Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
2197023002:
Updating Security Key logic to work on OSX (Closed)
|
Created:
4 years, 4 months ago by joedow Modified:
4 years, 1 month ago Reviewers:
Sergey Ulanov CC:
chromium-reviews, chromoting-reviews_chromium.org Base URL:
https://chromium.googlesource.com/chromium/src.git@posix_auth Target Ref:
refs/pending/heads/master Project:
chromium Visibility:
Public. |
DescriptionUpdating Security Key logic to work on macOS
Since macOS supports UDS we can reuse much on the Linux SK classes for macOS.
This change updates the build macros to include SK functionality in macOS
builds and passes in an ssh-auth-sock socket path based on the user name.
These changes allow the Host to indicate that they support SK forwarding when
the client connects.
Note that the SK socket is not created until a user connects. This means we
want to scope the lifetime of the socket to a Chromoting session. The SK socket
class was initially used in our virtual Linux session which was created
specifically for our use and could live 'forever'. Since this is not the case
for macOS, and the extended lifetime is not a benefit for Linux, I have added
code to clean up the socket when the session ends.
BUG=633025
Committed: https://crrev.com/c0e8b3411d0fae9f3cb0e60f5918778c2e464376
Cr-Commit-Position: refs/heads/master@{#429293}
Patch Set 1 #Patch Set 2 : Updating script to pass in a socket path to the host #Patch Set 3 : Pre-review cleanup #Patch Set 4 : Defaulting SK support to true since all hosts support it #
Messages
Total messages: 31 (25 generated)
The CQ bit was checked by joedow@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: Try jobs failed on following builders: android_clang_dbg_recipe on master.tryserver.chromium.android (JOB_FAILED, https://build.chromium.org/p/tryserver.chromium.android/builders/android_clan...)
The CQ bit was checked by joedow@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: Try jobs failed on following builders: mac_chromium_compile_dbg_ng on master.tryserver.chromium.mac (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.mac/builders/mac_chromium_comp...) mac_chromium_rel_ng on master.tryserver.chromium.mac (JOB_FAILED, http://build.chromium.org/p/tryserver.chromium.mac/builders/mac_chromium_rel_...)
The CQ bit was checked by joedow@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
Patchset #3 (id:40001) has been deleted
Patchset #2 (id:20001) has been deleted
The CQ bit was checked by joedow@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
The CQ bit was checked by joedow@chromium.org to run a CQ dry run
Dry run: CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
joedow@chromium.org changed reviewers: + sergeyu@chromium.org
PTAL!
The CQ bit was unchecked by commit-bot@chromium.org
Dry run: This issue passed the CQ dry run.
Couple nits about CL description: 1. Please add more details, see https://www.chromium.org/developers/contributing-code#TOC-Writing-change-list... 2. OSX is macOS now Otherwise LGTM
Description was changed from ========== Updating Security Key logic to work on OSX BUG=633025 ========== to ========== Updating Security Key logic to work on OSX Since OSX supports UDS we can reuse much on the Linux SK classes for OSX. This change updates the build macros to include SK functionality in OSX builds and passes in an ssh-auth-sock socket path based on the user name. These changes allow the Host to indicate that they support SK forwarding when the client connects. Note that the SK socket is not created until a user connects. This means we want to scope the lifetime of the socket to a Chromoting session. The SK socket class was initially used in our virtual Linux session which was created specifically for our use and could live 'forever'. Since this is not the case for OSX, and the extended lifetime is not a benefit for Linux, I have added code to clean up the socket when the session ends. BUG=633025 ==========
Description was changed from ========== Updating Security Key logic to work on OSX Since OSX supports UDS we can reuse much on the Linux SK classes for OSX. This change updates the build macros to include SK functionality in OSX builds and passes in an ssh-auth-sock socket path based on the user name. These changes allow the Host to indicate that they support SK forwarding when the client connects. Note that the SK socket is not created until a user connects. This means we want to scope the lifetime of the socket to a Chromoting session. The SK socket class was initially used in our virtual Linux session which was created specifically for our use and could live 'forever'. Since this is not the case for OSX, and the extended lifetime is not a benefit for Linux, I have added code to clean up the socket when the session ends. BUG=633025 ========== to ========== Updating Security Key logic to work on macOS Since macOS supports UDS we can reuse much on the Linux SK classes for macOS. This change updates the build macros to include SK functionality in macOS builds and passes in an ssh-auth-sock socket path based on the user name. These changes allow the Host to indicate that they support SK forwarding when the client connects. Note that the SK socket is not created until a user connects. This means we want to scope the lifetime of the socket to a Chromoting session. The SK socket class was initially used in our virtual Linux session which was created specifically for our use and could live 'forever'. Since this is not the case for macOS, and the extended lifetime is not a benefit for Linux, I have added code to clean up the socket when the session ends. BUG=633025 ==========
Sorry about the CL description, I updated it in my local commit but forget it was not updated automatically in this CR system. Thanks for the review!
The CQ bit was checked by joedow@chromium.org
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...
Message was sent while issue was closed.
Committed patchset #4 (id:100001)
Message was sent while issue was closed.
Description was changed from ========== Updating Security Key logic to work on macOS Since macOS supports UDS we can reuse much on the Linux SK classes for macOS. This change updates the build macros to include SK functionality in macOS builds and passes in an ssh-auth-sock socket path based on the user name. These changes allow the Host to indicate that they support SK forwarding when the client connects. Note that the SK socket is not created until a user connects. This means we want to scope the lifetime of the socket to a Chromoting session. The SK socket class was initially used in our virtual Linux session which was created specifically for our use and could live 'forever'. Since this is not the case for macOS, and the extended lifetime is not a benefit for Linux, I have added code to clean up the socket when the session ends. BUG=633025 ========== to ========== Updating Security Key logic to work on macOS Since macOS supports UDS we can reuse much on the Linux SK classes for macOS. This change updates the build macros to include SK functionality in macOS builds and passes in an ssh-auth-sock socket path based on the user name. These changes allow the Host to indicate that they support SK forwarding when the client connects. Note that the SK socket is not created until a user connects. This means we want to scope the lifetime of the socket to a Chromoting session. The SK socket class was initially used in our virtual Linux session which was created specifically for our use and could live 'forever'. Since this is not the case for macOS, and the extended lifetime is not a benefit for Linux, I have added code to clean up the socket when the session ends. BUG=633025 Committed: https://crrev.com/c0e8b3411d0fae9f3cb0e60f5918778c2e464376 Cr-Commit-Position: refs/heads/master@{#429293} ==========
Message was sent while issue was closed.
Patchset 4 (id:??) landed as https://crrev.com/c0e8b3411d0fae9f3cb0e60f5918778c2e464376 Cr-Commit-Position: refs/heads/master@{#429293} |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
