Issue metadata
Sign in to add a comment
|
Authentication when using Kerberos with a CNAME for the site that is being accessed
Reported by
a...@comet420.co.uk,
Aug 9
|
|||||||||||||||||||||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0) Gecko/20100101 Firefox/61.0 Steps to reproduce the problem: 1. Have kerberos setup and working for a realm. 2. Have a web server setup with kerberos authentication and a keytab setup with an SPN for using HTTP at the DNS name of the server. (e.g server1.example.com being the server name in DNS and the kerberos SPN being HTTP/server1.example.com) 3. Setup a CNAME in DNS to point to the web server. (e.g have a CNAME for www.example.com pointing to server1.example.com) 4. In Chrome as a user who can access a page on the web server navigate to a page which has the address used as the alias in DNS as the hostname. (e.g navigate to https://www.example.com/) What is the expected behavior? Get access to the page What went wrong? Access to the page is denied and the browser shows an ERR_ACCESS_DENIED message. Also in the webserver logs we get a message like gss_accept_sec_context() failed: Unspecified GSS failure. Minor code may provide more information (, Request ticket server HTTP/www.example.com@REALM not found in keytab (ticket kvno 6)) where www.example.com is the hostname in the address bar of Chrome but is actually a CNAME pointing to a different hostname and REALM is the Kerberos realm. Did this work before? Yes 68.0.3440.106 (Official Build) (64-bit) (cohort: 68_106_win) Chrome version: 69.0.3497.23 (Official Build) beta (64-bit) (cohort: Beta) Channel: beta OS Version: 10.0 Flash Version: Shockwave Flash 22.0 r0 After looking at https://www.chromium.org/developers/design-documents/http-authentication we have looked at the https://dev.chromium.org/administrators/policy-list-3#DisableAuthNegotiateCnameLookup. This value was not set on our system. We have tried setting it with the value of 0 and this had no effect. We then tried setting it with the value of 1 and as expected it caused us to have Chrome 68 have the same issue.
Showing comments 2 - 101
of 101
Older ›
,
Aug 9
Reposting with corrected setspn commands. Setting kerberos SPNs for the CNAMES against that computer account seems to help the situation some. So running the following: setspn -S HTTP/cname.domain.com servername setspn -S HTTP/cname servername setspn -S HOST/cname.domain.com servername setspn -S HOST/cname servername However, this only seems to fix the fqdn version of the cname, using the shortname (http://cname/) in the browser still fails to login.
,
Aug 9
Sorry but I was impatient, it looks like setting the SPNs fixes it for the shortnames as well. I just needed to wait longer for things to percolate.
,
Aug 9
@comment #3: is this issue resolved then?
,
Aug 9
,
Aug 9
Let's wait for the reporter to respond.
,
Aug 10
Setting the SPN to the CNAME works to allow access to a site which uses Kerberos for authentication with the current Chrome Beta and Canary. The only issue with doing this is that this is different behaviour from version 68 and earlier and differs from the descriptions of how Kerberos authentication is claimed to work at https://www.chromium.org/developers/design-documents/http-authentication (this is the only description of how it works I can find). Also if this is a change do you need the policy at https://dev.chromium.org/administrators/policy-list-3#DisableAuthNegotiateCnameLookup
,
Aug 10
Thank you for providing more feedback. Adding the requester to the cc list. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Aug 13
As the issue is not reproducible at TE end, it is related to "web server setup with kerberos authentication" it requires (Oracle VDI hosts prior to setting up the user directory in the Oracle VDI Manager.).Hence adding 'TE-NeedsTriageHelp' label and requesting the Internals>Network>Auth team to look into the issue and help in further triaging. Thanks.!
,
Aug 14
Issue 873955 has been merged into this issue.
,
Aug 16
Reporter or anyone running into this: Could you give me a net-internals log as described in https://dev.chromium.org/for-testers/providing-network-details ? I'd like to see what's going on during the CNAME lookup phase. Also, make sure the DisableAuthNegotiateCnameLookup is not set, or set explicitly to False. We want to get the browser to perform a CNAME lookup.
,
Aug 16
,
Aug 17
Thank you for providing more feedback. Adding the requester to the cc list. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Sep 5
Affects us as well, The option "DisableAuthNegotiateCnameLookup" seems to have no impact with the new version "Version 69.0.3497.81 (Offizieller Build) (64-Bit)". Adding the cname as a SPN is not a option in our case. If you need more information just let me know.
,
Sep 5
This is affecting us as well. I was able to reproduce this in the older version of chrome by setting DisableAuthNegotiateCnameLookup to true. This is really affecting SSO for all our internal application since it is falling back to basic auth. Can we confirm this as bug ? or can we get any workaround ?
,
Sep 5
We are also facing the same issue. Chrome 69 does not provide anymore Kerberos authentication to our web applications with url myapp.mydomain.com. However, the behaviour is as expected if we use URL myapp.internal.local We have both *.internal.local and *.mydomain.com in Intranet Zone. The domain mydomain.com is resolvable from the Internet. We have also digged a little : We noticed with TCPDUMP that when we use myapp.mydomain.com URL, Chrome 69 provide CNAME instead of ARecord for requesting the Kerberos Ticket. Search in our Active Directory failed because the cooresponding SPN does not exist. If we use myapp.internal.local URL, ARecord is provided as expected, and authentication succeed. Please, can you confirm the issue and suggest a workaround ? Kind regards
,
Sep 5
+mef: Is there a network service experiment on M69?
,
Sep 5
Can anyone provide a Chrome 68 msi download link? This issue has caused a huge outage for us and we're desperately trying to download our fleet.
,
Sep 5
Ok, that's not good. I didn't see anything that looks different in the net-internals logs. In both logs (i.e. #13, and #15) I see that a CNAME lookup was performed. Is that not the intention? Let's say you have the following RRs: www.example.com. 1000 IN CNAME server1.example.com. server1.example.com. 1000 IN A 10.10.10.10 Then: A. With DisableAuthNegotiateCnameLookup unset or set to false, the SPN for www.example.com is HTTP/server1.example.com@YOURREALM.COM. B. Woth DisableAuthNegotiateCnameLookup set to true, the SPN for www.example.com is HTTP/www.example.com@YOURREALM.COM. From #0, #2, and #15, it sounds like B doesn't work. From #16 is sounds like A doesn't work. Can reporters confirm that chrome:policy correctly shows the policy you need? I'll see what changed on the DNS side for M69.
,
Sep 5
(Also, if B doesn't work, then it's not DNS).
,
Sep 5
Also ruling out Network Service which is reportedly only experimenting on Canary (M71) at the moment. M69 shouldn't be affected.
,
Sep 5
+Enterprise, +robertshield@ FYI. This is on stable.
,
Sep 5
M69 TPM FYI
,
Sep 5
Our policy DisableAuthNegotiateCnameLookup is unset in our case, but CNAME is provided by M69. Following your example, HTTP/www.example.com@YOURREALM.COM is provided instead of HTTP/server1.example.com@YOURREALM.COM
,
Sep 5
We have DisableAuthCnameLookup unset. With you example domain names when trying to go to www.example.com then the SPN that is required is for HTTP/www.example.com@YOURREALM.COM When Chrome 69 was in Beta I was able to test it side by side with Chrome 68 while changing the DisableAuthCnameLookup values. For Chrome 69 I was not finding a difference in how Kerberos authentication was working when modifying the DisableAuthCnameLookup value. With Chrome 68 the DisableAuthCnameLookup value was having the effect I would expect it to have. Chrome 69 was performing as if DisableAuthCnameLookup was set to true regardless of the status of the flag.
,
Sep 5
#26: For completeness, could you send me a net-internals log as well? Instructions are at https://dev.chromium.org/for-testers/providing-network-details . You can email the log directly to me if you aren't comfortable attaching it to a public issue. I just want to distinguish between the DNS lookup not working vs. CNAME lookup being skipped entirely. So you sound like you are in the "A doesn't work" camp (as laid out in #20).
,
Sep 5
#20: The default behavior has been and should be "HTTP/server1.example.com@YOURREALM.COM", so at least in our case A does not work. (But I am sure that this concerns all the described problems here.)
,
Sep 5
+more enterprise folk FYI
,
Sep 5
69 broke our SSO as well. Disabling/Enabling lookup shows no effect in 69 (but does work as expected in 68). every website with cname does not work anymore. when the spn is an a record it works. we use one config per reverse proxy which holds the a record of the proxy host and the apps are all cname aliases which point to the proxy. Setting custom spn is not an option, also having a config per app is not an option. Please advise.
,
Sep 5
,
Sep 5
Adding RBS
,
Sep 5
Same problem here, SSO is broken when using CNAME records
,
Sep 5
If possible, can an impacted user try running a bisect to determine when exactly this issue started occurring? There's a simplified bisect tool at: https://github.com/jay0lee/chrome-bisect#chrome-bisect if you are able to run, please grab the generated log file and add here.
,
Sep 5
Many thanks alun@ Based on the changelist from bisect of: https://chromium.googlesource.com/chromium/src/+log/bddfeda54e0f2d1d3cb4a3b1bed1ec3d28e1c1b2..b67c0a8eaa84c767041a00d5f0033e95e179e2e0 this change seems suspect: https://chromium.googlesource.com/chromium/src/+/b67c0a8eaa84c767041a00d5f0033e95e179e2e0 + mmenke for his thoughts on if this is related.
,
Sep 5
Issue 880846 has been merged into this issue.
,
Sep 5
,
Sep 5
Our enterprise (20'000 clients) is also affected.
,
Sep 5
Not sure how that CL could have broken CNAME lookup - I hooked up CNAME configuration to the network service APIs in https://chromium-review.googlesource.com/c/chromium/src/+/1089661, but the bisect shows multiple phases where that CL was marked as good, so it's pretty clearly not that one that caused the issue. I can't see how an incorrectly configured HostResolver would cause this.
,
Sep 5
Same issue here, but I also noticed that Chrome 69 now sends NTLMSSP tokens for Negotiate auth when up until 68 it used to send Kerberos. This happens regardless of the policy settings (whitelist, CNAME, auth mechanisms). We have applications on Apache with mod_auth_gssapi, none of which work now. Chrome does not attempt to acquire a service ticket, instead it directly uses NTLM.
,
Sep 5
#43: With an incorrect SPN, the ticket acquisition will fail. Windows defaults to NTLM in those cases.
,
Sep 5
OK, if I have to specifically say it, then I'll say it. Nothing but the Chrome version has changed since it last worked, with Chrome 68.
,
Sep 5
the cname lookup is clearly broken with 69, how can’t you reproduce this? 🙄
,
Sep 5
Hi all, we are investigating this as P0 and we believe we've identified the regression above. Please hold off on any further commentary that's not constructive so we can focus efforts here. mmenke@ is reverting this change an option? This is P0 and blocking stable at this point.
,
Sep 5
Reverting on trunk isn't really an option. We may be able to revert on M69, but it may well not be a clean revert, given the amount of work done in that area.
,
Sep 5
,
Sep 5
,
Sep 5
Note that the Kerberos SSP maintains a negative cache of failed TGS-REQ SPNs. If it got a principal does not exist error recently, it will immediately fail without putting a new request on the wire. That may be why you’re observing it go straight to NTLM when looking at a packet capture. The cache lives for 15 or 20 minutes, klist purge flushes it.
,
Sep 5
Updating affected platforms.
,
Sep 6
,
Sep 6
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/cc704901b1876e8cab502bac46b955d78ea0198a commit cc704901b1876e8cab502bac46b955d78ea0198a Author: Asanka Herath <asanka@chromium.org> Date: Thu Sep 06 03:50:14 2018 [net] Force use of system host resolver for CNAME lookups. Async host resolver currently doesn't resolve CNAMEs. Thus use of the async resolver is not currently compatible with the needs of HttpAuthHandlerNegotiate where correct CNAME lookup is required. Due to an unfortunate oversight, b67c0a8eaa84c767041a00d5f0033e95e179e2 enabled the async DNS code path by default. This CL addresses both. The updates to the HttpAuthHandlerNegotia tests verify that the SYSTEM source is forced for CNAME lookups. Bug: 872665 Change-Id: I520f88f01084ef8ac12c377a50bba6c7f09ec3c1 Reviewed-on: https://chromium-review.googlesource.com/1208421 Reviewed-by: Matt Menke <mmenke@chromium.org> Commit-Queue: Asanka Herath <asanka@chromium.org> Cr-Commit-Position: refs/heads/master@{#589097} [modify] https://crrev.com/cc704901b1876e8cab502bac46b955d78ea0198a/chrome/browser/net/system_network_context_manager.cc [modify] https://crrev.com/cc704901b1876e8cab502bac46b955d78ea0198a/net/dns/host_resolver.cc [modify] https://crrev.com/cc704901b1876e8cab502bac46b955d78ea0198a/net/http/http_auth_handler_negotiate_unittest.cc
,
Sep 6
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/ec59d3235f25748c8a83d6b54c5a6da479fa7fb0 commit ec59d3235f25748c8a83d6b54c5a6da479fa7fb0 Author: Asanka Herath <asanka@chromium.org> Date: Thu Sep 06 03:59:51 2018 [net] Force use of system host resolver for CNAME lookups. Async host resolver currently doesn't resolve CNAMEs. Thus use of the async resolver is not currently compatible with the needs of HttpAuthHandlerNegotiate where correct CNAME lookup is required. Due to an unfortunate oversight, b67c0a8eaa84c767041a00d5f0033e95e179e2 enabled the async DNS code path by default. This CL addresses both. The updates to the HttpAuthHandlerNegotia tests verify that the SYSTEM source is forced for CNAME lookups. Bug: 872665 Change-Id: I520f88f01084ef8ac12c377a50bba6c7f09ec3c1 Reviewed-on: https://chromium-review.googlesource.com/1208421 Reviewed-by: Matt Menke <mmenke@chromium.org> Commit-Queue: Asanka Herath <asanka@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#589097}(cherry picked from commit cc704901b1876e8cab502bac46b955d78ea0198a) Reviewed-on: https://chromium-review.googlesource.com/1208901 Reviewed-by: Krishna Govind <govind@chromium.org> Cr-Commit-Position: refs/branch-heads/3544@{#3} Cr-Branched-From: 0da7dce9a83cbad841f925002a4ddfee8f2afcf7-refs/heads/master@{#589076} [modify] https://crrev.com/ec59d3235f25748c8a83d6b54c5a6da479fa7fb0/chrome/browser/net/system_network_context_manager.cc [modify] https://crrev.com/ec59d3235f25748c8a83d6b54c5a6da479fa7fb0/net/dns/host_resolver.cc [modify] https://crrev.com/ec59d3235f25748c8a83d6b54c5a6da479fa7fb0/net/http/http_auth_handler_negotiate_unittest.cc
,
Sep 6
I'm triggering new canary from branch 3544 with merge listed at #55.
,
Sep 6
Canary version 71.0.3544.2 currently building includes this merge. Thank you.
,
Sep 6
Pls update bug with canary result tomorrow.
,
Sep 6
Yay for auto updates. Good thing I have those disabled in my organization. Yeah, we've been hit too. Good thing I test the enterprise build first before distributing it so I caught it early. I was meaning to register a bug, but it turns out it already exists :) Are we getting a patched 69 build or do we need to wait for 70/71 for this? I need to tell (security) management something to explain why we can't upgrade yet and when we can expect a solution.
,
Sep 6
I have just tried accessing a location using Kerberos authentication with a CNAME using Canary version 71.0.3544.2 and it appears to work properly now.
,
Sep 6
71.0.3544.2 Works as expected! Thank you for providing it! CNAME gets resolved again and the same usecase which did not work with 69 or 71.0.3544.0 works after installation of .2.
,
Sep 6
works fine for me too!
,
Sep 6
The NextAction date has arrived: 2018-09-06
,
Sep 6
,
Sep 6
Thanks for the confirmations everyone. We'll queue this for merge into M69 and then M70.
,
Sep 6
This bug requires manual review: Request affecting a post-stable build Please contact the milestone owner if you have questions. Owners: amineer@(Android), kariahda@(iOS), cindyb@(ChromeOS), govind@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Sep 6
We are having the same problem. Thanks to everyone who reported this. Looks like a fix has been identified. When can we expect the fix to be pushed out in an update? I need to be able to provide a timeline to my company. Thanks!
,
Sep 6
Approving merge to M69 branch 3497 based on comment #65 and offline group chat. Pls merge. Also pls request a merge to M70. Thank you.
,
Sep 6
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/547588635540eff0c0998e5bace388c38190e038 commit 547588635540eff0c0998e5bace388c38190e038 Author: Asanka Herath <asanka@chromium.org> Date: Thu Sep 06 18:01:38 2018 [net] Force use of system host resolver for CNAME lookups. Async host resolver currently doesn't resolve CNAMEs. Thus use of the async resolver is not currently compatible with the needs of HttpAuthHandlerNegotiate where correct CNAME lookup is required. Due to an unfortunate oversight, b67c0a8eaa84c767041a00d5f0033e95e179e2 enabled the async DNS code path by default. This CL addresses both. The updates to the HttpAuthHandlerNegotia tests verify that the SYSTEM source is forced for CNAME lookups. TBR=asanka@chromium.org (cherry picked from commit cc704901b1876e8cab502bac46b955d78ea0198a) Bug: 872665 Change-Id: I520f88f01084ef8ac12c377a50bba6c7f09ec3c1 Reviewed-on: https://chromium-review.googlesource.com/1208421 Reviewed-by: Matt Menke <mmenke@chromium.org> Commit-Queue: Asanka Herath <asanka@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#589097} Reviewed-on: https://chromium-review.googlesource.com/1211084 Reviewed-by: Asanka Herath <asanka@chromium.org> Cr-Commit-Position: refs/branch-heads/3497@{#896} Cr-Branched-From: 271eaf50594eb818c9295dc78d364aea18c82ea8-refs/heads/master@{#576753} [modify] https://crrev.com/547588635540eff0c0998e5bace388c38190e038/chrome/browser/net/system_network_context_manager.cc [modify] https://crrev.com/547588635540eff0c0998e5bace388c38190e038/net/dns/host_resolver_impl.cc
,
Sep 6
And M70.
,
Sep 7
+abdulsyed: ping for M70 merge?
,
Sep 7
Hi asanka@chromium.org do you have any ERD to communicate for the merge to M69 branch 3497? Thanks,
,
Sep 7
When will the new release come out, correcting this bug?
,
Sep 7
asanka@chromium.org this was fixed 24 hours ago in M71. The merge to M69 is approved so when will the update be available? Please advise ASAP.
,
Sep 7
please handle this serious error with increased priority. In our environment, the update of client installations is delayed by 2 weeks. The fix must be included in M69 before 09-18.
,
Sep 7
The fix has been verified on 69.0.3497.87.
,
Sep 7
We need an urgend hotfix release. We coudn't work for our customer because in our dev/qa/prod system we have SSO as authentification.
,
Sep 7
asanka@chromium.org after checking for updates in Help->About Chrome x64 (Windows) the version is still 69.0.3497.81. Please advise.
,
Sep 7
Please also note that https://enterprise.google.com/chrome/chrome-browser/ is still showing v 69.0.3497.81.
,
Sep 7
Hi all, we've verified the fix on internal build 69.0.3497.87 but still need to further qualify the build. We anticipate pushing 69.0.3497.87 or later sometime next week. Until then, if you are in need of the 68 MSIs to downgrade, please file a support ticket with Google and request the file. Please reference this crbug.com/872665 in your request.
,
Sep 7
Your change meets the bar and is auto-approved for M70. Please go ahead and merge the CL to branch 3538 manually. Please contact milestone owner if you have questions. Owners: benmason@(Android), kariahda@(iOS), geohsu@(ChromeOS), abdulsyed@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Sep 7
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/f058f99fa7ae6d0a48509af652c5a8f9f9b92883 commit f058f99fa7ae6d0a48509af652c5a8f9f9b92883 Author: Asanka Herath <asanka@chromium.org> Date: Fri Sep 07 19:32:48 2018 [net] Force use of system host resolver for CNAME lookups. Async host resolver currently doesn't resolve CNAMEs. Thus use of the async resolver is not currently compatible with the needs of HttpAuthHandlerNegotiate where correct CNAME lookup is required. Due to an unfortunate oversight, b67c0a8eaa84c767041a00d5f0033e95e179e2 enabled the async DNS code path by default. This CL addresses both. The updates to the HttpAuthHandlerNegotia tests verify that the SYSTEM source is forced for CNAME lookups. Bug: 872665 Change-Id: I520f88f01084ef8ac12c377a50bba6c7f09ec3c1 Reviewed-on: https://chromium-review.googlesource.com/1208421 Reviewed-by: Matt Menke <mmenke@chromium.org> Commit-Queue: Asanka Herath <asanka@chromium.org> Cr-Original-Commit-Position: refs/heads/master@{#589097}(cherry picked from commit cc704901b1876e8cab502bac46b955d78ea0198a) Reviewed-on: https://chromium-review.googlesource.com/1214122 Reviewed-by: Asanka Herath <asanka@chromium.org> Cr-Commit-Position: refs/branch-heads/3538@{#151} Cr-Branched-From: 79f7c91a2b2a2932cd447fa6f865cb6662fa8fa6-refs/heads/master@{#587811} [modify] https://crrev.com/f058f99fa7ae6d0a48509af652c5a8f9f9b92883/chrome/browser/net/system_network_context_manager.cc [modify] https://crrev.com/f058f99fa7ae6d0a48509af652c5a8f9f9b92883/net/dns/host_resolver.cc [modify] https://crrev.com/f058f99fa7ae6d0a48509af652c5a8f9f9b92883/net/http/http_auth_handler_negotiate_unittest.cc
,
Sep 7
,
Sep 11
Any News for us?
,
Sep 11
Issue 882484 has been merged into this issue.
,
Sep 11
Verified the fix on 69.0.3497.92
,
Sep 11
69.0.3497.92 is now pushing to stable channel with this fix and MSI should be downloadable soon also.
,
Sep 11
Worked for me.
,
Sep 11
Worked for me as well. Thank you.
,
Sep 12
Worked for me. Thanks.
,
Sep 12
Issue 882222 has been merged into this issue.
,
Sep 12
This has worked for me as well. Thank you.
,
Sep 12
Have you tried this also with https? In my case with http it worked, but with https not.
,
Sep 12
It works with HTTP and HTTPS for us. Thanks
,
Sep 12
+ imranal@ (Chrome Test Lead)as FYI
,
Sep 12
Thanks govind, is there a plan to get kerberos tests (integrated or manual) added?
,
Sep 12
imranal@ (Chrome Test Lead) probably a right person to answer #97. Thank you.
,
Sep 14
,
Oct 1
Update: I am working with bustamante@ to add manual kerberos tests to our regression test passes.
,
Jan 17
(5 days ago)
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/541a90cc3bf250ce66fdcc31feae3e78370765b6 commit 541a90cc3bf250ce66fdcc31feae3e78370765b6 Author: Eric Orth <ericorth@chromium.org> Date: Thu Jan 17 20:11:46 2019 Coerce more canonicalname resolves to use ProcTask DnsClient doesn't handle cannonname very well (see https://crbug.com/872665 ), so some logic was added a while back to force ProcTask for such cases by setting HostResolverSource::SYSTEM when the HOST_RESOLVER_CANONNAME flag is set. But this didn't affect the newer HostResolver::CreateRequest() API, as that has callers directly set the source and doesn't directly use ProcTask flags. Bug: 872665 Change-Id: I709959911ec299118369f1f995ea5802df7a92f9 Reviewed-on: https://chromium-review.googlesource.com/c/1418350 Reviewed-by: Asanka Herath <asanka@chromium.org> Commit-Queue: Eric Orth <ericorth@chromium.org> Cr-Commit-Position: refs/heads/master@{#623815} [modify] https://crrev.com/541a90cc3bf250ce66fdcc31feae3e78370765b6/net/dns/host_resolver_impl.cc [modify] https://crrev.com/541a90cc3bf250ce66fdcc31feae3e78370765b6/net/dns/host_resolver_impl_unittest.cc
Showing comments 2 - 101
of 101
Older ›
|
||||||||||||||||||||||||||||||||||
►
Sign in to add a comment |
||||||||||||||||||||||||||||||||||
