user_network_configuration_updater.cc revision 8bcbed890bc3ce4d7a057a8f32cab53fa534672e
1// Copyright 2013 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" 6 7#include "base/bind.h" 8#include "base/bind_helpers.h" 9#include "base/logging.h" 10#include "chrome/browser/chromeos/login/user.h" 11#include "chrome/browser/chromeos/net/onc_utils.h" 12#include "chrome/browser/chromeos/policy/policy_cert_verifier.h" 13#include "chromeos/network/managed_network_configuration_handler.h" 14#include "chromeos/network/onc/onc_certificate_importer.h" 15#include "content/public/browser/browser_thread.h" 16#include "net/cert/x509_certificate.h" 17#include "policy/policy_constants.h" 18 19namespace policy { 20 21UserNetworkConfigurationUpdater::~UserNetworkConfigurationUpdater() {} 22 23// static 24scoped_ptr<UserNetworkConfigurationUpdater> 25UserNetworkConfigurationUpdater::CreateForUserPolicy( 26 bool allow_trusted_certs_from_policy, 27 const chromeos::User& user, 28 scoped_ptr<chromeos::onc::CertificateImporter> certificate_importer, 29 PolicyService* policy_service, 30 chromeos::ManagedNetworkConfigurationHandler* network_config_handler) { 31 scoped_ptr<UserNetworkConfigurationUpdater> updater( 32 new UserNetworkConfigurationUpdater(allow_trusted_certs_from_policy, 33 user, 34 certificate_importer.Pass(), 35 policy_service, 36 network_config_handler)); 37 updater->Init(); 38 return updater.Pass(); 39} 40 41UserNetworkConfigurationUpdater::UserNetworkConfigurationUpdater( 42 bool allow_trusted_certs_from_policy, 43 const chromeos::User& user, 44 scoped_ptr<chromeos::onc::CertificateImporter> certificate_importer, 45 PolicyService* policy_service, 46 chromeos::ManagedNetworkConfigurationHandler* network_config_handler) 47 : NetworkConfigurationUpdater(onc::ONC_SOURCE_USER_POLICY, 48 key::kOpenNetworkConfiguration, 49 certificate_importer.Pass(), 50 policy_service, 51 network_config_handler), 52 allow_trusted_certificates_from_policy_(allow_trusted_certs_from_policy), 53 user_(&user), 54 cert_verifier_(NULL) {} 55 56void UserNetworkConfigurationUpdater::SetPolicyCertVerifier( 57 PolicyCertVerifier* cert_verifier) { 58 cert_verifier_ = cert_verifier; 59 SetTrustAnchors(); 60} 61 62void UserNetworkConfigurationUpdater::GetWebTrustedCertificates( 63 net::CertificateList* certs) const { 64 *certs = web_trust_certs_; 65} 66 67void UserNetworkConfigurationUpdater::ImportCertificates( 68 const base::ListValue& certificates_onc) { 69 web_trust_certs_.clear(); 70 certificate_importer_->ImportCertificates( 71 certificates_onc, 72 onc_source_, 73 allow_trusted_certificates_from_policy_ ? &web_trust_certs_ : NULL); 74 75 SetTrustAnchors(); 76} 77 78void UserNetworkConfigurationUpdater::ApplyNetworkPolicy( 79 base::ListValue* network_configs_onc, 80 base::DictionaryValue* global_network_config) { 81 DCHECK(user_); 82 chromeos::onc::ExpandStringPlaceholdersInNetworksForUser(user_, 83 network_configs_onc); 84 network_config_handler_->SetPolicy(onc_source_, 85 user_->username_hash(), 86 *network_configs_onc, 87 *global_network_config); 88} 89 90void UserNetworkConfigurationUpdater::SetTrustAnchors() { 91 if (!cert_verifier_) 92 return; 93 content::BrowserThread::PostTask( 94 content::BrowserThread::IO, 95 FROM_HERE, 96 base::Bind(&PolicyCertVerifier::SetTrustAnchors, 97 base::Unretained(cert_verifier_), 98 web_trust_certs_)); 99} 100 101} // namespace policy 102