mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

fix: UAF with http auth preferences (3-1-x)

Browse source
This commit is contained in:
deepak1556 2018-12-19 11:03:47 +05:30
parent 349f10d779
commit e7688723f9
2 changed files with 21 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
atom/browser/net/url_request_context_getter.cc
View file

@ -308,6 +308,7 @@ void URLRequestContextGetter::NotifyContextShuttingDown(
context_shutting_down_ = true; context_shutting_down_ = true;
resource_context.reset(); resource_context.reset();
http_auth_preferences_.reset();
net::URLRequestContextGetter::NotifyContextShuttingDown(); net::URLRequestContextGetter::NotifyContextShuttingDown();
} }
@ -341,22 +342,32 @@ net::URLRequestContext* URLRequestContextGetter::GetURLRequestContext() {
host_resolver = std::move(remapped_resolver); host_resolver = std::move(remapped_resolver);
} }
net::HttpAuthPreferences auth_preferences; std::vector<std::string> supported_schemes = {
net::kBasicAuthScheme, net::kDigestAuthScheme,
net::kNegotiateAuthScheme, net::kNtlmAuthScheme};
http_auth_preferences_ =
std::make_unique<net::HttpAuthPreferences>(supported_schemes
#if defined(OS_POSIX)
,
std::string()
#endif
); // NOLINT(whitespace/parens)
// --auth-server-whitelist // --auth-server-whitelist
if (command_line.HasSwitch(switches::kAuthServerWhitelist)) { if (command_line.HasSwitch(switches::kAuthServerWhitelist)) {
auth_preferences.SetServerWhitelist( http_auth_preferences_->SetServerWhitelist(
command_line.GetSwitchValueASCII(switches::kAuthServerWhitelist)); command_line.GetSwitchValueASCII(switches::kAuthServerWhitelist));
} }
// --auth-negotiate-delegate-whitelist // --auth-negotiate-delegate-whitelist
if (command_line.HasSwitch(switches::kAuthNegotiateDelegateWhitelist)) { if (command_line.HasSwitch(switches::kAuthNegotiateDelegateWhitelist)) {
auth_preferences.SetDelegateWhitelist(command_line.GetSwitchValueASCII( http_auth_preferences_->SetDelegateWhitelist(
switches::kAuthNegotiateDelegateWhitelist)); command_line.GetSwitchValueASCII(
switches::kAuthNegotiateDelegateWhitelist));
} }
auto http_auth_handler_factory = auto http_auth_handler_factory =
net::HttpAuthHandlerRegistryFactory::CreateDefault(host_resolver.get()); net::HttpAuthHandlerRegistryFactory::Create(
http_auth_handler_factory->SetHttpAuthPreferences(net::kNegotiateAuthScheme, http_auth_preferences_.get(), host_resolver.get());
&auth_preferences);
builder->SetHttpAuthHandlerFactory(std::move(http_auth_handler_factory)); builder->SetHttpAuthHandlerFactory(std::move(http_auth_handler_factory));
builder->set_host_resolver(std::move(host_resolver)); builder->set_host_resolver(std::move(host_resolver));
builder->set_ct_verifier(std::make_unique<net::MultiLogCTVerifier>()); builder->set_ct_verifier(std::make_unique<net::MultiLogCTVerifier>());

4
atom/browser/net/url_request_context_getter.h
View file

@ -24,8 +24,9 @@ class RequireCTDelegate;
} // namespace brightray } // namespace brightray
namespace net { namespace net {
class HttpAuthPreferences;
class NetLog; class NetLog;
} } // namespace net
namespace atom { namespace atom {
@ -100,6 +101,7 @@ class URLRequestContextGetter : public net::URLRequestContextGetter {
std::unique_ptr<brightray::RequireCTDelegate> ct_delegate_; std::unique_ptr<brightray::RequireCTDelegate> ct_delegate_;
std::unique_ptr<AtomURLRequestJobFactory> top_job_factory_; std::unique_ptr<AtomURLRequestJobFactory> top_job_factory_;
std::unique_ptr<net::HttpAuthPreferences> http_auth_preferences_;
std::unique_ptr<network::mojom::NetworkContext> network_context_; std::unique_ptr<network::mojom::NetworkContext> network_context_;
net::NetLog* net_log_; net::NetLog* net_log_;