Modified: trunk/Source/WebKit/ChangeLog (237627 => 237628)
--- trunk/Source/WebKit/ChangeLog 2018-10-31 06:14:04 UTC (rev 237627)
+++ trunk/Source/WebKit/ChangeLog 2018-10-31 07:29:19 UTC (rev 237628)
@@ -1,3 +1,24 @@
+2018-10-31 Claudio Saavedra <csaave...@igalia.com>
+
+ [WPE][GTK] Certificates loaded from the cache don't include the certificate chain
+ https://bugs.webkit.org/show_bug.cgi?id=190956
+
+ Reviewed by Youenn Fablet.
+
+ Similarly to what was done for the IPC coders, serialize
+ the entire certificate chain in the cache coder. Bump
+ the cache version due to the caching format changes.
+
+ * NetworkProcess/cache/NetworkCacheCoders.h: Add GRefPtr<GByteArray> coders.
+ * NetworkProcess/cache/NetworkCacheCodersSoup.cpp:
+ (WTF::Persistence::certificatesDataListFromCertificateInfo):
+ (WTF::Persistence::certificateFromCertificatesDataList): Helpers.
+ (WTF::Persistence::Coder<WebCore::CertificateInfo>::encode):
+ (WTF::Persistence::Coder<WebCore::CertificateInfo>::decode):
+ (WTF::Persistence::Coder<GRefPtr<GByteArray>>::encode):
+ (WTF::Persistence::Coder<GRefPtr<GByteArray>>::decode):
+ * NetworkProcess/cache/NetworkCacheStorage.h: Bump the cache version.
+
2018-10-30 Wenson Hsieh <wenson_hs...@apple.com>
[Cocoa] Attachment dropped from one web view to another is missing its file wrapper
Modified: trunk/Source/WebKit/NetworkProcess/cache/NetworkCacheCoders.h (237627 => 237628)
--- trunk/Source/WebKit/NetworkProcess/cache/NetworkCacheCoders.h 2018-10-31 06:14:04 UTC (rev 237627)
+++ trunk/Source/WebKit/NetworkProcess/cache/NetworkCacheCoders.h 2018-10-31 07:29:19 UTC (rev 237628)
@@ -1,5 +1,6 @@
/*
* Copyright (C) 2010, 2014-2015 Apple Inc. All rights reserved.
+ * Copyright (C) 2018 Igalia S.L.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -50,5 +51,12 @@
static bool decode(Decoder&, WebCore::HTTPHeaderMap&);
};
+#if USE(GLIB)
+template<> struct Coder<GRefPtr<GByteArray>> {
+ static void encode(Encoder&, const GRefPtr<GByteArray>&);
+ static bool decode(Decoder&, GRefPtr<GByteArray>&);
+};
+#endif
+
}
}
Modified: trunk/Source/WebKit/NetworkProcess/cache/NetworkCacheCodersSoup.cpp (237627 => 237628)
--- trunk/Source/WebKit/NetworkProcess/cache/NetworkCacheCodersSoup.cpp 2018-10-31 06:14:04 UTC (rev 237627)
+++ trunk/Source/WebKit/NetworkProcess/cache/NetworkCacheCodersSoup.cpp 2018-10-31 07:29:19 UTC (rev 237628)
@@ -1,5 +1,6 @@
/*
* Copyright (C) 2011, 2014-2015 Apple Inc. All rights reserved.
+ * Copyright (C) 2018 Igalia S.L.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -29,55 +30,65 @@
namespace WTF {
namespace Persistence {
-void Coder<WebCore::CertificateInfo>::encode(Encoder& encoder, const WebCore::CertificateInfo& certificateInfo)
+
+static Vector<GRefPtr<GByteArray>> certificatesDataListFromCertificateInfo(const WebCore::CertificateInfo &certificateInfo)
{
- if (!certificateInfo.certificate()) {
- encoder << false;
- return;
+ auto* certificate = certificateInfo.certificate();
+ if (!certificate)
+ return { };
+
+ Vector<GRefPtr<GByteArray>> certificatesDataList;
+ for (; certificate; certificate = g_tls_certificate_get_issuer(certificate)) {
+ GByteArray* certificateData = nullptr;
+ g_object_get(G_OBJECT(certificate), "certificate", &certificateData, nullptr);
+
+ if (!certificateData) {
+ certificatesDataList.clear();
+ break;
+ }
+ certificatesDataList.append(adoptGRef(certificateData));
}
- GByteArray* certificateData = 0;
- g_object_get(G_OBJECT(certificateInfo.certificate()), "certificate", &certificateData, NULL);
- if (!certificateData) {
- encoder << false;
- return;
+ // Reverse so that the list starts from the rootmost certificate.
+ certificatesDataList.reverse();
+
+ return certificatesDataList;
+}
+
+static GRefPtr<GTlsCertificate> certificateFromCertificatesDataList(const Vector<GRefPtr<GByteArray>> &certificatesDataList)
+{
+ GType certificateType = g_tls_backend_get_certificate_type(g_tls_backend_get_default());
+ GRefPtr<GTlsCertificate> certificate;
+ for (auto& certificateData : certificatesDataList) {
+ certificate = adoptGRef(G_TLS_CERTIFICATE(g_initable_new(
+ certificateType, nullptr, nullptr, "certificate", certificateData.get(), "issuer", certificate.get(), nullptr)));
}
- encoder << true;
+ return certificate;
+}
- GRefPtr<GByteArray> certificate = adoptGRef(certificateData);
- encoder << static_cast<uint64_t>(certificate->len);
- encoder.encodeFixedLengthData(certificate->data, certificate->len);
+void Coder<WebCore::CertificateInfo>::encode(Encoder& encoder, const WebCore::CertificateInfo& certificateInfo)
+{
+ auto certificatesDataList = certificatesDataListFromCertificateInfo(certificateInfo);
+ encoder << certificatesDataList;
+
+ if (certificatesDataList.isEmpty())
+ return;
+
encoder << static_cast<uint32_t>(certificateInfo.tlsErrors());
}
bool Coder<WebCore::CertificateInfo>::decode(Decoder& decoder, WebCore::CertificateInfo& certificateInfo)
{
- bool hasCertificate;
- if (!decoder.decode(hasCertificate))
+ Vector<GRefPtr<GByteArray>> certificatesDataList;
+ if (!decoder.decode(certificatesDataList))
return false;
- if (!hasCertificate)
+ if (certificatesDataList.isEmpty())
return true;
+ certificateInfo.setCertificate(certificateFromCertificatesDataList(certificatesDataList).get());
- uint64_t size = 0;
- if (!decoder.decode(size))
- return false;
-
- Vector<uint8_t> vector(size);
- if (!decoder.decodeFixedLengthData(vector.data(), vector.size()))
- return false;
-
- GByteArray* certificateData = g_byte_array_sized_new(vector.size());
- certificateData = g_byte_array_append(certificateData, vector.data(), vector.size());
- GRefPtr<GByteArray> certificateBytes = adoptGRef(certificateData);
-
- GTlsBackend* backend = g_tls_backend_get_default();
- GRefPtr<GTlsCertificate> certificate = adoptGRef(G_TLS_CERTIFICATE(g_initable_new(
- g_tls_backend_get_certificate_type(backend), 0, 0, "certificate", certificateBytes.get(), nullptr)));
- certificateInfo.setCertificate(certificate.get());
-
uint32_t tlsErrors;
if (!decoder.decode(tlsErrors))
return false;
@@ -86,5 +97,21 @@
return true;
}
+void Coder<GRefPtr<GByteArray>>::encode(Encoder &encoder, const GRefPtr<GByteArray>& byteArray)
+{
+ encoder << static_cast<uint32_t>(byteArray->len);
+ encoder.encodeFixedLengthData(byteArray->data, byteArray->len);
}
+
+bool Coder<GRefPtr<GByteArray>>::decode(Decoder &decoder, GRefPtr<GByteArray>& byteArray)
+{
+ uint32_t size;
+ if (!decoder.decode(size))
+ return false;
+
+ byteArray = adoptGRef(g_byte_array_sized_new(size));
+ return decoder.decodeFixedLengthData(byteArray->data, byteArray->len);
}
+
+}
+}
Modified: trunk/Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.h (237627 => 237628)
--- trunk/Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.h 2018-10-31 06:14:04 UTC (rev 237627)
+++ trunk/Source/WebKit/NetworkProcess/cache/NetworkCacheStorage.h 2018-10-31 07:29:19 UTC (rev 237628)
@@ -107,7 +107,7 @@
size_t approximateSize() const;
// Incrementing this number will delete all existing cache content for everyone. Do you really need to do it?
- static const unsigned version = 13;
+ static const unsigned version = 14;
#if PLATFORM(MAC)
/// Allow the last stable version of the cache to co-exist with the latest development one.
static const unsigned lastStableVersion = 13;