| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
Since the addition of CA certificate PEMs, the test of the Shill to ONC translation of OpenVPN networks logged an error.
This commit fixes this error and adds another test of the Shill to ONC translation of WiFi with EAP.
BUG=NONE
Review URL: https://chromiumcodereview.appspot.com/22837002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@217095 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
| |
SSIDs were not compared because of incorrect dictionary access. Thus any WiFi network was matched by any WiFi policy.
BUG=264295
TBR=mnissler@chromium.org, stevenjb@chromium.org
Review URL: https://codereview.chromium.org/21012003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@214327 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Compared to legacy NetworkLibrary::LoadOncNetworks, ManagedNetworkConfigurationHandler didn't normalize (e.g. remove redundant properties) configurations before sending them to Shill.
This commit
- adds this normalization
- changes the policy application behavior: it's safer to remove network profile entries before a new policy (new GUID) is applied.
- splits definition and declaration of ManagedNetworkConfigurationHandler::PolicyApplicator
- adds more unit tests
BUG=261152
Review URL: https://chromiumcodereview.appspot.com/19518005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@212942 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
In ONC certificates are referenced by GUIDs. The resolve code replaces these by the certs' PEM encoding.
After this change the resolve function is
- separated from the actual certificate import.
- doesn't require the creation of any X509Certificate.
BUG=208986
R=eroman@chromium.org, rsleevi@chromium.org, stevenjb@chromium.org
Review URL: https://codereview.chromium.org/18190005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@212341 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In ONC, Server and CA certificates are referenced by GUID.
Before, the GUID was stored in the nickname of each certificate and used to identify each certificate.
After this change, the GUID is resolved and replaced by the PEM encoding of the certificate during import. The nickname is not used.
This commit only affects Server and CA certificates (including IssuerCARef in CertificatePatterns).
Client certificates are still identified by GUID.
This CL also
- uses the new *CaCertPEMProperty fields of Shill.
- prepares for a list of CaCerts (for EAP, IPsec and OpenVPN)
Side-effect of this CL:
IssuerCARef is stored in the UIData service-property in Shill. Because this CL replaces IssuerCARef by IssuerCAPEMs, IssuerCARef entries of old UIData properties are ignored.
This may break network configurations which were configured via chrome://net-internals.
Reimporting such a configuration will fix the problem.
BUG=208986
TBR=eroman@chromium.org (for net_internals_ui.cc)
Review URL: https://chromiumcodereview.appspot.com/16946002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@210019 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The desired properties were not added to the onc translation table, so they
were not surfaced in the information returned by the api methods.
TEST=updated networkion api apitests
BUG=247548
Review URL: https://chromiumcodereview.appspot.com/17880006
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@209305 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This handler tracks Shill's profiles.
Currently only the ManagedNetworkConfigurationHandler is making use of this
handler but it is also required for upcoming changes to proxy handling in ChromeOS.
In the ONC validator only an LOG(ERROR) was fixed to LOG(WARNING) if the flag error_on_missing_field=false.
BUG=157696
TEST=managed_network_configuration_handler_unittest.cc, networking_private_apitest.cc
Review URL: https://chromiumcodereview.appspot.com/13957012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@198798 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is mostly a refactoring:
- Import of certificates is handled by a new CertifcateHandler, which will get more functionality like resolving CertificatePatterns in upcoming commits.
- Policy validation moved into NetworkConfigurationUpdater and net_internals, because it covers both certificates and networks.
The only functional change is that certificate policies should now also work if ManagedNetworkConfigurationHandler is used instead of NetworkLibrary.
BUG=223869
Review URL: https://codereview.chromium.org/14192017
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@196735 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Adapts in particular the ManagedNetworkConfigurationHandler, the
networkingPrivate extension API and the network configuration extension.
BUG=223869
TBR=thestig@chromium.org (for chrome_browser_chromeos.gypi)
Review URL: https://chromiumcodereview.appspot.com/12676017
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@195267 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also moving the dependencies of the handler to chromeos/:
NetworkUIData
from chrome/browser/chromeos/cros/network_ui_data*
to chromeos/network/network_ui_data*
NetworkPropertyUIData
from chrome/browser/chromeos/cros/network_ui_data*
to chrome/browser/chromeos/cros/network_property_ui_data*
CreateNetworkUIData
from chrome/browser/chromeos/net/onc_utils*
to chromeos/network/network_ui_data*
CertificatePattern
from chrome/browser/chromeos/cros/certificate_pattern*
to chromeos/network/certificate_pattern*
Certificate pattern matching (was a member function of CertificatePatern)
from chrome/browser/chromeos/cros/certificate_pattern*
to chrome/browser/chromeos/cros/certificate_pattern_matcher*
The only implementation change is in network_ui_data.cc in order to break dependency on EnumMapper.
NetworkUIData and CertificatePattern are data keeping classes only, and will eventually be replaced by ONC. However, we need them for backwards compatibility for a while.
BUG=180711
Review URL: https://chromiumcodereview.appspot.com/13454006
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@193364 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
| |
BUG=159058, 216495
Review URL: https://chromiumcodereview.appspot.com/13473003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@193111 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The MultiThreadedCertVerifier can optionally use a CertTrustAnchorProvider to
get a list of additional certificates to trust, without importing them into the
NSS database. This CL wraps the MultiThreadedCertVerifier with a custom verifier
that includes a trust anchor provider.
The trust anchor provider returns all the certificates from the user ONC policy
that have the Web trust flag. The PolicyCertVerifier also writes a preference
in the Profile once any such certificate is used.
This feature is currently behind a flag, until a warning UI is implemented.
The warning should be displayed if UsedPolicyCertificates() is true for the
given profile.
TBR=pneubeck@chromium.org
BUG=216495
NOTE: this is a reland of https://codereview.chromium.org/13035003, with tests fixed.
Review URL: https://chromiumcodereview.appspot.com/13532005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@192324 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
> Added a PolicyCertVerifier that uses the trust anchors from the ONC policies.
>
> The MultiThreadedCertVerifier can optionally use a CertTrustAnchorProvider to
> get a list of additional certificates to trust, without importing them into the
> NSS database. This CL wraps the MultiThreadedCertVerifier with a custom verifier
> that includes a trust anchor provider.
>
> The trust anchor provider returns all the certificates from the user ONC policy
> that have the Web trust flag. The PolicyCertVerifier also writes a preference
> in the Profile once any such certificate is used.
>
> This feature is currently behind a flag, until a warning UI is implemented.
> The warning should be displayed if UsedPolicyCertificates() is true for the
> given profile.
>
> BUG=216495
>
> Review URL: https://codereview.chromium.org/13035003
TBR=joaodasilva@chromium.org
Review URL: https://codereview.chromium.org/13581002
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@192120 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The MultiThreadedCertVerifier can optionally use a CertTrustAnchorProvider to
get a list of additional certificates to trust, without importing them into the
NSS database. This CL wraps the MultiThreadedCertVerifier with a custom verifier
that includes a trust anchor provider.
The trust anchor provider returns all the certificates from the user ONC policy
that have the Web trust flag. The PolicyCertVerifier also writes a preference
in the Profile once any such certificate is used.
This feature is currently behind a flag, until a warning UI is implemented.
The warning should be displayed if UsedPolicyCertificates() is true for the
given profile.
BUG=216495
Review URL: https://codereview.chromium.org/13035003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@192102 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
signature into separate tables.
Adds a base_signature pointer to ONC value signatures and uses that to define an derived signatures with additional state fields.
The advantage of such derived ONC signatures is that we can have specialized validation that don't influence each other:
- ONC with readonly state from Shill
- ONC from UI (like the JS extension API)
Both will be derived from standard ONC.
This commit adds the first of these two specializations: ONC with Shill's state information.
TBR=stevenjb@chromium.org (for test/data changes)
BUG=147614, 157696
Review URL: https://chromiumcodereview.appspot.com/12390017
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@186156 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
| |
VPN AutoConnect was added here: crrev/178603.
BUG=chromium-os:37227
Review URL: https://chromiumcodereview.appspot.com/12313123
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@185014 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
uncovered that Chrome isn't sending the WiFi Mode to Shill in case of configuration by policy and user import.
Changing the ONC to Shill translation code, so that the WiFi mode property will be sent in case of policies and user import.
BUG=177661
TBR=stevenjb@chromium.org (for test file changes in chromeos/test)
Review URL: https://chromiumcodereview.appspot.com/12320065
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@184425 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
| |
BUG=148905
TBR=stevenjb@chromium.org (only added a test file)
Review URL: https://chromiumcodereview.appspot.com/12208075
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@182683 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
validator.
Checking for empty GUIDs and added a note to the ONC spec.
Cleaned up the CertificateImporter on the way.
TBR=stevenjb@chromium.org (small NetworkLibrary change reviewed by Greg, added a test file)
BUG=170357
Review URL: https://chromiumcodereview.appspot.com/11970012
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@178820 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The translator is applied to input from Shill that is outside of Chrome.
Thus we should guarantee validity of the resulting ONC.
TBR=stevenjb@chromium.org (Added test files to chromeos only)
BUG=171240
TEST=New unit test.
Review URL: https://chromiumcodereview.appspot.com/12036008
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@178611 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
| |
BUG=162040
TBR=jochen@chromium.org (gypi changes), bartfab@chromium.org (minor policy change)
Review URL: https://chromiumcodereview.appspot.com/11578052
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@176520 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Added string expansion and UIData creation.
BUG=162040,147624
TBR=jochen@chromium.org (for gypi changes)
Review URL: https://chromiumcodereview.appspot.com/11664005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@176312 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
| |
- A typical configuration from real world.
- A configuration generated from CPanel.
BUG=162804
TBR=stevenjb@chromium.org
Review URL: https://chromiumcodereview.appspot.com/11488008
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@173460 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Cleaned up ONC validator unit tests to scale better with more tests.
BUG=162801
TEST=Adapted the validator unit test.
Review URL: https://chromiumcodereview.appspot.com/11428078
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@173404 0039d316-1c4b-4281-b951-d872f2087c98
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Adding also more validation tests.
The logging is in line with https://codereview.chromium.org/11299236/.
BUG=162802
TEST=Unit tests.
TBR=stevenjb@chromium.org,eroman@chromium.org (whitespace change in net_interals.cc)
Review URL: https://chromiumcodereview.appspot.com/11469026
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@173393 0039d316-1c4b-4281-b951-d872f2087c98
|
|
|
so that it can be used there without violating dependency
rules.
(Using the "refactoring" OWNERS TBR rule...)
BUG=none
TEST=ran unit tests
TBR=jhawkins@chromium.org
Review URL: https://chromiumcodereview.appspot.com/11299236
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@172446 0039d316-1c4b-4281-b951-d872f2087c98
|
