WebKit Bugzilla
Attachment 372918 Details for
Bug 199223
: [SOUP] WebSockets: handle TLS certificate and errors
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch
wk2-websockets-tls.diff (text/plain), 2.94 KB, created by
Carlos Garcia Campos
on 2019-06-26 05:33:13 PDT
(
hide
)
Description:
Patch
Filename:
MIME Type:
Creator:
Carlos Garcia Campos
Created:
2019-06-26 05:33:13 PDT
Size:
2.94 KB
patch
obsolete
>diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index b52cbac8a79..500265fdf84 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,17 @@ >+2019-06-26 Carlos Garcia Campos <cgarcia@igalia.com> >+ >+ [SOUP] WebSockets: handle TLS certificate and errors >+ https://bugs.webkit.org/show_bug.cgi?id=199223 >+ >+ Reviewed by NOBODY (OOPS!). >+ >+ Connect to accept-certificate signal on the WebSocket message connection to decide what to do in case of TLS errors. >+ >+ * NetworkProcess/soup/NetworkSessionSoup.cpp: >+ (WebKit::webSocketAcceptCertificateCallback): >+ (WebKit::webSocketMessageNetworkEventCallback): >+ (WebKit::NetworkSessionSoup::createWebSocketTask): >+ > 2019-06-26 Carlos Garcia Campos <cgarcia@igalia.com> > > WebSockets: add support for sending blob messages when using web sockets platform APIs >diff --git a/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.cpp b/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.cpp >index 5337f8417e5..70d9137c59d 100644 >--- a/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.cpp >+++ b/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.cpp >@@ -30,6 +30,7 @@ > #include "NetworkSessionCreationParameters.h" > #include "WebCookieManager.h" > #include "WebSocketTaskSoup.h" >+#include <WebCore/DeprecatedGlobalSettings.h> > #include <WebCore/NetworkStorageSession.h> > #include <WebCore/ResourceRequest.h> > #include <WebCore/SoupNetworkSession.h> >@@ -67,6 +68,22 @@ void NetworkSessionSoup::clearCredentials() > #endif > } > >+static gboolean webSocketAcceptCertificateCallback(GTlsConnection*, GTlsCertificate* certificate, GTlsCertificateFlags errors, SoupMessage* soupMessage) >+{ >+ if (DeprecatedGlobalSettings::allowsAnySSLCertificate()) >+ return TRUE; >+ >+ return !SoupNetworkSession::checkTLSErrors(soupURIToURL(soup_message_get_uri(soupMessage)), certificate, errors); >+} >+ >+static void webSocketMessageNetworkEventCallback(SoupMessage* soupMessage, GSocketClientEvent event, GIOStream* connection) >+{ >+ if (event != G_SOCKET_CLIENT_TLS_HANDSHAKING) >+ return; >+ >+ g_signal_connect(connection, "accept-certificate", G_CALLBACK(webSocketAcceptCertificateCallback), soupMessage); >+} >+ > std::unique_ptr<WebSocketTask> NetworkSessionSoup::createWebSocketTask(NetworkSocketChannel& channel, const ResourceRequest& request, const String& protocol) > { > GUniquePtr<SoupURI> soupURI = request.createSoupURI(); >@@ -75,6 +92,8 @@ std::unique_ptr<WebSocketTask> NetworkSessionSoup::createWebSocketTask(NetworkSo > > GRefPtr<SoupMessage> soupMessage = adoptGRef(soup_message_new_from_uri(SOUP_METHOD_GET, soupURI.get())); > request.updateSoupMessage(soupMessage.get()); >+ if (request.url().protocolIs("wss")) >+ g_signal_connect(soupMessage.get(), "network-event", G_CALLBACK(webSocketMessageNetworkEventCallback), nullptr); > return std::make_unique<WebSocketTask>(channel, soupSession(), soupMessage.get(), protocol); > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=372918">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
mcatanzaro
:
review+
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 199223
: 372918