chrome/browser/chromeos/network_settings/onc_signature.cc - Issue 10944009: Implementation of ONC signature, validator and normalizer.

Side by Side Diff: chrome/browser/chromeos/network_settings/onc_signature.cc

Issue 10944009: Implementation of ONC signature, validator and normalizer. (Closed) Base URL: http://git.chromium.org/chromium/src.git@gperffix

Patch Set: Addressed remaining nits. Created 8 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "chrome/browser/chromeos/network_settings/onc_signature.h"

	6

	7 #include "chrome/browser/chromeos/cros/onc_constants.h"

	8 #include "third_party/cros_system_api/dbus/service_constants.h"

	9

	10 using base::Value;

	11

	12 namespace chromeos {

	13 namespace onc {

	14 namespace {

	15

	16 const OncValueSignature kBoolSignature = {

	17 Value::TYPE_BOOLEAN, NULL

	18 };

	19 const OncValueSignature kStringSignature = {

	20 Value::TYPE_STRING, NULL

	21 };

	22 const OncValueSignature kIntegerSignature = {

	23 Value::TYPE_INTEGER, NULL

	24 };

	25 const OncValueSignature kStringListSignature = {

	26 Value::TYPE_LIST, NULL, &kStringSignature

	27 };

	28 const OncValueSignature kIPConfigListSignature = {

	29 Value::TYPE_LIST, NULL, &kIPConfigSignature

	30 };

	31 const OncValueSignature kCertificateListSignature = {

	32 Value::TYPE_LIST, NULL, &kCertificateSignature

	33 };

	34 const OncValueSignature kNetworkConfigurationListSignature = {

	35 Value::TYPE_LIST, NULL, &kNetworkConfigurationSignature

	36 };

	37

	38 const OncFieldSignature issuer_subject_pattern_fields[] = {

	39 { certificate::kCommonName, NULL, &kStringSignature },

	40 { certificate::kLocality, NULL, &kStringSignature },

	41 { certificate::kOrganization, NULL, &kStringSignature },

	42 { certificate::kOrganizationalUnit, NULL, &kStringSignature },

	43 { NULL }

	44 };

	45

	46 const OncFieldSignature certificate_pattern_fields[] = {

	47 { kRecommended, NULL, &kRecommendedSignature },

	48 { certificate::kEnrollmentURI, NULL, &kStringListSignature },

	49 { certificate::kIssuer, NULL, &kIssuerSubjectPatternSignature },

	50 { certificate::kIssuerCARef, NULL, &kStringListSignature },

	51 { certificate::kSubject, NULL, &kIssuerSubjectPatternSignature },

	52 { NULL }

	53 };

	54

	55 const OncFieldSignature eap_fields[] = {

	56 { kRecommended, NULL, &kRecommendedSignature },

	57 { eap::kAnonymousIdentity, flimflam::kEapAnonymousIdentityProperty,

	58 &kStringSignature },

	59 { eap::kClientCertPattern, NULL, &kCertificatePatternSignature },

	60 { eap::kClientCertRef, NULL, &kStringSignature },

	61 { eap::kClientCertType, NULL, &kStringSignature },

	62 { eap::kIdentity, flimflam::kEapIdentityProperty, &kStringSignature },

	63 { eap::kInner, flimflam::kEapPhase2AuthProperty, &kStringSignature },

	64 { eap::kOuter, flimflam::kEapMethodProperty, &kStringSignature },

	65 { eap::kPassword, flimflam::kEapPasswordProperty, &kStringSignature },

	66 { eap::kSaveCredentials, flimflam::kSaveCredentialsProperty,

	67 &kBoolSignature },

	68 { eap::kServerCARef, flimflam::kEapCaCertNssProperty, &kStringSignature },

	69 { eap::kUseSystemCAs, flimflam::kEapUseSystemCasProperty, &kBoolSignature },

	70 { NULL }

	71 };

	72

	73 const OncFieldSignature ipsec_fields[] = {

	74 { kRecommended, NULL, &kRecommendedSignature },

	75 // Ignored by Shill, not necessary to synchronize.

	76 // Would be: flimflam::kL2tpIpsecAuthenticationType

	77 { vpn::kAuthenticationType, NULL, &kStringSignature },

	78 { vpn::kClientCertPattern, NULL, &kCertificatePatternSignature },

	79 { vpn::kClientCertRef, NULL, &kStringSignature },

	80 { vpn::kClientCertType, NULL, &kStringSignature },

	81 { vpn::kGroup, flimflam::kL2tpIpsecGroupNameProperty, &kStringSignature },

	82 // Ignored by Shill, not necessary to synchronize.

	83 // Would be: flimflam::kL2tpIpsecIkeVersion

	84 { vpn::kIKEVersion, NULL, &kIntegerSignature },

	85 { vpn::kPSK, flimflam::kL2tpIpsecPskProperty, &kStringSignature },

	86 { vpn::kSaveCredentials, flimflam::kSaveCredentialsProperty,

	87 &kBoolSignature },

	88 { vpn::kServerCARef, flimflam::kL2tpIpsecCaCertNssProperty,

	89 &kStringSignature },

	90 // Not yet supported.

	91 // { vpn::kEAP, NULL, &kEAPSignature },

	92 // { vpn::kXAUTH, NULL, &kXAUTHSignature },

	93 { NULL }

	94 };

	95

	96 const OncFieldSignature l2tp_fields[] = {

	97 { kRecommended, NULL, &kRecommendedSignature },

	98 { vpn::kPassword, flimflam::kL2tpIpsecPasswordProperty, &kStringSignature },

	99 // We don't synchronize l2tp's SaveCredentials field for now, as Shill doesn't

	100 // support separate settings for ipsec and l2tp.

	101 { vpn::kSaveCredentials, NULL, &kBoolSignature },

	102 { vpn::kUsername, flimflam::kL2tpIpsecUserProperty, &kStringSignature },

	103 { NULL }

	104 };

	105

	106 const OncFieldSignature openvpn_fields[] = {

	107 { kRecommended, NULL, &kRecommendedSignature },

	108 { vpn::kAuth, flimflam::kOpenVPNAuthProperty, &kStringSignature },

	109 { vpn::kAuthNoCache, flimflam::kOpenVPNAuthNoCacheProperty, &kBoolSignature },

	110 { vpn::kAuthRetry, flimflam::kOpenVPNAuthRetryProperty, &kStringSignature },

	111 { vpn::kCipher, flimflam::kOpenVPNCipherProperty, &kStringSignature },

	112 { vpn::kClientCertPattern, NULL, &kCertificatePatternSignature },

	113 { vpn::kClientCertRef, NULL, &kStringSignature },

	114 { vpn::kClientCertType, NULL, &kStringSignature },

	115 { vpn::kCompLZO, flimflam::kOpenVPNCompLZOProperty, &kStringSignature },

	116 { vpn::kCompNoAdapt, flimflam::kOpenVPNCompNoAdaptProperty, &kBoolSignature },

	117 { vpn::kKeyDirection, flimflam::kOpenVPNKeyDirectionProperty,

	118 &kStringSignature },

	119 { vpn::kNsCertType, flimflam::kOpenVPNNsCertTypeProperty, &kStringSignature },

	120 { vpn::kPassword, flimflam::kOpenVPNPasswordProperty, &kStringSignature },

	121 { vpn::kPort, flimflam::kOpenVPNPortProperty, &kIntegerSignature },

	122 { vpn::kProto, flimflam::kOpenVPNProtoProperty, &kStringSignature },

	123 { vpn::kPushPeerInfo, flimflam::kOpenVPNPushPeerInfoProperty,

	124 &kBoolSignature },

	125 { vpn::kRemoteCertEKU, flimflam::kOpenVPNRemoteCertEKUProperty,

	126 &kStringSignature },

	127 { vpn::kRemoteCertKU, flimflam::kOpenVPNRemoteCertKUProperty,

	128 &kStringListSignature },

	129 { vpn::kRemoteCertTLS, flimflam::kOpenVPNRemoteCertTLSProperty,

	130 &kStringSignature },

	131 { vpn::kRenegSec, flimflam::kOpenVPNRenegSecProperty, &kIntegerSignature },

	132 { vpn::kSaveCredentials, flimflam::kSaveCredentialsProperty,

	133 &kBoolSignature },

	134 { vpn::kServerCARef, flimflam::kOpenVPNCaCertNSSProperty, &kStringSignature },

	135 { vpn::kServerCertRef, NULL, &kStringSignature },

	136 { vpn::kServerPollTimeout, flimflam::kOpenVPNServerPollTimeoutProperty,

	137 &kIntegerSignature },

	138 { vpn::kShaper, flimflam::kOpenVPNShaperProperty, &kIntegerSignature },

	139 { vpn::kStaticChallenge, flimflam::kOpenVPNStaticChallengeProperty,

	140 &kStringSignature },

	141 { vpn::kTLSAuthContents, flimflam::kOpenVPNTLSAuthContentsProperty,

	142 &kStringSignature },

	143 { vpn::kTLSRemote, flimflam::kOpenVPNTLSRemoteProperty, &kStringSignature },

	144 { vpn::kUsername, flimflam::kOpenVPNUserProperty, &kStringSignature },

	145 { vpn::kVerb, NULL, &kStringSignature },

	146 { NULL }

	147 };

	148

	149 const OncFieldSignature vpn_fields[] = {

	150 { kRecommended, NULL, &kRecommendedSignature },

	151 { vpn::kHost, flimflam::kProviderHostProperty, &kStringSignature },

	152 { vpn::kIPsec, NULL, &kIPsecSignature },

	153 { vpn::kL2TP, NULL, &kL2TPSignature },

	154 { vpn::kOpenVPN, NULL, &kOpenVPNSignature },

	155 { kType, flimflam::kProviderTypeProperty, &kStringSignature },

	156 { NULL }

	157 };

	158

	159 const OncFieldSignature ethernet_fields[] = {

	160 { kRecommended, NULL, &kRecommendedSignature },

	161 { ethernet::kAuthentication, NULL, &kStringSignature },

	162 { ethernet::kEAP, NULL, &kEAPSignature },

	163 { NULL }

	164 };

	165

	166 const OncFieldSignature ipconfig_fields[] = {

	167 { ipconfig::kGateway, NULL, &kStringSignature },

	168 { ipconfig::kIPAddress, NULL, &kStringSignature },

	169 { kNameServers, NULL, &kStringSignature },

	170 { ipconfig::kRoutingPrefix, NULL, &kIntegerSignature },

	171 { kSearchDomains, NULL, &kStringListSignature },

	172 { kType, NULL, &kStringSignature },

	173 { NULL }

	174 };

	175

	176 const OncFieldSignature proxy_location_fields[] = {

	177 { proxy::kHost, NULL, &kStringSignature },

	178 { proxy::kPort, NULL, &kIntegerSignature },

	179 { NULL }

	180 };

	181

	182 const OncFieldSignature proxy_manual_fields[] = {

	183 { proxy::kFtp, NULL, &kProxyLocationSignature },

	184 { proxy::kHttp, NULL, &kProxyLocationSignature },

	185 { proxy::kHttps, NULL, &kProxyLocationSignature },

	186 { proxy::kSocks, NULL, &kProxyLocationSignature },

	187 { NULL }

	188 };

	189

	190 const OncFieldSignature proxy_settings_fields[] = {

	191 { kRecommended, NULL, &kRecommendedSignature },

	192 { proxy::kExcludeDomains, NULL, &kStringListSignature },

	193 { proxy::kManual, NULL, &kProxyManualSignature },

	194 { proxy::kPAC, NULL, &kStringSignature },

	195 { kType, NULL, &kStringSignature },

	196 { NULL }

	197 };

	198

	199 const OncFieldSignature wifi_fields[] = {

	200 { kRecommended, NULL, &kRecommendedSignature },

	201 { wifi::kAutoConnect, flimflam::kAutoConnectProperty, &kBoolSignature },

	202 { wifi::kEAP, NULL, &kEAPSignature },

	203 { wifi::kHiddenSSID, flimflam::kWifiHiddenSsid, &kBoolSignature },

	204 { wifi::kPassphrase, flimflam::kPassphraseProperty, &kStringSignature },

	205 { wifi::kSSID, flimflam::kSSIDProperty, &kStringSignature },

	206 { wifi::kSecurity, flimflam::kSecurityProperty, &kStringSignature },

	207 { NULL }

	208 };

	209

	210 const OncFieldSignature network_configuration_fields[] = {

	211 { kRecommended, NULL, &kRecommendedSignature },

	212 { kEthernet, NULL, &kEthernetSignature },

	213 { kGUID, flimflam::kGuidProperty, &kStringSignature },

	214 { kIPConfigs, NULL, &kIPConfigListSignature },

	215 { kName, flimflam::kNameProperty, &kStringSignature },

	216 { kNameServers, NULL, &kStringListSignature },

	217 { kProxySettings, NULL, &kProxySettingsSignature },

	218 { kRemove, NULL, &kBoolSignature },

	219 { kSearchDomains, NULL, &kStringListSignature },

	220 { kType, flimflam::kTypeProperty, &kStringSignature },

	221 { kVPN, NULL, &kVPNSignature },

	222 { kWiFi, NULL, &kWiFiSignature },

	223 { NULL }

	224 };

	225

	226 const OncFieldSignature certificate_fields[] = {

	227 { kGUID, flimflam::kGuidProperty, &kStringSignature },

	228 { certificate::kPKCS12, NULL, &kStringSignature },

	229 { kRemove, NULL, &kBoolSignature },

	230 { certificate::kTrust, NULL, &kStringListSignature },

	231 { kType, NULL, &kStringSignature },

	232 { certificate::kX509, NULL, &kStringSignature },

	233 { NULL }

	234 };

	235

	236 const OncFieldSignature unencrypted_configuration_fields[] = {

	237 { kCertificates, NULL, &kCertificateListSignature },

	238 { kNetworkConfigurations, NULL, &kNetworkConfigurationListSignature },

	239 { kType, NULL, &kStringSignature },

	240 { NULL }

	241 };

	242

	243 } // namespace

	244

	245 const OncValueSignature kRecommendedSignature = {

	246 Value::TYPE_LIST, NULL, &kStringSignature

	247 };

	248 const OncValueSignature kEAPSignature = {

	249 Value::TYPE_DICTIONARY, eap_fields, NULL

	250 };

	251 const OncValueSignature kIssuerSubjectPatternSignature = {

	252 Value::TYPE_DICTIONARY, issuer_subject_pattern_fields, NULL

	253 };

	254 const OncValueSignature kCertificatePatternSignature = {

	255 Value::TYPE_DICTIONARY, certificate_pattern_fields, NULL

	256 };

	257 const OncValueSignature kIPsecSignature = {

	258 Value::TYPE_DICTIONARY, ipsec_fields, NULL

	259 };

	260 const OncValueSignature kL2TPSignature = {

	261 Value::TYPE_DICTIONARY, l2tp_fields, NULL

	262 };

	263 const OncValueSignature kOpenVPNSignature = {

	264 Value::TYPE_DICTIONARY, openvpn_fields, NULL

	265 };

	266 const OncValueSignature kVPNSignature = {

	267 Value::TYPE_DICTIONARY, vpn_fields, NULL

	268 };

	269 const OncValueSignature kEthernetSignature = {

	270 Value::TYPE_DICTIONARY, ethernet_fields, NULL

	271 };

	272 const OncValueSignature kIPConfigSignature = {

	273 Value::TYPE_DICTIONARY, ipconfig_fields, NULL

	274 };

	275 const OncValueSignature kProxyLocationSignature = {

	276 Value::TYPE_DICTIONARY, proxy_location_fields, NULL

	277 };

	278 const OncValueSignature kProxyManualSignature = {

	279 Value::TYPE_DICTIONARY, proxy_manual_fields, NULL

	280 };

	281 const OncValueSignature kProxySettingsSignature = {

	282 Value::TYPE_DICTIONARY, proxy_settings_fields, NULL

	283 };

	284 const OncValueSignature kWiFiSignature = {

	285 Value::TYPE_DICTIONARY, wifi_fields, NULL

	286 };

	287 const OncValueSignature kCertificateSignature = {

	288 Value::TYPE_DICTIONARY, certificate_fields, NULL

	289 };

	290 const OncValueSignature kNetworkConfigurationSignature = {

	291 Value::TYPE_DICTIONARY, network_configuration_fields, NULL

	292 };

	293 const OncValueSignature kUnencryptedConfigurationSignature = {

	294 Value::TYPE_DICTIONARY, unencrypted_configuration_fields, NULL

	295 };

	296

	297 const OncFieldSignature* GetFieldSignature(const OncValueSignature& signature,

	298 const std::string& onc_field_name) {

	299 if (!signature.fields)

	300 return NULL;

	301 for (const OncFieldSignature* field_signature = signature.fields;

	302 field_signature->onc_field_name != NULL; ++field_signature) {

	303 if (onc_field_name == field_signature->onc_field_name)

	304 return field_signature;

	305 }

	306 return NULL;

	307 }

	308

	309 } // namespace onc

	310 } // namespace chromeos

OLD	NEW