHROMEOS_EXPORT extern const char kHMACMethod[];
CHROMEOS_EXPORT extern const char kHMAC[];
CHROMEOS_EXPORT extern const char kIV[];
CHROMEOS_EXPORT extern const char kIterations[];
CHROMEOS_EXPORT extern const char kPBKDF2[];
CHROMEOS_EXPORT extern const char kSHA1[];
CHROMEOS_EXPORT extern const char kSalt[];
CHROMEOS_EXPORT extern const char kStretch[];
CHROMEOS_EXPORT extern const char kType[];
} // namespace encrypted
namespace eap {
CHROMEOS_EXPORT extern const char kAnonymousIdentity[];
CHROMEOS_EXPORT extern const char kAutomatic[];
CHROMEOS_EXPORT extern const char kClientCertPattern[];
CHROMEOS_EXPORT extern const char kClientCertRef[];
CHROMEOS_EXPORT extern const char kClientCertType[];
CHROMEOS_EXPORT extern const char kEAP_AKA[];
CHROMEOS_EXPORT extern const char kEAP_FAST[];
CHROMEOS_EXPORT extern const char kEAP_SIM[];
CHROMEOS_EXPORT extern const char kEAP_TLS[];
CHROMEOS_EXPORT extern const char kEAP_TTLS[];
CHROMEOS_EXPORT extern const char kIdentity[];
CHROMEOS_EXPORT extern const char kInner[];
CHROMEOS_EXPORT extern const char kLEAP[];
CHROMEOS_EXPORT extern const char kMD5[];
CHROMEOS_EXPORT extern const char kMSCHAPv2[];
CHROMEOS_EXPORT extern const char kOuter[];
CHROMEOS_EXPORT extern const char kPAP[];
CHROMEOS_EXPORT extern const char kPEAP[];
CHROMEOS_EXPORT extern const char kPassword[];
CHROMEOS_EXPORT extern const char kSaveCredentials[];
CHROMEOS_EXPORT extern const char kServerCARef[];
CHROMEOS_EXPORT extern const char kUseSystemCAs[];
} // namespace eap
namespace vpn {
CHROMEOS_EXPORT extern const char kAuthNoCache[];
CHROMEOS_EXPORT extern const char kAuthRetry[];
CHROMEOS_EXPORT extern const char kAuth[];
CHROMEOS_EXPORT extern const char kAuthenticationType[];
CHROMEOS_EXPORT extern const char kCert[];
CHROMEOS_EXPORT extern const char kCipher[];
CHROMEOS_EXPORT extern const char kClientCertPattern[];
CHROMEOS_EXPORT extern const char kClientCertRef[];
CHROMEOS_EXPORT extern const char kClientCertType[];
CHROMEOS_EXPORT extern const char kCompLZO[];
CHROMEOS_EXPORT extern const char kCompNoAdapt[];
CHROMEOS_EXPORT extern const char kEAP[];
CHROMEOS_EXPORT extern const char kGroup[];
CHROMEOS_EXPORT extern const char kHost[];
CHROMEOS_EXPORT extern const char kIKEVersion[];
CHROMEOS_EXPORT extern const char kIPsec[];
CHROMEOS_EXPORT extern const char kKeyDirection[];
CHROMEOS_EXPORT extern const char kL2TP[];
CHROMEOS_EXPORT extern const char kNsCertType[];
CHROMEOS_EXPORT extern const char kOpenVPN[];
CHROMEOS_EXPORT extern const char kPSK[];
CHROMEOS_EXPORT extern const char kPassword[];
CHROMEOS_EXPORT extern const char kPort[];
CHROMEOS_EXPORT extern const char kProto[];
CHROMEOS_EXPORT extern const char kPushPeerInfo[];
CHROMEOS_EXPORT extern const char kRemoteCertEKU[];
CHROMEOS_EXPORT extern const char kRemoteCertKU[];
CHROMEOS_EXPORT extern const char kRemoteCertTLS[];
CHROMEOS_EXPORT extern const char kRenegSec[];
CHROMEOS_EXPORT extern const char kSaveCredentials[];
CHROMEOS_EXPORT extern const char kServerCARef[];
CHROMEOS_EXPORT extern const char kServerCertRef[];
CHROMEOS_EXPORT extern const char kServerPollTimeout[];
CHROMEOS_EXPORT extern const char kShaper[];
CHROMEOS_EXPORT extern const char kStaticChallenge[];
CHROMEOS_EXPORT extern const char kTLSAuthContents[];
CHROMEOS_EXPORT extern const char kTLSRemote[];
CHROMEOS_EXPORT extern const char kTypeL2TP_IPsec[];
CHROMEOS_EXPORT extern const char kType[];
CHROMEOS_EXPORT extern const char kUsername[];
CHROMEOS_EXPORT extern const char kVerb[];
CHROMEOS_EXPORT extern const char kXAUTH[];
} // namespace vpn
namespace openvpn {
CHROMEOS_EXPORT extern const char kNone[];
CHROMEOS_EXPORT extern const char kInteract[];
CHROMEOS_EXPORT extern const char kNoInteract[];
CHROMEOS_EXPORT extern const char kServer[];
} // namespace openvpn
namespace substitutes {
CHROMEOS_EXPORT extern const char kEmailField[];
CHROMEOS_EXPORT extern const char kLoginIDField[];
} // namespace substitutes
namespace proxy {
CHROMEOS_EXPORT extern const char kDirect[];
CHROMEOS_EXPORT extern const char kExcludeDomains[];
CHROMEOS_EXPORT extern const char kFtp[];
CHROMEOS_EXPORT extern const char kHost[];
CHROMEOS_EXPORT extern const char kHttp[];
CHROMEOS_EXPORT extern const char kHttps[];
CHROMEOS_EXPORT extern const char kManual[];
CHROMEOS_EXPORT extern const char kPAC[];
CHROMEOS_EXPORT extern const char kPort[];
CHROMEOS_EXPORT extern const char kSocks[];
CHROMEOS_EXPORT extern const char kType[];
CHROMEOS_EXPORT extern const char kWPAD[];
} // namespace proxy
} // namespace onc
} // namespace chromeos
#endif // CHROMEOS_NETWORK_ONC_ONC_CONSTANTS_H_

4
chrome/browser/chromeos/network_settings/onc_mapper.cc → chromeos/network/onc/onc_mapper.cc

@ -2,11 +2,11 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_mapper.h"
#include "chromeos/network/onc/onc_mapper.h"
#include "base/logging.h"
#include "base/values.h"
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chromeos/network/onc/onc_signature.h"
namespace chromeos {
namespace onc {

7
chrome/browser/chromeos/network_settings/onc_mapper.h → chromeos/network/onc/onc_mapper.h

@ -2,12 +2,13 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_MAPPER_H_
#define CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_MAPPER_H_
#ifndef CHROMEOS_NETWORK_ONC_ONC_MAPPER_H_
#define CHROMEOS_NETWORK_ONC_ONC_MAPPER_H_
#include <string>
#include "base/memory/scoped_ptr.h"
#include "chromeos/chromeos_export.h"
namespace base {
class Value;
@ -100,4 +101,4 @@ class Mapper {
} // namespace onc
} // namespace chromeos
#endif // CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_MAPPER_H_
#endif // CHROMEOS_NETWORK_ONC_ONC_MAPPER_H_

4
chrome/browser/chromeos/network_settings/onc_merger.cc → chromeos/network/onc/onc_merger.cc

@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_merger.h"
#include "chromeos/network/onc/onc_merger.h"
#include <set>
#include <string>
@ -10,7 +10,7 @@
#include "base/basictypes.h"
#include "base/logging.h"
#include "base/values.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chromeos/network/onc/onc_constants.h"
namespace chromeos {
namespace onc {

11
chrome/browser/chromeos/network_settings/onc_merger.h → chromeos/network/onc/onc_merger.h

@ -2,10 +2,11 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_MERGER_H_
#define CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_MERGER_H_
#ifndef CHROMEOS_NETWORK_ONC_ONC_MERGER_H_
#define CHROMEOS_NETWORK_ONC_ONC_MERGER_H_
#include "base/memory/scoped_ptr.h"
#include "chromeos/chromeos_export.h"
namespace base {
class DictionaryValue;
@ -15,7 +16,7 @@ namespace chromeos {
namespace onc {
// Merges the given |user_onc| and |shared_onc| settings with the given
// |user_policy| and |device_policy| settings. Each can be omitted by prodiving
// |user_policy| and |device_policy| settings. Each can be omitted by providing
// a NULL pointer. Each dictionary has to be a valid ONC dictionary. They don't
// have to describe top-level ONC but should refer to the same section in
// ONC. |user_onc| and |shared_onc| should not contain kRecommended fields. The
@ -23,7 +24,7 @@ namespace onc {
// a network with type: "WiFi", the field "VPN" is dispensable) that can be
// removed by the caller using the ONC normalizer. ONC conformance of the
// arguments is not checked. Use ONC validator for that.
scoped_ptr<base::DictionaryValue> MergeSettingsWithPolicies(
CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> MergeSettingsWithPolicies(
const base::DictionaryValue* user_policy,
const base::DictionaryValue* device_policy,
const base::DictionaryValue* user_onc,
@ -32,4 +33,4 @@ scoped_ptr<base::DictionaryValue> MergeSettingsWithPolicies(
} // namespace onc
} // namespace chromeos
#endif // CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_MERGER_H_
#endif // CHROMEOS_NETWORK_ONC_ONC_MERGER_H_

6
chrome/browser/chromeos/network_settings/onc_merger_unittest.cc → chromeos/network/onc/onc_merger_unittest.cc

@ -2,14 +2,14 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_merger.h"
#include "chromeos/network/onc/onc_merger.h"
#include <string>
#include "base/logging.h"
#include "base/values.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/network_settings/onc_test_utils.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_test_utils.h"
#include "testing/gtest/include/gtest/gtest.h"
namespace chromeos {

6
chrome/browser/chromeos/network_settings/onc_normalizer.cc → chromeos/network/onc/onc_normalizer.cc

@ -2,14 +2,14 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_normalizer.h"
#include "chromeos/network/onc/onc_normalizer.h"
#include <string>
#include "base/logging.h"
#include "base/values.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_signature.h"
namespace chromeos {
namespace onc {

11
chrome/browser/chromeos/network_settings/onc_normalizer.h → chromeos/network/onc/onc_normalizer.h

@ -2,18 +2,19 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_NORMALIZER_H_
#define CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_NORMALIZER_H_
#ifndef CHROMEOS_NETWORK_ONC_ONC_NORMALIZER_H_
#define CHROMEOS_NETWORK_ONC_ONC_NORMALIZER_H_
#include "base/memory/scoped_ptr.h"
#include "chrome/browser/chromeos/network_settings/onc_mapper.h"
#include "chromeos/chromeos_export.h"
#include "chromeos/network/onc/onc_mapper.h"
namespace chromeos {
namespace onc {
struct OncValueSignature;
class Normalizer : public Mapper {
class CHROMEOS_EXPORT Normalizer : public Mapper {
public:
explicit Normalizer(bool remove_recommended_fields);
virtual ~Normalizer();
@ -46,4 +47,4 @@ class Normalizer : public Mapper {
} // namespace onc
} // namespace chromeos
#endif // CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_NORMALIZER_H_
#endif // CHROMEOS_NETWORK_ONC_ONC_NORMALIZER_H_

6
chrome/browser/chromeos/network_settings/onc_normalizer_unittest.cc → chromeos/network/onc/onc_normalizer_unittest.cc

@ -2,12 +2,12 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_normalizer.h"
#include "chromeos/network/onc/onc_normalizer.h"
#include "base/memory/scoped_ptr.h"
#include "base/values.h"
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chrome/browser/chromeos/network_settings/onc_test_utils.h"
#include "chromeos/network/onc/onc_signature.h"
#include "chromeos/network/onc/onc_test_utils.h"
#include "testing/gtest/include/gtest/gtest.h"
namespace chromeos {

4
chrome/browser/chromeos/network_settings/onc_signature.cc → chromeos/network/onc/onc_signature.cc

@ -2,9 +2,9 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chromeos/network/onc/onc_signature.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chromeos/network/onc/onc_constants.h"
#include "third_party/cros_system_api/dbus/service_constants.h"
using base::Value;

55
chromeos/network/onc/onc_signature.h Normal file

@ -0,0 +1,55 @@
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROMEOS_NETWORK_ONC_ONC_SIGNATURE_H_
#define CHROMEOS_NETWORK_ONC_ONC_SIGNATURE_H_
#include <string>
#include "base/values.h"
#include "chromeos/chromeos_export.h"
namespace chromeos {
namespace onc {
struct OncValueSignature;
struct OncFieldSignature {
const char* onc_field_name;
const char* shill_property_name;
const OncValueSignature* value_signature;
};
struct CHROMEOS_EXPORT OncValueSignature {
base::Value::Type onc_type;
const OncFieldSignature* fields;
const OncValueSignature* onc_array_entry_signature;
};
const OncFieldSignature* GetFieldSignature(const OncValueSignature& signature,
const std::string& onc_field_name);
CHROMEOS_EXPORT extern const OncValueSignature kRecommendedSignature;
CHROMEOS_EXPORT extern const OncValueSignature kEAPSignature;
CHROMEOS_EXPORT extern const OncValueSignature kIssuerSubjectPatternSignature;
CHROMEOS_EXPORT extern const OncValueSignature kCertificatePatternSignature;
CHROMEOS_EXPORT extern const OncValueSignature kIPsecSignature;
CHROMEOS_EXPORT extern const OncValueSignature kL2TPSignature;
CHROMEOS_EXPORT extern const OncValueSignature kOpenVPNSignature;
CHROMEOS_EXPORT extern const OncValueSignature kVPNSignature;
CHROMEOS_EXPORT extern const OncValueSignature kEthernetSignature;
CHROMEOS_EXPORT extern const OncValueSignature kIPConfigSignature;
CHROMEOS_EXPORT extern const OncValueSignature kProxyLocationSignature;
CHROMEOS_EXPORT extern const OncValueSignature kProxyManualSignature;
CHROMEOS_EXPORT extern const OncValueSignature kProxySettingsSignature;
CHROMEOS_EXPORT extern const OncValueSignature kWiFiSignature;
CHROMEOS_EXPORT extern const OncValueSignature kCertificateSignature;
CHROMEOS_EXPORT extern const OncValueSignature kNetworkConfigurationSignature;
CHROMEOS_EXPORT extern const OncValueSignature
kUnencryptedConfigurationSignature;
} // namespace onc
} // namespace chromeos
#endif // CHROMEOS_NETWORK_ONC_ONC_SIGNATURE_H_

24
chrome/browser/chromeos/network_settings/onc_test_utils.cc → chromeos/network/onc/onc_test_utils.cc

@ -2,25 +2,38 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_test_utils.h"
#include "chromeos/network/onc/onc_test_utils.h"
#include "base/file_path.h"
#include "base/json/json_file_value_serializer.h"
#include "base/logging.h"
#include "base/path_service.h"
#include "base/values.h"
#include "chrome/common/chrome_paths.h"
#include "chromeos/chromeos_test_utils.h"
namespace chromeos {
namespace onc {
namespace test_utils {
namespace {
// The name of the component directory to get the test data from.
const char kNetworkComponentDirectory[] = "network";
} // namespace
scoped_ptr<base::DictionaryValue> ReadTestDictionary(
const std::string& filename) {
base::DictionaryValue* dict = NULL;
FilePath path;
PathService::Get(chrome::DIR_TEST_DATA, &path);
path = path.AppendASCII("chromeos").AppendASCII("network_settings").
Append(filename);
if (!chromeos::test_utils::GetTestDataPath(kNetworkComponentDirectory,
filename,
&path)) {
NOTREACHED() << "Unable to get test dictionary path for "
<< kNetworkComponentDirectory << "/" << filename;
return make_scoped_ptr(dict);
}
JSONFileValueSerializer serializer(path);
serializer.set_allow_trailing_comma(true);
@ -29,7 +42,6 @@ scoped_ptr<base::DictionaryValue> ReadTestDictionary(
CHECK(content != NULL) << "Couldn't json-deserialize file '"
<< filename << "': " << error_message;
base::DictionaryValue* dict = NULL;
CHECK(content->GetAsDictionary(&dict))
<< "File '" << filename
<< "' does not contain a dictionary as expected, but type "

6
chrome/browser/chromeos/network_settings/onc_test_utils.h → chromeos/network/onc/onc_test_utils.h

@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_TEST_UTILS_H_
#define CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_TEST_UTILS_H_
#ifndef CHROMEOS_NETWORK_ONC_ONC_TEST_UTILS_H_
#define CHROMEOS_NETWORK_ONC_ONC_TEST_UTILS_H_
#include <string>
@ -33,4 +33,4 @@ scoped_ptr<base::DictionaryValue> ReadTestDictionary(
} // namespace onc
} // namespace chromeos
#endif // CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_TEST_UTILS_H_
#endif // CHROMEOS_NETWORK_ONC_ONC_TEST_UTILS_H_

4
chrome/browser/chromeos/network_settings/onc_translation_tables.cc → chromeos/network/onc/onc_translation_tables.cc

@ -2,11 +2,11 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_translation_tables.h"
#include "chromeos/network/onc/onc_translation_tables.h"
#include <cstddef>
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chromeos/network/onc/onc_constants.h"
#include "third_party/cros_system_api/dbus/service_constants.h"
namespace chromeos {

6
chrome/browser/chromeos/network_settings/onc_translation_tables.h → chromeos/network/onc/onc_translation_tables.h

@ -2,8 +2,8 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_TRANSLATION_TABLES_H_
#define CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_TRANSLATION_TABLES_H_
#ifndef CHROMEOS_NETWORK_ONC_ONC_TRANSLATION_TABLES_H_
#define CHROMEOS_NETWORK_ONC_ONC_TRANSLATION_TABLES_H_
namespace chromeos {
namespace onc {
@ -21,4 +21,4 @@ extern const StringTranslationEntry kVPNTypeTable[];
} // namespace onc
} // namespace chromeos
#endif // CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_TRANSLATION_TABLES_H_
#endif // CHROMEOS_NETWORK_ONC_ONC_TRANSLATION_TABLES_H_

9
chrome/browser/chromeos/network_settings/onc_translator.h → chromeos/network/onc/onc_translator.h

@ -2,10 +2,11 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_TRANSLATOR_H_
#define CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_TRANSLATOR_H_
#ifndef CHROMEOS_NETWORK_ONC_ONC_TRANSLATOR_H_
#define CHROMEOS_NETWORK_ONC_ONC_TRANSLATOR_H_
#include "base/memory/scoped_ptr.h"
#include "chromeos/chromeos_export.h"
namespace base {
class DictionaryValue;
@ -23,6 +24,7 @@ struct OncValueSignature;
//
// This function is used to translate network settings from ONC to Shill's
// format before sending them to Shill.
CHROMEOS_EXPORT
scoped_ptr<base::DictionaryValue> TranslateONCObjectToShill(
const OncValueSignature* signature,
const base::DictionaryValue& onc_object);
@ -35,6 +37,7 @@ scoped_ptr<base::DictionaryValue> TranslateONCObjectToShill(
// before sending them to the UI. The result doesn't have to be valid ONC, but
// only a subset of it and includes only the values that are actually required
// by the UI.
CHROMEOS_EXPORT
scoped_ptr<base::DictionaryValue> TranslateShillServiceToONCPart(
const base::DictionaryValue& shill_dictionary,
const OncValueSignature* onc_signature);
@ -42,4 +45,4 @@ scoped_ptr<base::DictionaryValue> TranslateShillServiceToONCPart(
} // namespace onc
} // namespace chromeos
#endif // CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_TRANSLATOR_H_
#endif // CHROMEOS_NETWORK_ONC_ONC_TRANSLATOR_H_

8
chrome/browser/chromeos/network_settings/onc_translator_onc_to_shill.cc → chromeos/network/onc/onc_translator_onc_to_shill.cc

@ -8,7 +8,7 @@
// - The local translation of an object depending on the associated signature
// see LocalTranslator::TranslateFields
#include "chrome/browser/chromeos/network_settings/onc_translator.h"
#include "chromeos/network/onc/onc_translator.h"
#include <string>
@ -16,9 +16,9 @@
#include "base/json/json_writer.h"
#include "base/logging.h"
#include "base/values.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chrome/browser/chromeos/network_settings/onc_translation_tables.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_signature.h"
#include "chromeos/network/onc/onc_translation_tables.h"
#include "third_party/cros_system_api/dbus/service_constants.h"
namespace chromeos {

8
chrome/browser/chromeos/network_settings/onc_translator_shill_to_onc.cc → chromeos/network/onc/onc_translator_shill_to_onc.cc

@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_translator.h"
#include "chromeos/network/onc/onc_translator.h"
#include <string>
@ -11,9 +11,9 @@
#include "base/json/json_writer.h"
#include "base/logging.h"
#include "base/values.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chrome/browser/chromeos/network_settings/onc_translation_tables.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_signature.h"
#include "chromeos/network/onc/onc_translation_tables.h"
#include "third_party/cros_system_api/dbus/service_constants.h"
namespace chromeos {

8
chrome/browser/chromeos/network_settings/onc_translator_unittest.cc → chromeos/network/onc/onc_translator_unittest.cc

@ -2,13 +2,13 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_translator.h"
#include "chromeos/network/onc/onc_translator.h"
#include "base/memory/scoped_ptr.h"
#include "base/values.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chrome/browser/chromeos/network_settings/onc_test_utils.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_signature.h"
#include "chromeos/network/onc/onc_test_utils.h"
#include "testing/gtest/include/gtest/gtest.h"
namespace chromeos {

92
chrome/browser/chromeos/network_settings/onc_utils.cc → chromeos/network/onc/onc_utils.cc

@ -2,33 +2,40 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_utils.h"
#include "chromeos/network/onc/onc_utils.h"
#include "base/base64.h"
#include "base/json/json_reader.h"
#include "base/logging.h"
#include "base/values.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chromeos/network/network_event_log.h"
#include "chromeos/network/onc/onc_constants.h"
#include "crypto/encryptor.h"
#include "crypto/hmac.h"
#include "crypto/symmetric_key.h"
#include "grit/generated_resources.h"
#include "ui/base/l10n/l10n_util.h"
#define ONC_LOG_WARNING(message) NET_LOG_WARNING("ONC", message)
#define ONC_LOG_ERROR(message) NET_LOG_ERROR("ONC", message)
namespace chromeos {
namespace onc {
namespace {
const char kUnableToDecrypt[] = "Unable to decrypt encrypted ONC";
const char kUnableToDecode[] = "Unable to decode encrypted ONC";
} // namespace
scoped_ptr<base::DictionaryValue> ReadDictionaryFromJson(
const std::string& json,
std::string* error) {
const std::string& json) {
std::string error;
base::Value* root = base::JSONReader::ReadAndReturnError(
json, base::JSON_ALLOW_TRAILING_COMMAS, NULL, error);
json, base::JSON_ALLOW_TRAILING_COMMAS, NULL, &error);
base::DictionaryValue* dict_ptr = NULL;
if (root != NULL && !root->GetAsDictionary(&dict_ptr)) {
if (error) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_NETWORK_NOT_A_JSON_DICTIONARY);
}
if (!root || !root->GetAsDictionary(&dict_ptr)) {
ONC_LOG_ERROR("Invalid JSON Dictionary: " + error);
delete root;
}
@ -36,8 +43,7 @@ scoped_ptr<base::DictionaryValue> ReadDictionaryFromJson(
}
scoped_ptr<base::DictionaryValue> Decrypt(const std::string& passphrase,
const base::DictionaryValue& root,
std::string* error) {
const base::DictionaryValue& root) {
const int kKeySizeInBits = 256;
const int kMaxIterationCount = 500000;
std::string onc_type;
@ -60,37 +66,33 @@ scoped_ptr<base::DictionaryValue> Decrypt(const std::string& passphrase,
!root.GetString(encrypted::kStretch, &stretch_method) ||
!root.GetString(encrypted::kType, &onc_type) ||
onc_type != kEncryptedConfiguration) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_MALFORMED);
ONC_LOG_ERROR("Encrypted ONC malformed.");
return scoped_ptr<base::DictionaryValue>();
}
if (hmac_method != encrypted::kSHA1 ||
cipher != encrypted::kAES256 ||
stretch_method != encrypted::kPBKDF2) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNSUPPORTED_ENCRYPTION);
ONC_LOG_ERROR("Encrypted ONC unsupported encryption scheme.");
return scoped_ptr<base::DictionaryValue>();
}
// Make sure iterations != 0, since that's not valid.
if (iterations == 0) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNABLE_TO_DECRYPT);
ONC_LOG_ERROR(kUnableToDecrypt);
return scoped_ptr<base::DictionaryValue>();
}
// Simply a sanity check to make sure we can't lock up the machine
// for too long with a huge number (or a negative number).
if (iterations < 0 || iterations > kMaxIterationCount) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_TOO_MANY_ITERATIONS);
ONC_LOG_ERROR("Too many iterations in encrypted ONC");
return scoped_ptr<base::DictionaryValue>();
}
if (!base::Base64Decode(salt, &salt)) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNABLE_TO_DECODE);
ONC_LOG_ERROR(kUnableToDecode);
return scoped_ptr<base::DictionaryValue>();
}
@ -102,51 +104,61 @@ scoped_ptr<base::DictionaryValue> Decrypt(const std::string& passphrase,
kKeySizeInBits));
if (!base::Base64Decode(initial_vector, &initial_vector)) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNABLE_TO_DECODE);
ONC_LOG_ERROR(kUnableToDecode);
return scoped_ptr<base::DictionaryValue>();
}
if (!base::Base64Decode(ciphertext, &ciphertext)) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNABLE_TO_DECODE);
ONC_LOG_ERROR(kUnableToDecode);
return scoped_ptr<base::DictionaryValue>();
}
if (!base::Base64Decode(hmac, &hmac)) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNABLE_TO_DECODE);
ONC_LOG_ERROR(kUnableToDecode);
return scoped_ptr<base::DictionaryValue>();
}
crypto::HMAC hmac_verifier(crypto::HMAC::SHA1);
if (!hmac_verifier.Init(key.get()) ||
!hmac_verifier.Verify(ciphertext, hmac)) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNABLE_TO_DECRYPT);
ONC_LOG_ERROR(kUnableToDecrypt);
return scoped_ptr<base::DictionaryValue>();
}
crypto::Encryptor decryptor;
if (!decryptor.Init(key.get(), crypto::Encryptor::CBC, initial_vector)) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNABLE_TO_DECRYPT);
ONC_LOG_ERROR(kUnableToDecrypt);
return scoped_ptr<base::DictionaryValue>();
}
std::string plaintext;
if (!decryptor.Decrypt(ciphertext, &plaintext)) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_ENCRYPTED_ONC_UNABLE_TO_DECRYPT);
ONC_LOG_ERROR(kUnableToDecrypt);
return scoped_ptr<base::DictionaryValue>();
}
scoped_ptr<base::DictionaryValue> new_root =
ReadDictionaryFromJson(plaintext, error);
if (new_root.get() == NULL && error->empty()) {
*error = l10n_util::GetStringUTF8(
IDS_NETWORK_CONFIG_ERROR_NETWORK_PROP_DICT_MALFORMED);
ReadDictionaryFromJson(plaintext);
if (new_root.get() == NULL) {
ONC_LOG_ERROR("Property dictionary malformed.");
return scoped_ptr<base::DictionaryValue>();
}
return new_root.Pass();
}
std::string GetSourceAsString(ONCSource source) {
switch (source) {
case ONC_SOURCE_DEVICE_POLICY:
return "device policy";
case ONC_SOURCE_USER_POLICY:
return "user policy";
case ONC_SOURCE_NONE:
return "none";
case ONC_SOURCE_USER_IMPORT:
return "user import";
}
NOTREACHED() << "unknown ONC source " << source;
return "unknown";
}
} // chromeos
} // onc

40
chromeos/network/onc/onc_utils.h Normal file

@ -0,0 +1,40 @@
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROMEOS_NETWORK_ONC_ONC_UTILS_H_
#define CHROMEOS_NETWORK_ONC_ONC_UTILS_H_
#include <string>
#include "base/memory/scoped_ptr.h"
#include "chromeos/chromeos_export.h"
#include "chromeos/network/onc/onc_constants.h"
namespace base {
class DictionaryValue;
}
namespace chromeos {
namespace onc {
// Parses |json| according to the JSON format. If |json| is a JSON formatted
// dictionary, the function returns the dictionary as a DictionaryValue.
// Otherwise returns NULL.
CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> ReadDictionaryFromJson(
const std::string& json);
// Decrypt the given EncryptedConfiguration |onc| (see the ONC specification)
// using |passphrase|. The resulting UnencryptedConfiguration is returned. If an
// error occurs, returns NULL.
CHROMEOS_EXPORT scoped_ptr<base::DictionaryValue> Decrypt(
const std::string& passphrase,
const base::DictionaryValue& onc);
// For logging only: strings not user facing.
CHROMEOS_EXPORT std::string GetSourceAsString(ONCSource source);
} // chromeos
} // onc
#endif // CHROMEOS_NETWORK_ONC_ONC_UTILS_H_

14
chrome/browser/chromeos/network_settings/onc_utils_unittest.cc → chromeos/network/onc/onc_utils_unittest.cc

@ -2,12 +2,12 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_utils.h"
#include "chromeos/network/onc/onc_utils.h"
#include <string>
#include "base/values.h"
#include "chrome/browser/chromeos/network_settings/onc_test_utils.h"
#include "chromeos/network/onc/onc_test_utils.h"
#include "testing/gtest/include/gtest/gtest.h"
namespace chromeos {
@ -17,12 +17,10 @@ TEST(ONCDecrypterTest, BrokenEncryptionIterations) {
scoped_ptr<base::DictionaryValue> encrypted_onc =
test_utils::ReadTestDictionary("broken-encrypted-iterations.onc");
std::string error;
scoped_ptr<base::DictionaryValue> decrypted_onc =
Decrypt("test0000", *encrypted_onc, &error);
Decrypt("test0000", *encrypted_onc);
EXPECT_EQ(NULL, decrypted_onc.get());
EXPECT_FALSE(error.empty());
}
TEST(ONCDecrypterTest, BrokenEncryptionZeroIterations) {
@ -31,10 +29,9 @@ TEST(ONCDecrypterTest, BrokenEncryptionZeroIterations) {
std::string error;
scoped_ptr<base::DictionaryValue> decrypted_onc =
Decrypt("test0000", *encrypted_onc, &error);
Decrypt("test0000", *encrypted_onc);
EXPECT_EQ(NULL, decrypted_onc.get());
EXPECT_FALSE(error.empty());
}
TEST(ONCDecrypterTest, LoadEncryptedOnc) {
@ -45,12 +42,11 @@ TEST(ONCDecrypterTest, LoadEncryptedOnc) {
std::string error;
scoped_ptr<base::DictionaryValue> actual_decrypted_onc =
Decrypt("test0000", *encrypted_onc, &error);
Decrypt("test0000", *encrypted_onc);
base::DictionaryValue emptyDict;
EXPECT_TRUE(test_utils::Equals(expected_decrypted_onc.get(),
actual_decrypted_onc.get()));
EXPECT_TRUE(error.empty()) << error;
}
} // namespace onc

6
chrome/browser/chromeos/network_settings/onc_validator.cc → chromeos/network/onc/onc_validator.cc

@ -2,7 +2,7 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_validator.h"
#include "chromeos/network/onc/onc_validator.h"
#include <algorithm>
#include <string>
@ -10,8 +10,8 @@
#include "base/logging.h"
#include "base/string_util.h"
#include "base/values.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_signature.h"
namespace chromeos {
namespace onc {

11
chrome/browser/chromeos/network_settings/onc_validator.h → chromeos/network/onc/onc_validator.h

@ -2,11 +2,12 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_VALIDATOR_H_
#define CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_VALIDATOR_H_
#ifndef CHROMEOS_NETWORK_ONC_ONC_VALIDATOR_H_
#define CHROMEOS_NETWORK_ONC_ONC_VALIDATOR_H_
#include "base/memory/scoped_ptr.h"
#include "chrome/browser/chromeos/network_settings/onc_mapper.h"
#include "chromeos/chromeos_export.h"
#include "chromeos/network/onc/onc_mapper.h"
namespace base {
class Value;
@ -18,7 +19,7 @@ namespace onc {
struct OncValueSignature;
class Validator : public Mapper {
class CHROMEOS_EXPORT Validator : public Mapper {
public:
// Creates a Validator that searches for the following invalid cases:
// - a field name is found that is not part of the signature
@ -149,4 +150,4 @@ class Validator : public Mapper {
} // namespace onc
} // namespace chromeos
#endif // CHROME_BROWSER_CHROMEOS_NETWORK_SETTINGS_ONC_VALIDATOR_H_
#endif // CHROMEOS_NETWORK_ONC_ONC_VALIDATOR_H_

8
chrome/browser/chromeos/network_settings/onc_validator_unittest.cc → chromeos/network/onc/onc_validator_unittest.cc

@ -2,15 +2,15 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/chromeos/network_settings/onc_validator.h"
#include "chromeos/network/onc/onc_validator.h"
#include <string>
#include "base/memory/scoped_ptr.h"
#include "base/values.h"
#include "chrome/browser/chromeos/cros/onc_constants.h"
#include "chrome/browser/chromeos/network_settings/onc_signature.h"
#include "chrome/browser/chromeos/network_settings/onc_test_utils.h"
#include "chromeos/network/onc/onc_constants.h"
#include "chromeos/network/onc/onc_signature.h"
#include "chromeos/network/onc/onc_test_utils.h"
#include "testing/gtest/include/gtest/gtest.h"
namespace chromeos {

0
chrome/test/data/chromeos/network_settings/broken-encrypted-iterations.onc → chromeos/test/data/network/broken-encrypted-iterations.onc

0
chrome/test/data/chromeos/network_settings/broken-encrypted-zero-iterations.onc → chromeos/test/data/network/broken-encrypted-zero-iterations.onc

0
chrome/test/data/chromeos/network_settings/certificate-client-update.onc → chromeos/test/data/network/certificate-client-update.onc

0
chrome/test/data/chromeos/network_settings/certificate-client.onc → chromeos/test/data/network/certificate-client.onc

0
chrome/test/data/chromeos/network_settings/certificate-server-update.onc → chromeos/test/data/network/certificate-server-update.onc

0
chrome/test/data/chromeos/network_settings/certificate-server.onc → chromeos/test/data/network/certificate-server.onc

0
chrome/test/data/chromeos/network_settings/certificate-web-authority-update.onc → chromeos/test/data/network/certificate-web-authority-update.onc

0
chrome/test/data/chromeos/network_settings/certificate-web-authority.onc → chromeos/test/data/network/certificate-web-authority.onc

0
chrome/test/data/chromeos/network_settings/decrypted.onc → chromeos/test/data/network/decrypted.onc

0
chrome/test/data/chromeos/network_settings/device_policy.onc → chromeos/test/data/network/device_policy.onc

0
chrome/test/data/chromeos/network_settings/encrypted.onc → chromeos/test/data/network/encrypted.onc

0
chrome/test/data/chromeos/network_settings/invalid_settings_with_repairs.json → chromeos/test/data/network/invalid_settings_with_repairs.json

0
chrome/test/data/chromeos/network_settings/policy.onc → chromeos/test/data/network/policy.onc

0
chrome/test/data/chromeos/network_settings/policy_without_recommended.onc → chromeos/test/data/network/policy_without_recommended.onc

0
chrome/test/data/chromeos/network_settings/settings_with_normalization.json → chromeos/test/data/network/settings_with_normalization.json

0
chrome/test/data/chromeos/network_settings/shill_ethernet.json → chromeos/test/data/network/shill_ethernet.json

0
chrome/test/data/chromeos/network_settings/shill_l2tpipsec.json → chromeos/test/data/network/shill_l2tpipsec.json

0
chrome/test/data/chromeos/network_settings/shill_openvpn.json → chromeos/test/data/network/shill_openvpn.json

0
chrome/test/data/chromeos/network_settings/user.onc → chromeos/test/data/network/user.onc

0
chrome/test/data/chromeos/network_settings/valid.onc → chromeos/test/data/network/valid.onc

0
chrome/test/data/chromeos/network_settings/valid_l2tpipsec.onc → chromeos/test/data/network/valid_l2tpipsec.onc

0
chrome/test/data/chromeos/network_settings/valid_openvpn.onc → chromeos/test/data/network/valid_openvpn.onc