Bug 162906

Summary:

[SOUP] Remove SSLPolicyFlags from SoupNetworkSession

Product:

WebKit

Reporter:

Carlos Garcia Campos <cgarcia>

Component:

Platform

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

berto, bugs-noreply, commit-queue, danw, gustavo, ivlev.igor, mcatanzaro, mrobinson

Priority:

Keywords:

Gtk, Soup

Version:

WebKit Local Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none

Description Carlos Garcia Campos 2016-10-04 09:04:24 PDT

All soup based ports are setting SSLUseSystemCAFile flag unconditionally, so we can just use that when creating the session like we do for all other construct parameters.

Comment 1 Carlos Garcia Campos 2016-10-04 09:06:28 PDT

Created attachment 290604 [details]
Patch

Comment 2 WebKit Commit Bot 2016-10-04 09:56:11 PDT

Comment on attachment 290604 [details]
Patch

Clearing flags on attachment: 290604

Committed r206772: <http://trac.webkit.org/changeset/206772>

Comment 3 WebKit Commit Bot 2016-10-04 09:56:15 PDT

All reviewed patches have been landed.  Closing bug.

Comment 4 Ihor Ivlev 2016-11-05 03:10:12 PDT

Hi Carlos,

this patch is setting SOUP_SESSION_SSL_STRICT to FALSE in constructor and removing setSSLPolicy, so is it possible for a user to set it back to TRUE later?
If not, does it look like a security issue?

Thanks!

Comment 5 Carlos Garcia Campos 2016-11-05 03:59:49 PDT

(In reply to comment #4)
> Hi Carlos,
> 
> this patch is setting SOUP_SESSION_SSL_STRICT to FALSE in constructor and
> removing setSSLPolicy, so is it possible for a user to set it back to TRUE
> later?
> If not, does it look like a security issue?
> 
> Thanks!

What user do you mean? All users of that API (GTK+ and EFL ports) were setting setSSLPolicy(SoupNetworkSession::SSLUseSystemCAFile); which sets SOUP_SESSION_SSL_STRICT to FALSE. There isn't any change in behavior in this patch. WE have always set that to FALSE, because we handle SSL errors ourselves in ResourceHandleSoup/NetworkDataTaskSoup. Loads will fail with an error in case of SSL errors even if SOUP_SESSION_SSL_STRICT is set to FALSE.

Comment 6 Ihor Ivlev 2016-11-05 04:16:59 PDT

(In reply to comment #5)
> (In reply to comment #4)
> > Hi Carlos,
> > 
> > this patch is setting SOUP_SESSION_SSL_STRICT to FALSE in constructor and
> > removing setSSLPolicy, so is it possible for a user to set it back to TRUE
> > later?
> > If not, does it look like a security issue?
> > 
> > Thanks!
> 
> What user do you mean? All users of that API (GTK+ and EFL ports) were
> setting setSSLPolicy(SoupNetworkSession::SSLUseSystemCAFile); which sets
> SOUP_SESSION_SSL_STRICT to FALSE. There isn't any change in behavior in this
> patch. WE have always set that to FALSE, because we handle SSL errors
> ourselves in ResourceHandleSoup/NetworkDataTaskSoup. Loads will fail with an
> error in case of SSL errors even if SOUP_SESSION_SSL_STRICT is set to FALSE.

Thank you for the explanation, sorry I didn't realize we're handling ssl errors in ResourceHandleSoup/NetworkDataTaskSoup.