Bug 164509

Summary: [SOUP] Add support for client side certificates
Product: WebKit Reporter: Sergio Villar Senin <svillar>
Component: WebCore Misc.Assignee: Michael Catanzaro <mcatanzaro>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: aperez, bugs-noreply, cgarcia, danw, emanuele.aina, gustavo, lantw44, mcatanzaro, srujannajurs, vipingeorge06
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugzilla.gnome.org/show_bug.cgi?id=618429
https://github.com/Igalia/cog/issues/34
Attachments:
Description Flags
Patch none

Description Sergio Villar Senin 2016-11-08 02:00:13 PST
[SOUP] Add support for client side certificates
Comment 1 Sergio Villar Senin 2016-11-08 02:01:21 PST
Created attachment 294149 [details]
Patch
Comment 2 Sergio Villar Senin 2016-11-08 02:09:20 PST
The status of the patch is the following. It successfully intercepts the soup requests for client side certificates and pipes those requests through the wk's general authentication mechanism (in soup ports we were only using it for HTTP authentication).

Then on the UI side it fills the authentication challenge with a fixed certificate generated for the ssl.geoffk.org testing service. These are the things that should be done on top apart from reviewing the implemented solution:

1- Emit a signal to clients to ask for the certificates
2- Pipe the client password request through the same mechanism
3- Emit a signal to clients to ask for certificate passwords
4- Cache certificates? There is a confusing clientCertificates() in ResourceHandle which in reality are server side certificates
5- Port it to the new NETWORK_SESSION work done by KaL
6- Tests
7- ...
Comment 3 Michael Catanzaro 2018-04-19 19:48:49 PDT
(In reply to Sergio Villar Senin from comment #2)
> 4- Cache certificates? There is a confusing clientCertificates() in
> ResourceHandle which in reality are server side certificates

It's in SoupNetworkSession now, but will need to be renamed, yes.
Comment 4 Adrian Perez 2018-12-01 06:34:41 PST
*** Bug 180957 has been marked as a duplicate of this bug. ***
Comment 5 Michael Catanzaro 2019-03-04 07:39:29 PST
(In reply to Michael Catanzaro from comment #3)
> It's in SoupNetworkSession now, but will need to be renamed, yes.

Done in bug #195247.
Comment 6 Michael Catanzaro 2019-10-30 06:34:40 PDT
Let's continue in bug #200805 since there are review comments there.

*** This bug has been marked as a duplicate of bug 200805 ***