diff options
author | cernekee <cernekee@chromium.org> | 2016-03-03 11:28:31 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-03-03 19:44:55 +0000 |
commit | 969c512689fa55c1b3a4be0d82c2f2024bb0699a (patch) | |
tree | f5ca2d96ea663705ccf88e4af7d6c13c1794949c /components/onc | |
parent | f6a64e11ecacf56a75bca45ff25878fb2baaf076 (diff) | |
download | chromium_src-969c512689fa55c1b3a4be0d82c2f2024bb0699a.zip chromium_src-969c512689fa55c1b3a4be0d82c2f2024bb0699a.tar.gz chromium_src-969c512689fa55c1b3a4be0d82c2f2024bb0699a.tar.bz2 |
Allow ${CERT_SAN_EMAIL} and ${CERT_SAN_UPN} in the ONC Identity field
Currently enterprise customers can specify ${LOGIN_ID} or ${LOGIN_EMAIL}
to tell Chrome OS to substitute user identity information into an EAP
configuration. However, in some installations, the login ID for the
Chromebook does not match the login ID for the EAP-TLS wireless network;
instead, the EAP-TLS identity is stored in the subjectAltName field
in the client certificate. Add code to Chrome to allow this
field to be extracted if so configured in CPanel.
BUG=549659
TEST=`chromeos_unittests`
TEST=manually configure EAP-TLS network in CPanel, then watch
the `freeradius -X` logs during connection
Review URL: https://codereview.chromium.org/1717123002
Cr-Commit-Position: refs/heads/master@{#379056}
Diffstat (limited to 'components/onc')
-rw-r--r-- | components/onc/onc_constants.cc | 2 | ||||
-rw-r--r-- | components/onc/onc_constants.h | 2 |
2 files changed, 4 insertions, 0 deletions
diff --git a/components/onc/onc_constants.cc b/components/onc/onc_constants.cc index 7b3c014..791ce67 100644 --- a/components/onc/onc_constants.cc +++ b/components/onc/onc_constants.cc @@ -411,6 +411,8 @@ const char kWPAD[] = "WPAD"; namespace substitutes { const char kLoginIDField[] = "${LOGIN_ID}"; const char kEmailField[] = "${LOGIN_EMAIL}"; +const char kCertSANEmail[] = "${CERT_SAN_EMAIL}"; +const char kCertSANUPN[] = "${CERT_SAN_UPN}"; } // namespace substitutes namespace global_network_config { diff --git a/components/onc/onc_constants.h b/components/onc/onc_constants.h index f0fb7ec..40a469d 100644 --- a/components/onc/onc_constants.h +++ b/components/onc/onc_constants.h @@ -410,6 +410,8 @@ ONC_EXPORT extern const char kSubject[]; namespace substitutes { ONC_EXPORT extern const char kEmailField[]; ONC_EXPORT extern const char kLoginIDField[]; +ONC_EXPORT extern const char kCertSANEmail[]; +ONC_EXPORT extern const char kCertSANUPN[]; } // namespace substitutes namespace proxy { |