|
|
Added a PolicyCertVerifier that uses the trust anchors from the ONC policies.
The MultiThreadedCertVerifier can optionally use a CertTrustAnchorProvider to
get a list of additional certificates to trust, without importing them into the
NSS database. This CL wraps the MultiThreadedCertVerifier with a custom verifier
that includes a trust anchor provider.
The trust anchor provider returns all the certificates from the user ONC policy
that have the Web trust flag. The PolicyCertVerifier also writes a preference
in the Profile once any such certificate is used.
This feature is currently behind a flag, until a warning UI is implemented.
The warning should be displayed if UsedPolicyCertificates() is true for the
given profile.
TBR=pneubeck@chromium.org
BUG= 216495
NOTE: this is a reland of https://codereview.chromium.org/13035003, with tests fixed.
Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=192324
Total comments: 2
|
Unified diffs |
Side-by-side diffs |
Delta from patch set |
Stats (+832 lines, -119 lines) |
Patch |
 |
M |
chrome/browser/chromeos/cros/mock_network_library.h
|
View
|
|
1 chunk |
+1 line, -1 line |
0 comments
|
Download
|
|
M |
chrome/browser/chromeos/cros/network_library.h
|
View
|
|
2 chunks |
+6 lines, -4 lines |
0 comments
|
Download
|
|
M |
chrome/browser/chromeos/cros/network_library_impl_base.h
|
View
|
|
1 chunk |
+5 lines, -4 lines |
0 comments
|
Download
|
|
M |
chrome/browser/chromeos/cros/network_library_impl_base.cc
|
View
|
|
2 chunks |
+10 lines, -11 lines |
0 comments
|
Download
|
|
M |
chrome/browser/chromeos/cros/network_library_unittest.cc
|
View
|
|
6 chunks |
+11 lines, -7 lines |
0 comments
|
Download
|
|
M |
chrome/browser/chromeos/policy/network_configuration_updater.h
|
View
|
|
3 chunks |
+22 lines, -3 lines |
0 comments
|
Download
|
|
M |
chrome/browser/chromeos/policy/network_configuration_updater.cc
|
View
|
|
5 chunks |
+64 lines, -3 lines |
0 comments
|
Download
|
|
M |
chrome/browser/chromeos/policy/network_configuration_updater_unittest.cc
|
View
|
|
7 chunks |
+71 lines, -14 lines |
0 comments
|
Download
|
|
A |
chrome/browser/chromeos/policy/policy_cert_verifier.h
|
View
|
|
1 chunk |
+50 lines, -0 lines |
0 comments
|
Download
|
|
A |
chrome/browser/chromeos/policy/policy_cert_verifier.cc
|
View
|
1
|
1 chunk |
+97 lines, -0 lines |
0 comments
|
Download
|
|
A |
chrome/browser/chromeos/policy/policy_cert_verifier_browsertest.cc
|
View
|
1
|
1 chunk |
+297 lines, -0 lines |
2 comments
|
Download
|
|
M |
chrome/browser/policy/browser_policy_connector.h
|
View
|
|
3 chunks |
+12 lines, -0 lines |
0 comments
|
Download
|
|
M |
chrome/browser/policy/browser_policy_connector.cc
|
View
|
|
7 chunks |
+27 lines, -3 lines |
0 comments
|
Download
|
|
M |
chrome/browser/prefs/browser_prefs.cc
|
View
|
|
1 chunk |
+1 line, -0 lines |
0 comments
|
Download
|
|
M |
chrome/browser/profiles/profile_impl_io_data.cc
|
View
|
|
1 chunk |
+0 lines, -2 lines |
0 comments
|
Download
|
|
M |
chrome/browser/profiles/profile_io_data.h
|
View
|
|
3 chunks |
+11 lines, -0 lines |
0 comments
|
Download
|
|
M |
chrome/browser/profiles/profile_io_data.cc
|
View
|
|
5 chunks |
+20 lines, -0 lines |
0 comments
|
Download
|
|
M |
chrome/browser/ui/webui/net_internals/net_internals_ui.cc
|
View
|
|
1 chunk |
+1 line, -1 line |
0 comments
|
Download
|
|
M |
chrome/chrome_browser_chromeos.gypi
|
View
|
|
1 chunk |
+2 lines, -0 lines |
0 comments
|
Download
|
|
M |
chrome/chrome_tests.gypi
|
View
|
|
1 chunk |
+1 line, -0 lines |
0 comments
|
Download
|
|
M |
chrome/common/chrome_switches.h
|
View
|
|
2 chunks |
+2 lines, -1 line |
0 comments
|
Download
|
|
M |
chrome/common/chrome_switches.cc
|
View
|
|
3 chunks |
+8 lines, -3 lines |
0 comments
|
Download
|
|
M |
chrome/common/pref_names.h
|
View
|
|
1 chunk |
+1 line, -0 lines |
0 comments
|
Download
|
|
M |
chrome/common/pref_names.cc
|
View
|
|
1 chunk |
+7 lines, -0 lines |
0 comments
|
Download
|
|
M |
chromeos/network/onc/onc_certificate_importer.h
|
View
|
|
2 chunks |
+18 lines, -11 lines |
0 comments
|
Download
|
|
M |
chromeos/network/onc/onc_certificate_importer.cc
|
View
|
|
8 chunks |
+52 lines, -42 lines |
0 comments
|
Download
|
|
M |
chromeos/network/onc/onc_certificate_importer_unittest.cc
|
View
|
|
4 chunks |
+34 lines, -5 lines |
0 comments
|
Download
|
|
A + |
chromeos/test/data/network/certificate-authority.onc
|
View
|
|
1 chunk |
+1 line, -4 lines |
0 comments
|
Download
|
Total messages: 5 (0 generated)
|
Chromium Code Reviews
Issue
13532005:
Added a PolicyCertVerifier that uses the trust anchors from the ONC policies. (Closed)
