New issue
Advanced search Search tips

Issue 592047 link

Starred by 3 users
Status: Fixed
Owner:
elawrence@chromium.org
Closed: Apr 2016
Cc:
est...@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Bug



Sign in to add a comment

Provide valid ports on HPKP reports for QUIC/SPDY connections

Project Member Reported by est...@chromium.org, Mar 4 2016 
Quic's ProofVerifierChromium and and Spdy's SPDYSession::CanPool() don't currently have access to the port of the connection, so they provide 0 as the port when checking HPKP, so HPKP reports for these connections will end up with 0 as the port number.

We should pass in the port to the relevant functions so that they can pass it into CheckPublicKeyPins().

https://code.google.com/p/chromium/codesearch#chromium/src/net/quic/crypto/proof_verifier_chromium.cc&sq=package:chromium&l=324&rcl=1457095095
https://code.google.com/p/chromium/codesearch#chromium/src/net/spdy/spdy_session.cc&sq=package:chromium&type=cs&l=639&rcl=1457095095

Comment 1 by est...@chromium.org, Mar 4 2016

Cc: elawrence@chromium.org
+elawrence in case you're interested in another small starter bug.

Comment 2 by elawrence@chromium.org, Mar 9 2016

Cc: -elawrence@chromium.org est...@chromium.org
Owner: elawrence@chromium.org
Mine.

Comment 3 by elawrence@chromium.org, Mar 10 2016

Status: Started (was: Assigned)

Comment 4 by elawrence@chromium.org, Mar 22 2016 

Unfortunately, my change https://codereview.chromium.org/1780983002/ got completely clobbered by https://codereview.chromium.org/1765603002, which added two new parameters to the calls I modified. The VerifyProof function now requires 11 parameters.
Project Member

Comment 5 by bugdroid1@chromium.org, Apr 4 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/954bb547e884323f9da52a32a54385288ebdb04c

commit 954bb547e884323f9da52a32a54385288ebdb04c
Author: elawrence <elawrence@chromium.org>
Date: Mon Apr 04 22:03:11 2016

Provide valid port on HPKP reports for QUIC connections

If a QUIC connection fails HPKP-pin validation, include the correct
port in the violation report instead of simply passing 0.

BUG= 592047 

Review URL: https://codereview.chromium.org/1780983002

Cr-Commit-Position: refs/heads/master@{#385023}

[modify] https://crrev.com/954bb547e884323f9da52a32a54385288ebdb04c/net/quic/crypto/crypto_server_test.cc
[modify] https://crrev.com/954bb547e884323f9da52a32a54385288ebdb04c/net/quic/crypto/proof_test.cc
[modify] https://crrev.com/954bb547e884323f9da52a32a54385288ebdb04c/net/quic/crypto/proof_verifier.h
[modify] https://crrev.com/954bb547e884323f9da52a32a54385288ebdb04c/net/quic/crypto/proof_verifier_chromium.cc
[modify] https://crrev.com/954bb547e884323f9da52a32a54385288ebdb04c/net/quic/crypto/proof_verifier_chromium.h
[modify] https://crrev.com/954bb547e884323f9da52a32a54385288ebdb04c/net/quic/crypto/proof_verifier_chromium_test.cc
[modify] https://crrev.com/954bb547e884323f9da52a32a54385288ebdb04c/net/quic/quic_crypto_client_stream.cc
[modify] https://crrev.com/954bb547e884323f9da52a32a54385288ebdb04c/net/quic/test_tools/crypto_test_utils_chromium.cc
[modify] https://crrev.com/954bb547e884323f9da52a32a54385288ebdb04c/net/spdy/spdy_session.cc
[modify] https://crrev.com/954bb547e884323f9da52a32a54385288ebdb04c/net/tools/quic/test_tools/quic_test_client.cc

Comment 6 by elawrence@chromium.org, Apr 5 2016

Labels: M-51
Status: Fixed (was: Started)
Labels: M-51
Status: Fixed

Sign in to add a comment