void-packages/srcpkgs/electron9/files/patches/chromium-upstream-0006-Move-GCPW-bookkeeping-out-of-forked-process.patch
2020-08-30 04:22:04 -07:00

150 lines
6.7 KiB
Diff

From 8b78203d8d1991e4ed8b50b5d44e1c8e76c60001 Mon Sep 17 00:00:00 2001
From: Yusuf Sengul <yusufsn@google.com>
Date: Fri, 26 Jun 2020 19:54:38 +0000
Subject: [PATCH 06/12] Move GCPW bookkeeping out of forked process
(cherry picked from commit f2e3565562e38e760220a4c6d2ea895477081095)
Bug: 1097407
Change-Id: I80b0fa57cc19196b06b3cbec5afc7c4488ff7325
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2255113
Commit-Queue: Yusuf Sengul <yusufsn@google.com>
Reviewed-by: Rakesh Soma <rakeshsoma@google.com>
Cr-Original-Commit-Position: refs/heads/master@{#781721}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2268117
Cr-Commit-Position: refs/branch-heads/4103@{#729}
Cr-Branched-From: 8ad47e8d21f6866e4a37f47d83a860d41debf514-refs/heads/master@{#756066}
---
.../gaiacp/gaia_credential_base.cc | 67 ++++++++++---------
.../gaiacp/gaia_credential_base.h | 5 +-
2 files changed, 37 insertions(+), 35 deletions(-)
diff --git a/chrome/credential_provider/gaiacp/gaia_credential_base.cc b/chrome/credential_provider/gaiacp/gaia_credential_base.cc
index 6704a9db9c8..30e8011b73d 100644
--- a/chrome/credential_provider/gaiacp/gaia_credential_base.cc
+++ b/chrome/credential_provider/gaiacp/gaia_credential_base.cc
@@ -1986,7 +1986,7 @@ unsigned __stdcall CGaiaCredentialBase::WaitForLoginUI(void* param) {
}
// static
-HRESULT CGaiaCredentialBase::SaveAccountInfo(const base::Value& properties) {
+HRESULT CGaiaCredentialBase::PerformActions(const base::Value& properties) {
LOGFN(VERBOSE);
base::string16 sid = GetDictString(properties, kKeySID);
@@ -2009,35 +2009,9 @@ HRESULT CGaiaCredentialBase::SaveAccountInfo(const base::Value& properties) {
base::string16 domain = GetDictString(properties, kKeyDomain);
- // TODO(crbug.com/976744): Use the down scoped kKeyMdmAccessToken instead
- // of login scoped token.
- std::string access_token = GetDictStringUTF8(properties, kKeyAccessToken);
- if (!access_token.empty()) {
- // Update the password recovery information if possible.
- HRESULT hr = PasswordRecoveryManager::Get()->StoreWindowsPasswordIfNeeded(
- sid, access_token, password);
- if (FAILED(hr) && hr != E_NOTIMPL)
- LOGFN(ERROR) << "StoreWindowsPasswordIfNeeded hr=" << putHR(hr);
-
- // Upload device details to gem database.
- hr = GemDeviceDetailsManager::Get()->UploadDeviceDetails(access_token, sid,
- username, domain);
- if (FAILED(hr) && hr != E_NOTIMPL)
- LOGFN(ERROR) << "UploadDeviceDetails hr=" << putHR(hr);
-
- SetUserProperty(sid, kRegDeviceDetailsUploadStatus, SUCCEEDED(hr) ? 1 : 0);
-
- // Below setter is only used for unit testing.
- GemDeviceDetailsManager::Get()->SetUploadStatusForTesting(hr);
- } else {
- LOGFN(ERROR) << "Access token is empty. Cannot save Windows password.";
- }
-
// Load the user's profile so that their registry hive is available.
auto profile = ScopedUserProfile::Create(sid, domain, username, password);
- SecurelyClearString(password);
-
if (!profile) {
LOGFN(ERROR) << "Could not load user profile";
return E_UNEXPECTED;
@@ -2047,6 +2021,32 @@ HRESULT CGaiaCredentialBase::SaveAccountInfo(const base::Value& properties) {
if (FAILED(hr))
LOGFN(ERROR) << "profile.SaveAccountInfo failed (cont) hr=" << putHR(hr);
+ // TODO(crbug.com/976744): Use the down scoped kKeyMdmAccessToken instead
+ // of login scoped token.
+ std::string access_token = GetDictStringUTF8(properties, kKeyAccessToken);
+ if (access_token.empty()) {
+ LOGFN(ERROR) << "Access token is empty.";
+ return E_FAIL;
+ }
+
+ // Update the password recovery information if possible.
+ hr = PasswordRecoveryManager::Get()->StoreWindowsPasswordIfNeeded(
+ sid, access_token, password);
+ SecurelyClearString(password);
+ if (FAILED(hr) && hr != E_NOTIMPL)
+ LOGFN(ERROR) << "StoreWindowsPasswordIfNeeded hr=" << putHR(hr);
+
+ // Upload device details to gem database.
+ hr = GemDeviceDetailsManager::Get()->UploadDeviceDetails(access_token, sid,
+ username, domain);
+ if (FAILED(hr) && hr != E_NOTIMPL)
+ LOGFN(ERROR) << "UploadDeviceDetails hr=" << putHR(hr);
+
+ SetUserProperty(sid, kRegDeviceDetailsUploadStatus, SUCCEEDED(hr) ? 1 : 0);
+
+ // Below setter is only used for unit testing.
+ GemDeviceDetailsManager::Get()->SetUploadStatusForTesting(hr);
+
return hr;
}
@@ -2058,9 +2058,9 @@ HRESULT CGaiaCredentialBase::PerformPostSigninActions(
HRESULT hr = S_OK;
if (com_initialized) {
- hr = credential_provider::CGaiaCredentialBase::SaveAccountInfo(properties);
+ hr = credential_provider::CGaiaCredentialBase::PerformActions(properties);
if (FAILED(hr))
- LOGFN(ERROR) << "SaveAccountInfo hr=" << putHR(hr);
+ LOGFN(ERROR) << "PerformActions hr=" << putHR(hr);
// Try to enroll the machine to MDM here. MDM requires a user to be signed
// on to an interactive session to succeed and when we call this function
@@ -2089,10 +2089,11 @@ HRESULT CGaiaCredentialBase::PerformPostSigninActions(
// Registers OS user - gaia user association in HKEY_LOCAL_MACHINE registry
// hive.
-HRESULT RegisterAssociation(const base::string16& sid,
- const base::string16& id,
- const base::string16& email,
- const base::string16& token_handle) {
+HRESULT
+RegisterAssociation(const base::string16& sid,
+ const base::string16& id,
+ const base::string16& email,
+ const base::string16& token_handle) {
// Save token handle. This handle will be used later to determine if the
// the user has changed their password since the account was created.
HRESULT hr = SetUserProperty(sid, kUserTokenHandle, token_handle);
diff --git a/chrome/credential_provider/gaiacp/gaia_credential_base.h b/chrome/credential_provider/gaiacp/gaia_credential_base.h
index 6aaaf44244b..6bf33ff4d3b 100644
--- a/chrome/credential_provider/gaiacp/gaia_credential_base.h
+++ b/chrome/credential_provider/gaiacp/gaia_credential_base.h
@@ -97,8 +97,9 @@ class ATL_NO_VTABLE CGaiaCredentialBase
return authentication_results_;
}
- // Saves gaia information in the OS account that was just created.
- static HRESULT SaveAccountInfo(const base::Value& properties);
+ // Saves account association and user profile information. Makes various HTTP
+ // calls regarding device provisioning and password management.
+ static HRESULT PerformActions(const base::Value& properties);
// Returns true if the current credentials stored in |username_| and
// |password_| are valid and should succeed a local Windows logon. This
--
2.28.0