New issue
Advanced search Search tips

Issue 839314 link

Starred by 1 user
Status: Verified
Owner:
rsorokin@chromium.org
Closed: May 2018
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug



Sign in to add a comment

Chromad: Offline login sends AuthenticateUser twice

Project Member Reported by ljusten@chromium.org, May 3 2018 
Steps To Reproduce:
(1) Provision Chromad device, log in, log out, so you see PODs screen
(2) Log in from PODs screen
(3) Check /var/log/authpolicy.log on device

Expected Result:
Chromad sends AuthenticateUser once.

Actual Result:
Chromad sends AuthenticateUser twice. The first time it succeeds, the second time it fails with Bad Password since Chrome sends the hashed password.

Comment 1 by ljusten@chromium.org, May 3 2018 

The first, good one comes from login_screen_controller.cc(416).
The second, bad one comes from existing_user_controller.cc(597).

Comment 2 by rsorokin@chromium.org, May 3 2018

Labels: M-68
Status: Started (was: Assigned)
Project Member

Comment 3 by bugdroid1@chromium.org, May 3 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2bb28a2df0637b1b106166a291afc4b203bf882e

commit 2bb28a2df0637b1b106166a291afc4b203bf882e
Author: Roman Sorokin <rsorokin@chromium.org>
Date: Thu May 03 16:07:13 2018

Chromad: Remove DCHECK on password plain text

Don't DCHECK on password being plain text in existing user controller.
Make it if statement.

BUG= chromium:839314 
TEST=manual

Change-Id: I7a649ddb922edd2105563cb2b4959b764d0383a4
Reviewed-on: https://chromium-review.googlesource.com/1041958
Commit-Queue: Roman Sorokin <rsorokin@chromium.org>
Reviewed-by: Xiyuan Xia <xiyuan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#555753}
[modify] https://crrev.com/2bb28a2df0637b1b106166a291afc4b203bf882e/chrome/browser/chromeos/login/existing_user_controller.cc

Comment 4 by rsorokin@chromium.org, May 3 2018

Status: Fixed (was: Started)

Comment 5 by rsorokin@chromium.org, May 3 2018

Labels: -Chroamd Chromad

Comment 6 by ibezmenov@chromium.org, May 8 2018

Status: Verified (was: Fixed)
Verified fixed, Chromad offline login sends AuthenticateUser once, see below:

localhost /var/log # grep -i authenticate authpolicy.log 
2018-05-08T17:55:03.091529+00:00 INFO authpolicyd[3304]: #033[41;1;97mReceived 'AuthenticateUser' request#033[0m
2018-05-08T17:55:15.965908+00:00 INFO authpolicyd[3304]: AuthenticateUser succeeded
2018-05-08T18:00:59.301076+00:00 INFO authpolicyd[5654]: #033[41;1;97mReceived 'AuthenticateUser' request#033[0m
2018-05-08T18:01:10.128511+00:00 INFO authpolicyd[5654]: AuthenticateUser succeeded
2018-05-08T18:02:15.136997+00:00 INFO authpolicyd[6865]: #033[41;1;97mReceived 'AuthenticateUser' request#033[0m
2018-05-08T18:02:15.264495+00:00 INFO authpolicyd[6865]: AuthenticateUser failed with code 19
2018-05-08T18:02:17.060246+00:00 ERR authpolicyd[6865]: User not logged in. Please call AuthenticateUser() first.
localhost /var/log # 

First AuthenticateUser -> initial login
Second AuthenticateUser -> online login from PODs screen
Third AuthenticateUser -> offline login from PODs screen

authpolicy.log attached.

Chrome OS: 10646.0.0
Chrome: 68.0.3419.0
Device: Robo360
authpolicy.log
11.1 KB View Download

Sign in to add a comment