Attachment 343229 Details for Bug 186884 – Patch

[patch] Patch

bug-186884-20180621121710.patch (text/plain), 12.63 KB, created by Zan Dobersek on 2018-06-21 03:17:12 PDT

(hide)

Description:

Filename:

MIME Type:

Creator: Zan Dobersek

Created: 2018-06-21 03:17:12 PDT

Size: 12.63 KB

patch

obsolete

>Subversion Revision: 233029
>diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog
>index 8c24d92d0b122089d5f39b827e291f492a12b21d..def45c2582b0031c65ec315500d4d2615a316717 100644
>--- a/Source/JavaScriptCore/ChangeLog
>+++ b/Source/JavaScriptCore/ChangeLog
>@@ -1,3 +1,20 @@
>+2018-06-21  Zan Dobersek  <zdobersek@igalia.com>
>+
>+        [GTK] WebDriver: allow applying host-specific TLS certificates for automated sessions
>+        https://bugs.webkit.org/show_bug.cgi?id=186884
>+
>+        Reviewed by NOBODY (OOPS!).
>+
>+        Add a tuple array input parameter to the StartAutomationSession DBus
>+        message, representing a list of host-and-certificate pairs that have to
>+        be allowed for a given session. This array is then unpacked and used to
>+        fill out the certificates Vector object in the SessionCapabilities
>+        struct.
>+
>+        * inspector/remote/RemoteInspector.h: Add a GLib-specific Vector of
>+        String pairs representing hosts and the certificate file paths.
>+        * inspector/remote/glib/RemoteInspectorServer.cpp:
>+
> 2018-06-20  Keith Miller  <keith_miller@apple.com>
> 
>         Expand concurrent GC assertion to accept JSValue() or 0
>diff --git a/Source/WebDriver/ChangeLog b/Source/WebDriver/ChangeLog
>index 3cd61c49f64037b1d9c9729d3ddcab0896f798a0..8025083a6e71d76e66711b78ab113bd4fe463094 100644
>--- a/Source/WebDriver/ChangeLog
>+++ b/Source/WebDriver/ChangeLog
>@@ -1,3 +1,26 @@
>+2018-06-21  Zan Dobersek  <zdobersek@igalia.com>
>+
>+        [GTK] WebDriver: allow applying host-specific TLS certificates for automated sessions
>+        https://bugs.webkit.org/show_bug.cgi?id=186884
>+
>+        Reviewed by NOBODY (OOPS!).
>+
>+        Start handling the 'certificates' capability for the GTK+ port. This is
>+        a list of host-certificate pairs that should be marked as allowed for a
>+        given automation session. This object should be positioned inside the
>+        'webkitgtk:browserOptions' dictionary in the capabilities JSON.
>+
>+        * Capabilities.h:
>+        * glib/SessionHostGlib.cpp:
>+        (WebDriver::SessionHost::startAutomationSession): Include any
>+        host-certificate pairs in the StartAutomationSession DBus message.
>+        * gtk/WebDriverServiceGtk.cpp:
>+        (WebDriver::WebDriverService::platformValidateCapability const):
>+        Properly validate the 'certificates' value, if present.
>+        (WebDriver::WebDriverService::platformParseCapabilities const):
>+        Properly parse the 'certificates' value, if present, and extract the
>+        host-certificate pairs.
>+
> 2018-06-14  Carlos Garcia Campos  <cgarcia@igalia.com>
> 
>         [GTK][WPE] WebDriver: handle acceptInsecureCertificates capability
>diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog
>index 78aa1c12b37851fd402e7ba89c0cf9676fc438c9..465b4bb5a7fa71fbb1666a03b4c23754f793ab2e 100644
>--- a/Source/WebKit/ChangeLog
>+++ b/Source/WebKit/ChangeLog
>@@ -1,3 +1,17 @@
>+2018-06-21  Zan Dobersek  <zdobersek@igalia.com>
>+
>+        [GTK] WebDriver: allow applying host-specific TLS certificates for automated sessions
>+        https://bugs.webkit.org/show_bug.cgi?id=186884
>+
>+        Reviewed by NOBODY (OOPS!).
>+
>+        * UIProcess/API/glib/WebKitAutomationSession.cpp:
>+        (webkitAutomationSessionCreate): Handle any host-certificate pair that's
>+        been set for this session, creating a GTlsCertificate object through
>+        loading from the specified certificate path and marking that certificate
>+        as allowed for the specified host through the
>+        webkit_web_context_allow_tls_certificate_for_host() API.
>+
> 2018-06-20  Wenson Hsieh  <wenson_hsieh@apple.com>
> 
>         [WebKit on watchOS] Fixed position elements sometimes flicker when scrolling
>diff --git a/Source/JavaScriptCore/inspector/remote/RemoteInspector.h b/Source/JavaScriptCore/inspector/remote/RemoteInspector.h
>index 9cc58f71961c210597348dd35ae5b5d54399a465..bc8095f5ecb1ba0420aa8309a653a97dc9b12f35 100644
>--- a/Source/JavaScriptCore/inspector/remote/RemoteInspector.h
>+++ b/Source/JavaScriptCore/inspector/remote/RemoteInspector.h
>@@ -27,6 +27,7 @@
> 
> #if ENABLE(REMOTE_INSPECTOR)
> 
>+#include <utility>
> #include <wtf/Forward.h>
> #include <wtf/HashMap.h>
> #include <wtf/Lock.h>
>@@ -74,6 +75,9 @@ public:
> 
>         struct SessionCapabilities {
>             bool acceptInsecureCertificates { false };
>+#if USE(GLIB)
>+            Vector<std::pair<String, String>> certificates;
>+#endif
> #if PLATFORM(COCOA)
>             std::optional<bool> allowInsecureMediaCapture;
>             std::optional<bool> suppressICECandidateFiltering;
>diff --git a/Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorServer.cpp b/Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorServer.cpp
>index d15990cb2b5c5fb97379be36227069a3edfe90ce..673276bb3830d3e1913dc9fffe9ef4670268b00a 100644
>--- a/Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorServer.cpp
>+++ b/Source/JavaScriptCore/inspector/remote/glib/RemoteInspectorServer.cpp
>@@ -80,6 +80,7 @@ static const char introspectionXML[] =
>     "    <method name='StartAutomationSession'>"
>     "      <arg type='s' name='sessionID' direction='in'/>"
>     "      <arg type='b' name='acceptInsecureCertificates' direction='in'/>"
>+    "      <arg type='a(ss)' name='certificates' direction='in'/>"
>     "      <arg type='s' name='browserName' direction='out'/>"
>     "      <arg type='s' name='browserVersion' direction='out'/>"
>     "    </method>"
>@@ -124,9 +125,15 @@ const GDBusInterfaceVTable RemoteInspectorServer::s_interfaceVTable = {
>         } else if (!g_strcmp0(methodName, "StartAutomationSession")) {
>             const char* sessionID;
>             gboolean acceptInsecureCertificates;
>-            g_variant_get(parameters, "(&sb)", &sessionID, &acceptInsecureCertificates);
>+            GUniqueOutPtr<GVariantIter> certificates;
>+            g_variant_get(parameters, "(&sba(ss))", &sessionID, &acceptInsecureCertificates, &certificates.outPtr());
>             RemoteInspector::Client::SessionCapabilities capabilities;
>             capabilities.acceptInsecureCertificates = acceptInsecureCertificates;
>+            capabilities.certificates.reserveCapacity(g_variant_iter_n_children(certificates.get()));
>+            const char* host;
>+            const char* certificateFile;
>+            while (g_variant_iter_loop(certificates.get(), "(ss)", &host, &certificateFile))
>+                capabilities.certificates.uncheckedAppend({ String::fromUTF8(host), String::fromUTF8(certificateFile) });
>             inspectorServer->startAutomationSession(connection, sessionID, capabilities);
>             auto clientCapabilities = RemoteInspector::singleton().clientCapabilities();
>             g_dbus_method_invocation_return_value(invocation, g_variant_new("(ss)",
>diff --git a/Source/WebDriver/Capabilities.h b/Source/WebDriver/Capabilities.h
>index 1d22067cfe01dd7dda8be628336048fd0ffdb1fa..815115a70dc48d471950fff3fa7de059cea067aa 100644
>--- a/Source/WebDriver/Capabilities.h
>+++ b/Source/WebDriver/Capabilities.h
>@@ -25,6 +25,7 @@
> 
> #pragma once
> 
>+#include <utility>
> #include <wtf/Forward.h>
> #include <wtf/Seconds.h>
> #include <wtf/Vector.h>
>@@ -64,6 +65,7 @@ struct Capabilities {
> #if PLATFORM(GTK) || PLATFORM(WPE)
>     std::optional<String> browserBinary;
>     std::optional<Vector<String>> browserArguments;
>+    std::optional<Vector<std::pair<String, String>>> certificates;
> #endif
> #if PLATFORM(GTK)
>     std::optional<bool> useOverlayScrollbars;
>diff --git a/Source/WebDriver/glib/SessionHostGlib.cpp b/Source/WebDriver/glib/SessionHostGlib.cpp
>index 78f849b6436b34fd6c2900483f7f6ec54a26fcb6..b78e9e1d01b8e4dbd73e9b434e20eb5f1d1d5717 100644
>--- a/Source/WebDriver/glib/SessionHostGlib.cpp
>+++ b/Source/WebDriver/glib/SessionHostGlib.cpp
>@@ -267,11 +267,19 @@ void SessionHost::startAutomationSession(Function<void (bool, std::optional<Stri
>     ASSERT(!m_startSessionCompletionHandler);
>     m_startSessionCompletionHandler = WTFMove(completionHandler);
>     m_sessionID = createCanonicalUUIDString();
>+    GVariantBuilder builder;
>+    g_variant_builder_init(&builder, G_VARIANT_TYPE("a(ss)"));
>+    if (m_capabilities.certificates) {
>+        for (auto& certificate : *m_capabilities.certificates) {
>+            g_variant_builder_add_value(&builder, g_variant_new("(ss)",
>+                certificate.first.utf8().data(), certificate.second.utf8().data()));
>+        }
>+    }
>     g_dbus_connection_call(m_dbusConnection.get(), nullptr,
>         INSPECTOR_DBUS_OBJECT_PATH,
>         INSPECTOR_DBUS_INTERFACE,
>         "StartAutomationSession",
>-        g_variant_new("(sb)", m_sessionID.utf8().data(), m_capabilities.acceptInsecureCerts.value_or(false)),
>+        g_variant_new("(sba(ss))", m_sessionID.utf8().data(), m_capabilities.acceptInsecureCerts.value_or(false), &builder),
>         nullptr, G_DBUS_CALL_FLAGS_NO_AUTO_START,
>         -1, m_cancellable.get(), [](GObject* source, GAsyncResult* result, gpointer userData) {
>             GUniqueOutPtr<GError> error;
>diff --git a/Source/WebDriver/gtk/WebDriverServiceGtk.cpp b/Source/WebDriver/gtk/WebDriverServiceGtk.cpp
>index 1e5a9c2e1a87dcba9a2cb4994e483a00b1b00aa9..41d7b43826c5de0f38da37e5013e69ba745c15d6 100644
>--- a/Source/WebDriver/gtk/WebDriverServiceGtk.cpp
>+++ b/Source/WebDriver/gtk/WebDriverServiceGtk.cpp
>@@ -77,6 +77,31 @@ bool WebDriverService::platformValidateCapability(const String& name, const RefP
>         }
>     }
> 
>+    RefPtr<JSON::Value> certificatesValue;
>+    if (browserOptions->getValue(ASCIILiteral("certificates"), certificatesValue)) {
>+        RefPtr<JSON::Array> certificates;
>+        if (!certificatesValue->asArray(certificates))
>+            return false;
>+
>+        unsigned certificatesLength = certificates->length();
>+        for (unsigned i = 0; i < certificatesLength; ++i) {
>+            RefPtr<JSON::Value> certificateValue = certificates->get(i);
>+            RefPtr<JSON::Object> certificate;
>+            if (!certificateValue->asObject(certificate))
>+                return false;
>+
>+            RefPtr<JSON::Value> hostValue;
>+            String host;
>+            if (!certificate->getValue(ASCIILiteral("host"), hostValue) || !hostValue->asString(host))
>+                return false;
>+
>+            RefPtr<JSON::Value> certificateFileValue;
>+            String certificateFile;
>+            if (!certificate->getValue(ASCIILiteral("certificateFile"), certificateFileValue) || !certificateFileValue->asString(certificateFile))
>+                return false;
>+        }
>+    }
>+
>     return true;
> }
> 
>@@ -118,6 +143,29 @@ void WebDriverService::platformParseCapabilities(const JSON::Object& matchedCapa
>         capabilities.useOverlayScrollbars = useOverlayScrollbars;
>     else
>         capabilities.useOverlayScrollbars = true;
>+
>+    RefPtr<JSON::Array> certificates;
>+    if (browserOptions->getArray(ASCIILiteral("certificates"), certificates) && certificates->length()) {
>+        unsigned certificatesLength = certificates->length();
>+        capabilities.certificates = Vector<std::pair<String, String>>();
>+        capabilities.certificates->reserveInitialCapacity(certificatesLength);
>+        for (unsigned i = 0; i < certificatesLength; ++i) {
>+            RefPtr<JSON::Value> value = certificates->get(i);
>+            RefPtr<JSON::Object> certificate;
>+            value->asObject(certificate);
>+            ASSERT(certificate);
>+
>+            String host;
>+            certificate->getString(ASCIILiteral("host"), host);
>+            ASSERT(!host.isNull());
>+
>+            String certificateFile;
>+            certificate->getString(ASCIILiteral("certificateFile"), certificateFile);
>+            ASSERT(!certificateFile.isNull());
>+
>+            capabilities.certificates->uncheckedAppend({ WTFMove(host), WTFMove(certificateFile) });
>+        }
>+    }
> }
> 
> } // namespace WebDriver
>diff --git a/Source/WebKit/UIProcess/API/glib/WebKitAutomationSession.cpp b/Source/WebKit/UIProcess/API/glib/WebKitAutomationSession.cpp
>index 83d445a1ea020982f0ba4ab7de8359387cc8a1d7..7eb95e9298f9088517a7fd0911001b46038d6b7d 100644
>--- a/Source/WebKit/UIProcess/API/glib/WebKitAutomationSession.cpp
>+++ b/Source/WebKit/UIProcess/API/glib/WebKitAutomationSession.cpp
>@@ -294,6 +294,11 @@ WebKitAutomationSession* webkitAutomationSessionCreate(WebKitWebContext* webCont
>     session->priv->webContext = webContext;
>     if (capabilities.acceptInsecureCertificates)
>         webkit_web_context_set_tls_errors_policy(webContext, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
>+    for (auto& certificate : capabilities.certificates) {
>+        GRefPtr<GTlsCertificate> tlsCertificate = adoptGRef(g_tls_certificate_new_from_file(certificate.second.utf8().data(), nullptr));
>+        if (tlsCertificate)
>+            webkit_web_context_allow_tls_certificate_for_host(webContext, tlsCertificate.get(), certificate.first.utf8().data());
>+    }
>     return session;
> }
>

Flags:

cgarcia: review+
cgarcia: commit-queue-

Actions: View | Formatted Diff | Diff

Attachments on bug 186884: 343229