New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 633025 link

Starred by 9 users

Issue metadata

Status: Fixed
Owner:
Closed: Feb 2017
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 2
Type: Bug



Sign in to add a comment

[Mac][Host] Enable security key message forwarding on OSX

Project Member Reported by joedow@chromium.org, Aug 1 2016

Issue description

Set up the Chromoting host on Mac to allow for security key message forwarding.
 
Status: Started (was: Assigned)
Project Member

Comment 2 by bugdroid1@chromium.org, Aug 3 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/a933972b5b5e52a49fd4c0e95741e83c661f1f80

commit a933972b5b5e52a49fd4c0e95741e83c661f1f80
Author: joedow <joedow@chromium.org>
Date: Wed Aug 03 01:22:44 2016

Renaming Linux security key auth handler

This change renames the linux security key auth handler class and tests
so that it will apply to OSX as well.  I had originally thought that I
would use the same IPC classes for Windows and Mac, but I think reusing
the Linux classes makes more sense.

This change is purely a rename.  Subsequent CLs will start
adapting the classes for the OSX requirements.

BUG= 633025 

Review-Url: https://codereview.chromium.org/2202733004
Cr-Commit-Position: refs/heads/master@{#409417}

[modify] https://crrev.com/a933972b5b5e52a49fd4c0e95741e83c661f1f80/remoting/host/BUILD.gn
[modify] https://crrev.com/a933972b5b5e52a49fd4c0e95741e83c661f1f80/remoting/host/security_key/security_key_auth_handler.h
[delete] https://crrev.com/cd4d5eb8d957a3ce7ccf0fa60243eccd8ba47691/remoting/host/security_key/security_key_auth_handler_android.cc
[delete] https://crrev.com/cd4d5eb8d957a3ce7ccf0fa60243eccd8ba47691/remoting/host/security_key/security_key_auth_handler_mac.cc
[rename] https://crrev.com/a933972b5b5e52a49fd4c0e95741e83c661f1f80/remoting/host/security_key/security_key_auth_handler_posix.cc
[rename] https://crrev.com/a933972b5b5e52a49fd4c0e95741e83c661f1f80/remoting/host/security_key/security_key_auth_handler_posix_unittest.cc
[modify] https://crrev.com/a933972b5b5e52a49fd4c0e95741e83c661f1f80/remoting/remoting_host_srcs.gypi
[modify] https://crrev.com/a933972b5b5e52a49fd4c0e95741e83c661f1f80/remoting/remoting_test.gypi

Comment 3 by joedow@chromium.org, Aug 22 2016

Cc: nicho...@chromium.org
 Issue 538708  has been merged into this issue.

Comment 4 by joedow@chromium.org, Aug 23 2016

Labels: -M-55 M-56
Project Member

Comment 5 by bugdroid1@chromium.org, Nov 2 2016

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/c0e8b3411d0fae9f3cb0e60f5918778c2e464376

commit c0e8b3411d0fae9f3cb0e60f5918778c2e464376
Author: joedow <joedow@chromium.org>
Date: Wed Nov 02 16:14:12 2016

Updating Security Key logic to work on macOS

Since macOS supports UDS we can reuse much on the Linux SK classes for macOS.
This change updates the build macros to include SK functionality in macOS
builds and passes in an ssh-auth-sock socket path based on the user name.
These changes allow the Host to indicate that they support SK forwarding when
the client connects.

Note that the SK socket is not created until a user connects.  This means we
want to scope the lifetime of the socket to a Chromoting session.  The SK socket
class was initially used in our virtual Linux session which was created
specifically for our use and could live 'forever'.  Since this is not the case
for macOS, and the extended lifetime is not a benefit for Linux, I have added
code to clean up the socket when the session ends.

BUG= 633025 

Review-Url: https://codereview.chromium.org/2197023002
Cr-Commit-Position: refs/heads/master@{#429293}

[modify] https://crrev.com/c0e8b3411d0fae9f3cb0e60f5918778c2e464376/remoting/host/installer/mac/PrivilegedHelperTools/org.chromium.chromoting.me2me.sh
[modify] https://crrev.com/c0e8b3411d0fae9f3cb0e60f5918778c2e464376/remoting/host/remoting_me2me_host.cc
[modify] https://crrev.com/c0e8b3411d0fae9f3cb0e60f5918778c2e464376/remoting/host/security_key/security_key_auth_handler_posix.cc

All known changes have been checked in but I haven't done much testing yet.  I am going to keep this bug open until I have verified the CRD Host side works correctly.
Status: Fixed (was: Started)
The Chromoting side of the work has been released, instead of keeping this bug open, I am going to continue tracking the work via the internal bug and will open new bugs for Chromoting changes if needed.
Hello Everyone,

Pinging this bug to see if there has been any progress or ETA for rolling out.  With the planned deprecation of OpenVPN (go/openvpn-deprecation-faq), there will be an increased reliance on chromoting throughout the company.

Thanks!

Comment 9 by joedow@chromium.org, Jun 30 2017

The remaining work is being tracked via b/30257607.

Sign in to add a comment