diff options
author | pneubeck@chromium.org <pneubeck@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-01-15 13:06:38 +0000 |
---|---|---|
committer | pneubeck@chromium.org <pneubeck@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-01-15 13:06:38 +0000 |
commit | 0e76b9ab3bf8229f568416edc638198473f71605 (patch) | |
tree | aa06de72d798c063015ca44f8a73ad7404df01bf /chromeos/network/onc/onc_normalizer.cc | |
parent | d8e73083baa3050eedffee345b2fc64ee074cd27 (diff) | |
download | chromium_src-0e76b9ab3bf8229f568416edc638198473f71605.zip chromium_src-0e76b9ab3bf8229f568416edc638198473f71605.tar.gz chromium_src-0e76b9ab3bf8229f568416edc638198473f71605.tar.bz2 |
Explicitly state ignored fields in the ONC spec, update the ONC normalizer and use it during import.
BUG=169798
Review URL: https://chromiumcodereview.appspot.com/11876020
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@176890 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chromeos/network/onc/onc_normalizer.cc')
-rw-r--r-- | chromeos/network/onc/onc_normalizer.cc | 115 |
1 files changed, 106 insertions, 9 deletions
diff --git a/chromeos/network/onc/onc_normalizer.cc b/chromeos/network/onc/onc_normalizer.cc index a1f1743..e7a6a20 100644 --- a/chromeos/network/onc/onc_normalizer.cc +++ b/chromeos/network/onc/onc_normalizer.cc @@ -45,25 +45,78 @@ scoped_ptr<base::DictionaryValue> Normalizer::MapObject( if (remove_recommended_fields_) normalized->RemoveWithoutPathExpansion(kRecommended, NULL); - if (&signature == &kNetworkConfigurationSignature) + if (&signature == &kCertificateSignature) + NormalizeCertificate(normalized.get()); + else if (&signature == &kEAPSignature) + NormalizeEAP(normalized.get()); + else if (&signature == &kEthernetSignature) + NormalizeEthernet(normalized.get()); + else if (&signature == &kIPsecSignature) + NormalizeIPsec(normalized.get()); + else if (&signature == &kNetworkConfigurationSignature) NormalizeNetworkConfiguration(normalized.get()); + else if (&signature == &kOpenVPNSignature) + NormalizeOpenVPN(normalized.get()); + else if (&signature == &kProxySettingsSignature) + NormalizeProxySettings(normalized.get()); else if (&signature == &kVPNSignature) NormalizeVPN(normalized.get()); - else if (&signature == &kIPsecSignature) - NormalizeIPsec(normalized.get()); + else if (&signature == &kWiFiSignature) + NormalizeWiFi(normalized.get()); return normalized.Pass(); } namespace { + void RemoveEntryUnless(base::DictionaryValue* dict, const std::string path, bool condition) { if (!condition) dict->RemoveWithoutPathExpansion(path, NULL); } + } // namespace +void Normalizer::NormalizeCertificate(base::DictionaryValue* cert) { + using namespace certificate; + + bool remove = false; + cert->GetBooleanWithoutPathExpansion(kRemove, &remove); + RemoveEntryUnless(cert, certificate::kType, !remove); + + std::string type; + cert->GetStringWithoutPathExpansion(certificate::kType, &type); + RemoveEntryUnless(cert, kPKCS12, type == kClient); + RemoveEntryUnless(cert, kTrust, type == kServer || type == kAuthority); + RemoveEntryUnless(cert, kX509, type == kServer || type == kAuthority); +} + +void Normalizer::NormalizeEthernet(base::DictionaryValue* ethernet) { + using namespace ethernet; + + std::string auth; + ethernet->GetStringWithoutPathExpansion(kAuthentication, &auth); + RemoveEntryUnless(ethernet, kEAP, auth == k8021X); +} + +void Normalizer::NormalizeEAP(base::DictionaryValue* eap) { + using namespace eap; + + std::string clientcert_type; + eap->GetStringWithoutPathExpansion(kClientCertType, &clientcert_type); + RemoveEntryUnless(eap, kClientCertPattern, + clientcert_type == certificate::kPattern); + RemoveEntryUnless(eap, kClientCertRef, clientcert_type == certificate::kRef); + + std::string outer; + eap->GetStringWithoutPathExpansion(kOuter, &outer); + RemoveEntryUnless(eap, kAnonymousIdentity, + outer == kPEAP || outer == kEAP_TTLS); + RemoveEntryUnless(eap, kInner, + outer == kPEAP || outer == kEAP_TTLS || outer == kEAP_FAST); +} + void Normalizer::NormalizeIPsec(base::DictionaryValue* ipsec) { using namespace vpn; @@ -88,8 +141,50 @@ void Normalizer::NormalizeIPsec(base::DictionaryValue* ipsec) { RemoveEntryUnless(ipsec, kXAUTH, ike_version == 1); } +void Normalizer::NormalizeNetworkConfiguration(base::DictionaryValue* network) { + bool remove = false; + network->GetBooleanWithoutPathExpansion(kRemove, &remove); + if (remove) { + network->RemoveWithoutPathExpansion(kIPConfigs, NULL); + network->RemoveWithoutPathExpansion(kName, NULL); + network->RemoveWithoutPathExpansion(kNameServers, NULL); + network->RemoveWithoutPathExpansion(kProxySettings, NULL); + network->RemoveWithoutPathExpansion(kSearchDomains, NULL); + network->RemoveWithoutPathExpansion(kType, NULL); + // Fields dependent on kType are removed afterwards, too. + } + + std::string type; + network->GetStringWithoutPathExpansion(kType, &type); + RemoveEntryUnless(network, kEthernet, type == kEthernet); + RemoveEntryUnless(network, kVPN, type == kVPN); + RemoveEntryUnless(network, kWiFi, type == kWiFi); +} + +void Normalizer::NormalizeOpenVPN(base::DictionaryValue* openvpn) { + using namespace vpn; + + std::string clientcert_type; + openvpn->GetStringWithoutPathExpansion(kClientCertType, &clientcert_type); + RemoveEntryUnless(openvpn, kClientCertPattern, + clientcert_type == certificate::kPattern); + RemoveEntryUnless(openvpn, kClientCertRef, + clientcert_type == certificate::kRef); +} + +void Normalizer::NormalizeProxySettings(base::DictionaryValue* proxy) { + using namespace proxy; + + std::string type; + proxy->GetStringWithoutPathExpansion(proxy::kType, &type); + RemoveEntryUnless(proxy, kManual, type == kManual); + RemoveEntryUnless(proxy, kExcludeDomains, type == kManual); + RemoveEntryUnless(proxy, kPAC, type == kPAC); +} + void Normalizer::NormalizeVPN(base::DictionaryValue* vpn) { using namespace vpn; + std::string type; vpn->GetStringWithoutPathExpansion(vpn::kType, &type); RemoveEntryUnless(vpn, kOpenVPN, type == kOpenVPN); @@ -97,12 +192,14 @@ void Normalizer::NormalizeVPN(base::DictionaryValue* vpn) { RemoveEntryUnless(vpn, kL2TP, type == kTypeL2TP_IPsec); } -void Normalizer::NormalizeNetworkConfiguration(base::DictionaryValue* network) { - std::string type; - network->GetStringWithoutPathExpansion(kType, &type); - RemoveEntryUnless(network, kEthernet, type == kEthernet); - RemoveEntryUnless(network, kVPN, type == kVPN); - RemoveEntryUnless(network, kWiFi, type == kWiFi); +void Normalizer::NormalizeWiFi(base::DictionaryValue* wifi) { + using namespace wifi; + + std::string security; + wifi->GetStringWithoutPathExpansion(wifi::kSecurity, &security); + RemoveEntryUnless(wifi, kEAP, security == kWEP_8021X || security == kWPA_EAP); + RemoveEntryUnless(wifi, kPassphrase, + security == kWEP_PSK || security == kWPA_PSK); } } // namespace onc |