Skip to content
Find file Blame History Permalink
  • carlosgc@webkit.org's avatar
    Handle SSL errors for SOUP · 1d3af0fb
    carlosgc@webkit.org authored 
    https://bugs.webkit.org/show_bug.cgi?id=90267

Reviewed by Martin Robinson.

Source/WebCore:

No new tests, this is covered by existing tests.

* platform/LocalizedStrings.h:
(WebCore): Add unacceptableTLSCertificate() for SOUP.
* platform/efl/LocalizedStringsEfl.cpp:
(WebCore::unacceptableTLSCertificate):
* platform/gtk/LocalizedStringsGtk.cpp:
(WebCore::unacceptableTLSCertificate):
* platform/network/ResourceHandle.h:
* platform/network/soup/ResourceError.h:
(WebCore::ResourceError::ResourceError): Add new constructor for
SSL errors that receives a certificate and TLS errors.
(WebCore::ResourceError::tlsErrors): Return TLS errors.
(WebCore::ResourceError::certificate): Return the certificate.
* platform/network/soup/ResourceHandleSoup.cpp:
(HostTLSCertificates): Helper class to store certificates for a
host.
(WebCore::HostTLSCertificateSet::add): Add a new certificate.
(WebCore::HostTLSCertificateSet::contains): Check whether
certificate is stored.
(WebCore::HostTLSCertificateSet::computeCertificateHash): Compute
the SHA1 of the certificate data.
(WebCore::allowsAnyHTTPSCertificateHosts): Global set to store
hostnames for which SSL errors should be ignored.
(WebCore::clientCertificates): Global map to store client
certificates.
(WebCore::hasUnignoredTLSErrors): Helper function to check whether
current message contains TLS errors that shouldn't be ignored and
certificate hasn't been approved already.
(WebCore::sendRequestCallback): Finish the load with an error in
case of SSL errors not handled by the SoupSession.
(WebCore::ResourceHandle::setHostAllowsAnyHTTPSCertificate): Add
the given hostname to the list of hosts for which SSL errors are
ignored.
(WebCore::ResourceHandle::setClientCertificate): Store the client
certificate for the given host.
(WebCore::ResourceHandle::setIgnoreSSLErrors): Set whether all SSL
errors should be ignored.

Source/WebKit/efl:

Ignore SSL errors by default for compatibility.

* ewk/ewk_main.cpp:
(_ewk_init_body):

Source/WebKit/gtk:

Ignore SSL errors by default for compatibility.

* webkit/webkitglobals.cpp:
(webkitInit):

Source/WebKit2:

Ignore SSL errors by default for compatibility.

* WebProcess/efl/WebProcessMainEfl.cpp:
(WebKit::WebProcessMainEfl):
* WebProcess/gtk/WebProcessMainGtk.cpp:
(WebKit::WebProcessMainGtk):

git-svn-id: http://svn.webkit.org/repository/webkit/trunk@125258 268f45cc-cd09-0410-ab3c-d52691b4dbfc
    1d3af0fb