diff options
author | tbarzic@chromium.org <tbarzic@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-09-13 23:36:37 +0000 |
---|---|---|
committer | tbarzic@chromium.org <tbarzic@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-09-13 23:36:37 +0000 |
commit | c547f8172c6b7c28bc7c4fb75419f039614eabd6 (patch) | |
tree | ad3af1b31955eb6fe498cbecacbcf9336d764794 /chromeos/cert_loader.h | |
parent | 797d9a6f410576692f155bd87c4a9a982e7868a7 (diff) | |
download | chromium_src-c547f8172c6b7c28bc7c4fb75419f039614eabd6.zip chromium_src-c547f8172c6b7c28bc7c4fb75419f039614eabd6.tar.gz chromium_src-c547f8172c6b7c28bc7c4fb75419f039614eabd6.tar.bz2 |
Fix device policy recovery on CrOS login
If the device policy file cannot be loaded on login, the device enters
a state where it allows login process to proceed only if the user logging
in is the owner. To be able to successfully determine if the user is
owner, parallel authenticator has to wait until the certificates
are loaded by CertLoader. The problem is that the CertLoader starts
loading the certificates _after_ the user actually logs in. So if the
authenticator actually waited for the owner status to be resolved, the
login would hang.
This CL adds another state to LoginState::LoggedInState enum (SAFE_MODE)
in which CertLoader will be allowed to start loading the certificates.
When the authenticator detects the policy file corruption, it changes
login state to SAFE MODE (which triggers the certificate loading) and
waits for the DeviceSettingsService to determine whether the current user
is the owner.
Also, removed LoginState::GetLoggedInState. Replaced it's pre-existing
usages with LoginState::IsUserLoggedIn; and added
LoginState::IsInSafeMode to be used here.
BUG=285450
TEST=
1. manually remove device policy file
2. try logging in to a non-owner account -> should fail
3. try logging in to the owner account -> should succeed
4. try logging in to a non-owner account again -> should succeed
Review URL: https://chromiumcodereview.appspot.com/23684033
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@223168 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chromeos/cert_loader.h')
-rw-r--r-- | chromeos/cert_loader.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/chromeos/cert_loader.h b/chromeos/cert_loader.h index bc1123e..9c5ace4 100644 --- a/chromeos/cert_loader.h +++ b/chromeos/cert_loader.h @@ -147,7 +147,7 @@ class CHROMEOS_EXPORT CertLoader : public net::CertDatabase::Observer, virtual void OnCertRemoved(const net::X509Certificate* cert) OVERRIDE; // LoginState::Observer - virtual void LoggedInStateChanged(LoginState::LoggedInState state) OVERRIDE; + virtual void LoggedInStateChanged() OVERRIDE; bool initialize_tpm_for_test_; |