Accept L2TP Xauth parameters in ONC

Add Xauth L2TP credentials to the ONC configuration language. BUG=267647 R=pneubeck@chromium.org Review URL: https://codereview.chromium.org/141583002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@246079 0039d316-1c4b-4281-b951-d872f2087c98
author: pstew@chromium.org <pstew@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2014-01-21 18:40:30 +0000
committer: pstew@chromium.org <pstew@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2014-01-21 18:40:30 +0000
commit: 3c91cd0d57ee98069a80af9628516836fddc8bca (patch)
tree: 4e711facb31d22d3c12473e96a64a1d95ef8c8dc /chromeos
parent: 6cc54f5a04e63e969ddb12bf2232ee8eafb253e8 (diff)
download: chromium_src-3c91cd0d57ee98069a80af9628516836fddc8bca.zip
chromium_src-3c91cd0d57ee98069a80af9628516836fddc8bca.tar.gz
chromium_src-3c91cd0d57ee98069a80af9628516836fddc8bca.tar.bz2
9 files changed, 47 insertions, 4 deletions
diff --git a/chromeos/network/onc/onc_signature.cc b/chromeos/network/onc/onc_signature.cc
index 44edc31..eb72ec8 100644
--- a/chromeos/network/onc/onc_signature.cc
+++ b/chromeos/network/onc/onc_signature.cc
@@ -84,9 +84,14 @@ const OncFieldSignature ipsec_fields[] = {
     { ::onc::ipsec::kServerCAPEMs, &kStringListSignature},
     { ::onc::ipsec::kServerCARef, &kStringSignature},
     { ::onc::ipsec::kServerCARefs, &kStringListSignature},
+    { ::onc::ipsec::kXAUTH, &kXAUTHSignature},
     // Not yet supported.
     //  { ipsec::kEAP, &kEAPSignature },
-    //  { ipsec::kXAUTH, &kXAUTHSignature },
+    {NULL}};
+
+const OncFieldSignature xauth_fields[] = {
+    { ::onc::vpn::kPassword, &kStringSignature},
+    { ::onc::vpn::kUsername, &kStringSignature},
     {NULL}};
 
 const OncFieldSignature l2tp_fields[] = {
@@ -324,6 +329,9 @@ const OncValueSignature kCertificatePatternSignature = {
 const OncValueSignature kIPsecSignature = {
   base::Value::TYPE_DICTIONARY, ipsec_fields, NULL
 };
+const OncValueSignature kXAUTHSignature = {
+  base::Value::TYPE_DICTIONARY, xauth_fields, NULL
+};
 const OncValueSignature kL2TPSignature = {
   base::Value::TYPE_DICTIONARY, l2tp_fields, NULL
 };
@@ -419,6 +427,7 @@ struct CredentialEntry {
 const CredentialEntry credentials[] = {
     {&kEAPSignature, ::onc::eap::kPassword},
     {&kIPsecSignature, ::onc::ipsec::kPSK},
+    {&kXAUTHSignature, ::onc::vpn::kPassword},
     {&kL2TPSignature, ::onc::vpn::kPassword},
     {&kOpenVPNSignature, ::onc::vpn::kPassword},
     {&kOpenVPNSignature, ::onc::openvpn::kTLSAuthContents},
diff --git a/chromeos/network/onc/onc_signature.h b/chromeos/network/onc/onc_signature.h
index 411128d..d4904b0 100644
--- a/chromeos/network/onc/onc_signature.h
+++ b/chromeos/network/onc/onc_signature.h
@@ -41,6 +41,7 @@ CHROMEOS_EXPORT extern const OncValueSignature kIssuerSubjectPatternSignature;
 CHROMEOS_EXPORT extern const OncValueSignature kCertificatePatternSignature;
 CHROMEOS_EXPORT extern const OncValueSignature kIPsecSignature;
 CHROMEOS_EXPORT extern const OncValueSignature kL2TPSignature;
+CHROMEOS_EXPORT extern const OncValueSignature kXAUTHSignature;
 CHROMEOS_EXPORT extern const OncValueSignature kOpenVPNSignature;
 CHROMEOS_EXPORT extern const OncValueSignature kVerifyX509Signature;
 CHROMEOS_EXPORT extern const OncValueSignature kVPNSignature;
diff --git a/chromeos/network/onc/onc_translation_tables.cc b/chromeos/network/onc/onc_translation_tables.cc
index ae57b3e..603c3b3 100644
--- a/chromeos/network/onc/onc_translation_tables.cc
+++ b/chromeos/network/onc/onc_translation_tables.cc
@@ -49,6 +49,11 @@ const FieldTranslationEntry ipsec_fields[] = {
     { ::onc::ipsec::kServerCAPEMs, shill::kL2tpIpsecCaCertPemProperty},
     {NULL}};
 
+const FieldTranslationEntry xauth_fields[] = {
+    { ::onc::vpn::kPassword, shill::kL2tpIpsecXauthPasswordProperty},
+    { ::onc::vpn::kUsername, shill::kL2tpIpsecXauthUserProperty},
+    {NULL}};
+
 const FieldTranslationEntry l2tp_fields[] = {
     { ::onc::vpn::kPassword, shill::kL2tpIpsecPasswordProperty},
     // We don't synchronize l2tp's SaveCredentials field for now, as Shill
@@ -179,6 +184,7 @@ const OncValueTranslationEntry onc_value_translation_table[] = {
   { &kEAPSignature, eap_fields },
   { &kIPsecSignature, ipsec_fields },
   { &kL2TPSignature, l2tp_fields },
+  { &kXAUTHSignature, xauth_fields },
   { &kOpenVPNSignature, openvpn_fields },
   { &kVerifyX509Signature, verify_x509_fields },
   { &kVPNSignature, vpn_fields },
diff --git a/chromeos/network/onc/onc_translator_shill_to_onc.cc b/chromeos/network/onc/onc_translator_shill_to_onc.cc
index e52e731..11f59f4 100644
--- a/chromeos/network/onc/onc_translator_shill_to_onc.cc
+++ b/chromeos/network/onc/onc_translator_shill_to_onc.cc
@@ -61,6 +61,7 @@ class ShillToONCTranslator {
  private:
   void TranslateEthernet();
   void TranslateOpenVPN();
+  void TranslateIPsec();
   void TranslateVPN();
   void TranslateWiFiWithState();
   void TranslateCellularWithState();
@@ -124,6 +125,8 @@ ShillToONCTranslator::CreateTranslatedONCObject() {
     TranslateVPN();
   } else if (onc_signature_ == &kOpenVPNSignature) {
     TranslateOpenVPN();
+  } else if (onc_signature_ == &kIPsecSignature) {
+    TranslateIPsec();
   } else if (onc_signature_ == &kWiFiWithStateSignature) {
     TranslateWiFiWithState();
   } else if (onc_signature_ == &kCellularWithStateSignature) {
@@ -207,6 +210,12 @@ void ShillToONCTranslator::TranslateOpenVPN() {
   }
 }
 
+void ShillToONCTranslator::TranslateIPsec() {
+  CopyPropertiesAccordingToSignature();
+  if (shill_dictionary_->HasKey(shill::kL2tpIpsecXauthUserProperty))
+    TranslateAndAddNestedObject(::onc::ipsec::kXAUTH);
+}
+
 void ShillToONCTranslator::TranslateVPN() {
   TranslateWithTableAndSet(
       shill::kProviderTypeProperty, kVPNTypeTable, ::onc::vpn::kType);
@@ -302,6 +311,8 @@ void ShillToONCTranslator::TranslateAndAddNestedObject(
     const base::DictionaryValue& dictionary) {
   const OncFieldSignature* field_signature =
       GetFieldSignature(*onc_signature_, onc_field_name);
+  DCHECK(field_signature) << "Unable to find signature for field "
+                          << onc_field_name << ".";
   ShillToONCTranslator nested_translator(dictionary,
                                          *field_signature->value_signature);
   scoped_ptr<base::DictionaryValue> nested_object =
diff --git a/chromeos/test/data/network/l2tpipsec_clientcert_with_cert_pems.onc b/chromeos/test/data/network/l2tpipsec_clientcert_with_cert_pems.onc
index 10fccf1..40bf369 100644
--- a/chromeos/test/data/network/l2tpipsec_clientcert_with_cert_pems.onc
+++ b/chromeos/test/data/network/l2tpipsec_clientcert_with_cert_pems.onc
@@ -21,7 +21,11 @@
               }
           },
           "IKEVersion": 1,
-          "SaveCredentials": true
+          "SaveCredentials": true,
+          "XAUTH": {
+              "Username": "some xauth username",
+              "Password": "some xauth password"
+          }
       },
       "L2TP": {
           "Username": "some username",
diff --git a/chromeos/test/data/network/shill_l2tpipsec.json b/chromeos/test/data/network/shill_l2tpipsec.json
index f529a97..ce7c8b7 100644
--- a/chromeos/test/data/network/shill_l2tpipsec.json
+++ b/chromeos/test/data/network/shill_l2tpipsec.json
@@ -5,6 +5,8 @@
   "Provider.Type": "l2tpipsec",
   "L2TPIPsec.PSK": "some_preshared_key",
   "L2TPIPsec.User": "some username",
+  "L2TPIPsec.XauthPassword": "some xauth password",
+  "L2TPIPsec.XauthUser": "some xauth username",
   "L2TPIPsec.Password": "some password",
   "SaveCredentials": true
 }
diff --git a/chromeos/test/data/network/shill_l2tpipsec_clientcert.json b/chromeos/test/data/network/shill_l2tpipsec_clientcert.json
index 3c47214..f5b97a8 100644
--- a/chromeos/test/data/network/shill_l2tpipsec_clientcert.json
+++ b/chromeos/test/data/network/shill_l2tpipsec_clientcert.json
@@ -2,6 +2,8 @@
    "GUID": "guid",
    "L2TPIPsec.Password": "some password",
    "L2TPIPsec.User": "some username",
+   "L2TPIPsec.XauthPassword": "some xauth password",
+   "L2TPIPsec.XauthUser": "some xauth username",
    "Name": "MyL2TPVPN",
    "Provider.Host": "some.host.org",
    "Provider.Type": "l2tpipsec",
diff --git a/chromeos/test/data/network/translation_of_shill_l2tpipsec.onc b/chromeos/test/data/network/translation_of_shill_l2tpipsec.onc
index ed7400d..1e6d3da 100644
--- a/chromeos/test/data/network/translation_of_shill_l2tpipsec.onc
+++ b/chromeos/test/data/network/translation_of_shill_l2tpipsec.onc
@@ -12,7 +12,11 @@
       // "AuthenticationType": "PSK",
       // "IKEVersion": 1,
       "PSK": "some_preshared_key",
-      "SaveCredentials": true
+      "SaveCredentials": true,
+      "XAUTH": {
+          "Username": "some xauth username",
+          "Password": "some xauth password"
+      }
     },
     "L2TP": {
       "Username": "some username",
diff --git a/chromeos/test/data/network/valid_l2tpipsec.onc b/chromeos/test/data/network/valid_l2tpipsec.onc
index 0e0bc5f..8aab993 100644
--- a/chromeos/test/data/network/valid_l2tpipsec.onc
+++ b/chromeos/test/data/network/valid_l2tpipsec.onc
@@ -8,7 +8,11 @@
       "AuthenticationType": "PSK",
       "IKEVersion": 1,
       "PSK": "some_preshared_key",
-      "SaveCredentials": true
+      "SaveCredentials": true,
+      "XAUTH": {
+          "Username": "some xauth username",
+          "Password": "some xauth password"
+      }
     },
     "L2TP": {
       "Username": "some username",
author	pstew@chromium.org <pstew@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2014-01-21 18:40:30 +0000
committer	pstew@chromium.org <pstew@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2014-01-21 18:40:30 +0000
commit	3c91cd0d57ee98069a80af9628516836fddc8bca (patch)
tree	4e711facb31d22d3c12473e96a64a1d95ef8c8dc /chromeos
parent	6cc54f5a04e63e969ddb12bf2232ee8eafb253e8 (diff)
download	chromium_src-3c91cd0d57ee98069a80af9628516836fddc8bca.zip chromium_src-3c91cd0d57ee98069a80af9628516836fddc8bca.tar.gz chromium_src-3c91cd0d57ee98069a80af9628516836fddc8bca.tar.bz2