Bug 216585 - Move TLS certificate bypass SPI from WebProcessPool to WebsiteDataStore
Summary: Move TLS certificate bypass SPI from WebProcessPool to WebsiteDataStore
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: New Bugs (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Alex Christensen
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2020-09-15 14:39 PDT by Alex Christensen
Modified: 2020-09-16 11:22 PDT (History)
6 users (show)

See Also:


Attachments
Patch (12.71 KB, patch)
2020-09-15 14:45 PDT, Alex Christensen
ews-feeder: commit-queue-
Details | Formatted Diff | Diff
Patch (12.95 KB, patch)
2020-09-15 14:57 PDT, Alex Christensen
no flags Details | Formatted Diff | Diff
Patch (12.94 KB, patch)
2020-09-15 15:10 PDT, Alex Christensen
no flags Details | Formatted Diff | Diff
Patch (12.96 KB, patch)
2020-09-15 17:28 PDT, Alex Christensen
no flags Details | Formatted Diff | Diff
Patch (13.10 KB, patch)
2020-09-16 09:28 PDT, Alex Christensen
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Christensen 2020-09-15 14:39:17 PDT
Move TLS certificate bypass SPI from WebProcessPool to WebsiteDataStore
Comment 1 Alex Christensen 2020-09-15 14:45:19 PDT
Created attachment 408865 [details]
Patch
Comment 2 Geoffrey Garen 2020-09-15 14:46:06 PDT
Comment on attachment 408865 [details]
Patch

r=me
Comment 3 Alex Christensen 2020-09-15 14:57:14 PDT
Created attachment 408866 [details]
Patch
Comment 4 EWS Watchlist 2020-09-15 14:57:52 PDT
Thanks for the patch. If this patch contains new public API please make sure it follows the guidelines for new WebKit2 GTK+ API. See https://trac.webkit.org/wiki/WebKitGTK/AddingNewWebKit2API
Comment 5 Alex Christensen 2020-09-15 15:10:09 PDT
Created attachment 408867 [details]
Patch
Comment 6 Alex Christensen 2020-09-15 16:54:26 PDT
Comment on attachment 408867 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=408867&action=review

> Source/WebKit/UIProcess/API/Cocoa/WKWebsiteDataStore.mm:636
> +- (void)_allowTLSCertificate:(NSArray *)certificateChain forHost:(NSString *)host

I'm going to call this _allowCertificateChain:forHost: because a certificate is one element of the array.
Comment 7 Alex Christensen 2020-09-15 16:58:34 PDT
Comment on attachment 408867 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=408867&action=review

>> Source/WebKit/UIProcess/API/Cocoa/WKWebsiteDataStore.mm:636
>> +- (void)_allowTLSCertificate:(NSArray *)certificateChain forHost:(NSString *)host
> 
> I'm going to call this _allowCertificateChain:forHost: because a certificate is one element of the array.

_allowTLSCertificateChain
Comment 8 Alex Christensen 2020-09-15 17:28:10 PDT
Created attachment 408880 [details]
Patch
Comment 9 Carlos Garcia Campos 2020-09-16 05:29:09 PDT
Comment on attachment 408880 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=408880&action=review

> Source/WebKit/UIProcess/API/glib/WebKitWebContext.cpp:1628
> -    context->priv->processPool->allowSpecificHTTPSCertificateForHost(webCertificateInfo.ptr(), String::fromUTF8(host));
> +    WebsiteDataStore::defaultDataStore()->allowSpecificHTTPSCertificateForHost(webCertificateInfo.ptr(), String::fromUTF8(host));

This should be:

auto& websiteDataStore = webkitWebsiteDataManagerGetDataStore(context->priv->websiteDataManager.get());
websiteDataStore.allowSpecificHTTPSCertificateForHost(webCertificateInfo.ptr(), String::fromUTF8(host));

The GLib API doesn't use the default data store.
Comment 10 Alex Christensen 2020-09-16 09:28:52 PDT
Created attachment 408927 [details]
Patch
Comment 11 EWS 2020-09-16 11:21:10 PDT
Committed r267155: <https://trac.webkit.org/changeset/267155>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 408927 [details].
Comment 12 Radar WebKit Bug Importer 2020-09-16 11:22:15 PDT
<rdar://problem/69001622>