diff options
| author | mnissler@chromium.org <mnissler@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-14 08:55:17 +0000 |
|---|---|---|
| committer | mnissler@chromium.org <mnissler@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-04-14 08:55:17 +0000 |
| commit | 608b2d1ecb26759ff76844782c258e3176206f8b (patch) | |
| tree | e8e49b561e73277ef3f5c9b6f165a3f9585de35f /chrome/browser/policy | |
| parent | ddd352d9ca54878f5559e36ebd51abe33b4610de (diff) | |
| download | chromium_src-608b2d1ecb26759ff76844782c258e3176206f8b.zip chromium_src-608b2d1ecb26759ff76844782c258e3176206f8b.tar.gz chromium_src-608b2d1ecb26759ff76844782c258e3176206f8b.tar.bz2 | |
Pass the correct public key version to the policy server.
BUG=none
TEST=compiles and passes tests
Review URL: http://codereview.chromium.org/6837029
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@81555 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/policy')
| -rw-r--r-- | chrome/browser/policy/cloud_policy_cache_base.cc | 23 | ||||
| -rw-r--r-- | chrome/browser/policy/cloud_policy_cache_base.h | 17 | ||||
| -rw-r--r-- | chrome/browser/policy/cloud_policy_controller.cc | 3 |
3 files changed, 40 insertions, 3 deletions
diff --git a/chrome/browser/policy/cloud_policy_cache_base.cc b/chrome/browser/policy/cloud_policy_cache_base.cc index 3f1f48c..5fdf08e 100644 --- a/chrome/browser/policy/cloud_policy_cache_base.cc +++ b/chrome/browser/policy/cloud_policy_cache_base.cc @@ -58,6 +58,7 @@ CloudPolicyCacheBase::CloudPolicyCacheBase() : notifier_(NULL), initialization_complete_(false), is_unmanaged_(false) { + public_key_version_.valid = false; managed_policy_provider_.reset( new CloudPolicyProvider( ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(), @@ -75,6 +76,13 @@ CloudPolicyCacheBase::~CloudPolicyCacheBase() { observer_list_, OnProviderGoingAway()); } +bool CloudPolicyCacheBase::GetPublicKeyVersion(int* version) { + if (public_key_version_.valid) + *version = public_key_version_.version; + + return public_key_version_.valid; +} + bool CloudPolicyCacheBase::SetPolicyInternal( const em::PolicyFetchResponse& policy, base::Time* timestamp, @@ -85,8 +93,9 @@ bool CloudPolicyCacheBase::SetPolicyInternal( PolicyMap mandatory_policy; PolicyMap recommended_policy; base::Time temp_timestamp; + PublicKeyVersion temp_public_key_version; bool ok = DecodePolicyResponse(policy, &mandatory_policy, &recommended_policy, - &temp_timestamp); + &temp_timestamp, &temp_public_key_version); if (!ok) { LOG(WARNING) << "Decoding policy data failed."; return false; @@ -99,6 +108,8 @@ bool CloudPolicyCacheBase::SetPolicyInternal( LOG(WARNING) << "Rejected policy data, file is from the future."; return false; } + public_key_version_.version = temp_public_key_version.version; + public_key_version_.valid = temp_public_key_version.valid; const bool new_policy_differs = !mandatory_policy_.Equals(mandatory_policy) || @@ -119,6 +130,7 @@ bool CloudPolicyCacheBase::SetPolicyInternal( void CloudPolicyCacheBase::SetUnmanagedInternal(const base::Time& timestamp) { is_unmanaged_ = true; initialization_complete_ = true; + public_key_version_.valid = false; mandatory_policy_.Clear(); recommended_policy_.Clear(); last_policy_refresh_time_ = timestamp; @@ -142,7 +154,8 @@ bool CloudPolicyCacheBase::DecodePolicyResponse( const em::PolicyFetchResponse& policy_response, PolicyMap* mandatory, PolicyMap* recommended, - base::Time* timestamp) { + base::Time* timestamp, + PublicKeyVersion* public_key_version) { std::string data = policy_response.policy_data(); em::PolicyData policy_data; if (!policy_data.ParseFromString(data)) { @@ -153,6 +166,12 @@ bool CloudPolicyCacheBase::DecodePolicyResponse( *timestamp = base::Time::UnixEpoch() + base::TimeDelta::FromMilliseconds(policy_data.timestamp()); } + if (public_key_version) { + public_key_version->valid = policy_data.has_public_key_version(); + if (public_key_version->valid) + public_key_version->version = policy_data.public_key_version(); + } + return DecodePolicyData(policy_data, mandatory, recommended); } diff --git a/chrome/browser/policy/cloud_policy_cache_base.h b/chrome/browser/policy/cloud_policy_cache_base.h index f97d6cf..0fd89fc 100644 --- a/chrome/browser/policy/cloud_policy_cache_base.h +++ b/chrome/browser/policy/cloud_policy_cache_base.h @@ -62,7 +62,18 @@ class CloudPolicyCacheBase : public base::NonThreadSafe { return last_policy_refresh_time_; } + // Get the version of the encryption key currently used for decoding policy. + // Returns true if the version is available, in which case |version| is filled + // in. + bool GetPublicKeyVersion(int* version); + protected: + // Wraps public key version and validity. + struct PublicKeyVersion { + int version; + bool valid; + }; + // Decodes the given |policy| using |DecodePolicyResponse()|, applies the // contents to |{mandatory,recommended}_policy_|, and notifies observers. // |timestamp| returns the timestamp embedded in |policy|, callers can pass @@ -86,7 +97,8 @@ class CloudPolicyCacheBase : public base::NonThreadSafe { bool DecodePolicyResponse(const em::PolicyFetchResponse& policy_response, PolicyMap* mandatory, PolicyMap* recommended, - base::Time* timestamp); + base::Time* timestamp, + PublicKeyVersion* public_key_version); void InformNotifier(CloudPolicySubsystem::PolicySubsystemState state, CloudPolicySubsystem::ErrorDetails error_details); @@ -128,6 +140,9 @@ class CloudPolicyCacheBase : public base::NonThreadSafe { // Whether the the server has indicated this device is unmanaged. bool is_unmanaged_; + // Currently used public key version, if available. + PublicKeyVersion public_key_version_; + // Provider observers that are registered with this cache's providers. ObserverList<ConfigurationPolicyProvider::Observer, true> observer_list_; diff --git a/chrome/browser/policy/cloud_policy_controller.cc b/chrome/browser/policy/cloud_policy_controller.cc index c038952..598506d 100644 --- a/chrome/browser/policy/cloud_policy_controller.cc +++ b/chrome/browser/policy/cloud_policy_controller.cc @@ -250,6 +250,9 @@ void CloudPolicyController::SendPolicyRequest() { cache_->last_policy_refresh_time() - base::Time::UnixEpoch(); fetch_request->set_timestamp(timestamp.InMilliseconds()); } + int key_version = 0; + if (cache_->GetPublicKeyVersion(&key_version)) + fetch_request->set_public_key_version(key_version); backend_->ProcessPolicyRequest(identity_strategy_->GetDeviceToken(), identity_strategy_->GetDeviceID(), |