Context Navigation

← Previous Changeset
Next Changeset →

Changeset 260322 in webkit

Timestamp:

Apr 18, 2020 2:39:16 PM (4 years ago)

Author:

commit-queue@webkit.org

Message:

Fix client certificate authentication when using non-default WKWebsiteDataStores
https://bugs.webkit.org/show_bug.cgi?id=210681

Patch by Alex Christensen <achristensen@webkit.org> on 2020-04-18
Reviewed by Brady Eidson.

Source/WebKit:

NetworkProcessProxy was trying to keep a map of WebsiteDataStores, but it wasn't as accurate as the one WebsiteDataStore was maintaining.
Use the latter map instead and client certificate authentication works. Otherwise, the credential isn't serialized correctly.
I found this while working on <rdar://problem/60340449> but this was unrelated so I put it in a different change.
This may fix <rdar://problem/60910392>.

UIProcess/Network/NetworkProcessProxy.cpp:

(WebKit::NetworkProcessProxy::websiteDataStoreFromSessionID):

Tools:

TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm:

(TestWebKitAPI::TEST):

Location:

trunk

Files:

: 5 edited

Source/WebKit/ChangeLog (modified) (1 diff)
Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp (modified) (3 diffs)
Source/WebKit/UIProcess/Network/NetworkProcessProxy.h (modified) (1 diff)
Tools/ChangeLog (modified) (1 diff)
Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/Source/WebKit/ChangeLog

-                      r260318
+                      r260322
+-04-18  Alex Christensen  <achristensen@webkit.org>
+        Fix client certificate authentication when using non-default WKWebsiteDataStores
+        https://bugs.webkit.org/show_bug.cgi?id=210681
+        Reviewed by Brady Eidson.
+        NetworkProcessProxy was trying to keep a map of WebsiteDataStores, but it wasn't as accurate as the one WebsiteDataStore was maintaining.
+        Use the latter map instead and client certificate authentication works.  Otherwise, the credential isn't serialized correctly.
+        I found this while working on <rdar://problem/60340449> but this was unrelated so I put it in a different change.
+        This may fix <rdar://problem/60910392>.
+        * UIProcess/Network/NetworkProcessProxy.cpp:
+        (WebKit::NetworkProcessProxy::websiteDataStoreFromSessionID):
 -04-18  Pablo Saavedra  <psaavedra@igalia.com>

trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp

r260303	r260322
85	85	{
86	86	connect();
87
88		~~if (auto* websiteDataStore = m_processPool.websiteDataStore())~~
89		~~m_websiteDataStores.set(websiteDataStore->sessionID(), makeRef(*websiteDataStore));~~
90	87	}
91	88
…	…
1204	1201	createSymLinkForFileUpgrade(store->resolvedIndexedDatabaseDirectory());
1205	1202	#endif
1206		~~m_websiteDataStores.set(sessionID, WTFMove(store));~~
1207	1203	}
1208	1204	}
…	…
1212	1208	if (canSendMessage())
1213	1209	send(Messages::NetworkProcess::DestroySession { sessionID }, 0);
1214		~~if (!sessionID.isEphemeral())~~
1215		~~m_websiteDataStores.remove(sessionID);~~
1216	1210	}
1217	1211
1218	1212	WebsiteDataStore* NetworkProcessProxy::websiteDataStoreFromSessionID(PAL::SessionID sessionID)
1219	1213	{
1220		auto iterator = m_websiteDataStores.find(sessionID);
1221		if (iterator != m_websiteDataStores.end())
1222		return iterator->value.get();
1223
1224		if (auto* websiteDataStore = m_processPool.websiteDataStore()) {
1225		if (sessionID == websiteDataStore->sessionID())
1226		return websiteDataStore;
1227		}
1228
1229		if (sessionID != PAL::SessionID::defaultSessionID())
1230		return nullptr;
1231
1232		return WebKit::WebsiteDataStore::defaultDataStore().ptr();
	1214	if (sessionID == PAL::SessionID::defaultSessionID())
	1215	return WebsiteDataStore::defaultDataStore().ptr();
	1216	return WebsiteDataStore::existingNonDefaultDataStoreForSessionID(sessionID);
1233	1217	}
1234	1218

trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.h

r260303	r260322
310	310	#endif
311	311
312		~~HashMap<PAL::SessionID, RefPtr<WebsiteDataStore>> m_websiteDataStores;~~
313
314	312	struct UploadActivity {
315	313	std::unique_ptr<ProcessAssertion> uiAssertion;

trunk/Tools/ChangeLog

-                      r260303
+                      r260322
+-04-18  Alex Christensen  <achristensen@webkit.org>
+        Fix client certificate authentication when using non-default WKWebsiteDataStores
+        https://bugs.webkit.org/show_bug.cgi?id=210681
+        Reviewed by Brady Eidson.
+        * TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm:
+        (TestWebKitAPI::TEST):
 -04-17  Kate Cheney  <katherine_cheney@apple.com>

trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm

-                      r260302
+                      r260322
+}
+TEST(MultipleClientCertificateConnections, NonPersistentDataStore)
+{
+    auto server = clientCertServer();
+    Vector<RetainPtr<NSString>> methods;
+    auto delegate = adoptNS([TestNavigationDelegate new]);
+    delegate.get().didReceiveAuthenticationChallenge = challengeHandler(methods).get();
+    auto configuration = adoptNS([WKWebViewConfiguration new]);
+    [configuration setWebsiteDataStore:[WKWebsiteDataStore nonPersistentDataStore]];
+    auto webView = adoptNS([[WKWebView alloc] initWithFrame:CGRectZero configuration:configuration.get()]);
+    [webView setNavigationDelegate:delegate.get()];
+    [webView loadRequest:server.request()];
+    [delegate waitForDidFinishNavigation];
+    EXPECT_EQ(countClientCertChallenges(methods), 1u);
+}
 #endif // HAVE(NETWORK_FRAMEWORK)

Note: See TracChangeset for help on using the changeset viewer.