Bug 264307
| Summary: | WKWebsiteDataStore proxy API breaks when using HTTP Connect with TLS | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Ali Juma <ajuma> |
| Component: | Page Loading | Assignee: | Nobody <webkit-unassigned> |
| Status: | NEW | ||
| Severity: | Normal | CC: | beidson, cdumez, pastarmovj, webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Ali Juma
Using an nw_proxy_config_t for HTTP Connect, with TLS enabled, a WKWebsiteDataStore's proxyConfigurations causes the network process to crash and the proxy configuration is then ignored.
Specifically, if we create the proxy this way:
nw_endpoint_t endpoint = nw_endpoint_create_host("example.com", "8080");
nw_protocol_options_t tls_options = nw_tls_create_options();
nw_proxy_config_t proxyConfig = nw_proxy_config_create_http_connect(endpoint, tls_options);
And then set it on proxyConfigurations, serialization/deserialization fails. In the logs, the network process outputs:
nw_proxy_config_create_with_agent_data No protocol definition registered for "tls"
nw_proxy_config_create_with_agent_data Failed to create proxy config, error in deserializing stack
The network process then crashes.
I also manually verified that serializing/deserializing such an nw_proxy_config_t using nw_proxy_config_copy_agent_data and nw_proxy_config_create_with_agent_data results in a nil nw_proxy_config_t.
I've also filed FB13343396 with a sample app.
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Alexey Proskuryakov
rdar://118028072
Ali Juma
This issue also affects relay proxies created using nw_proxy_config_create_relay. If the relay is created using non-nil relay_tls_options (e.g., nw_relay_hop_create(nil, http2_endpoint, tls_options)) we again get a crash in the network process when it tries to deserialize the proxy.
Passing in nil for tls_options fixes that problem, but then when the proxy tries to connect, it passes an empty list of cipher suites during the TLS handshake, so no TLS connection can be established. I'm not sure the empty list of cipher suites is a serialization/deserialization bug, or if this is really meant to be the behavior when passing in nil tls_options. In any case, this bug makes relay proxies unusable in WKWebView.