Changeset 194323 in webkit

Timestamp:

Dec 20, 2015 5:19:41 PM (8 years ago)

Author:

Michael Catanzaro

Message:

[SOUP] Performs DNS prefetch when a proxy is configured (information leak)
​https://bugs.webkit.org/show_bug.cgi?id=145542

Reviewed by Darin Adler.

Source/WebCore:

Perform DNS prefetch only when no proxy is configured.

No new tests. Test this manually with Wireshark. Run the simple-proxy example program found
in libsoup's examples directory, set that as your system HTTP proxy, and see if DNS queries
show up in Wireshark when refreshing a page sent over HTTP. They should appear only when the
proxy is not configured.

• platform/network/DNSResolveQueue.cpp:

(WebCore::DNSResolveQueue::DNSResolveQueue):
(WebCore::DNSResolveQueue::isUsingProxy):

• platform/network/DNSResolveQueue.h:
• platform/network/cf/DNSCFNet.cpp:

(WebCore::DNSResolveQueue::updateIsUsingProxy):
(WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Deleted.

• platform/network/soup/DNSSoup.cpp:

(WebCore::didResolveProxy):
(WebCore::proxyResolvedForHttpUriCallback):
(WebCore::proxyResolvedForHttpsUriCallback):
(WebCore::DNSResolveQueue::updateIsUsingProxy):
(WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Deleted.

Source/WTF:

Specialize GUniquePtr<char*>, using g_strfreev.

• wtf/glib/GUniquePtr.h:

Location:

trunk/Source

Files:

• WTF/ChangeLog (modified) (1 diff)
• WTF/wtf/glib/GUniquePtr.h (modified) (1 diff)
• WebCore/ChangeLog (modified) (1 diff)
• WebCore/platform/network/DNSResolveQueue.cpp (modified) (2 diffs)
• WebCore/platform/network/DNSResolveQueue.h (modified) (2 diffs)
• WebCore/platform/network/cf/DNSCFNet.cpp (modified) (2 diffs)
• WebCore/platform/network/soup/DNSSoup.cpp (modified) (1 diff)

trunk/Source/WTF/ChangeLog

@@ +1 @@
+2015-12-20  Michael Catanzaro  <mcatanzaro@igalia.com>
+
+        [SOUP] Performs DNS prefetch when a proxy is configured (information leak)
+        https://bugs.webkit.org/show_bug.cgi?id=145542
+
+        Reviewed by Darin Adler.
+
+        Specialize GUniquePtr<char*>, using g_strfreev.
+
+        * wtf/glib/GUniquePtr.h:
+
 2015-12-19  Dan Bernstein  <mitz@apple.com>
 

trunk/Source/WTF/wtf/glib/GUniquePtr.h

@@ -44 +44 @@
     macro(GDir, g_dir_close) \
     macro(GTimer, g_timer_destroy) \
-    macro(GKeyFile, g_key_file_free)
+    macro(GKeyFile, g_key_file_free) \
+    macro(char*, g_strfreev)
 
 #define WTF_DEFINE_GPTR_DELETER(typeName, deleterFunc) \

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2015-12-20  Michael Catanzaro  <mcatanzaro@igalia.com>
+
+        [SOUP] Performs DNS prefetch when a proxy is configured (information leak)
+        https://bugs.webkit.org/show_bug.cgi?id=145542
+
+        Reviewed by Darin Adler.
+
+        Perform DNS prefetch only when no proxy is configured.
+
+        No new tests. Test this manually with Wireshark. Run the simple-proxy example program found
+        in libsoup's examples directory, set that as your system HTTP proxy, and see if DNS queries
+        show up in Wireshark when refreshing a page sent over HTTP. They should appear only when the
+        proxy is not configured.
+
+        * platform/network/DNSResolveQueue.cpp:
+        (WebCore::DNSResolveQueue::DNSResolveQueue):
+        (WebCore::DNSResolveQueue::isUsingProxy):
+        * platform/network/DNSResolveQueue.h:
+        * platform/network/cf/DNSCFNet.cpp:
+        (WebCore::DNSResolveQueue::updateIsUsingProxy):
+        (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Deleted.
+        * platform/network/soup/DNSSoup.cpp:
+        (WebCore::didResolveProxy):
+        (WebCore::proxyResolvedForHttpUriCallback):
+        (WebCore::proxyResolvedForHttpsUriCallback):
+        (WebCore::DNSResolveQueue::updateIsUsingProxy):
+        (WebCore::DNSResolveQueue::platformProxyIsEnabledInSystemPreferences): Deleted.
+
 2015-12-20  Dan Bernstein  <mitz@apple.com>
 

trunk/Source/WebCore/platform/network/DNSResolveQueue.cpp

@@ -61 +61 @@
     : m_timer(*this, &DNSResolveQueue::timerFired)
     , m_requestsInFlight(0)
-    , m_cachedProxyEnabledStatus(false)
+    , m_isUsingProxy(true)
     , m_lastProxyEnabledStatusCheckTime(0)
 {
+    // isUsingProxy will return the initial value of m_isUsingProxy at first on
+    // platforms that have an asynchronous implementation of updateIsUsingProxy,
+    // so initialize it to true so we won't prefetch before we know if we are using a proxy.
 }
 
+// Don't do DNS prefetch if proxies are involved. For many proxy types, the user agent is never
+// exposed to the IP address during normal operation. Querying an internal DNS server may not help
+// performance, as it doesn't necessarily look up the actual external IP. Also, if DNS returns a
+// fake internal address, local caches may keep it even after re-connecting to another network.
 bool DNSResolveQueue::isUsingProxy()
 {
@@ -72 +79 @@
     if (time - m_lastProxyEnabledStatusCheckTime > minimumProxyCheckDelay) {
         m_lastProxyEnabledStatusCheckTime = time;
-        m_cachedProxyEnabledStatus = platformProxyIsEnabledInSystemPreferences();
+        updateIsUsingProxy();
     }
-    return m_cachedProxyEnabledStatus;
+    return m_isUsingProxy;
 }
 

trunk/Source/WebCore/platform/network/DNSResolveQueue.h

@@ -53 +53 @@
     bool isUsingProxy();
 
-    bool platformProxyIsEnabledInSystemPreferences();
+    void updateIsUsingProxy();
     void platformResolve(const String&);
 
@@ -62 +62 @@
     HashSet<String> m_names;
     std::atomic<int> m_requestsInFlight;
-    bool m_cachedProxyEnabledStatus;
+    bool m_isUsingProxy;
     double m_lastProxyEnabledStatusCheckTime;
 };

trunk/Source/WebCore/platform/network/cf/DNSCFNet.cpp

@@ -49 +49 @@
 namespace WebCore {
 
-bool DNSResolveQueue::platformProxyIsEnabledInSystemPreferences()
+void DNSResolveQueue::updateIsUsingProxy()
 {
-    // Don't do DNS prefetch if proxies are involved. For many proxy types, the user agent is never exposed
-    // to the IP address during normal operation. Querying an internal DNS server may not help performance,
-    // as it doesn't necessarily look up the actual external IP. Also, if DNS returns a fake internal address,
-    // local caches may keep it even after re-connecting to another network.
-
     RetainPtr<CFDictionaryRef> proxySettings = adoptCF(CFNetworkCopySystemProxySettings());
-    if (!proxySettings)
-        return false;
+    if (!proxySettings) {
+        m_isUsingProxy = false;
+        return;
+    }
 
     RetainPtr<CFURLRef> httpCFURL = URL(ParsedURLString, "http://example.com/").createCFURL();
@@ -73 +70 @@
         httpsProxyCount = 0;
 
-    return httpProxyCount || httpsProxyCount;
+    m_isUsingProxy = httpProxyCount || httpsProxyCount;
 }
 

trunk/Source/WebCore/platform/network/soup/DNSSoup.cpp

@@ -34 +34 @@
 #include <libsoup/soup.h>
 #include <wtf/MainThread.h>
+#include <wtf/glib/GUniquePtr.h>
 #include <wtf/text/CString.h>
 
 namespace WebCore {
 
-// There is no current reliable way to know if we're behind a proxy at
-// this level. We'll have to implement it in
-// SoupSession/SoupProxyURIResolver/GProxyResolver
-bool DNSResolveQueue::platformProxyIsEnabledInSystemPreferences()
+// Initially true to ensure prefetch stays disabled until we have proxy settings.
+static bool isUsingHttpProxy = true;
+static bool isUsingHttpsProxy = true;
+
+static bool didResolveProxy(char** uris)
 {
-    return false;
+    // We have a list of possible proxies to use for the URI. If the first item in the list is
+    // direct:// (the usual case), then the user prefers not to use a proxy. This is similar to
+    // resolving hostnames: there could be many possibilities returned in order of preference, and
+    // if we're trying to connect we should attempt each one in order, but here we are not trying
+    // to connect, merely to decide whether a proxy "should" be used.
+    return uris && *uris && strcmp(*uris, "direct://");
+}
+
+static void didResolveProxy(GProxyResolver* resolver, GAsyncResult* result, bool* isUsingProxyType, bool* isUsingProxy)
+{
+    GUniqueOutPtr<GError> error;
+    GUniquePtr<char*> uris(g_proxy_resolver_lookup_finish(resolver, result, &error.outPtr()));
+    if (error) {
+        WTFLogAlways("Error determining system proxy settings: %s", error->message);
+        return;
+    }
+
+    *isUsingProxyType = didResolveProxy(uris.get());
+    *isUsingProxy = isUsingHttpProxy || isUsingHttpsProxy;
+}
+
+static void proxyResolvedForHttpUriCallback(GObject* source, GAsyncResult* result, void* userData)
+{
+    didResolveProxy(G_PROXY_RESOLVER(source), result, &isUsingHttpProxy, static_cast<bool*>(userData));
+}
+
+static void proxyResolvedForHttpsUriCallback(GObject* source, GAsyncResult* result, void* userData)
+{
+    didResolveProxy(G_PROXY_RESOLVER(source), result, &isUsingHttpsProxy, static_cast<bool*>(userData));
+}
+
+void DNSResolveQueue::updateIsUsingProxy()
+{
+    GRefPtr<GProxyResolver> resolver;
+    g_object_get(SoupNetworkSession::defaultSession().soupSession(), "proxy-resolver", &resolver.outPtr(), nullptr);
+    ASSERT(resolver);
+
+    g_proxy_resolver_lookup_async(resolver.get(), "http://example.com/", nullptr, proxyResolvedForHttpUriCallback, &m_isUsingProxy);
+    g_proxy_resolver_lookup_async(resolver.get(), "https://example.com/", nullptr, proxyResolvedForHttpsUriCallback, &m_isUsingProxy);
 }