[Cast Channel] Add support for nonce challenge to Cast channel authentication.

[Cast Channel] Add support for nonce challenge to Cast channel authentication.

Include feature flag and histograms.
A nonce challenge is sent to the Cast receiver. The challenge is expected
to be included in the signature supplied in the authentication response.

BUG=694868
Review-Url: https://codereview.chromium.org/2709523008
Cr-Commit-Position: refs/heads/master@{#458292}
Committed: https://chromium.googlesource.com/chromium/src/+/308019e846c5f06e679550aadd002b888a9690a0

[ryanchung, 2017-02-22 01:53:18]

ryanchung@chromium.org changed reviewers:
+ dougsteed@chromium.org, mfoltz@chromium.org

[mark a. foltz, 2017-02-27 23:04:32]

Please unit test the changes in cast_auth_util.cc

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
File extensions/browser/api/cast_channel/cast_auth_util.cc (right):

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
extensions/browser/api/cast_channel/cast_auth_util.cc:167: if
(response.sender_nonce().empty()) {
It seems like you should only be collecting metrics if this is enabled.  Are
metrics for non-enabled profiles relevant?

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
extensions/browser/api/cast_channel/cast_auth_util.cc:182: return
VerifyCredentials(response, nonce + peer_cert_der);
Don't you want to conditionally include |nonce| in the signature algorithm based
on kEnforceNonceChecking?

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
File extensions/browser/api/cast_channel/cast_channel_api.h (right):

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
extensions/browser/api/cast_channel/cast_channel_api.h:212: std::string nonce_;
This belongs in CastSocketImpl.  The extension API doesn't need to care about
it.

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
File extensions/browser/api/cast_channel/cast_message_util.h (right):

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
extensions/browser/api/cast_channel/cast_message_util.h:37: void
CreateAuthChallengeMessage(CastMessage* message_proto, std::string nonce);
const std::string&

[ryanchung, 2017-03-01 20:09:47]

Added tests for cast_auth_util changes.

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
File extensions/browser/api/cast_channel/cast_auth_util.cc (right):

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
extensions/browser/api/cast_channel/cast_auth_util.cc:167: if
(response.sender_nonce().empty()) {
On 2017/02/27 23:04:31, mark a. foltz wrote:
> It seems like you should only be collecting metrics if this is enabled.  Are
> metrics for non-enabled profiles relevant?

We want to be able to see the impact on the user experience without enforcing
the check.
We need to make sure all cast receivers are updated to a version that supports
the nonce check.
Having metrics about this will allow us to see how many devices will fail the
check if we turned on the feature.

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
extensions/browser/api/cast_channel/cast_auth_util.cc:182: return
VerifyCredentials(response, nonce + peer_cert_der);
On 2017/02/27 23:04:31, mark a. foltz wrote:
> Don't you want to conditionally include |nonce| in the signature algorithm
based
> on kEnforceNonceChecking?

I should be using response.sender_nonce() here instead.

The Cast receiver will not know if the Cast sender is enforcing the nonce check.
So, if a nonce challenge is provided by the Cast sender, the Cast receiver will
incorporate the nonce into the signature.
If the nonce was used in the signature, it will be in response.sender_nonce().

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
File extensions/browser/api/cast_channel/cast_channel_api.h (right):

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
extensions/browser/api/cast_channel/cast_channel_api.h:212: std::string nonce_;
On 2017/02/27 23:04:32, mark a. foltz wrote:
> This belongs in CastSocketImpl.  The extension API doesn't need to care about
> it.

Done.

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
File extensions/browser/api/cast_channel/cast_message_util.h (right):

https://codereview.chromium.org/2709523008/diff/1/extensions/browser/api/cast...
extensions/browser/api/cast_channel/cast_message_util.h:37: void
CreateAuthChallengeMessage(CastMessage* message_proto, std::string nonce);
On 2017/02/27 23:04:32, mark a. foltz wrote:
> const std::string&

Done.

[mark a. foltz, 2017-03-03 23:25:51]

If the nonce lifetime is not tied to a particular socket, it would probably make
more sense as a singleton in cast_auth_util.cc.

https://codereview.chromium.org/2709523008/diff/20001/extensions/browser/api/...
File extensions/browser/api/cast_channel/cast_socket.cc (right):

https://codereview.chromium.org/2709523008/diff/20001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_socket.cc:105: std::string
CastSocketImpl::nonce_ = "";
Static variables must be POD (with a few exceptions).  Use base::Singleton.

https://google.github.io/styleguide/cppguide.html#Static_and_Global_Variables

https://codereview.chromium.org/2709523008/diff/20001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_socket.cc:115: nonce_ =
base::GenerateGUID();
I thought there was a different nonce for each attempt to open the socket? Is
the concern overuse of /dev/urandom?

[ryanchung, 2017-03-06 22:57:46]

Each socket must keep track of a single nonce. It needs to verify that the
response contains the same nonce as the challenge sent. 

I've moved the singleton to cast_auth_utils and expose the nonce as a
AuthContext object. Do you think this is cleaner?

Thanks.

https://codereview.chromium.org/2709523008/diff/20001/extensions/browser/api/...
File extensions/browser/api/cast_channel/cast_socket.cc (right):

https://codereview.chromium.org/2709523008/diff/20001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_socket.cc:105: std::string
CastSocketImpl::nonce_ = "";
On 2017/03/03 23:25:51, mark a. foltz wrote:
> Static variables must be POD (with a few exceptions).  Use base::Singleton.
> 
> https://google.github.io/styleguide/cppguide.html#Static_and_Global_Variables
> 

Done. Thanks.

https://codereview.chromium.org/2709523008/diff/20001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_socket.cc:115: nonce_ =
base::GenerateGUID();
On 2017/03/03 23:25:51, mark a. foltz wrote:
> I thought there was a different nonce for each attempt to open the socket? Is
> the concern overuse of /dev/urandom?

Ideally, each connection attempt uses a difference nonce. The concern is on the
overhead of the signing operation on some of the older generations of receivers.
When the same nonce is used, the signature can be cached so the latency for the
Cast operation roughly cuts in half.

[mark a. foltz, 2017-03-10 00:47:23]

Getting close, and looking pretty clean overall.  Remaining question around
AuthContext.

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
File extensions/browser/api/cast_channel/cast_auth_util.cc (right):

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.cc:162:
AuthContext::AuthContext(const std::string& nonce) : nonce_(nonce) {}
Can you explain why you need to wrap a single nonce string into an AuthContext,
especially since it's passed as a std::string elsewhere?

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.cc:229: const AuthContext*
auth_context) {
const AuthContext&

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
File extensions/browser/api/cast_channel/cast_socket.h (right):

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_socket.h:168:
std::unique_ptr<AuthContext> auth_context);
const AuthContext&

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_socket.h:337:
std::unique_ptr<AuthContext> auth_context_;
const AuthContext

GUID is a short string and not worth passing ownership of IMO.

[ryanchung, 2017-03-10 02:10:28]

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
File extensions/browser/api/cast_channel/cast_auth_util.cc (right):

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.cc:162:
AuthContext::AuthContext(const std::string& nonce) : nonce_(nonce) {}
On 2017/03/10 00:47:23, mark a. foltz wrote:
> Can you explain why you need to wrap a single nonce string into an
AuthContext,
> especially since it's passed as a std::string elsewhere?

I just thought it'd be cleaner to encapsulate the nonce so that code outside
cast_auth_util and cast_message_util can just pass the context without caring
about it's content(which may be extended in the future - I'm not sure what at
the moment). I'd be happy to remove the Context and just pass the string if that
is preferred.

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.cc:229: const AuthContext*
auth_context) {
On 2017/03/10 00:47:23, mark a. foltz wrote:
> const AuthContext&

Done.

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
File extensions/browser/api/cast_channel/cast_socket.h (right):

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_socket.h:168:
std::unique_ptr<AuthContext> auth_context);
On 2017/03/10 00:47:23, mark a. foltz wrote:
> const AuthContext&

Done.

https://codereview.chromium.org/2709523008/diff/40001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_socket.h:337:
std::unique_ptr<AuthContext> auth_context_;
On 2017/03/10 00:47:23, mark a. foltz wrote:
> const AuthContext
> 
> GUID is a short string and not worth passing ownership of IMO.

Done.

[ryanchung, 2017-03-10 02:21:25]

Description was changed from

==========
Add support for nonce challenge to Cast channel authentication.

Include feature flag and histograms.
A nonce challenge is sent to the Cast receiver. The challenge is expected
to be included in the signature supplied in the authentication response.

BUG=694868
==========

to

==========
[Cast Channel] Add support for nonce challenge to Cast channel authentication.

Include feature flag and histograms.
A nonce challenge is sent to the Cast receiver. The challenge is expected
to be included in the signature supplied in the authentication response.

BUG=694868
==========

[mark a. foltz, 2017-03-16 23:23:02]

LGTM

Sorry for the delays in review.  A couple of minor suggestions.

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
File extensions/browser/api/cast_channel/cast_auth_util.cc (right):

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.cc:104: static const
std::string& Get() {
static AuthContext

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.cc:251: result =
VerifySenderNonce(auth_context.nonce(), nonce_response);
auth_context.VerifySenderNonce(nonce_response)

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
File extensions/browser/api/cast_channel/cast_auth_util.h (right):

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.h:97: AuthResult
VerifySenderNonce(const std::string& nonce,
It would make more sense for this to be a method on AuthContext.

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.h:120: AuthContext
GetChallengeContext();
With the suggested change below, this could just be CastNonce::Get().  If you
feel CastNonce shouldn't be exposed, I don't feel strongly though.

[ryanchung, 2017-03-17 02:46:06]

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
File extensions/browser/api/cast_channel/cast_auth_util.cc (right):

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.cc:104: static const
std::string& Get() {
On 2017/03/16 23:23:01, mark a. foltz wrote:
> static AuthContext

I want to keep CastNonce has a simple singleton for generating the nonce and
tracking its refresh. I'll move the GetChallengeContext to AuthContext::Create()
which should make it cleaner.

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.cc:251: result =
VerifySenderNonce(auth_context.nonce(), nonce_response);
On 2017/03/16 23:23:01, mark a. foltz wrote:
> auth_context.VerifySenderNonce(nonce_response)

Done.

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
File extensions/browser/api/cast_channel/cast_auth_util.h (right):

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.h:97: AuthResult
VerifySenderNonce(const std::string& nonce,
On 2017/03/16 23:23:01, mark a. foltz wrote:
> It would make more sense for this to be a method on AuthContext.

Done. Good idea.

https://codereview.chromium.org/2709523008/diff/80001/extensions/browser/api/...
extensions/browser/api/cast_channel/cast_auth_util.h:120: AuthContext
GetChallengeContext();
On 2017/03/16 23:23:01, mark a. foltz wrote:
> With the suggested change below, this could just be CastNonce::Get().  If you
> feel CastNonce shouldn't be exposed, I don't feel strongly though.

I want to keep CastNonce simple just for tracking the nonce refresh. I'll move
GetChallengeContext to AuthContext::Create() which should be cleaner.

[ryanchung, 2017-03-17 16:30:15]

The CQ bit was checked by ryanchung@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-03-17 16:30:29]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[ryanchung, 2017-03-17 17:06:34]

ryanchung@chromium.org changed reviewers:
+ isherman@chromium.org

[ryanchung, 2017-03-17 17:06:35]

+isherman for histogram review

Thanks.

[mark a. foltz, 2017-03-17 17:15:39]

https://codereview.chromium.org/2709523008/diff/140001/extensions/browser/api...
File extensions/browser/api/cast_channel/cast_auth_util.h (right):

https://codereview.chromium.org/2709523008/diff/140001/extensions/browser/api...
extensions/browser/api/cast_channel/cast_auth_util.h:73: explicit
AuthContext(const std::string& nonce);
Nit: Make this private, it looks like all code and tests now use ::Create().

[ryanchung, 2017-03-17 17:34:07]

https://codereview.chromium.org/2709523008/diff/140001/extensions/browser/api...
File extensions/browser/api/cast_channel/cast_auth_util.h (right):

https://codereview.chromium.org/2709523008/diff/140001/extensions/browser/api...
extensions/browser/api/cast_channel/cast_auth_util.h:73: explicit
AuthContext(const std::string& nonce);
On 2017/03/17 17:15:39, mark a. foltz wrote:
> Nit: Make this private, it looks like all code and tests now use ::Create().

Done.

[Ilya Sherman, 2017-03-17 19:45:26]

Metrics LGTM % a nit:

https://codereview.chromium.org/2709523008/diff/160001/extensions/browser/api...
File extensions/browser/api/cast_channel/cast_auth_util.cc (right):

https://codereview.chromium.org/2709523008/diff/160001/extensions/browser/api...
extensions/browser/api/cast_channel/cast_auth_util.cc:187: NONCE_COUNT);
Please use a small wrapper function of the form
RecordNonceStatus(NONCE_MISMATCH) to avoid repeating the
UMA_HISTOGRAM_ENUMERATION bit three times.

[ryanchung, 2017-03-17 20:48:34]

https://codereview.chromium.org/2709523008/diff/160001/extensions/browser/api...
File extensions/browser/api/cast_channel/cast_auth_util.cc (right):

https://codereview.chromium.org/2709523008/diff/160001/extensions/browser/api...
extensions/browser/api/cast_channel/cast_auth_util.cc:187: NONCE_COUNT);
On 2017/03/17 19:45:26, Ilya Sherman wrote:
> Please use a small wrapper function of the form
> RecordNonceStatus(NONCE_MISMATCH) to avoid repeating the
> UMA_HISTOGRAM_ENUMERATION bit three times.

Done.

[ryanchung, 2017-03-17 20:49:36]

The CQ bit was checked by ryanchung@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-03-17 20:50:20]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-03-17 22:15:14]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2017-03-17 22:15:15]

Dry run: Try jobs failed on following builders:
  mac_chromium_rel_ng on master.tryserver.chromium.mac (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.mac/builders/mac_chromium_rel_...)

[ryanchung, 2017-03-20 21:38:30]

The CQ bit was checked by ryanchung@chromium.org

[ryanchung, 2017-03-20 21:38:31]

The patchset sent to the CQ was uploaded after l-g-t-m from mfoltz@chromium.org,
isherman@chromium.org
Link to the patchset: https://codereview.chromium.org/2709523008/#ps180001
(title: "Helper function for histograms")

[commit-bot: I haz the power, 2017-03-20 21:39:20]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-03-21 00:50:39]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2017-03-21 00:50:41]

Failed to apply patch for extensions/browser/api/cast_channel/cast_socket.cc:
While running git apply --index -p1;
  error: patch failed: extensions/browser/api/cast_channel/cast_socket.cc:618
  error: extensions/browser/api/cast_channel/cast_socket.cc: patch does not
apply

Patch:       extensions/browser/api/cast_channel/cast_socket.cc
Index: extensions/browser/api/cast_channel/cast_socket.cc
diff --git a/extensions/browser/api/cast_channel/cast_socket.cc
b/extensions/browser/api/cast_channel/cast_socket.cc
index
3bb675cf3fd9f74b4424d13044a8cf14ba0d7d99..0a6738bfde9c618027fd4c57b044c44d73407447
100644
--- a/extensions/browser/api/cast_channel/cast_socket.cc
+++ b/extensions/browser/api/cast_channel/cast_socket.cc
@@ -114,6 +114,25 @@ CastSocketImpl::CastSocketImpl(const std::string&
owner_extension_id,
                                bool keep_alive,
                                const scoped_refptr<Logger>& logger,
                                uint64_t device_capabilities)
+    : CastSocketImpl(owner_extension_id,
+                     ip_endpoint,
+                     channel_auth,
+                     net_log,
+                     timeout,
+                     keep_alive,
+                     logger,
+                     device_capabilities,
+                     AuthContext::Create()) {}
+
+CastSocketImpl::CastSocketImpl(const std::string& owner_extension_id,
+                               const net::IPEndPoint& ip_endpoint,
+                               ChannelAuthType channel_auth,
+                               net::NetLog* net_log,
+                               const base::TimeDelta& timeout,
+                               bool keep_alive,
+                               const scoped_refptr<Logger>& logger,
+                               uint64_t device_capabilities,
+                               const AuthContext& auth_context)
     : CastSocket(owner_extension_id),
       owner_extension_id_(owner_extension_id),
       channel_id_(0),
@@ -122,6 +141,7 @@ CastSocketImpl::CastSocketImpl(const std::string&
owner_extension_id,
       net_log_(net_log),
       keep_alive_(keep_alive),
       logger_(logger),
+      auth_context_(auth_context),
       connect_timeout_(timeout),
       connect_timeout_timer_(new base::OneShotTimer),
       is_canceled_(false),
@@ -235,7 +255,7 @@ bool CastSocketImpl::VerifyChannelPolicy(const AuthResult&
result) {
 bool CastSocketImpl::VerifyChallengeReply() {
   DCHECK(peer_cert_);
   AuthResult result =
-      AuthenticateChallengeReply(*challenge_reply_, *peer_cert_);
+      AuthenticateChallengeReply(*challenge_reply_, *peer_cert_,
auth_context_);
   logger_->LogSocketChallengeReplyEvent(channel_id_, result);
   if (result.success()) {
     VLOG(1) << result.error_message;
@@ -450,7 +470,7 @@ int CastSocketImpl::DoAuthChallengeSend() {
   SetConnectState(proto::CONN_STATE_AUTH_CHALLENGE_SEND_COMPLETE);
 
   CastMessage challenge_message;
-  CreateAuthChallengeMessage(&challenge_message);
+  CreateAuthChallengeMessage(&challenge_message, auth_context_);
   VLOG_WITH_CONNECTION(1) << "Sending challenge: "
                           << CastMessageToString(challenge_message);
 
@@ -618,6 +638,7 @@ void CastSocketImpl::SetErrorState(ChannelError error_state)
{
   logger_->LogSocketErrorState(channel_id_, ErrorStateToProto(error_state_));
   delegate_->OnError(error_state_);
 }
+
 }  // namespace cast_channel
 }  // namespace api
 }  // namespace extensions

[ryanchung, 2017-03-21 01:22:28]

The CQ bit was checked by ryanchung@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2017-03-21 01:23:06]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-03-21 02:58:20]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2017-03-21 02:58:22]

Dry run: This issue passed the CQ dry run.

[ryanchung, 2017-03-21 03:11:51]

The CQ bit was checked by ryanchung@chromium.org

[ryanchung, 2017-03-21 03:11:52]

The patchset sent to the CQ was uploaded after l-g-t-m from mfoltz@chromium.org,
isherman@chromium.org
Link to the patchset: https://codereview.chromium.org/2709523008/#ps200001
(title: "Rebase-only")

[commit-bot: I haz the power, 2017-03-21 03:12:08]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2017-03-21 03:19:55]

CQ is committing da patch.

Bot data: {"patchset_id": 200001, "attempt_start_ts": 1490065911520710,
"parent_rev": "a4258cad75d8cc63170555cc74bd584b5bfca965", "commit_rev":
"308019e846c5f06e679550aadd002b888a9690a0"}

[commit-bot: I haz the power, 2017-03-21 03:20:37]

Description was changed from

==========
[Cast Channel] Add support for nonce challenge to Cast channel authentication.

Include feature flag and histograms.
A nonce challenge is sent to the Cast receiver. The challenge is expected
to be included in the signature supplied in the authentication response.

BUG=694868
==========

to

==========
[Cast Channel] Add support for nonce challenge to Cast channel authentication.

Include feature flag and histograms.
A nonce challenge is sent to the Cast receiver. The challenge is expected
to be included in the signature supplied in the authentication response.

BUG=694868

Review-Url: https://codereview.chromium.org/2709523008
Cr-Commit-Position: refs/heads/master@{#458292}
Committed:
https://chromium.googlesource.com/chromium/src/+/308019e846c5f06e679550aadd00...
==========

[commit-bot: I haz the power, 2017-03-21 03:20:38]

Committed patchset #11 (id:200001) as
https://chromium.googlesource.com/chromium/src/+/308019e846c5f06e679550aadd00...