Summary: | [SOUP] Add support for client side certificates | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Sergio Villar Senin <svillar> | ||||
Component: | WebCore Misc. | Assignee: | Michael Catanzaro <mcatanzaro> | ||||
Status: | RESOLVED DUPLICATE | ||||||
Severity: | Normal | CC: | aperez, bugs-noreply, cgarcia, danw, emanuele.aina, gustavo, lantw44, mcatanzaro, srujannajurs, vipingeorge06 | ||||
Priority: | P2 | ||||||
Version: | WebKit Nightly Build | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
See Also: |
https://bugzilla.gnome.org/show_bug.cgi?id=618429 https://github.com/Igalia/cog/issues/34 |
||||||
Attachments: |
|
Description
Sergio Villar Senin
2016-11-08 02:00:13 PST
Created attachment 294149 [details]
Patch
The status of the patch is the following. It successfully intercepts the soup requests for client side certificates and pipes those requests through the wk's general authentication mechanism (in soup ports we were only using it for HTTP authentication). Then on the UI side it fills the authentication challenge with a fixed certificate generated for the ssl.geoffk.org testing service. These are the things that should be done on top apart from reviewing the implemented solution: 1- Emit a signal to clients to ask for the certificates 2- Pipe the client password request through the same mechanism 3- Emit a signal to clients to ask for certificate passwords 4- Cache certificates? There is a confusing clientCertificates() in ResourceHandle which in reality are server side certificates 5- Port it to the new NETWORK_SESSION work done by KaL 6- Tests 7- ... (In reply to Sergio Villar Senin from comment #2) > 4- Cache certificates? There is a confusing clientCertificates() in > ResourceHandle which in reality are server side certificates It's in SoupNetworkSession now, but will need to be renamed, yes. *** Bug 180957 has been marked as a duplicate of this bug. *** (In reply to Michael Catanzaro from comment #3) > It's in SoupNetworkSession now, but will need to be renamed, yes. Done in bug #195247. Let's continue in bug #200805 since there are review comments there. *** This bug has been marked as a duplicate of bug 200805 *** |