| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/cloud/cloud_policy_validator.h" | 5 #include "chrome/browser/policy/cloud/cloud_policy_validator.h" |
| 6 | 6 |
| 7 #include "base/bind_helpers.h" | 7 #include "base/bind_helpers.h" |
| 8 #include "base/message_loop/message_loop.h" | 8 #include "base/message_loop/message_loop.h" |
| 9 #include "base/stl_util.h" | 9 #include "base/stl_util.h" |
| 10 #include "chrome/browser/policy/cloud/cloud_policy_constants.h" | 10 #include "chrome/browser/policy/cloud/cloud_policy_constants.h" |
| (...skipping 260 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 271 } else { | 271 } else { |
| 272 LOG(ERROR) << "Policy timestamp missing"; | 272 LOG(ERROR) << "Policy timestamp missing"; |
| 273 return VALIDATION_BAD_TIMESTAMP; | 273 return VALIDATION_BAD_TIMESTAMP; |
| 274 } | 274 } |
| 275 } | 275 } |
| 276 | 276 |
| 277 if (policy_data_->timestamp() < timestamp_not_before_) { | 277 if (policy_data_->timestamp() < timestamp_not_before_) { |
| 278 LOG(ERROR) << "Policy too old: " << policy_data_->timestamp(); | 278 LOG(ERROR) << "Policy too old: " << policy_data_->timestamp(); |
| 279 return VALIDATION_BAD_TIMESTAMP; | 279 return VALIDATION_BAD_TIMESTAMP; |
| 280 } | 280 } |
| 281 if (policy_data_->timestamp() > timestamp_not_after_) { | 281 if (timestamp_option_ != TIMESTAMP_NOT_BEFORE && |
| 282 policy_data_->timestamp() > timestamp_not_after_) { |
| 282 LOG(ERROR) << "Policy from the future: " << policy_data_->timestamp(); | 283 LOG(ERROR) << "Policy from the future: " << policy_data_->timestamp(); |
| 283 return VALIDATION_BAD_TIMESTAMP; | 284 return VALIDATION_BAD_TIMESTAMP; |
| 284 } | 285 } |
| 285 | 286 |
| 286 return VALIDATION_OK; | 287 return VALIDATION_OK; |
| 287 } | 288 } |
| 288 | 289 |
| 289 CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckToken() { | 290 CloudPolicyValidatorBase::Status CloudPolicyValidatorBase::CheckToken() { |
| 290 // Make sure the token matches the expected token (if any) and also | 291 // Make sure the token matches the expected token (if any) and also |
| 291 // make sure the token itself is valid (non-empty if DM_TOKEN_REQUIRED). | 292 // make sure the token itself is valid (non-empty if DM_TOKEN_REQUIRED). |
| (...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 367 } | 368 } |
| 368 verifier.VerifyUpdate(reinterpret_cast<const uint8*>(data.c_str()), | 369 verifier.VerifyUpdate(reinterpret_cast<const uint8*>(data.c_str()), |
| 369 data.size()); | 370 data.size()); |
| 370 return verifier.VerifyFinal(); | 371 return verifier.VerifyFinal(); |
| 371 } | 372 } |
| 372 | 373 |
| 373 template class CloudPolicyValidator<em::CloudPolicySettings>; | 374 template class CloudPolicyValidator<em::CloudPolicySettings>; |
| 374 template class CloudPolicyValidator<em::ExternalPolicyData>; | 375 template class CloudPolicyValidator<em::ExternalPolicyData>; |
| 375 | 376 |
| 376 } // namespace policy | 377 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 24041002:
Turn off future-timestamp cloud policy checks on desktop (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src