Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(55)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chromeos/cert_loader.cc

Issue 23684033: Fix device policy recovery on CrOS login (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: . Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chromeos/cert_loader.h ('k') | chromeos/login/login_state.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chromeos/cert_loader.h" 5 #include "chromeos/cert_loader.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 8
9 #include "base/chromeos/chromeos_version.h" 9 #include "base/chromeos/chromeos_version.h"
10 #include "base/message_loop/message_loop_proxy.h" 10 #include "base/message_loop/message_loop_proxy.h"
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after
138 } 138 }
139 139
140 void CertLoader::MaybeRequestCertificates() { 140 void CertLoader::MaybeRequestCertificates() {
141 CHECK(thread_checker_.CalledOnValidThread()); 141 CHECK(thread_checker_.CalledOnValidThread());
142 142
143 // This is the entry point to the TPM token initialization process, 143 // This is the entry point to the TPM token initialization process,
144 // which we should do at most once. 144 // which we should do at most once.
145 if (certificates_requested_ || !crypto_task_runner_.get()) 145 if (certificates_requested_ || !crypto_task_runner_.get())
146 return; 146 return;
147 147
148 const bool logged_in = LoginState::IsInitialized() ? 148 if (!LoginState::IsInitialized())
149 LoginState::Get()->IsUserLoggedIn() : false; 149 return;
150 VLOG(1) << "RequestCertificates: " << logged_in; 150
151 if (!logged_in) 151 bool request_certificates = LoginState::Get()->IsUserLoggedIn() ||
152 LoginState::Get()->IsInSafeMode();
153
154 VLOG(1) << "RequestCertificates: " << request_certificates;
155 if (!request_certificates)
152 return; 156 return;
153 157
154 certificates_requested_ = true; 158 certificates_requested_ = true;
155 159
156 // Ensure we only initialize the TPM token once. 160 // Ensure we only initialize the TPM token once.
157 DCHECK_EQ(tpm_token_state_, TPM_STATE_UNKNOWN); 161 DCHECK_EQ(tpm_token_state_, TPM_STATE_UNKNOWN);
158 if (!initialize_tpm_for_test_ && !base::chromeos::IsRunningOnChromeOS()) 162 if (!initialize_tpm_for_test_ && !base::chromeos::IsRunningOnChromeOS())
159 tpm_token_state_ = TPM_DISABLED; 163 tpm_token_state_ = TPM_DISABLED;
160 164
161 // Treat TPM as disabled for guest users since they do not store certs. 165 // Treat TPM as disabled for guest users since they do not store certs.
162 if (LoginState::IsInitialized() && LoginState::Get()->IsGuestUser()) 166 if (LoginState::Get()->IsGuestUser())
163 tpm_token_state_ = TPM_DISABLED; 167 tpm_token_state_ = TPM_DISABLED;
164 168
165 InitializeTokenAndLoadCertificates(); 169 InitializeTokenAndLoadCertificates();
166 } 170 }
167 171
168 void CertLoader::InitializeTokenAndLoadCertificates() { 172 void CertLoader::InitializeTokenAndLoadCertificates() {
169 CHECK(thread_checker_.CalledOnValidThread()); 173 CHECK(thread_checker_.CalledOnValidThread());
170 VLOG(1) << "InitializeTokenAndLoadCertificates: " << tpm_token_state_; 174 VLOG(1) << "InitializeTokenAndLoadCertificates: " << tpm_token_state_;
171 175
172 switch (tpm_token_state_) { 176 switch (tpm_token_state_) {
(...skipping 207 matching lines...) Expand 10 before | Expand all | Expand 10 after
380 void CertLoader::OnCertAdded(const net::X509Certificate* cert) { 384 void CertLoader::OnCertAdded(const net::X509Certificate* cert) {
381 VLOG(1) << "OnCertAdded"; 385 VLOG(1) << "OnCertAdded";
382 LoadCertificates(); 386 LoadCertificates();
383 } 387 }
384 388
385 void CertLoader::OnCertRemoved(const net::X509Certificate* cert) { 389 void CertLoader::OnCertRemoved(const net::X509Certificate* cert) {
386 VLOG(1) << "OnCertRemoved"; 390 VLOG(1) << "OnCertRemoved";
387 LoadCertificates(); 391 LoadCertificates();
388 } 392 }
389 393
390 void CertLoader::LoggedInStateChanged(LoginState::LoggedInState state) { 394 void CertLoader::LoggedInStateChanged() {
391 VLOG(1) << "LoggedInStateChanged: " << state; 395 VLOG(1) << "LoggedInStateChanged";
392 MaybeRequestCertificates(); 396 MaybeRequestCertificates();
393 } 397 }
394 398
395 } // namespace chromeos 399 } // namespace chromeos
OLDNEW
« no previous file with comments | « chromeos/cert_loader.h ('k') | chromeos/login/login_state.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698