[SOUP] Default kerberos authentication credentials are used in epheme…

…ral (private) mode https://bugs.webkit.org/show_bug.cgi?id=177738 Reviewed by Carlos Garcia Campos. If the session is ephemeral then don't enable the Negotiate support in our SoupSession. * platform/network/soup/NetworkStorageSessionSoup.cpp: Pass the session ID if it's known to the SoupNetworkSession. (WebCore::NetworkStorageSession::ensurePrivateBrowsingSession): (WebCore::NetworkStorageSession::getOrCreateSoupNetworkSession const): * platform/network/soup/SoupNetworkSession.cpp: (WebCore::SoupNetworkSession::SoupNetworkSession): If the session is ephemeral (based on given session ID) then don't activate the Negotiate support in SoupSession. * platform/network/soup/SoupNetworkSession.h: Change the constructor to accept the PAL::SessionID with the default value set to PAL::SessionID::emptySessionID. Canonical link: https://commits.webkit.org/193989@main git-svn-id: https://svn.webkit.org/repository/webkit/trunk@222706 268f45cc-cd09-0410-ab3c-d52691b4dbfc
WebKit · Oct 2, 2017 · e29393e2bd1a90d9b5b1634446278dea818a09da · e29393e
1 parent 573acd4
commit e29393e2bd1a90d9b5b1634446278dea818a09da
Showing with 28 additions and 5 deletions.

+22 −0 Source/WebCore/ChangeLog

+2 −2 Source/WebCore/platform/network/soup/NetworkStorageSessionSoup.cpp

+2 −2 Source/WebCore/platform/network/soup/SoupNetworkSession.cpp

+2 −1 Source/WebCore/platform/network/soup/SoupNetworkSession.h
diff --git a/Source/WebCore/ChangeLog b/Source/WebCore/ChangeLog
@@ -1,3 +1,25 @@
+2017-10-02  Tomas Popela  <tpopela@redhat.com>
+
+        [SOUP] Default kerberos authentication credentials are used in ephemeral (private) mode
+        https://bugs.webkit.org/show_bug.cgi?id=177738
+
+        Reviewed by Carlos Garcia Campos.
+
+        If the session is ephemeral then don't enable the Negotiate support in
+        our SoupSession.
+
+        * platform/network/soup/NetworkStorageSessionSoup.cpp: Pass the
+        session ID if it's known to the SoupNetworkSession.
+        (WebCore::NetworkStorageSession::ensurePrivateBrowsingSession):
+        (WebCore::NetworkStorageSession::getOrCreateSoupNetworkSession const):
+        * platform/network/soup/SoupNetworkSession.cpp:
+        (WebCore::SoupNetworkSession::SoupNetworkSession): If the session is
+        ephemeral (based on given session ID) then don't activate the
+        Negotiate support in SoupSession.
+        * platform/network/soup/SoupNetworkSession.h:
+        Change the constructor to accept the PAL::SessionID with the default
+        value set to PAL::SessionID::emptySessionID.
+
 2017-10-02  Joanmarie Diggs  <jdiggs@igalia.com>
 
         REGRESSION(r222640) [GTK] Build broken with ATK 2.14

diff --git a/Source/WebCore/platform/network/soup/NetworkStorageSessionSoup.cpp b/Source/WebCore/platform/network/soup/NetworkStorageSessionSoup.cpp
@@ -83,7 +83,7 @@ void NetworkStorageSession::ensurePrivateBrowsingSession(PAL::SessionID sessionI
 {
     ASSERT(sessionID != PAL::SessionID::defaultSessionID());
     ASSERT(!globalSessionMap().contains(sessionID));
-    globalSessionMap().add(sessionID, std::make_unique<NetworkStorageSession>(sessionID, std::make_unique<SoupNetworkSession>()));
+    globalSessionMap().add(sessionID, std::make_unique<NetworkStorageSession>(sessionID, std::make_unique<SoupNetworkSession>(sessionID)));
 }
 
 void NetworkStorageSession::ensureSession(PAL::SessionID, const String&)
@@ -99,7 +99,7 @@ void NetworkStorageSession::switchToNewTestingSession()
 SoupNetworkSession& NetworkStorageSession::getOrCreateSoupNetworkSession() const
 {
     if (!m_session)
-        m_session = std::make_unique<SoupNetworkSession>(m_cookieStorage.get());
+        m_session = std::make_unique<SoupNetworkSession>(m_sessionID, m_cookieStorage.get());
     return *m_session;
 }
 

diff --git a/Source/WebCore/platform/network/soup/SoupNetworkSession.cpp b/Source/WebCore/platform/network/soup/SoupNetworkSession.cpp
@@ -113,7 +113,7 @@ static void requestStartedCallback(SoupSession*, SoupMessage* soupMessage, SoupS
 }
 #endif
 
-SoupNetworkSession::SoupNetworkSession(SoupCookieJar* cookieJar)
+SoupNetworkSession::SoupNetworkSession(PAL::SessionID sessionID, SoupCookieJar* cookieJar)
     : m_soupSession(adoptGRef(soup_session_async_new()))
 {
     // Values taken from http://www.browserscope.org/ following
@@ -147,7 +147,7 @@ SoupNetworkSession::SoupNetworkSession(SoupCookieJar* cookieJar)
         setAcceptLanguages(gInitialAcceptLanguages);
 
 #if SOUP_CHECK_VERSION(2, 53, 92)
-    if (soup_auth_negotiate_supported()) {
+    if (soup_auth_negotiate_supported() && !sessionID.isEphemeral()) {
         g_object_set(m_soupSession.get(),
             SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_AUTH_NEGOTIATE,
             nullptr);

diff --git a/Source/WebCore/platform/network/soup/SoupNetworkSession.h b/Source/WebCore/platform/network/soup/SoupNetworkSession.h
@@ -27,6 +27,7 @@
 #define SoupNetworkSession_h
 
 #include <glib-object.h>
+#include <pal/SessionID.h>
 #include <wtf/Function.h>
 #include <wtf/Noncopyable.h>
 #include <wtf/glib/GRefPtr.h>
@@ -47,7 +48,7 @@ struct SoupNetworkProxySettings;
 class SoupNetworkSession {
     WTF_MAKE_NONCOPYABLE(SoupNetworkSession); WTF_MAKE_FAST_ALLOCATED;
 public:
-    explicit SoupNetworkSession(SoupCookieJar* = nullptr);
+    explicit SoupNetworkSession(PAL::SessionID = PAL::SessionID::defaultSessionID(), SoupCookieJar* = nullptr);
     ~SoupNetworkSession();
 
     SoupSession* soupSession() const { return m_soupSession.get(); }