-
Pavol Marko authoredOnly run network certificate migration logic on networks configured in the user profile when the user NSS database is loaded. Network certificate migration is still performed for shared profile networks when the first NSS database (usually the device-wide "system" token database) is loaded. Side note: NetworkCertMigrator was the only consumer of the |initial_load| argument of the OnCertificatesLoaded observer calls, and as it doesn't rely on it anymore, I'm simplifying the code by removing the argument. Background: NetworkCertMigrator goes through all saved networks and matches the configured certificate against available certificates. The goal is to update the PKCS11 slot id the certificate is on or clear it if the certificate is not available anymore. CL https://codereview.chromium.org/2858113003 caused a regression where network certificate migration logic was running on user profile load but before the user's certificates were available, so all configured network certificates were cleared. The visible effect of this was that that AutoConnect does not work for manually configured EAP-TLS networks in user profiles. BUG=774745 TEST=chromeos_unittests --gtest_filter=*Cert* (this will include ClientCertResolver, CertLoader, NetworkCertMigrator tests) Change-Id: I76ed96df283c5d4219a7731f1150c481c520ce67 Reviewed-on: https://chromium-review.googlesource.com/741239 Reviewed-by:
Steven Bennetts <stevenjb@chromium.org>
Reviewed-by: Kevin Cernekee <cernekee@chromium.org>
Commit-Queue: Pavol Marko <pmarko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#513726}da53cf1b