Title: [246878] trunk/Source/WebKit
- Revision
- 246878
- Author
- [email protected]
- Date
- 2019-06-27 01:58:52 -0700 (Thu, 27 Jun 2019)
Log Message
[SOUP] WebSockets: handle TLS certificate and errors
https://bugs.webkit.org/show_bug.cgi?id=199223
Reviewed by Michael Catanzaro.
Connect to accept-certificate signal on the WebSocket message connection to decide what to do in case of TLS errors.
* NetworkProcess/soup/NetworkSessionSoup.cpp:
(WebKit::webSocketAcceptCertificateCallback):
(WebKit::webSocketMessageNetworkEventCallback):
(WebKit::NetworkSessionSoup::createWebSocketTask):
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (246877 => 246878)
--- trunk/Source/WebKit/ChangeLog 2019-06-27 08:52:38 UTC (rev 246877)
+++ trunk/Source/WebKit/ChangeLog 2019-06-27 08:58:52 UTC (rev 246878)
@@ -1,5 +1,19 @@
2019-06-27 Carlos Garcia Campos <[email protected]>
+ [SOUP] WebSockets: handle TLS certificate and errors
+ https://bugs.webkit.org/show_bug.cgi?id=199223
+
+ Reviewed by Michael Catanzaro.
+
+ Connect to accept-certificate signal on the WebSocket message connection to decide what to do in case of TLS errors.
+
+ * NetworkProcess/soup/NetworkSessionSoup.cpp:
+ (WebKit::webSocketAcceptCertificateCallback):
+ (WebKit::webSocketMessageNetworkEventCallback):
+ (WebKit::NetworkSessionSoup::createWebSocketTask):
+
+2019-06-27 Carlos Garcia Campos <[email protected]>
+
[SOUP] Use libsoup WebSockets API
https://bugs.webkit.org/show_bug.cgi?id=199151
Modified: trunk/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.cpp (246877 => 246878)
--- trunk/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.cpp 2019-06-27 08:52:38 UTC (rev 246877)
+++ trunk/Source/WebKit/NetworkProcess/soup/NetworkSessionSoup.cpp 2019-06-27 08:58:52 UTC (rev 246878)
@@ -30,6 +30,7 @@
#include "NetworkSessionCreationParameters.h"
#include "WebCookieManager.h"
#include "WebSocketTaskSoup.h"
+#include <WebCore/DeprecatedGlobalSettings.h>
#include <WebCore/NetworkStorageSession.h>
#include <WebCore/ResourceRequest.h>
#include <WebCore/SoupNetworkSession.h>
@@ -67,6 +68,22 @@
#endif
}
+static gboolean webSocketAcceptCertificateCallback(GTlsConnection*, GTlsCertificate* certificate, GTlsCertificateFlags errors, SoupMessage* soupMessage)
+{
+ if (DeprecatedGlobalSettings::allowsAnySSLCertificate())
+ return TRUE;
+
+ return !SoupNetworkSession::checkTLSErrors(soupURIToURL(soup_message_get_uri(soupMessage)), certificate, errors);
+}
+
+static void webSocketMessageNetworkEventCallback(SoupMessage* soupMessage, GSocketClientEvent event, GIOStream* connection)
+{
+ if (event != G_SOCKET_CLIENT_TLS_HANDSHAKING)
+ return;
+
+ g_signal_connect(connection, "accept-certificate", G_CALLBACK(webSocketAcceptCertificateCallback), soupMessage);
+}
+
std::unique_ptr<WebSocketTask> NetworkSessionSoup::createWebSocketTask(NetworkSocketChannel& channel, const ResourceRequest& request, const String& protocol)
{
GUniquePtr<SoupURI> soupURI = request.createSoupURI();
@@ -75,6 +92,8 @@
GRefPtr<SoupMessage> soupMessage = adoptGRef(soup_message_new_from_uri(SOUP_METHOD_GET, soupURI.get()));
request.updateSoupMessage(soupMessage.get());
+ if (request.url().protocolIs("wss"))
+ g_signal_connect(soupMessage.get(), "network-event", G_CALLBACK(webSocketMessageNetworkEventCallback), nullptr);
return std::make_unique<WebSocketTask>(channel, soupSession(), soupMessage.get(), protocol);
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
