Check configuration for networks without UIData

This avoids a doomed connect attempt for unconfigured networks. BUG=280242 Review URL: https://chromiumcodereview.appspot.com/23583018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@221487 0039d316-1c4b-4281-b951-d872f2087c98

Check configuration for networks without UIData
This avoids a doomed connect attempt for unconfigured networks. BUG=280242 Review URL: https://chromiumcodereview.appspot.com/23583018 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@221487 0039d316-1c4b-4281-b951-d872f2087c98
085232e1 · stevenjb@chromium.org · f40be9a9 · 085232e1 · 085232e1 · 085232e1
Commit 085232e1 authored Sep 05, 2013 by stevenjb@chromium.org
3 changed files
--- a/chromeos/network/client_cert_util.cc
+++ b/chromeos/network/client_cert_util.cc
@@ -91,6 +91,13 @@ class IssuerCaFilter {
  const std::vector<std::string>& issuer_ca_pems_;
 };
+std::string GetStringFromDictionary(const base::DictionaryValue& dict,
+                                    const std::string& key) {
+  std::string s;
+  dict.GetStringWithoutPathExpansion(key, &s);
+  return s;
+}
 }  // namespace
 // Returns true only if any fields set in this pattern match exactly with
@@ -238,6 +245,36 @@ void SetShillProperties(const client_cert::ConfigType cert_config_type,
    properties->SetStringWithoutPathExpansion(tpm_pin_property, tpm_pin);
 }
+bool IsCertificateConfigured(const client_cert::ConfigType cert_config_type,
+                             const base::DictionaryValue& service_properties) {
+  // VPN certificate properties are read from the Provider dictionary.
+  const base::DictionaryValue* provider_properties = NULL;
+  service_properties.GetDictionaryWithoutPathExpansion(
+      flimflam::kProviderProperty, &provider_properties);
+  switch (cert_config_type) {
+    case CONFIG_TYPE_NONE:
+      return true;
+    case CONFIG_TYPE_OPENVPN:
+      // OpenVPN generally requires a passphrase and we don't know whether or
+      // not one is required, so always return false here.
+      return false;
+    case CONFIG_TYPE_IPSEC:
+      // IPSec may require a passphrase, so return false here also.
+      return false;
+    case CONFIG_TYPE_EAP: {
+      std::string cert_id = GetStringFromDictionary(
+          service_properties, flimflam::kEapCertIdProperty);
+      std::string key_id = GetStringFromDictionary(
+          service_properties, flimflam::kEapKeyIdProperty);
+      std::string identity = GetStringFromDictionary(
+          service_properties, flimflam::kEapIdentityProperty);
+      return !cert_id.empty() && !key_id.empty() && !identity.empty();
+    }
+  }
+  NOTREACHED();
+  return false;
+}
 }  // namespace client_cert
 }  // namespace chromeos
--- a/chromeos/network/client_cert_util.h
+++ b/chromeos/network/client_cert_util.h
@@ -54,6 +54,10 @@ void SetShillProperties(const ConfigType cert_config_type,
                        const std::string* pkcs11_id,
                        base::DictionaryValue* properties);
+// Returns true if all required configuration properties are set and not empty.
+bool IsCertificateConfigured(const client_cert::ConfigType cert_config_type,
+                             const base::DictionaryValue& service_properties);
 }  // namespace client_cert
 }  // namespace chromeos

--- a/chromeos/network/network_connection_handler.cc
+++ b/chromeos/network/network_connection_handler.cc
@@ -431,6 +431,12 @@ void NetworkConnectionHandler::VerifyConfiguredAndConnect(
        ErrorCallbackForPendingRequest(service_path, kErrorCertificateRequired);
        return;
      }
+    } else if (check_error_state &&
+               !client_cert::IsCertificateConfigured(client_cert_type,
+                                                     service_properties)) {
+      // Network may not be configured.
+      ErrorCallbackForPendingRequest(service_path, kErrorConfigurationRequired);
+      return;
    }
    // The network may not be 'Connectable' because the TPM properties are not