commit cc4d54ed02fc90b64c8567f4abb7ca5ce9fc35ee
author Andreea Costinas <acostinas@google.com> Mon Oct 19 15:46:25 2020 +0200
committer Commit Bot <commit-bot@chromium.org> Wed Nov 04 11:45:05 2020 +0000
tree 9003b4c8e3956bd7673c43a3bc440f441bdea4b2
parent ed9ddfcd376a8c134215d8ba689f66c469f3d7eb

system-proxy: Secure system credentials

Currently System-proxy sends the policy set credentials with every
connect request to a remote proxy. Since less secure authentication
schemes send the credentials in clear to the proxy, an attacker can
easily obtain the policy set credentials.

To protect against a downgrade attack, this CL restricts the auth
schemes for which the policy  set credentials can be applied.

BUG=chromium:1132247
TEST=HttpServerProxyConnectJobTest.PolicyAuth*

Change-Id: I17e2d3e38b1560f0fadf347657bd3f4b6e1bae09
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/2483831
Tested-by: Andreea-Elena Costinas <acostinas@google.com>
Commit-Queue: Andreea-Elena Costinas <acostinas@google.com>
Reviewed-by: Pavol Marko <pmarko@chromium.org>

system-proxy/connect_headers_parser_fuzzer.cc

diff --git a/system-proxy/connect_headers_parser_fuzzer.cc b/system-proxy/connect_headers_parser_fuzzer.cc
index 838710c..e8bf56e 100644
--- a/system-proxy/connect_headers_parser_fuzzer.cc
+++ b/system-proxy/connect_headers_parser_fuzzer.cc
@@ -8,6 +8,8 @@
 #include <sys/socket.h>
 #include <sys/types.h>
 
+#include <curl/curl.h>
+
 #include <base/bind.h>
 #include <base/files/file_util.h>
 #include <base/logging.h>
@@ -72,6 +74,7 @@
 
   auto connect_job = std::make_unique<system_proxy::ProxyConnectJob>(
       std::make_unique<patchpanel::Socket>(base::ScopedFD(fds[0])), "",
+      CURLAUTH_ANY,
       base::BindOnce(&ResolveProxyCallback, run_loop.QuitClosure()),
       base::BindRepeating(&NullAuthenticationRequiredCallback),
       base::BindOnce(&OnConnectionSetupFinished, run_loop.QuitClosure()));