Remove unused WebProcessPool::setCanHandleHTTPSServerTrustEvaluation
authorachristensen@apple.com <achristensen@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 27 Sep 2019 14:34:13 +0000 (14:34 +0000)
committerachristensen@apple.com <achristensen@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 27 Sep 2019 14:34:13 +0000 (14:34 +0000)
https://bugs.webkit.org/show_bug.cgi?id=202285

Reviewed by Youenn Fablet.

Source/WebKit:

The SPI to set this was deprecated in r250377 with a replacement that was adopted in rdar://problem/55731135
I removed a layout test using the old SPI and replaced it with a more precise API test verifying the behavior of the new SPI
before and after the introduction of NSURLSession's _strictTrustEvaluate:queue:completionHandler:

* NetworkProcess/NetworkProcess.cpp:
(WebKit::NetworkProcess::initializeNetworkProcess):
(WebKit::NetworkProcess::setCanHandleHTTPSServerTrustEvaluation): Deleted.
* NetworkProcess/NetworkProcess.h:
(WebKit::NetworkProcess::canHandleHTTPSServerTrustEvaluation const): Deleted.
* NetworkProcess/NetworkProcess.messages.in:
* NetworkProcess/NetworkProcessCreationParameters.cpp:
(WebKit::NetworkProcessCreationParameters::encode const):
(WebKit::NetworkProcessCreationParameters::decode):
* NetworkProcess/NetworkProcessCreationParameters.h:
* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
(canNSURLSessionTrustEvaluate): Deleted.
* UIProcess/API/C/WKContext.cpp:
(WKContextSetCanHandleHTTPSServerTrustEvaluation):
* UIProcess/API/Cocoa/WKProcessPool.mm:
(-[WKProcessPool _setCanHandleHTTPSServerTrustEvaluation:]):
* UIProcess/WebProcessPool.cpp:
(WebKit::WebProcessPool::ensureNetworkProcess):
(WebKit::WebProcessPool::setCanHandleHTTPSServerTrustEvaluation): Deleted.
* UIProcess/WebProcessPool.h:

Tools:

* TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm:
(-[ServerTrustDelegate webView:didFinishNavigation:]):
(-[ServerTrustDelegate webView:didFailProvisionalNavigation:withError:]):
(-[ServerTrustDelegate waitForDidFinishNavigation]):
(-[ServerTrustDelegate waitForDidFailProvisionalNavigationError]):
(-[ServerTrustDelegate authenticationChallengeCount]):
(-[ServerTrustDelegate webView:didReceiveAuthenticationChallenge:completionHandler:]):
(TestWebKitAPI::TEST):
* WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
* WebKitTestRunner/InjectedBundle/TestRunner.cpp:
(WTR::TestRunner::setCanHandleHTTPSServerTrustEvaluation): Deleted.
(WTR::TestRunner::canDoServerTrustEvaluationInNetworkProcess): Deleted.
(WTR::TestRunner::serverTrustEvaluationCallbackCallsCount): Deleted.
* WebKitTestRunner/InjectedBundle/TestRunner.h:
* WebKitTestRunner/TestController.cpp:
(WTR::TestController::resetStateToConsistentValues):
(WTR::TestController::didReceiveAuthenticationChallenge):
(WTR::TestController::canDoServerTrustEvaluationInNetworkProcess const): Deleted.
* WebKitTestRunner/TestController.h:
(WTR::TestController::serverTrustEvaluationCallbackCallsCount const): Deleted.
* WebKitTestRunner/TestInvocation.cpp:
(WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):
* WebKitTestRunner/cocoa/TestControllerCocoa.mm:
(WTR::TestController::canDoServerTrustEvaluationInNetworkProcess const): Deleted.

LayoutTests:

* http/tests/ssl/certificate-validation-expected.txt: Removed.
* http/tests/ssl/certificate-validation.html: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@250422 268f45cc-cd09-0410-ab3c-d52691b4dbfc

23 files changed:
LayoutTests/ChangeLog
LayoutTests/http/tests/ssl/certificate-validation-expected.txt [deleted file]
LayoutTests/http/tests/ssl/certificate-validation.html [deleted file]
Source/WebKit/ChangeLog
Source/WebKit/NetworkProcess/NetworkProcess.cpp
Source/WebKit/NetworkProcess/NetworkProcess.h
Source/WebKit/NetworkProcess/NetworkProcess.messages.in
Source/WebKit/NetworkProcess/NetworkProcessCreationParameters.cpp
Source/WebKit/NetworkProcess/NetworkProcessCreationParameters.h
Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm
Source/WebKit/UIProcess/API/C/WKContext.cpp
Source/WebKit/UIProcess/API/Cocoa/WKProcessPool.mm
Source/WebKit/UIProcess/WebProcessPool.cpp
Source/WebKit/UIProcess/WebProcessPool.h
Tools/ChangeLog
Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm
Tools/WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl
Tools/WebKitTestRunner/InjectedBundle/TestRunner.cpp
Tools/WebKitTestRunner/InjectedBundle/TestRunner.h
Tools/WebKitTestRunner/TestController.cpp
Tools/WebKitTestRunner/TestController.h
Tools/WebKitTestRunner/TestInvocation.cpp
Tools/WebKitTestRunner/cocoa/TestControllerCocoa.mm

index 72887a0..e9d1c05 100644 (file)
@@ -1,3 +1,13 @@
+2019-09-27  Alex Christensen  <achristensen@webkit.org>
+
+        Remove unused WebProcessPool::setCanHandleHTTPSServerTrustEvaluation
+        https://bugs.webkit.org/show_bug.cgi?id=202285
+
+        Reviewed by Youenn Fablet.
+
+        * http/tests/ssl/certificate-validation-expected.txt: Removed.
+        * http/tests/ssl/certificate-validation.html: Removed.
+
 2019-09-26  Chris Dumez  <cdumez@apple.com>
 
         Pages frequently fails to enter the back/forward cache due to pending loads
diff --git a/LayoutTests/http/tests/ssl/certificate-validation-expected.txt b/LayoutTests/http/tests/ssl/certificate-validation-expected.txt
deleted file mode 100644 (file)
index da84a05..0000000
+++ /dev/null
@@ -1,3 +0,0 @@
-
-PASS Certificate validation in Network Process 
-
diff --git a/LayoutTests/http/tests/ssl/certificate-validation.html b/LayoutTests/http/tests/ssl/certificate-validation.html
deleted file mode 100644 (file)
index 74fe023..0000000
+++ /dev/null
@@ -1,45 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-<title>Certificate validation in Network Process</title>
-<script src="/resources/testharness.js"></script>
-<script src="/resources/testharnessreport.js"></script>
-</head>
-<body>
-<script>
-function with_iframe(url) {
-    return new Promise(function(resolve) {
-        var frame = document.createElement('iframe');
-        frame.className = 'test-iframe';
-        frame.src = url;
-        frame.onload = function() { resolve(frame); };
-        document.body.appendChild(frame);
-    });
-}
-
-async function doTest()
-{
-    assert_true(!!window.testRunner, "Test requires testRunner");
-
-    if (!window.testRunner.canDoServerTrustEvaluationInNetworkProcess)
-        return;
-
-    // This should trigger network process server trust evaluation.
-    window.testRunner.setCanHandleHTTPSServerTrustEvaluation(false);
-
-    // Crash network process to make sure we create new HTTPS connections.
-    window.testRunner.terminateNetworkProcess();
-
-    const currentCallbackCounts = window.testRunner.serverTrustEvaluationCallbackCallsCount;
-
-    const iframe = await with_iframe("https://localhost:8443");
-    iframe.remove();
-
-    assert_equals(window.testRunner.serverTrustEvaluationCallbackCallsCount - currentCallbackCounts, 1);
-}
-
-doTest().then(done, (e) => { assert_unreached("test failed: " + e); done(); });
-
-</script>
-</body>
-</html>
index bf0ab7c..a0fd328 100644 (file)
@@ -1,5 +1,38 @@
 2019-09-27  Alex Christensen  <achristensen@webkit.org>
 
+        Remove unused WebProcessPool::setCanHandleHTTPSServerTrustEvaluation
+        https://bugs.webkit.org/show_bug.cgi?id=202285
+
+        Reviewed by Youenn Fablet.
+
+        The SPI to set this was deprecated in r250377 with a replacement that was adopted in rdar://problem/55731135
+        I removed a layout test using the old SPI and replaced it with a more precise API test verifying the behavior of the new SPI
+        before and after the introduction of NSURLSession's _strictTrustEvaluate:queue:completionHandler:
+
+        * NetworkProcess/NetworkProcess.cpp:
+        (WebKit::NetworkProcess::initializeNetworkProcess):
+        (WebKit::NetworkProcess::setCanHandleHTTPSServerTrustEvaluation): Deleted.
+        * NetworkProcess/NetworkProcess.h:
+        (WebKit::NetworkProcess::canHandleHTTPSServerTrustEvaluation const): Deleted.
+        * NetworkProcess/NetworkProcess.messages.in:
+        * NetworkProcess/NetworkProcessCreationParameters.cpp:
+        (WebKit::NetworkProcessCreationParameters::encode const):
+        (WebKit::NetworkProcessCreationParameters::decode):
+        * NetworkProcess/NetworkProcessCreationParameters.h:
+        * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+        (-[WKNetworkSessionDelegate URLSession:task:didReceiveChallenge:completionHandler:]):
+        (canNSURLSessionTrustEvaluate): Deleted.
+        * UIProcess/API/C/WKContext.cpp:
+        (WKContextSetCanHandleHTTPSServerTrustEvaluation):
+        * UIProcess/API/Cocoa/WKProcessPool.mm:
+        (-[WKProcessPool _setCanHandleHTTPSServerTrustEvaluation:]):
+        * UIProcess/WebProcessPool.cpp:
+        (WebKit::WebProcessPool::ensureNetworkProcess):
+        (WebKit::WebProcessPool::setCanHandleHTTPSServerTrustEvaluation): Deleted.
+        * UIProcess/WebProcessPool.h:
+
+2019-09-27  Alex Christensen  <achristensen@webkit.org>
+
         Remove unused APIProcessPoolConfiguration::diskCacheSpeculativeValidationEnabled
         https://bugs.webkit.org/show_bug.cgi?id=202290
 
index 4611a73..6a850fa 100644 (file)
@@ -307,8 +307,6 @@ void NetworkProcess::initializeNetworkProcess(NetworkProcessCreationParameters&&
 
     setCacheModel(parameters.cacheModel, parameters.defaultDataStoreParameters.networkSessionParameters.networkCacheDirectory);
 
-    setCanHandleHTTPSServerTrustEvaluation(parameters.canHandleHTTPSServerTrustEvaluation);
-
     if (parameters.shouldUseTestingNetworkSession) {
         m_shouldUseTestingNetworkStorageSession = true;
         m_defaultNetworkStorageSession = newTestingSession(PAL::SessionID::defaultSessionID());
@@ -2017,11 +2015,6 @@ void NetworkProcess::setCacheModel(CacheModel cacheModel, String cacheStorageDir
     });
 }
 
-void NetworkProcess::setCanHandleHTTPSServerTrustEvaluation(bool value)
-{
-    m_canHandleHTTPSServerTrustEvaluation = value;
-}
-
 void NetworkProcess::getNetworkProcessStatistics(uint64_t callbackID)
 {
     StatisticsData data;
index 9d56f1a..21f78e3 100644 (file)
@@ -178,8 +178,6 @@ public:
     void ensureSession(const PAL::SessionID&, const String& identifier);
 #endif
 
-    bool canHandleHTTPSServerTrustEvaluation() const { return m_canHandleHTTPSServerTrustEvaluation; }
-
     void processWillSuspendImminently();
     void processWillSuspendImminentlyForTestingSync(CompletionHandler<void()>&&);
     void prepareToSuspend();
@@ -414,7 +412,6 @@ private:
 
     void setCacheModel(CacheModel, String overrideCacheStorageDirectory);
     void allowSpecificHTTPSCertificateForHost(const WebCore::CertificateInfo&, const String& host);
-    void setCanHandleHTTPSServerTrustEvaluation(bool);
     void getNetworkProcessStatistics(uint64_t callbackID);
     void clearCacheForAllOrigins(uint32_t cachesToClear);
     void setAllowsAnySSLCertificateForWebSocket(bool, CompletionHandler<void()>&&);
@@ -480,7 +477,6 @@ private:
     CacheModel m_cacheModel { CacheModel::DocumentViewer };
     bool m_suppressMemoryPressureHandler { false };
     bool m_diskCacheIsDisabledForTesting { false };
-    bool m_canHandleHTTPSServerTrustEvaluation { true };
     String m_uiProcessBundleIdentifier;
     DownloadManager m_downloadManager;
 
index 032f9f4..3bc48f5 100644 (file)
@@ -67,7 +67,6 @@ messages -> NetworkProcess LegacyReceiver {
     SyncAllCookies()
 
     AllowSpecificHTTPSCertificateForHost(WebCore::CertificateInfo certificate, String host)
-    SetCanHandleHTTPSServerTrustEvaluation(bool value)
     
     GetNetworkProcessStatistics(uint64_t callbackID)
     
index adfe292..92abc72 100644 (file)
@@ -40,7 +40,6 @@ NetworkProcessCreationParameters::NetworkProcessCreationParameters() = default;
 void NetworkProcessCreationParameters::encode(IPC::Encoder& encoder) const
 {
     encoder.encodeEnum(cacheModel);
-    encoder << canHandleHTTPSServerTrustEvaluation;
 #if PLATFORM(MAC)
     encoder << uiProcessCookieStorageIdentifier;
 #endif
@@ -94,8 +93,6 @@ bool NetworkProcessCreationParameters::decode(IPC::Decoder& decoder, NetworkProc
 {
     if (!decoder.decodeEnum(result.cacheModel))
         return false;
-    if (!decoder.decode(result.canHandleHTTPSServerTrustEvaluation))
-        return false;
 
 #if PLATFORM(MAC)
     if (!decoder.decode(result.uiProcessCookieStorageIdentifier))
index 38e4c32..2d35020 100644 (file)
@@ -52,7 +52,6 @@ struct NetworkProcessCreationParameters {
     static bool decode(IPC::Decoder&, NetworkProcessCreationParameters&);
 
     CacheModel cacheModel { CacheModel::DocumentViewer };
-    bool canHandleHTTPSServerTrustEvaluation { true };
 
 #if PLATFORM(MAC)
     Vector<uint8_t> uiProcessCookieStorageIdentifier;
index 370ac34..b4b1eb9 100644 (file)
@@ -538,11 +538,6 @@ static NSURLRequest* updateIgnoreStrictTransportSecuritySettingIfNecessary(NSURL
 }
 
 #if HAVE(CFNETWORK_NSURLSESSION_STRICTRUSTEVALUATE)
-static bool canNSURLSessionTrustEvaluate()
-{
-    return [NSURLSession respondsToSelector:@selector(_strictTrustEvaluate: queue: completionHandler:)];
-}
-
 static inline void processServerTrustEvaluation(NetworkSessionCocoa *session, NSURLAuthenticationChallenge *challenge, NetworkDataTaskCocoa::TaskIdentifier taskIdentifier, NetworkDataTaskCocoa* networkDataTask, CompletionHandler<void(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential)>&& completionHandler)
 {
     session->continueDidReceiveChallenge(challenge, taskIdentifier, networkDataTask, [completionHandler = WTFMove(completionHandler), secTrust = retainPtr(challenge.protectionSpace.serverTrust)] (WebKit::AuthenticationChallengeDisposition disposition, const WebCore::Credential& credential) mutable {
@@ -578,25 +573,24 @@ static inline void processServerTrustEvaluation(NetworkSessionCocoa *session, NS
             return completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]);
 
         // Handle server trust evaluation at platform-level if requested, for performance reasons and to use ATS defaults.
-        if (!_session->networkProcess().canHandleHTTPSServerTrustEvaluation() || _session->fastServerTrustEvaluationEnabled()) {
+        if (_session->fastServerTrustEvaluationEnabled()) {
 #if HAVE(CFNETWORK_NSURLSESSION_STRICTRUSTEVALUATE)
-            if (canNSURLSessionTrustEvaluate()) {
-                auto* networkDataTask = [self existingTask:task];
-                ASSERT(networkDataTask);
-                auto decisionHandler = makeBlockPtr([_session = makeWeakPtr(_session.get()), completionHandler = makeBlockPtr(completionHandler), taskIdentifier, networkDataTask = RefPtr<NetworkDataTaskCocoa>(networkDataTask)](NSURLAuthenticationChallenge *challenge, OSStatus trustResult) mutable {
-                    auto task = WTFMove(networkDataTask);
-                    auto* session = _session.get();
-                    if (trustResult == noErr || !session) {
-                        completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
-                        return;
-                    }
-                    processServerTrustEvaluation(session, challenge, taskIdentifier, task.get(), WTFMove(completionHandler));
-                });
-                [NSURLSession _strictTrustEvaluate:challenge queue:[NSOperationQueue mainQueue].underlyingQueue completionHandler:decisionHandler.get()];
-                return;
-            }
-#endif
+            auto* networkDataTask = [self existingTask:task];
+            ASSERT(networkDataTask);
+            auto decisionHandler = makeBlockPtr([_session = makeWeakPtr(_session.get()), completionHandler = makeBlockPtr(completionHandler), taskIdentifier, networkDataTask = RefPtr<NetworkDataTaskCocoa>(networkDataTask)](NSURLAuthenticationChallenge *challenge, OSStatus trustResult) mutable {
+                auto task = WTFMove(networkDataTask);
+                auto* session = _session.get();
+                if (trustResult == noErr || !session) {
+                    completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil);
+                    return;
+                }
+                processServerTrustEvaluation(session, challenge, taskIdentifier, task.get(), WTFMove(completionHandler));
+            });
+            [NSURLSession _strictTrustEvaluate:challenge queue:[NSOperationQueue mainQueue].underlyingQueue completionHandler:decisionHandler.get()];
+            return;
+#else
             return completionHandler(NSURLSessionAuthChallengeRejectProtectionSpace, nil);
+#endif
         }
     }
     _session->continueDidReceiveChallenge(challenge, taskIdentifier, [self existingTask:task], [completionHandler = makeBlockPtr(completionHandler)] (WebKit::AuthenticationChallengeDisposition disposition, const WebCore::Credential& credential) mutable {
index b20edea..cffeb0e 100644 (file)
@@ -381,7 +381,6 @@ void WKContextSetDomainRelaxationForbiddenForURLScheme(WKContextRef contextRef,
 
 void WKContextSetCanHandleHTTPSServerTrustEvaluation(WKContextRef contextRef, bool value)
 {
-    WebKit::toImpl(contextRef)->setCanHandleHTTPSServerTrustEvaluation(value);
 }
 
 void WKContextSetPrewarmsProcessesAutomatically(WKContextRef contextRef, bool value)
index c857a86..d1fb966 100644 (file)
@@ -201,7 +201,6 @@ static WKProcessPool *sharedProcessPool;
 
 - (void)_setCanHandleHTTPSServerTrustEvaluation:(BOOL)value
 {
-    _processPool->setCanHandleHTTPSServerTrustEvaluation(value);
 }
 
 static WebKit::HTTPCookieAcceptPolicy toHTTPCookieAcceptPolicy(NSHTTPCookieAcceptPolicy policy)
index b4040f7..ce10e28 100644 (file)
@@ -491,7 +491,6 @@ NetworkProcessProxy& WebProcessPool::ensureNetworkProcess(WebsiteDataStore* with
     }
 
     parameters.cacheModel = LegacyGlobalSettings::singleton().cacheModel();
-    parameters.canHandleHTTPSServerTrustEvaluation = m_canHandleHTTPSServerTrustEvaluation;
 
     for (auto& scheme : globalURLSchemesWithCustomProtocolHandlers())
         parameters.urlSchemesRegisteredForCustomProtocols.append(scheme);
@@ -1505,15 +1504,6 @@ void WebProcessPool::setDomainRelaxationForbiddenForURLScheme(const String& urlS
     sendToAllProcesses(Messages::WebProcess::SetDomainRelaxationForbiddenForURLScheme(urlScheme));
 }
 
-void WebProcessPool::setCanHandleHTTPSServerTrustEvaluation(bool value)
-{
-    m_canHandleHTTPSServerTrustEvaluation = value;
-    if (m_networkProcess) {
-        m_networkProcess->send(Messages::NetworkProcess::SetCanHandleHTTPSServerTrustEvaluation(value), 0);
-        return;
-    }
-}
-
 void WebProcessPool::registerURLSchemeAsLocal(const String& urlScheme)
 {
     m_schemesToRegisterAsLocal.add(urlScheme);
index 22554c4..ae75de2 100644 (file)
@@ -267,7 +267,6 @@ public:
     void registerURLSchemeAsSecure(const String&);
     void registerURLSchemeAsBypassingContentSecurityPolicy(const String&);
     void setDomainRelaxationForbiddenForURLScheme(const String&);
-    void setCanHandleHTTPSServerTrustEvaluation(bool);
     void registerURLSchemeAsLocal(const String&);
     void registerURLSchemeAsNoAccess(const String&);
     void registerURLSchemeAsDisplayIsolated(const String&);
@@ -708,7 +707,6 @@ private:
 
     bool m_processTerminationEnabled { true };
 
-    bool m_canHandleHTTPSServerTrustEvaluation { true };
     bool m_didNetworkProcessCrash { false };
     std::unique_ptr<NetworkProcessProxy> m_networkProcess;
 
index d746c61..103a230 100644 (file)
@@ -1,5 +1,37 @@
 2019-09-27  Alex Christensen  <achristensen@webkit.org>
 
+        Remove unused WebProcessPool::setCanHandleHTTPSServerTrustEvaluation
+        https://bugs.webkit.org/show_bug.cgi?id=202285
+
+        Reviewed by Youenn Fablet.
+
+        * TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm:
+        (-[ServerTrustDelegate webView:didFinishNavigation:]):
+        (-[ServerTrustDelegate webView:didFailProvisionalNavigation:withError:]):
+        (-[ServerTrustDelegate waitForDidFinishNavigation]):
+        (-[ServerTrustDelegate waitForDidFailProvisionalNavigationError]):
+        (-[ServerTrustDelegate authenticationChallengeCount]):
+        (-[ServerTrustDelegate webView:didReceiveAuthenticationChallenge:completionHandler:]):
+        (TestWebKitAPI::TEST):
+        * WebKitTestRunner/InjectedBundle/Bindings/TestRunner.idl:
+        * WebKitTestRunner/InjectedBundle/TestRunner.cpp:
+        (WTR::TestRunner::setCanHandleHTTPSServerTrustEvaluation): Deleted.
+        (WTR::TestRunner::canDoServerTrustEvaluationInNetworkProcess): Deleted.
+        (WTR::TestRunner::serverTrustEvaluationCallbackCallsCount): Deleted.
+        * WebKitTestRunner/InjectedBundle/TestRunner.h:
+        * WebKitTestRunner/TestController.cpp:
+        (WTR::TestController::resetStateToConsistentValues):
+        (WTR::TestController::didReceiveAuthenticationChallenge):
+        (WTR::TestController::canDoServerTrustEvaluationInNetworkProcess const): Deleted.
+        * WebKitTestRunner/TestController.h:
+        (WTR::TestController::serverTrustEvaluationCallbackCallsCount const): Deleted.
+        * WebKitTestRunner/TestInvocation.cpp:
+        (WTR::TestInvocation::didReceiveSynchronousMessageFromInjectedBundle):
+        * WebKitTestRunner/cocoa/TestControllerCocoa.mm:
+        (WTR::TestController::canDoServerTrustEvaluationInNetworkProcess const): Deleted.
+
+2019-09-27  Alex Christensen  <achristensen@webkit.org>
+
         Remove unused APIProcessPoolConfiguration::diskCacheSpeculativeValidationEnabled
         https://bugs.webkit.org/show_bug.cgi?id=202290
 
index c0c2639..785576f 100644 (file)
 #import <WebKit/WKNavigationDelegate.h>
 #import <WebKit/WKProcessPoolPrivate.h>
 #import <WebKit/WKWebsiteDataRecordPrivate.h>
+#import <WebKit/WKWebsiteDataStorePrivate.h>
 #import <WebKit/WebKit.h>
+#import <WebKit/_WKErrorRecoveryAttempting.h>
+#import <WebKit/_WKWebsiteDataStoreConfiguration.h>
+#import <wtf/Platform.h>
 #import <wtf/RetainPtr.h>
 #import <wtf/spi/cocoa/SecuritySPI.h>
 
@@ -284,17 +288,47 @@ static void verifyCertificateAndPublicKey(SecTrustRef trust)
 }
 
 @interface ServerTrustDelegate : NSObject <WKNavigationDelegate>
+- (void)waitForDidFinishNavigation;
+- (NSError *)waitForDidFailProvisionalNavigationError;
+- (size_t)authenticationChallengeCount;
 @end
 
-@implementation ServerTrustDelegate
+@implementation ServerTrustDelegate {
+    size_t _authenticationChallengeCount;
+    bool _navigationFinished;
+    RetainPtr<NSError> _provisionalNavigationFailedError;
+}
 
-- (void)webView:(WKWebView *)webView didFinishNavigation:(null_unspecified WKNavigation *)navigation
+- (void)webView:(WKWebView *)webView didFinishNavigation:(WKNavigation *)navigation
 {
-    navigationFinished = true;
+    _navigationFinished = true;
+}
+
+- (void)webView:(WKWebView *)webView didFailProvisionalNavigation:(null_unspecified WKNavigation *)navigation withError:(NSError *)error
+{
+    _provisionalNavigationFailedError = error;
+}
+
+- (void)waitForDidFinishNavigation
+{
+    TestWebKitAPI::Util::run(&_navigationFinished);
+}
+
+- (NSError *)waitForDidFailProvisionalNavigationError
+{
+    while (!_provisionalNavigationFailedError)
+        TestWebKitAPI::Util::spinRunLoop();
+    return _provisionalNavigationFailedError.autorelease();
+}
+
+- (size_t)authenticationChallengeCount
+{
+    return _authenticationChallengeCount;
 }
 
 - (void)webView:(WKWebView *)webView didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential * _Nullable credential))completionHandler
 {
+    _authenticationChallengeCount++;
     SecTrustRef trust = challenge.protectionSpace.serverTrust;
     verifyCertificateAndPublicKey(trust);
     completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:trust]);
@@ -321,9 +355,39 @@ TEST(WebKit, ServerTrust)
     [webView setNavigationDelegate:delegate.get()];
 
     [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://localhost:%d/", server.port()]]]];
-    TestWebKitAPI::Util::run(&navigationFinished);
+    [delegate waitForDidFinishNavigation];
 
     verifyCertificateAndPublicKey([webView serverTrust]);
+    EXPECT_EQ([delegate authenticationChallengeCount], 1u);
+}
+
+TEST(WebKit, FastServerTrust)
+{
+#if HAVE(CFNETWORK_NSURLSESSION_STRICTRUSTEVALUATE)
+    TCPServer server(TCPServer::Protocol::HTTPS, TCPServer::respondWithOK);
+#else
+    TCPServer server(TCPServer::Protocol::HTTPS, [](SSL* ssl) {
+        EXPECT_FALSE(ssl);
+    });
+#endif
+    WKWebViewConfiguration *configuration = [[[WKWebViewConfiguration alloc] init] autorelease];
+    _WKWebsiteDataStoreConfiguration *dataStoreConfiguration = [[[_WKWebsiteDataStoreConfiguration alloc] init] autorelease];
+    dataStoreConfiguration.fastServerTrustEvaluationEnabled = YES;
+    configuration.websiteDataStore = [[[WKWebsiteDataStore alloc] _initWithConfiguration:dataStoreConfiguration] autorelease];
+    auto webView = adoptNS([[WKWebView alloc] initWithFrame:CGRectZero configuration:configuration]);
+    auto delegate = adoptNS([ServerTrustDelegate new]);
+    [webView setNavigationDelegate:delegate.get()];
+    [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://localhost:%d/", server.port()]]]];
+#if HAVE(CFNETWORK_NSURLSESSION_STRICTRUSTEVALUATE)
+    [delegate waitForDidFinishNavigation];
+    EXPECT_EQ([delegate authenticationChallengeCount], 1ull);
+#else
+    NSError *error = [delegate waitForDidFailProvisionalNavigationError];
+    EXPECT_WK_STREQ([error.userInfo[_WKRecoveryAttempterErrorKey] className], @"WKReloadFrameErrorRecoveryAttempter");
+    EXPECT_WK_STREQ(error.domain, NSURLErrorDomain);
+    EXPECT_EQ(error.code, NSURLErrorServerCertificateUntrusted);
+    EXPECT_EQ([delegate authenticationChallengeCount], 0ull);
+#endif
 }
 
 } // namespace TestWebKitAPI
index 6a3981b..a01d4fb 100644 (file)
@@ -366,8 +366,6 @@ interface TestRunner {
     void terminateNetworkProcess();
     void terminateServiceWorkerProcess();
 
-    void setCanHandleHTTPSServerTrustEvaluation(boolean canHandle);
-    readonly attribute boolean canDoServerTrustEvaluationInNetworkProcess;
     readonly attribute unsigned long serverTrustEvaluationCallbackCallsCount;
 
     readonly attribute boolean didCancelClientRedirect;
index 3e77f87..82db674 100644 (file)
@@ -2929,22 +2929,6 @@ bool TestRunner::keyExistsInKeychain(JSStringRef attrLabel, JSStringRef applicat
     return WKBooleanGetValue(adoptWK(static_cast<WKBooleanRef>(returnData)).get());
 }
 
-void TestRunner::setCanHandleHTTPSServerTrustEvaluation(bool canHandle)
-{
-    WKRetainPtr<WKStringRef> messageName = adoptWK(WKStringCreateWithUTF8CString("SetCanHandleHTTPSServerTrustEvaluation"));
-    WKRetainPtr<WKBooleanRef> messageBody = adoptWK(WKBooleanCreate(canHandle));
-    WKBundlePostSynchronousMessage(InjectedBundle::singleton().bundle(), messageName.get(), messageBody.get(), nullptr);
-}
-
-bool TestRunner::canDoServerTrustEvaluationInNetworkProcess()
-{
-    WKRetainPtr<WKStringRef> messageName = adoptWK(WKStringCreateWithUTF8CString("CanDoServerTrustEvaluationInNetworkProcess"));
-    WKTypeRef returnData = nullptr;
-    WKBundlePagePostSynchronousMessageForTesting(InjectedBundle::singleton().page()->page(), messageName.get(), nullptr, &returnData);
-    ASSERT(WKGetTypeID(returnData) == WKBooleanGetTypeID());
-    return WKBooleanGetValue(adoptWK(static_cast<WKBooleanRef>(returnData)).get());
-}
-
 unsigned long TestRunner::serverTrustEvaluationCallbackCallsCount()
 {
     WKRetainPtr<WKStringRef> messageName = adoptWK(WKStringCreateWithUTF8CString("ServerTrustEvaluationCallbackCallsCount"));
index 0c93a8f..49e5ff0 100644 (file)
@@ -494,8 +494,6 @@ public:
     void cleanUpKeychain(JSStringRef attrLabel, JSStringRef applicationTagBase64);
     bool keyExistsInKeychain(JSStringRef attrLabel, JSStringRef applicationTagBase64);
 
-    void setCanHandleHTTPSServerTrustEvaluation(bool canHandle);
-    bool canDoServerTrustEvaluationInNetworkProcess();
     unsigned long serverTrustEvaluationCallbackCallsCount();
 
     // Ad Click Attribution.
index f9d3e91..6a77a8e 100644 (file)
@@ -3576,11 +3576,6 @@ bool TestController::keyExistsInKeychain(const String&, const String&)
     return false;
 }
 
-bool TestController::canDoServerTrustEvaluationInNetworkProcess() const
-{
-    return false;
-}
-
 void TestController::installCustomMenuAction(const String&, bool)
 {
 }
index eb71df8..fd1c52a 100644 (file)
@@ -310,7 +310,6 @@ public:
     void setAllowedMenuActions(const Vector<String>&);
     void installCustomMenuAction(const String& name, bool dismissesAutomatically);
 
-    bool canDoServerTrustEvaluationInNetworkProcess() const;
     uint64_t serverTrustEvaluationCallbackCallsCount() const { return m_serverTrustEvaluationCallbackCallsCount; }
 
     void setShouldDismissJavaScriptAlertsAsynchronously(bool);
index 3e4f2e7..c4d18ab 100644 (file)
@@ -1629,18 +1629,6 @@ WKRetainPtr<WKTypeRef> TestInvocation::didReceiveSynchronousMessageFromInjectedB
         return result;
     }
 
-    if (WKStringIsEqualToUTF8CString(messageName, "SetCanHandleHTTPSServerTrustEvaluation")) {
-        ASSERT(WKGetTypeID(messageBody) == WKBooleanGetTypeID());
-        auto canHandle = WKBooleanGetValue(static_cast<WKBooleanRef>(messageBody));
-        WKContextSetCanHandleHTTPSServerTrustEvaluation(TestController::singleton().context(), canHandle);
-        return nullptr;
-    }
-
-    if (WKStringIsEqualToUTF8CString(messageName, "CanDoServerTrustEvaluationInNetworkProcess")) {
-        WKRetainPtr<WKTypeRef> result = adoptWK(WKBooleanCreate(TestController::singleton().canDoServerTrustEvaluationInNetworkProcess()));
-        return result;
-    }
-
     if (WKStringIsEqualToUTF8CString(messageName, "ServerTrustEvaluationCallbackCallsCount")) {
         WKRetainPtr<WKTypeRef> result = adoptWK(WKUInt64Create(TestController::singleton().serverTrustEvaluationCallbackCallsCount()));
         return result;
index e4bc040..bea1315 100644 (file)
@@ -411,15 +411,6 @@ void TestController::setAllowsAnySSLCertificate(bool allows)
     [globalWebsiteDataStoreDelegateClient setAllowAnySSLCertificate: allows];
 }
 
-bool TestController::canDoServerTrustEvaluationInNetworkProcess() const
-{
-#if HAVE(CFNETWORK_NSURLSESSION_STRICTRUSTEVALUATE)
-    return true;
-#else
-    return false;
-#endif
-}
-
 void TestController::installCustomMenuAction(const String& name, bool dismissesAutomatically)
 {
 #if PLATFORM(IOS_FAMILY)