215424 2020-08-12 13:18:13 -0700 Fail preconnect requests to deprecated TLS instead of allowing application to show warning 2020-09-18 10:15:41 -0700 1 1 1 Unclassified WebKit New Bugs WebKit Nightly Build Unspecified Unspecified RESOLVED FIXED https://bugs.webkit.org/show_bug.cgi?id=215791 InRadar P2 Normal --- 1 achristensen achristensen ggaren mjs webkit-bug-importer oldest_to_newest 1679797 0 achristensen 2020-08-12 13:18:13 -0700 Fail preconnect requests to deprecated TLS instead of allowing application to show warning 1679799 1 406469 achristensen 2020-08-12 13:24:02 -0700 Created attachment 406469 Patch 1679810 2 achristensen 2020-08-12 13:42:57 -0700 rdar://problem/66784116 1679813 3 406469 ggaren 2020-08-12 13:54:11 -0700 Comment on attachment 406469 Patch View in context: https://bugs.webkit.org/attachment.cgi?id=406469&action=review r=me > Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm:678 > + if (negotiatedLegacyTLS == NegotiatedLegacyTLS::Yes && task._preconnect) > + return completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil); Seems like we should also check the TLS deprecation feature flag here? 1679861 4 406469 achristensen 2020-08-12 16:04:04 -0700 Comment on attachment 406469 Patch There isn't a clean feature flag for this, especially not in the network process. We have systemAllowsLegacyTLSFor, but even if that returns true we want to block the preconnect handshake to fix this bug. 1679862 5 ews-feeder 2020-08-12 16:06:24 -0700 Committed r265573: <https://trac.webkit.org/changeset/265573> All reviewed patches have been landed. Closing bug and clearing flags on attachment 406469. 1679863 6 webkit-bug-importer 2020-08-12 16:07:21 -0700 <rdar://problem/66941740> 1682548 7 achristensen 2020-08-24 19:48:50 -0700 This made one API test flaky. No idea why it didn't fail until almost two weeks later, but I investigated it and it's no problem. Fixing it in bug 215791. 1689842 8 achristensen 2020-09-18 10:15:41 -0700 Another test needed updating in https://bugs.webkit.org/show_bug.cgi?id=216704 406469 2020-08-12 13:24:02 -0700 2020-08-12 16:06:25 -0700 Patch bug-215424-20200812132401.patch text/plain 3934 achristensen SW5kZXg6IFNvdXJjZS9XZWJLaXQvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFNvdXJjZS9XZWJL aXQvQ2hhbmdlTG9nCShyZXZpc2lvbiAyNjU1NTcpCisrKyBTb3VyY2UvV2ViS2l0L0NoYW5nZUxv Zwkod29ya2luZyBjb3B5KQpAQCAtMSwzICsxLDE3IEBACisyMDIwLTA4LTEyICBBbGV4IENocmlz dGVuc2VuICA8YWNocmlzdGVuc2VuQHdlYmtpdC5vcmc+CisKKyAgICAgICAgRmFpbCBwcmVjb25u ZWN0IHJlcXVlc3RzIHRvIGRlcHJlY2F0ZWQgVExTIGluc3RlYWQgb2YgYWxsb3dpbmcgYXBwbGlj YXRpb24gdG8gc2hvdyB3YXJuaW5nCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3No b3dfYnVnLmNnaT9pZD0yMTU0MjQKKyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzY2Nzg0MTE2Pgor CisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgIFByZWNvbm5l Y3RpbmcgaXMganVzdCBhIHN1Z2dlc3Rpb24sIHNvIGlmIHRoZSBjb250ZW50IHJlYWxseSB3YW50 cyB0byBsb2FkIHNvbWV0aGluZyBmcm9tIHRoZSBkZXByZWNhdGVkIFRMUyBzZXJ2ZXIsCisgICAg ICAgIHdlIHdpbGwgc2VlIHRoZSB3YXJuaW5nIHdoZW4gdGhlIGxvYWQgYWN0dWFsbHkgaGFwcGVu cy4KKworICAgICAgICAqIE5ldHdvcmtQcm9jZXNzL2NvY29hL05ldHdvcmtTZXNzaW9uQ29jb2Eu bW06CisgICAgICAgICgtW1dLTmV0d29ya1Nlc3Npb25EZWxlZ2F0ZSBVUkxTZXNzaW9uOnRhc2s6 ZGlkUmVjZWl2ZUNoYWxsZW5nZTpjb21wbGV0aW9uSGFuZGxlcjpdKToKKwogMjAyMC0wOC0xMiAg WW91ZW5uIEZhYmxldCAgPHlvdWVubkBhcHBsZS5jb20+CiAKICAgICAgICAgUmVmcmVzaCBXcml0 YWJsZVN0cmVhbSB1cCB0byBzcGVjCkluZGV4OiBTb3VyY2UvV2ViS2l0L05ldHdvcmtQcm9jZXNz L2NvY29hL05ldHdvcmtTZXNzaW9uQ29jb2EubW0KPT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gU291cmNlL1dlYktp dC9OZXR3b3JrUHJvY2Vzcy9jb2NvYS9OZXR3b3JrU2Vzc2lvbkNvY29hLm1tCShyZXZpc2lvbiAy NjU1NTcpCisrKyBTb3VyY2UvV2ViS2l0L05ldHdvcmtQcm9jZXNzL2NvY29hL05ldHdvcmtTZXNz aW9uQ29jb2EubW0JKHdvcmtpbmcgY29weSkKQEAgLTY3NCw2ICs2NzQsOSBAQCAtICh2b2lkKVVS TFNlc3Npb246KE5TVVJMU2Vzc2lvbiAqKXNlc3NpCiAgICAgICAgIH0KICAgICAgICAgQUxMT1df REVQUkVDQVRFRF9ERUNMQVJBVElPTlNfRU5ECiAKKyAgICAgICAgaWYgKG5lZ290aWF0ZWRMZWdh Y3lUTFMgPT0gTmVnb3RpYXRlZExlZ2FjeVRMUzo6WWVzICYmIHRhc2suX3ByZWNvbm5lY3QpCisg ICAgICAgICAgICByZXR1cm4gY29tcGxldGlvbkhhbmRsZXIoTlNVUkxTZXNzaW9uQXV0aENoYWxs ZW5nZUNhbmNlbEF1dGhlbnRpY2F0aW9uQ2hhbGxlbmdlLCBuaWwpOworCiAgICAgICAgIC8vIEhh bmRsZSBzZXJ2ZXIgdHJ1c3QgZXZhbHVhdGlvbiBhdCBwbGF0Zm9ybS1sZXZlbCBpZiByZXF1ZXN0 ZWQsIGZvciBwZXJmb3JtYW5jZSByZWFzb25zIGFuZCB0byB1c2UgQVRTIGRlZmF1bHRzLgogICAg ICAgICBpZiAoc2Vzc2lvbkNvY29hLT5mYXN0U2VydmVyVHJ1c3RFdmFsdWF0aW9uRW5hYmxlZCgp ICYmIG5lZ290aWF0ZWRMZWdhY3lUTFMgPT0gTmVnb3RpYXRlZExlZ2FjeVRMUzo6Tm8pIHsKICAg ICAgICAgICAgIGF1dG8qIG5ldHdvcmtEYXRhVGFzayA9IFtzZWxmIGV4aXN0aW5nVGFzazp0YXNr XTsKSW5kZXg6IFRvb2xzL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBUb29scy9DaGFuZ2VMb2cJ KHJldmlzaW9uIDI2NTU2MSkKKysrIFRvb2xzL0NoYW5nZUxvZwkod29ya2luZyBjb3B5KQpAQCAt MSwzICsxLDE1IEBACisyMDIwLTA4LTEyICBBbGV4IENocmlzdGVuc2VuICA8YWNocmlzdGVuc2Vu QHdlYmtpdC5vcmc+CisKKyAgICAgICAgRmFpbCBwcmVjb25uZWN0IHJlcXVlc3RzIHRvIGRlcHJl Y2F0ZWQgVExTIGluc3RlYWQgb2YgYWxsb3dpbmcgYXBwbGljYXRpb24gdG8gc2hvdyB3YXJuaW5n CisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0yMTU0MjQK KyAgICAgICAgPHJkYXI6Ly9wcm9ibGVtLzY2Nzg0MTE2PgorCisgICAgICAgIFJldmlld2VkIGJ5 IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAgICogVGVzdFdlYktpdEFQSS9UZXN0cy9XZWJLaXRD b2NvYS9UTFNEZXByZWNhdGlvbi5tbToKKyAgICAgICAgKFRlc3RXZWJLaXRBUEk6OlRFU1QpOgor ICAgICAgICAoVGVzdFdlYktpdEFQSTo6d2ViVmlld1dpdGhOYXZpZ2F0aW9uRGVsZWdhdGUpOgor CiAyMDIwLTA4LTEyICBXZW5zb24gSHNpZWggIDx3ZW5zb25faHNpZWhAYXBwbGUuY29tPgogCiAg ICAgICAgIEJyb2tlbiBmb3JtYXR0aW5nIGluIHByaWNlIHRhYmxlIG9uIHlhbmRleC5ydSBhZnRl ciB0cmFuc2xhdGluZyB0byBFbmdsaXNoCkluZGV4OiBUb29scy9UZXN0V2ViS2l0QVBJL1Rlc3Rz L1dlYktpdENvY29hL1RMU0RlcHJlY2F0aW9uLm1tCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFRvb2xzL1Rlc3RX ZWJLaXRBUEkvVGVzdHMvV2ViS2l0Q29jb2EvVExTRGVwcmVjYXRpb24ubW0JKHJldmlzaW9uIDI2 NTU1NykKKysrIFRvb2xzL1Rlc3RXZWJLaXRBUEkvVGVzdHMvV2ViS2l0Q29jb2EvVExTRGVwcmVj YXRpb24ubW0JKHdvcmtpbmcgY29weSkKQEAgLTI0Miw2ICsyNDIsMjcgQEAgVEVTVChUTFNWZXJz aW9uLCBTaG91bGRBbGxvd0RlcHJlY2F0ZWRUTAogICAgIH0KIH0KIAorVEVTVChUTFNWZXJzaW9u LCBQcmVjb25uZWN0KQoreworICAgIGJvb2wgY29ubmVjdGlvbkF0dGVtcHRlZCA9IGZhbHNlOwor ICAgIFRDUFNlcnZlciBzZXJ2ZXIoVENQU2VydmVyOjpQcm90b2NvbDo6SFRUUFMsIFsmXShTU0wg KnNzbCkgeworICAgICAgICBFWFBFQ1RfRkFMU0Uoc3NsKTsKKyAgICAgICAgY29ubmVjdGlvbkF0 dGVtcHRlZCA9IHRydWU7CisgICAgfSwgdGxzMV8xKTsKKworICAgIGF1dG8gd2ViVmlldyA9IGFk b3B0TlMoW1dLV2ViVmlldyBuZXddKTsKKyAgICBbd2ViVmlldyBsb2FkSFRNTFN0cmluZzptYWtl U3RyaW5nKCI8aGVhZD48bGluayByZWw9J3ByZWNvbm5lY3QnIGhyZWY9J2h0dHBzOi8vMTI3LjAu MC4xOiIsIHNlcnZlci5wb3J0KCksICIvJz48L2xpbms+PC9oZWFkPiIpIGJhc2VVUkw6bmlsXTsK KworICAgIGF1dG8gZGVsZWdhdGUgPSBhZG9wdE5TKFtUZXN0TmF2aWdhdGlvbkRlbGVnYXRlIG5l d10pOworICAgIFt3ZWJWaWV3IHNldE5hdmlnYXRpb25EZWxlZ2F0ZTpkZWxlZ2F0ZS5nZXQoKV07 CisgICAgW2RlbGVnYXRlIHNldERpZFJlY2VpdmVBdXRoZW50aWNhdGlvbkNoYWxsZW5nZTpeKFdL V2ViVmlldyAqLCBOU1VSTEF1dGhlbnRpY2F0aW9uQ2hhbGxlbmdlICpjaGFsbGVuZ2UsIHZvaWQg KF5jYWxsYmFjaykoTlNVUkxTZXNzaW9uQXV0aENoYWxsZW5nZURpc3Bvc2l0aW9uLCBOU1VSTENy ZWRlbnRpYWwgKikpIHsKKyAgICAgICAgRVhQRUNUX1RSVUUoZmFsc2UpOworICAgICAgICBjYWxs YmFjayhOU1VSTFNlc3Npb25BdXRoQ2hhbGxlbmdlVXNlQ3JlZGVudGlhbCwgbmlsKTsKKyAgICB9 XTsKKworICAgIFRlc3RXZWJLaXRBUEk6OlV0aWw6OnJ1bigmY29ubmVjdGlvbkF0dGVtcHRlZCk7 Cit9CisKICNlbmRpZiAvLyBIQVZFKFRMU19WRVJTSU9OX0RVUklOR19DSEFMTEVOR0UpCiAKICNp ZiBIQVZFKE5FVFdPUktfRlJBTUVXT1JLKSAmJiBIQVZFKFRMU19QUk9UT0NPTF9WRVJTSU9OX1Qp Cg==