chromeos/network/onc/onc_validator.cc - Issue 12390017: Separating ONC<->Shill translation from the ONC signature.

Side by Side Diff: chromeos/network/onc/onc_validator.cc

Issue 12390017: Separating ONC<->Shill translation from the ONC signature. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Fixed browser tests. Created 7 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chromeos/network/onc/onc_validator.h"	5 #include "chromeos/network/onc/onc_validator.h"

6	6

7 #include <algorithm>	7 #include <algorithm>

8 #include <string>	8 #include <string>

9	9

10 #include "base/json/json_writer.h"	10 #include "base/json/json_writer.h"

(...skipping 95 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
106 CHECK_EQ(repaired->GetType(), signature.onc_type);	106 CHECK_EQ(repaired->GetType(), signature.onc_type);

107 return repaired.Pass();	107 return repaired.Pass();

108 }	108 }

109	109

110 scoped_ptr<base::DictionaryValue> Validator::MapObject(	110 scoped_ptr<base::DictionaryValue> Validator::MapObject(

111 const OncValueSignature& signature,	111 const OncValueSignature& signature,

112 const base::DictionaryValue& onc_object,	112 const base::DictionaryValue& onc_object,

113 bool* error) {	113 bool* error) {

114 scoped_ptr<base::DictionaryValue> repaired(new base::DictionaryValue);	114 scoped_ptr<base::DictionaryValue> repaired(new base::DictionaryValue);

115	115

116 bool valid;	116 bool valid = ValidateObjectDefault(signature, onc_object, repaired.get());

117 if (&signature == &kToplevelConfigurationSignature)	117 if (valid) {

118 valid = ValidateToplevelConfiguration(onc_object, repaired.get());	118 if (&signature == &kToplevelConfigurationSignature)

119 else if (&signature == &kNetworkConfigurationSignature)	119 valid = ValidateToplevelConfiguration(onc_object, repaired.get());

120 valid = ValidateNetworkConfiguration(onc_object, repaired.get());	120 else if (&signature == &kNetworkConfigurationSignature)

121 else if (&signature == &kEthernetSignature)	121 valid = ValidateNetworkConfiguration(onc_object, repaired.get());

122 valid = ValidateEthernet(onc_object, repaired.get());	122 else if (&signature == &kEthernetSignature)

123 else if (&signature == &kIPConfigSignature)	123 valid = ValidateEthernet(onc_object, repaired.get());

124 valid = ValidateIPConfig(onc_object, repaired.get());	124 else if (&signature == &kIPConfigSignature)

125 else if (&signature == &kWiFiSignature)	125 valid = ValidateIPConfig(onc_object, repaired.get());

126 valid = ValidateWiFi(onc_object, repaired.get());	126 else if (&signature == &kWiFiSignature)

127 else if (&signature == &kVPNSignature)	127 valid = ValidateWiFi(onc_object, repaired.get());

128 valid = ValidateVPN(onc_object, repaired.get());	128 else if (&signature == &kVPNSignature)

129 else if (&signature == &kIPsecSignature)	129 valid = ValidateVPN(onc_object, repaired.get());

130 valid = ValidateIPsec(onc_object, repaired.get());	130 else if (&signature == &kIPsecSignature)

131 else if (&signature == &kOpenVPNSignature)	131 valid = ValidateIPsec(onc_object, repaired.get());

132 valid = ValidateOpenVPN(onc_object, repaired.get());	132 else if (&signature == &kOpenVPNSignature)

133 else if (&signature == &kCertificatePatternSignature)	133 valid = ValidateOpenVPN(onc_object, repaired.get());

134 valid = ValidateCertificatePattern(onc_object, repaired.get());	134 else if (&signature == &kCertificatePatternSignature)

135 else if (&signature == &kProxySettingsSignature)	135 valid = ValidateCertificatePattern(onc_object, repaired.get());

136 valid = ValidateProxySettings(onc_object, repaired.get());	136 else if (&signature == &kProxySettingsSignature)

137 else if (&signature == &kProxyLocationSignature)	137 valid = ValidateProxySettings(onc_object, repaired.get());

138 valid = ValidateProxyLocation(onc_object, repaired.get());	138 else if (&signature == &kProxyLocationSignature)

139 else if (&signature == &kEAPSignature)	139 valid = ValidateProxyLocation(onc_object, repaired.get());

140 valid = ValidateEAP(onc_object, repaired.get());	140 else if (&signature == &kEAPSignature)

141 else if (&signature == &kCertificateSignature)	141 valid = ValidateEAP(onc_object, repaired.get());

142 valid = ValidateCertificate(onc_object, repaired.get());	142 else if (&signature == &kCertificateSignature)

143 else	143 valid = ValidateCertificate(onc_object, repaired.get());

144 valid = ValidateObjectDefault(signature, onc_object, repaired.get());	144 }

145	145

146 if (valid) {	146 if (valid) {

147 return repaired.Pass();	147 return repaired.Pass();

148 } else {	148 } else {

149 DCHECK(error_or_warning_found_);	149 DCHECK(error_or_warning_found_);

150 error_or_warning_found_ = *error = true;	150 error_or_warning_found_ = *error = true;

151 return scoped_ptr<base::DictionaryValue>();	151 return scoped_ptr<base::DictionaryValue>();

152 }	152 }

153 }	153 }

154	154

(...skipping 236 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
391 return true;	391 return true;

392 }	392 }

393 return false;	393 return false;

394 }	394 }

395	395

396 bool Validator::ValidateToplevelConfiguration(	396 bool Validator::ValidateToplevelConfiguration(

397 const base::DictionaryValue& onc_object,	397 const base::DictionaryValue& onc_object,

398 base::DictionaryValue* result) {	398 base::DictionaryValue* result) {

399 using namespace onc::toplevel_config;	399 using namespace onc::toplevel_config;

400	400

401 if (!ValidateObjectDefault(kToplevelConfigurationSignature,

402 onc_object, result)) {

403 return false;

404 }

405

406 static const char* kValidTypes[] = { kUnencryptedConfiguration,	401 static const char* kValidTypes[] = { kUnencryptedConfiguration,

407 kEncryptedConfiguration,	402 kEncryptedConfiguration,

408 NULL };	403 NULL };

409 if (FieldExistsAndHasNoValidValue(*result, kType, kValidTypes))	404 if (FieldExistsAndHasNoValidValue(*result, kType, kValidTypes))

410 return false;	405 return false;

411	406

412 bool allRequiredExist = true;	407 bool allRequiredExist = true;

413	408

414 // Not part of the ONC spec yet:	409 // Not part of the ONC spec yet:

415 // We don't require the type field and default to UnencryptedConfiguration.	410 // We don't require the type field and default to UnencryptedConfiguration.

(...skipping 14 matching lines...) Expand all Loading...
430 }	425 }

431	426

432 return !error_on_missing_field_ \|\| allRequiredExist;	427 return !error_on_missing_field_ \|\| allRequiredExist;

433 }	428 }

434	429

435 bool Validator::ValidateNetworkConfiguration(	430 bool Validator::ValidateNetworkConfiguration(

436 const base::DictionaryValue& onc_object,	431 const base::DictionaryValue& onc_object,

437 base::DictionaryValue* result) {	432 base::DictionaryValue* result) {

438 using namespace onc::network_config;	433 using namespace onc::network_config;

439	434

440 if (!ValidateObjectDefault(kNetworkConfigurationSignature,

441 onc_object, result)) {

442 return false;

443 }

444

445 static const char* kValidTypes[] = { network_type::kEthernet,	435 static const char* kValidTypes[] = { network_type::kEthernet,

446 network_type::kVPN,	436 network_type::kVPN,

447 network_type::kWiFi,	437 network_type::kWiFi,

448 network_type::kCellular,	438 network_type::kCellular,

449 NULL };	439 NULL };

450 if (FieldExistsAndHasNoValidValue(*result, kType, kValidTypes) \|\|	440 if (FieldExistsAndHasNoValidValue(*result, kType, kValidTypes) \|\|

451 FieldExistsAndIsEmpty(*result, kGUID)) {	441 FieldExistsAndIsEmpty(*result, kGUID)) {

452 return false;	442 return false;

453 }	443 }

454	444

(...skipping 31 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
486 NOTREACHED();	476 NOTREACHED();

487 }	477 }

488	478

489 return !error_on_missing_field_ \|\| allRequiredExist;	479 return !error_on_missing_field_ \|\| allRequiredExist;

490 }	480 }

491	481

492 bool Validator::ValidateEthernet(	482 bool Validator::ValidateEthernet(

493 const base::DictionaryValue& onc_object,	483 const base::DictionaryValue& onc_object,

494 base::DictionaryValue* result) {	484 base::DictionaryValue* result) {

495 using namespace onc::ethernet;	485 using namespace onc::ethernet;

496 if (!ValidateObjectDefault(kEthernetSignature, onc_object, result))

497 return false;

498	486

499 static const char* kValidAuthentications[] = { kNone, k8021X, NULL };	487 static const char* kValidAuthentications[] = { kNone, k8021X, NULL };

500 if (FieldExistsAndHasNoValidValue(*result, kAuthentication,	488 if (FieldExistsAndHasNoValidValue(*result, kAuthentication,

501 kValidAuthentications)) {	489 kValidAuthentications)) {

502 return false;	490 return false;

503 }	491 }

504	492

505 bool allRequiredExist = true;	493 bool allRequiredExist = true;

506 std::string auth;	494 std::string auth;

507 result->GetStringWithoutPathExpansion(kAuthentication, &auth);	495 result->GetStringWithoutPathExpansion(kAuthentication, &auth);

508 if (auth == k8021X)	496 if (auth == k8021X)

509 allRequiredExist &= RequireField(*result, kEAP);	497 allRequiredExist &= RequireField(*result, kEAP);

510	498

511 return !error_on_missing_field_ \|\| allRequiredExist;	499 return !error_on_missing_field_ \|\| allRequiredExist;

512 }	500 }

513	501

514 bool Validator::ValidateIPConfig(	502 bool Validator::ValidateIPConfig(

515 const base::DictionaryValue& onc_object,	503 const base::DictionaryValue& onc_object,

516 base::DictionaryValue* result) {	504 base::DictionaryValue* result) {

517 using namespace onc::ipconfig;	505 using namespace onc::ipconfig;

518 if (!ValidateObjectDefault(kIPConfigSignature, onc_object, result))

519 return false;

520	506

521 static const char* kValidTypes[] = { kIPv4, kIPv6, NULL };	507 static const char* kValidTypes[] = { kIPv4, kIPv6, NULL };

522 if (FieldExistsAndHasNoValidValue(*result, ipconfig::kType, kValidTypes))	508 if (FieldExistsAndHasNoValidValue(*result, ipconfig::kType, kValidTypes))

523 return false;	509 return false;

524	510

525 std::string type;	511 std::string type;

526 result->GetStringWithoutPathExpansion(ipconfig::kType, &type);	512 result->GetStringWithoutPathExpansion(ipconfig::kType, &type);

527 int lower_bound = 1;	513 int lower_bound = 1;

528 // In case of missing type, choose higher upper_bound.	514 // In case of missing type, choose higher upper_bound.

529 int upper_bound = (type == kIPv4) ? 32 : 128;	515 int upper_bound = (type == kIPv4) ? 32 : 128;

530 if (FieldExistsAndIsNotInRange(*result, kRoutingPrefix,	516 if (FieldExistsAndIsNotInRange(*result, kRoutingPrefix,

531 lower_bound, upper_bound)) {	517 lower_bound, upper_bound)) {

532 return false;	518 return false;

533 }	519 }

534	520

535 bool allRequiredExist = RequireField(*result, kIPAddress) &	521 bool allRequiredExist = RequireField(*result, kIPAddress) &

536 RequireField(*result, kRoutingPrefix) &	522 RequireField(*result, kRoutingPrefix) &

537 RequireField(*result, ipconfig::kType);	523 RequireField(*result, ipconfig::kType);

538	524

539 return !error_on_missing_field_ \|\| allRequiredExist;	525 return !error_on_missing_field_ \|\| allRequiredExist;

540 }	526 }

541	527

542 bool Validator::ValidateWiFi(	528 bool Validator::ValidateWiFi(

543 const base::DictionaryValue& onc_object,	529 const base::DictionaryValue& onc_object,

544 base::DictionaryValue* result) {	530 base::DictionaryValue* result) {

545 using namespace onc::wifi;	531 using namespace onc::wifi;

546 if (!ValidateObjectDefault(kWiFiSignature, onc_object, result))

547 return false;

548	532

549 static const char* kValidSecurities[] =	533 static const char* kValidSecurities[] =

550 { kNone, kWEP_PSK, kWEP_8021X, kWPA_PSK, kWPA_EAP, NULL };	534 { kNone, kWEP_PSK, kWEP_8021X, kWPA_PSK, kWPA_EAP, NULL };

551 if (FieldExistsAndHasNoValidValue(*result, kSecurity, kValidSecurities))	535 if (FieldExistsAndHasNoValidValue(*result, kSecurity, kValidSecurities))

552 return false;	536 return false;

553	537

554 bool allRequiredExist = RequireField(*result, kSecurity) &	538 bool allRequiredExist = RequireField(*result, kSecurity) &

555 RequireField(*result, kSSID);	539 RequireField(*result, kSSID);

556	540

557 std::string security;	541 std::string security;

558 result->GetStringWithoutPathExpansion(kSecurity, &security);	542 result->GetStringWithoutPathExpansion(kSecurity, &security);

559 if (security == kWEP_8021X \|\| security == kWPA_EAP)	543 if (security == kWEP_8021X \|\| security == kWPA_EAP)

560 allRequiredExist &= RequireField(*result, kEAP);	544 allRequiredExist &= RequireField(*result, kEAP);

561 else if (security == kWEP_PSK \|\| security == kWPA_PSK)	545 else if (security == kWEP_PSK \|\| security == kWPA_PSK)

562 allRequiredExist &= RequireField(*result, kPassphrase);	546 allRequiredExist &= RequireField(*result, kPassphrase);

563	547

564 return !error_on_missing_field_ \|\| allRequiredExist;	548 return !error_on_missing_field_ \|\| allRequiredExist;

565 }	549 }

566	550

567 bool Validator::ValidateVPN(	551 bool Validator::ValidateVPN(

568 const base::DictionaryValue& onc_object,	552 const base::DictionaryValue& onc_object,

569 base::DictionaryValue* result) {	553 base::DictionaryValue* result) {

570 using namespace vpn;	554 using namespace vpn;

571 if (!ValidateObjectDefault(kVPNSignature, onc_object, result))

572 return false;

573	555

574 static const char* kValidTypes[] =	556 static const char* kValidTypes[] =

575 { kIPsec, kTypeL2TP_IPsec, kOpenVPN, NULL };	557 { kIPsec, kTypeL2TP_IPsec, kOpenVPN, NULL };

576 if (FieldExistsAndHasNoValidValue(*result, vpn::kType, kValidTypes))	558 if (FieldExistsAndHasNoValidValue(*result, vpn::kType, kValidTypes))

577 return false;	559 return false;

578	560

579 bool allRequiredExist = RequireField(*result, vpn::kType);	561 bool allRequiredExist = RequireField(*result, vpn::kType);

580 std::string type;	562 std::string type;

581 result->GetStringWithoutPathExpansion(vpn::kType, &type);	563 result->GetStringWithoutPathExpansion(vpn::kType, &type);

582 if (type == kOpenVPN) {	564 if (type == kOpenVPN) {

583 allRequiredExist &= RequireField(*result, kOpenVPN);	565 allRequiredExist &= RequireField(*result, kOpenVPN);

584 } else if (type == kIPsec) {	566 } else if (type == kIPsec) {

585 allRequiredExist &= RequireField(*result, kIPsec);	567 allRequiredExist &= RequireField(*result, kIPsec);

586 } else if (type == kTypeL2TP_IPsec) {	568 } else if (type == kTypeL2TP_IPsec) {

587 allRequiredExist &= RequireField(*result, kIPsec) &	569 allRequiredExist &= RequireField(*result, kIPsec) &

588 RequireField(*result, kL2TP);	570 RequireField(*result, kL2TP);

589 }	571 }

590	572

591 return !error_on_missing_field_ \|\| allRequiredExist;	573 return !error_on_missing_field_ \|\| allRequiredExist;

592 }	574 }

593	575

594 bool Validator::ValidateIPsec(	576 bool Validator::ValidateIPsec(

595 const base::DictionaryValue& onc_object,	577 const base::DictionaryValue& onc_object,

596 base::DictionaryValue* result) {	578 base::DictionaryValue* result) {

597 using namespace onc::vpn;	579 using namespace onc::vpn;

598 using namespace onc::certificate;	580 using namespace onc::certificate;

599 if (!ValidateObjectDefault(kIPsecSignature, onc_object, result))

600 return false;

601	581

602 static const char* kValidAuthentications[] = { kPSK, kCert, NULL };	582 static const char* kValidAuthentications[] = { kPSK, kCert, NULL };

603 static const char* kValidCertTypes[] = { kRef, kPattern, NULL };	583 static const char* kValidCertTypes[] = { kRef, kPattern, NULL };

604 // Using strict bit-wise OR to check all conditions.	584 // Using strict bit-wise OR to check all conditions.

605 if (FieldExistsAndHasNoValidValue(*result, kAuthenticationType,	585 if (FieldExistsAndHasNoValidValue(*result, kAuthenticationType,

606 kValidAuthentications) \|	586 kValidAuthentications) \|

607 FieldExistsAndHasNoValidValue(*result, kClientCertType,	587 FieldExistsAndHasNoValidValue(*result, kClientCertType,

608 kValidCertTypes)) {	588 kValidCertTypes)) {

609 return false;	589 return false;

610 }	590 }

(...skipping 19 matching lines...) Expand all Loading...
630	610

631 return !error_on_missing_field_ \|\| allRequiredExist;	611 return !error_on_missing_field_ \|\| allRequiredExist;

632 }	612 }

633	613

634 bool Validator::ValidateOpenVPN(	614 bool Validator::ValidateOpenVPN(

635 const base::DictionaryValue& onc_object,	615 const base::DictionaryValue& onc_object,

636 base::DictionaryValue* result) {	616 base::DictionaryValue* result) {

637 using namespace onc::vpn;	617 using namespace onc::vpn;

638 using namespace onc::openvpn;	618 using namespace onc::openvpn;

639 using namespace onc::certificate;	619 using namespace onc::certificate;

640 if (!ValidateObjectDefault(kOpenVPNSignature, onc_object, result))

641 return false;

642	620

643 static const char* kValidAuthRetryValues[] =	621 static const char* kValidAuthRetryValues[] =

644 { openvpn::kNone, kInteract, kNoInteract, NULL };	622 { openvpn::kNone, kInteract, kNoInteract, NULL };

645 static const char* kValidCertTypes[] =	623 static const char* kValidCertTypes[] =

646 { certificate::kNone, kRef, kPattern, NULL };	624 { certificate::kNone, kRef, kPattern, NULL };

647 static const char* kValidCertTlsValues[] =	625 static const char* kValidCertTlsValues[] =

648 { openvpn::kNone, openvpn::kServer, NULL };	626 { openvpn::kNone, openvpn::kServer, NULL };

649	627

650 // Using strict bit-wise OR to check all conditions.	628 // Using strict bit-wise OR to check all conditions.

651 if (FieldExistsAndHasNoValidValue(*result, kAuthRetry,	629 if (FieldExistsAndHasNoValidValue(*result, kAuthRetry,

(...skipping 16 matching lines...) Expand all Loading...
668 else if (cert_type == kRef)	646 else if (cert_type == kRef)

669 allRequiredExist &= RequireField(*result, kClientCertRef);	647 allRequiredExist &= RequireField(*result, kClientCertRef);

670	648

671 return !error_on_missing_field_ \|\| allRequiredExist;	649 return !error_on_missing_field_ \|\| allRequiredExist;

672 }	650 }

673	651

674 bool Validator::ValidateCertificatePattern(	652 bool Validator::ValidateCertificatePattern(

675 const base::DictionaryValue& onc_object,	653 const base::DictionaryValue& onc_object,

676 base::DictionaryValue* result) {	654 base::DictionaryValue* result) {

677 using namespace onc::certificate;	655 using namespace onc::certificate;

678 if (!ValidateObjectDefault(kCertificatePatternSignature, onc_object, result))

679 return false;

680	656

681 bool allRequiredExist = true;	657 bool allRequiredExist = true;

682 if (!result->HasKey(kSubject) && !result->HasKey(kIssuer) &&	658 if (!result->HasKey(kSubject) && !result->HasKey(kIssuer) &&

683 !result->HasKey(kIssuerCARef)) {	659 !result->HasKey(kIssuerCARef)) {

684 error_or_warning_found_ = true;	660 error_or_warning_found_ = true;

685 allRequiredExist = false;	661 allRequiredExist = false;

686 std::string message = MessageHeader(error_on_missing_field_) +	662 std::string message = MessageHeader(error_on_missing_field_) +

687 "None of the fields '" + kSubject + "', '" + kIssuer + "', and '" +	663 "None of the fields '" + kSubject + "', '" + kIssuer + "', and '" +

688 kIssuerCARef + "' is present, but at least one is required.";	664 kIssuerCARef + "' is present, but at least one is required.";

689 if (error_on_missing_field_)	665 if (error_on_missing_field_)

690 LOG(ERROR) << message;	666 LOG(ERROR) << message;

691 else	667 else

692 LOG(WARNING) << message;	668 LOG(WARNING) << message;

693 }	669 }

694	670

695 return !error_on_missing_field_ \|\| allRequiredExist;	671 return !error_on_missing_field_ \|\| allRequiredExist;

696 }	672 }

697	673

698 bool Validator::ValidateProxySettings(const base::DictionaryValue& onc_object,	674 bool Validator::ValidateProxySettings(const base::DictionaryValue& onc_object,

699 base::DictionaryValue* result) {	675 base::DictionaryValue* result) {

700 using namespace onc::proxy;	676 using namespace onc::proxy;

701 if (!ValidateObjectDefault(kProxySettingsSignature, onc_object, result))

702 return false;

703	677

704 static const char* kValidTypes[] = { kDirect, kManual, kPAC, kWPAD, NULL };	678 static const char* kValidTypes[] = { kDirect, kManual, kPAC, kWPAD, NULL };

705 if (FieldExistsAndHasNoValidValue(*result, proxy::kType, kValidTypes))	679 if (FieldExistsAndHasNoValidValue(*result, proxy::kType, kValidTypes))

706 return false;	680 return false;

707	681

708 bool allRequiredExist = RequireField(*result, proxy::kType);	682 bool allRequiredExist = RequireField(*result, proxy::kType);

709 std::string type;	683 std::string type;

710 result->GetStringWithoutPathExpansion(proxy::kType, &type);	684 result->GetStringWithoutPathExpansion(proxy::kType, &type);

711 if (type == kManual)	685 if (type == kManual)

712 allRequiredExist &= RequireField(*result, kManual);	686 allRequiredExist &= RequireField(*result, kManual);

713 else if (type == kPAC)	687 else if (type == kPAC)

714 allRequiredExist &= RequireField(*result, kPAC);	688 allRequiredExist &= RequireField(*result, kPAC);

715	689

716 return !error_on_missing_field_ \|\| allRequiredExist;	690 return !error_on_missing_field_ \|\| allRequiredExist;

717 }	691 }

718	692

719 bool Validator::ValidateProxyLocation(const base::DictionaryValue& onc_object,	693 bool Validator::ValidateProxyLocation(const base::DictionaryValue& onc_object,

720 base::DictionaryValue* result) {	694 base::DictionaryValue* result) {

721 using namespace onc::proxy;	695 using namespace onc::proxy;

722 if (!ValidateObjectDefault(kProxyLocationSignature, onc_object, result))

723 return false;

724	696

725 bool allRequiredExist = RequireField(*result, kHost) &	697 bool allRequiredExist = RequireField(*result, kHost) &

726 RequireField(*result, kPort);	698 RequireField(*result, kPort);

727	699

728 return !error_on_missing_field_ \|\| allRequiredExist;	700 return !error_on_missing_field_ \|\| allRequiredExist;

729 }	701 }

730	702

731 bool Validator::ValidateEAP(const base::DictionaryValue& onc_object,	703 bool Validator::ValidateEAP(const base::DictionaryValue& onc_object,

732 base::DictionaryValue* result) {	704 base::DictionaryValue* result) {

733 using namespace onc::eap;	705 using namespace onc::eap;

734 using namespace onc::certificate;	706 using namespace onc::certificate;

735 if (!ValidateObjectDefault(kEAPSignature, onc_object, result))

736 return false;

737	707

738 static const char* kValidInnerValues[] =	708 static const char* kValidInnerValues[] =

739 { kAutomatic, kMD5, kMSCHAPv2, kPAP, NULL };	709 { kAutomatic, kMD5, kMSCHAPv2, kPAP, NULL };

740 static const char* kValidOuterValues[] =	710 static const char* kValidOuterValues[] =

741 { kPEAP, kEAP_TLS, kEAP_TTLS, kLEAP, kEAP_SIM, kEAP_FAST, kEAP_AKA,	711 { kPEAP, kEAP_TLS, kEAP_TTLS, kLEAP, kEAP_SIM, kEAP_FAST, kEAP_AKA,

742 NULL };	712 NULL };

743 static const char* kValidCertTypes[] = { kRef, kPattern, NULL };	713 static const char* kValidCertTypes[] = { kRef, kPattern, NULL };

744	714

745 // Using strict bit-wise OR to check all conditions.	715 // Using strict bit-wise OR to check all conditions.

746 if (FieldExistsAndHasNoValidValue(*result, kInner, kValidInnerValues) \|	716 if (FieldExistsAndHasNoValidValue(*result, kInner, kValidInnerValues) \|

(...skipping 15 matching lines...) Expand all Loading...
762 else if (cert_type == kRef)	732 else if (cert_type == kRef)

763 allRequiredExist &= RequireField(*result, kClientCertRef);	733 allRequiredExist &= RequireField(*result, kClientCertRef);

764	734

765 return !error_on_missing_field_ \|\| allRequiredExist;	735 return !error_on_missing_field_ \|\| allRequiredExist;

766 }	736 }

767	737

768 bool Validator::ValidateCertificate(	738 bool Validator::ValidateCertificate(

769 const base::DictionaryValue& onc_object,	739 const base::DictionaryValue& onc_object,

770 base::DictionaryValue* result) {	740 base::DictionaryValue* result) {

771 using namespace onc::certificate;	741 using namespace onc::certificate;

772 if (!ValidateObjectDefault(kCertificateSignature, onc_object, result))

773 return false;

774	742

775 static const char* kValidTypes[] = { kClient, kServer, kAuthority, NULL };	743 static const char* kValidTypes[] = { kClient, kServer, kAuthority, NULL };

776 if (FieldExistsAndHasNoValidValue(*result, kType, kValidTypes) \|\|	744 if (FieldExistsAndHasNoValidValue(*result, kType, kValidTypes) \|\|

777 FieldExistsAndIsEmpty(*result, kGUID)) {	745 FieldExistsAndIsEmpty(*result, kGUID)) {

778 return false;	746 return false;

779 }	747 }

780	748

781 std::string type;	749 std::string type;

782 result->GetStringWithoutPathExpansion(kType, &type);	750 result->GetStringWithoutPathExpansion(kType, &type);

783 if (onc_source_ == ONC_SOURCE_DEVICE_POLICY &&	751 if (onc_source_ == ONC_SOURCE_DEVICE_POLICY &&

(...skipping 29 matching lines...) Expand all Loading...
813 }	781 }

814	782

815 std::string Validator::MessageHeader(bool is_error) {	783 std::string Validator::MessageHeader(bool is_error) {

816 std::string path = path_.empty() ? "toplevel" : JoinString(path_, ".");	784 std::string path = path_.empty() ? "toplevel" : JoinString(path_, ".");

817 std::string message = "At " + path + ": ";	785 std::string message = "At " + path + ": ";

818 return message;	786 return message;

819 }	787 }

820	788

821 } // namespace onc	789 } // namespace onc

822 } // namespace chromeos	790 } // namespace chromeos

OLD	NEW

« no previous file with comments | « chromeos/network/onc/onc_translator_unittest.cc ('k') | chromeos/network/onc/onc_validator_unittest.cc » ('j') | no next file with comments »