RESOLVED FIXED 201573
Disable TLS 1.0 and 1.1 in WebSockets
https://bugs.webkit.org/show_bug.cgi?id=201573
Summary Disable TLS 1.0 and 1.1 in WebSockets
Alex Christensen
Reported 2019-09-06 20:31:24 PDT
Disable TLS 1.0 and 1.1 in WebSockets
Attachments
Patch (37.31 KB, patch)
2019-09-06 20:37 PDT, Alex Christensen
no flags
Patch (37.32 KB, patch)
2019-09-06 21:35 PDT, Alex Christensen
no flags
fix windows build (37.32 KB, patch)
2019-09-07 09:11 PDT, Alex Christensen
no flags
Patch (39.01 KB, patch)
2019-09-09 18:08 PDT, Alex Christensen
no flags
Alex Christensen
Comment 1 2019-09-06 20:37:45 PDT
Alex Christensen
Comment 2 2019-09-06 21:35:12 PDT
Alex Christensen
Comment 3 2019-09-07 09:10:08 PDT
Layout test failure unrelated.
Alex Christensen
Comment 4 2019-09-07 09:11:40 PDT
Created attachment 378293 [details] fix windows build
youenn fablet
Comment 5 2019-09-08 23:31:43 PDT
Comment on attachment 378293 [details] fix windows build View in context: https://bugs.webkit.org/attachment.cgi?id=378293&action=review > Source/WebCore/platform/network/cf/SocketStreamHandleImplCFNet.cpp:314 > +void SocketStreamHandleImpl::setLegacyTLSEnabledCheck(Function<bool()>&& function) Can we just have setLegacyTLSEnabledCheck take a bool? > Source/WebKit/NetworkProcess/cocoa/NetworkProcessCocoa.mm:75 > + }); We coud write it as WebCore::SocketStreamHandleImpl::setLegacyTLSEnabledCheck(parameters.enableLegacyTLS) > Source/WebKit/UIProcess/Cocoa/WebProcessPoolCocoa.mm:285 > + parameters.defaultDataStoreParameters.networkSessionParameters.enableLegacyTLS = parameters.enableLegacyTLS; We disable it for WebKit2. Can we also do the same for WebKit1?
Alex Christensen
Comment 6 2019-09-09 18:08:20 PDT
Alex Christensen
Comment 7 2019-09-09 18:39:31 PDT
Radar WebKit Bug Importer
Comment 8 2019-09-09 18:40:19 PDT
Alex Christensen
Comment 9 2019-09-09 20:44:41 PDT
Looking into iOS api test failures...
Alex Christensen
Comment 10 2019-09-09 21:30:53 PDT
Note You need to log in before you can comment on or make changes to this bug.