| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/cros/network_library_impl_base.h" | 5 #include "chrome/browser/chromeos/cros/network_library_impl_base.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/json/json_reader.h" | 8 #include "base/json/json_reader.h" |
| 9 #include "base/json/json_writer.h" | 9 #include "base/json/json_writer.h" |
| 10 #include "base/memory/scoped_vector.h" | 10 #include "base/memory/scoped_vector.h" |
| (...skipping 1134 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1145 &certificates); | 1145 &certificates); |
| 1146 | 1146 |
| 1147 const base::ListValue* network_configs; | 1147 const base::ListValue* network_configs; |
| 1148 bool has_network_configurations = root_dict->GetListWithoutPathExpansion( | 1148 bool has_network_configurations = root_dict->GetListWithoutPathExpansion( |
| 1149 onc::toplevel_config::kNetworkConfigurations, | 1149 onc::toplevel_config::kNetworkConfigurations, |
| 1150 &network_configs); | 1150 &network_configs); |
| 1151 | 1151 |
| 1152 if (has_certificates) { | 1152 if (has_certificates) { |
| 1153 VLOG(2) << "ONC file has " << certificates->GetSize() << " certificates"; | 1153 VLOG(2) << "ONC file has " << certificates->GetSize() << " certificates"; |
| 1154 | 1154 |
| 1155 onc::CertificateImporter cert_importer(source, allow_web_trust_from_policy); | 1155 // Web trust is only granted to certificates imported for a managed user |
| 1156 // on a managed device and for user imports. |
| 1157 bool allow_web_trust = |
| 1158 (source == onc::ONC_SOURCE_USER_IMPORT) || |
| 1159 (source == onc::ONC_SOURCE_USER_POLICY && allow_web_trust_from_policy); |
| 1160 onc::CertificateImporter cert_importer(allow_web_trust); |
| 1156 if (cert_importer.ParseAndStoreCertificates(*certificates) != | 1161 if (cert_importer.ParseAndStoreCertificates(*certificates) != |
| 1157 onc::CertificateImporter::IMPORT_OK) { | 1162 onc::CertificateImporter::IMPORT_OK) { |
| 1158 LOG(ERROR) << "Cannot parse some of the certificates in the ONC from " | 1163 LOG(ERROR) << "Cannot parse some of the certificates in the ONC from " |
| 1159 << onc::GetSourceAsString(source); | 1164 << onc::GetSourceAsString(source); |
| 1160 success = false; | 1165 success = false; |
| 1161 } | 1166 } |
| 1162 } | 1167 } |
| 1163 | 1168 |
| 1164 std::set<std::string> removal_ids; | 1169 std::set<std::string> removal_ids; |
| 1165 std::set<std::string>& network_ids(network_source_map_[source]); | 1170 std::set<std::string>& network_ids(network_source_map_[source]); |
| (...skipping 628 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1794 GetTpmInfo(); | 1799 GetTpmInfo(); |
| 1795 return tpm_slot_; | 1800 return tpm_slot_; |
| 1796 } | 1801 } |
| 1797 | 1802 |
| 1798 const std::string& NetworkLibraryImplBase::GetTpmPin() { | 1803 const std::string& NetworkLibraryImplBase::GetTpmPin() { |
| 1799 GetTpmInfo(); | 1804 GetTpmInfo(); |
| 1800 return tpm_pin_; | 1805 return tpm_pin_; |
| 1801 } | 1806 } |
| 1802 | 1807 |
| 1803 } // namespace chromeos | 1808 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 11970012:
Add a check for server and CA certificates in device policies to the ONC validator. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src