Skip to content

test(sandbox): reject malformed proxy hostnames#1562

Open
mjamiv wants to merge 2 commits into
NVIDIA:mainfrom
mjamiv:test/proxy-hostname-parser-differentials
Open

test(sandbox): reject malformed proxy hostnames#1562
mjamiv wants to merge 2 commits into
NVIDIA:mainfrom
mjamiv:test/proxy-hostname-parser-differentials

Conversation

@mjamiv
Copy link
Copy Markdown
Contributor

@mjamiv mjamiv commented May 25, 2026

Summary

  • reject malformed CONNECT host authorities before policy/DNS handling
  • make OPA network evaluation fail closed for unsafe host strings
  • add regression coverage for NUL/control, percent-encoded, slash, and backslash hostname differentials against wildcard policies

Fixes #1498.

Testing

  • cargo fmt --all -- --check
  • git diff --check
  • cargo test -p openshell-sandbox malformed
  • cargo test -p openshell-sandbox --lib

@mjamiv mjamiv requested review from a team, derekwaynecarr, maxamillion and mrunalp as code owners May 25, 2026 21:56
@copy-pr-bot
Copy link
Copy Markdown

copy-pr-bot Bot commented May 25, 2026

This pull request requires additional validation before any workflows can run on NVIDIA's runners.

Pull request vetters can view their responsibilities here.

Contributors can view more details about this message here.

@mjamiv mjamiv force-pushed the test/proxy-hostname-parser-differentials branch from c36faac to 9ce9fde Compare May 26, 2026 23:17
@mjamiv mjamiv force-pushed the test/proxy-hostname-parser-differentials branch from 9ce9fde to eee1f72 Compare May 29, 2026 03:38
johntmyers
johntmyers reviewed Jun 1, 2026
View reviewed changes
Comment thread crates/openshell-sandbox/src/opa.rs Outdated
&self,
input: &NetworkInput,
) -> Result<(NetworkAction, u64)> {
let generation = self.current_generation();
Copy link
Copy Markdown
Collaborator

@johntmyers johntmyers Jun 1, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was this moved for a specific reason? This could return a generation that doesn't map to the engine snapshot actually used for policy eval if a policy reload happens between reload and a policy reload. Off chance but non-zero. Can we keep the malformed-host fast deny separate and move generation capture back under the engine lock?

@johntmyers
Copy link
Copy Markdown
Collaborator

johntmyers commented Jun 1, 2026

@mjamiv one small question but otherwise looking good

@mjamiv
Copy link
Copy Markdown
Contributor Author

mjamiv commented Jun 2, 2026

Addressed the generation-capture review note in bb0875b.\n\nWhat changed:\n- malformed-host fast deny stays before policy evaluation\n- policy-evaluated network actions now capture the generation after acquiring the OPA engine lock again, so the generation maps to the engine snapshot used for eval\n\nValidation passed:\n- cargo test -p openshell-sandbox malformed\n- cargo test -p openshell-sandbox --lib\n- cargo fmt --all -- --check\n- git diff --check

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@johntmyers johntmyers johntmyers left review comments

@mrunalp mrunalp Awaiting requested review from mrunalp mrunalp is a code owner

@maxamillion maxamillion Awaiting requested review from maxamillion maxamillion is a code owner

@derekwaynecarr derekwaynecarr Awaiting requested review from derekwaynecarr derekwaynecarr is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

test: add regression coverage for proxy hostname parser differentials

2 participants

@mjamiv @johntmyers