[Curl] Improve multi-threaded networking
authorcommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 18 Aug 2017 02:17:28 +0000 (02:17 +0000)
committercommit-queue@webkit.org <commit-queue@webkit.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Fri, 18 Aug 2017 02:17:28 +0000 (02:17 +0000)
https://bugs.webkit.org/show_bug.cgi?id=175253

Patch by Daewoong Jang <daewoong.jang@navercorp.com> on 2017-08-17
Reviewed by Alex Christensen.

* platform/network/curl/CurlContext.cpp:
(WebCore::CurlMultiHandle::CurlMultiHandle):
(WebCore::CurlHandle::CurlHandle):
(WebCore::CurlHandle::initialize):
(WebCore::CurlHandle::setSslKeyPassword):
(WebCore::CurlHandle::setSslErrors):
(WebCore::CurlHandle::getSslErrors):
* platform/network/curl/CurlContext.h:
* platform/network/curl/CurlDownload.cpp:
(WebCore::CurlDownload::init):
(WebCore::CurlDownload::getResponse const):
(WebCore::CurlDownload::setupRequest):
(WebCore::CurlDownload::didReceiveHeader):
(WebCore::CurlDownload::didReceiveData):
(WebCore::CurlDownload::headerCallback):
(WebCore::CurlDownload::getTempPath const): Deleted.
(WebCore::CurlDownload::getUrl const): Deleted.
(WebCore::CurlDownload::downloadFinishedCallback): Deleted.
(WebCore::CurlDownload::downloadFailedCallback): Deleted.
(WebCore::CurlDownload::receivedDataCallback): Deleted.
(WebCore::CurlDownload::receivedResponseCallback): Deleted.
* platform/network/curl/CurlDownload.h:
* platform/network/curl/ResourceError.h:
(WebCore::ResourceError::ResourceError):
(WebCore::ResourceError::sslErrors const):
(WebCore::ResourceError::setSSLErrors): Deleted.
* platform/network/curl/ResourceHandleCurl.cpp:
(WebCore::ResourceHandleInternal::initialize):
(WebCore::ResourceHandleInternal::didFail):
(WebCore::ResourceHandleInternal::dispatchSynchronousJob):
* platform/network/curl/SSLHandle.cpp:
(WebCore::allowedClientHosts):
(WebCore::addAllowedClientCertificate):
(WebCore::getSSLClientCertificate):
(WebCore::certVerifyCallback):
(WebCore::setSSLVerifyOptions):
(WebCore::setSSLClientCertificate): Deleted.
* platform/network/curl/SSLHandle.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@220897 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/platform/network/curl/CurlContext.cpp
Source/WebCore/platform/network/curl/CurlContext.h
Source/WebCore/platform/network/curl/CurlDownload.cpp
Source/WebCore/platform/network/curl/CurlDownload.h
Source/WebCore/platform/network/curl/ResourceError.h
Source/WebCore/platform/network/curl/ResourceHandleCurl.cpp
Source/WebCore/platform/network/curl/SSLHandle.cpp
Source/WebCore/platform/network/curl/SSLHandle.h

index be0a303..a4601e2 100644 (file)
@@ -1,3 +1,49 @@
+2017-08-17  Daewoong Jang  <daewoong.jang@navercorp.com>
+
+        [Curl] Improve multi-threaded networking
+        https://bugs.webkit.org/show_bug.cgi?id=175253
+
+        Reviewed by Alex Christensen.
+
+        * platform/network/curl/CurlContext.cpp:
+        (WebCore::CurlMultiHandle::CurlMultiHandle):
+        (WebCore::CurlHandle::CurlHandle):
+        (WebCore::CurlHandle::initialize):
+        (WebCore::CurlHandle::setSslKeyPassword):
+        (WebCore::CurlHandle::setSslErrors):
+        (WebCore::CurlHandle::getSslErrors):
+        * platform/network/curl/CurlContext.h:
+        * platform/network/curl/CurlDownload.cpp:
+        (WebCore::CurlDownload::init):
+        (WebCore::CurlDownload::getResponse const):
+        (WebCore::CurlDownload::setupRequest):
+        (WebCore::CurlDownload::didReceiveHeader):
+        (WebCore::CurlDownload::didReceiveData):
+        (WebCore::CurlDownload::headerCallback):
+        (WebCore::CurlDownload::getTempPath const): Deleted.
+        (WebCore::CurlDownload::getUrl const): Deleted.
+        (WebCore::CurlDownload::downloadFinishedCallback): Deleted.
+        (WebCore::CurlDownload::downloadFailedCallback): Deleted.
+        (WebCore::CurlDownload::receivedDataCallback): Deleted.
+        (WebCore::CurlDownload::receivedResponseCallback): Deleted.
+        * platform/network/curl/CurlDownload.h:
+        * platform/network/curl/ResourceError.h:
+        (WebCore::ResourceError::ResourceError):
+        (WebCore::ResourceError::sslErrors const):
+        (WebCore::ResourceError::setSSLErrors): Deleted.
+        * platform/network/curl/ResourceHandleCurl.cpp:
+        (WebCore::ResourceHandleInternal::initialize):
+        (WebCore::ResourceHandleInternal::didFail):
+        (WebCore::ResourceHandleInternal::dispatchSynchronousJob):
+        * platform/network/curl/SSLHandle.cpp:
+        (WebCore::allowedClientHosts):
+        (WebCore::addAllowedClientCertificate):
+        (WebCore::getSSLClientCertificate):
+        (WebCore::certVerifyCallback):
+        (WebCore::setSSLVerifyOptions):
+        (WebCore::setSSLClientCertificate): Deleted.
+        * platform/network/curl/SSLHandle.h:
+
 2017-08-17  Chris Dumez  <cdumez@apple.com>
 
         Regression(r220817): We should only copy the original request headers for Ping loads
index b7ca1f4..7cb84f8 100644 (file)
@@ -237,8 +237,6 @@ Lock* CurlShareHandle::mutexFor(curl_lock_data data)
 
 CurlMultiHandle::CurlMultiHandle()
 {
-    CurlContext::singleton();
-
     m_multiHandle = curl_multi_init();
 }
 
@@ -284,11 +282,7 @@ CURLMsg* CurlMultiHandle::readInfo(int& messagesInQueue)
 
 CurlHandle::CurlHandle()
 {
-    CurlContext::singleton();
-
     m_handle = curl_easy_init();
-    curl_easy_setopt(m_handle, CURLOPT_ERRORBUFFER, m_errorBuffer);
-    curl_easy_setopt(m_handle, CURLOPT_PRIVATE, this);
 }
 
 CurlHandle::~CurlHandle()
@@ -303,6 +297,12 @@ const String CurlHandle::errorDescription() const
     return String(curl_easy_strerror(m_errorCode));
 }
 
+void CurlHandle::initialize()
+{
+    curl_easy_setopt(m_handle, CURLOPT_ERRORBUFFER, m_errorBuffer);
+    curl_easy_setopt(m_handle, CURLOPT_PRIVATE, this);
+}
+
 CURLcode CurlHandle::perform()
 {
     m_errorCode = curl_easy_perform(m_handle);
@@ -500,6 +500,16 @@ void CurlHandle::setSslKeyPassword(const char* password)
     curl_easy_setopt(m_handle, CURLOPT_KEYPASSWD, password);
 }
 
+void CurlHandle::setSslErrors(unsigned sslErrors)
+{
+    m_sslErrors = sslErrors;
+}
+
+unsigned CurlHandle::getSslErrors()
+{
+    return m_sslErrors;
+}
+
 void CurlHandle::enableCookieJarIfExists()
 {
     const char* cookieJar = CurlContext::singleton().getCookieJarFileName();
index 834e22b..c44cf62 100644 (file)
@@ -221,6 +221,8 @@ public:
 
     CURL* handle() const { return m_handle; }
 
+    void initialize();
+
     CURLcode perform();
     CURLcode pause(int);
 
@@ -266,6 +268,8 @@ public:
     void setSslCert(const char*);
     void setSslCertType(const char*);
     void setSslKeyPassword(const char*);
+    void setSslErrors(unsigned);
+    unsigned getSslErrors();
 
     void enableCookieJarIfExists();
     void setCookieList(const char*);
@@ -304,6 +308,7 @@ private:
     CURL* m_handle { nullptr };
     char m_errorBuffer[CURL_ERROR_SIZE] { };
     CURLcode m_errorCode;
+    unsigned m_sslErrors { 0 };
 
     char* m_url { nullptr };
     void* m_privateData { nullptr };
index 1ef9685..2ede066 100644 (file)
@@ -1,6 +1,7 @@
 /*
  * Copyright (C) 2013 Apple Inc.  All rights reserved.
  * Copyright (C) 2017 Sony Interactive Entertainment Inc.
+ * Copyright (C) 2017 NAVER Corp.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  */
 
 #include "config.h"
+#include "CurlDownload.h"
 
 #if USE(CURL)
 
-#include "CurlDownload.h"
-
 #include "CurlContext.h"
-
 #include "HTTPHeaderNames.h"
 #include "HTTPParsers.h"
 #include "ResourceRequest.h"
@@ -59,17 +58,10 @@ void CurlDownload::init(CurlDownloadListener* listener, const URL& url)
 
     LockHolder locker(m_mutex);
 
-    m_curlHandle.enableShareHandle();
-
-    m_curlHandle.setUrl(url);
-    m_curlHandle.setPrivateData(this);
-    m_curlHandle.setHeaderCallbackFunction(headerCallback, this);
-    m_curlHandle.setWriteCallbackFunction(writeCallback, this);
-    m_curlHandle.enableFollowLocation();
-    m_curlHandle.enableHttpAuthentication(CURLAUTH_ANY);
-    m_curlHandle.enableCAInfoIfExists();
+    setupRequest();
 
     m_listener = listener;
+    m_url = url;
 }
 
 void CurlDownload::init(CurlDownloadListener* listener, ResourceHandle*, const ResourceRequest& request, const ResourceResponse&)
@@ -109,22 +101,28 @@ bool CurlDownload::cancel()
     return true;
 }
 
-String CurlDownload::getTempPath() const
+ResourceResponse CurlDownload::getResponse() const
 {
     LockHolder locker(m_mutex);
-    return m_tempPath;
+    ResourceResponse response(m_responseUrl, m_responseMIMEType, 0, m_responseTextEncodingName);
+    response.setHTTPHeaderField(m_httpHeaderFieldName, m_httpHeaderFieldValue);
+    return response;
 }
 
-String CurlDownload::getUrl() const
+void CurlDownload::setupRequest()
 {
     LockHolder locker(m_mutex);
-    return String(m_curlHandle.url());
-}
 
-ResourceResponse CurlDownload::getResponse() const
-{
-    LockHolder locker(m_mutex);
-    return m_response;
+    m_curlHandle.initialize();
+    m_curlHandle.enableShareHandle();
+
+    m_curlHandle.setUrl(m_url);
+    m_curlHandle.setPrivateData(this);
+    m_curlHandle.setHeaderCallbackFunction(headerCallback, this);
+    m_curlHandle.setWriteCallbackFunction(writeCallback, this);
+    m_curlHandle.enableFollowLocation();
+    m_curlHandle.enableHttpAuthentication(CURLAUTH_ANY);
+    m_curlHandle.enableCAInfoIfExists();
 }
 
 void CurlDownload::closeFile()
@@ -173,19 +171,21 @@ void CurlDownload::didReceiveHeader(const String& header)
 
         if (httpCode >= 200 && httpCode < 300) {
             URL url = m_curlHandle.getEffectiveURL();
-            callOnMainThread([this, url = url.isolatedCopy(), protectedThis = makeRef(*this)] {
-                m_response.setURL(url);
-                m_response.setMimeType(extractMIMETypeFromMediaType(m_response.httpHeaderField(HTTPHeaderName::ContentType)));
-                m_response.setTextEncodingName(extractCharsetFromMediaType(m_response.httpHeaderField(HTTPHeaderName::ContentType)));
+            callOnMainThread([protectedThis = makeRef(*this), url = url.isolatedCopy()] {
+                ResourceResponse localResponse = protectedThis->getResponse();
+                protectedThis->m_responseUrl = url;
+                protectedThis->m_responseMIMEType = extractMIMETypeFromMediaType(localResponse.httpHeaderField(HTTPHeaderName::ContentType));
+                protectedThis->m_responseTextEncodingName = extractCharsetFromMediaType(localResponse.httpHeaderField(HTTPHeaderName::ContentType));
 
-                didReceiveResponse();
+                protectedThis->didReceiveResponse();
             });
         }
     } else {
-        callOnMainThread([this, header = header.isolatedCopy(), protectedThis = makeRef(*this)] {
+        callOnMainThread([protectedThis = makeRef(*this), header = header.isolatedCopy()] {
             int splitPos = header.find(":");
             if (splitPos != -1)
-                m_response.setHTTPHeaderField(header.left(splitPos), header.substring(splitPos + 1).stripWhiteSpace());
+                protectedThis->m_httpHeaderFieldName = header.left(splitPos);
+                protectedThis->m_httpHeaderFieldValue = header.substring(splitPos + 1).stripWhiteSpace();
         });
     }
 }
@@ -194,8 +194,8 @@ void CurlDownload::didReceiveData(void* data, int size)
 {
     LockHolder locker(m_mutex);
 
-    callOnMainThread([this, size, protectedThis = makeRef(*this)] {
-        didReceiveDataOfLength(size);
+    callOnMainThread([protectedThis = makeRef(*this), size] {
+        protectedThis->didReceiveDataOfLength(size);
     });
 
     writeDataToFile(static_cast<const char*>(data), size);
@@ -260,30 +260,6 @@ size_t CurlDownload::headerCallback(char* ptr, size_t size, size_t nmemb, void*
     return totalSize;
 }
 
-void CurlDownload::downloadFinishedCallback(CurlDownload* download)
-{
-    if (download)
-        download->didFinish();
-}
-
-void CurlDownload::downloadFailedCallback(CurlDownload* download)
-{
-    if (download)
-        download->didFail();
-}
-
-void CurlDownload::receivedDataCallback(CurlDownload* download, int size)
-{
-    if (download)
-        download->didReceiveDataOfLength(size);
-}
-
-void CurlDownload::receivedResponseCallback(CurlDownload* download)
-{
-    if (download)
-        download->didReceiveResponse();
-}
-
 }
 
 #endif
index 3da54ae..54c8f2c 100644 (file)
@@ -1,6 +1,7 @@
 /*
  * Copyright (C) 2013 Apple Inc.  All rights reserved.
  * Copyright (C) 2017 Sony Interactive Entertainment Inc.
+ * Copyright (C) 2017 NAVER Corp.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
 
 #pragma once
 
+#include "CurlJobManager.h"
 #include "FileSystem.h"
 #include "ResourceHandle.h"
 #include "ResourceResponse.h"
 #include <wtf/Lock.h>
 #include <wtf/Threading.h>
 
-#if PLATFORM(WIN)
-#include <windows.h>
-#include <winsock2.h>
-#endif
-
-#include "CurlContext.h"
-#include "CurlJobManager.h"
-
 namespace WebCore {
 
 class CurlDownloadListener {
@@ -55,7 +49,7 @@ public:
     CurlDownload();
     ~CurlDownload();
 
-    void init(CurlDownloadListener*, const WebCore::URL&);
+    void init(CurlDownloadListener*, const URL&);
     void init(CurlDownloadListener*, ResourceHandle*, const ResourceRequest&, const ResourceResponse&);
 
     void setListener(CurlDownloadListener* listener) { m_listener = listener; }
@@ -63,9 +57,7 @@ public:
     bool start();
     bool cancel();
 
-    String getTempPath() const;
-    String getUrl() const;
-    WebCore::ResourceResponse getResponse() const;
+    ResourceResponse getResponse() const;
 
     bool deletesFileUponFailure() const { return m_deletesFileUponFailure; }
     void setDeletesFileUponFailure(bool deletesFileUponFailure) { m_deletesFileUponFailure = deletesFileUponFailure; }
@@ -73,6 +65,8 @@ public:
     void setDestination(const String& destination) { m_destination = destination; }
 
 private:
+    void setupRequest();
+
     void closeFile();
     void moveFileToDestination();
     void writeDataToFile(const char* data, int size);
@@ -92,17 +86,17 @@ private:
     static size_t writeCallback(char* ptr, size_t, size_t nmemb, void* data);
     static size_t headerCallback(char* ptr, size_t, size_t nmemb, void* data);
 
-    static void downloadFinishedCallback(CurlDownload*);
-    static void downloadFailedCallback(CurlDownload*);
-    static void receivedDataCallback(CurlDownload*, int size);
-    static void receivedResponseCallback(CurlDownload*);
-
     CurlHandle m_curlHandle;
+    URL m_url;
     CurlJobTicket m_job;
     String m_tempPath;
     String m_destination;
-    WebCore::PlatformFileHandle m_tempHandle { invalidPlatformFileHandle };
-    WebCore::ResourceResponse m_response;
+    PlatformFileHandle m_tempHandle { invalidPlatformFileHandle };
+    URL m_responseUrl;
+    String m_responseMIMEType;
+    String m_responseTextEncodingName;
+    String m_httpHeaderFieldName;
+    String m_httpHeaderFieldValue;
     bool m_deletesFileUponFailure { false };
     mutable Lock m_mutex;
     CurlDownloadListener* m_listener { nullptr };
index e5dadd2..bbe956f 100644 (file)
 #include "CurlContext.h"
 #include "ResourceErrorBase.h"
 
-#if PLATFORM(WIN)
-#include <windows.h>
-#include <winsock2.h>
-#endif
-
 namespace WebCore {
 
-class ResourceError : public ResourceErrorBase
-{
+class ResourceError : public ResourceErrorBase {
+    friend class ResourceErrorBase;
 public:
     ResourceError(Type type = Type::Null)
         : ResourceErrorBase(type)
@@ -48,18 +43,16 @@ public:
     {
     }
 
-    ResourceError(const CurlHandle& curl, unsigned sslErrors)
-        : ResourceErrorBase(CurlContext::errorDomain, curl.errorCode(), curl.getEffectiveURL(), curl.errorDescription(), Type::General)
-        , m_sslErrors { sslErrors }
+    ResourceError(const String& domain, int errorCode, const URL& failingURL, const String& localizedDescription, unsigned sslErrors, Type type = Type::General)
+        : ResourceErrorBase(domain, errorCode, failingURL, localizedDescription, type)
+        , m_sslErrors(sslErrors)
     {
     }
 
     unsigned sslErrors() const { return m_sslErrors; }
-    void setSSLErrors(unsigned sslVerifyResult) { m_sslErrors = sslVerifyResult; }
     bool hasSSLConnectError() const { return errorCode() == CURLE_SSL_CONNECT_ERROR; }
 
 private:
-    friend class ResourceErrorBase;
     void doPlatformIsolatedCopy(const ResourceError&) { }
 
     unsigned m_sslErrors { 0 };
index a4ad893..249a170 100644 (file)
@@ -130,6 +130,7 @@ void ResourceHandleInternal::initialize()
     m_curlHandle.enableStdErrIfUsed();
 #endif
 
+    m_curlHandle.initialize();
     m_curlHandle.setSslVerifyPeer(CurlHandle::VerifyPeerEnable);
     m_curlHandle.setSslVerifyHost(CurlHandle::VerifyHostStrictNameCheck);
     m_curlHandle.setPrivateData(this);
@@ -141,12 +142,17 @@ void ResourceHandleInternal::initialize()
     m_curlHandle.enableShareHandle();
     m_curlHandle.enableTimeout();
     m_curlHandle.enableAllowedProtocols();
-    setSSLClientCertificate(m_handle);
+    auto certificate = getSSLClientCertificate(m_firstRequest.url().host());
+    if (certificate) {
+        m_curlHandle.setSslCert((*certificate).first.utf8().data());
+        m_curlHandle.setSslCertType("P12");
+        m_curlHandle.setSslKeyPassword((*certificate).second.utf8().data());
+    }
 
     if (CurlContext::singleton().shouldIgnoreSSLErrors())
         m_curlHandle.setSslVerifyPeer(CurlHandle::VerifyPeerDisable);
     else
-        setSSLVerifyOptions(m_handle);
+        setSSLVerifyOptions(m_curlHandle);
 
     m_curlHandle.enableCAInfoIfExists();
 
@@ -401,7 +407,7 @@ void ResourceHandleInternal::didFail()
         return;
     URL url = m_curlHandle.getEffectiveURL();
     if (client()) {
-        client()->didFail(m_handle, ResourceError(m_curlHandle, m_sslErrors));
+        client()->didFail(m_handle, ResourceError(CurlContext::errorDomain, m_curlHandle.errorCode(), m_curlHandle.getEffectiveURL(), m_curlHandle.errorDescription(), m_curlHandle.getSslErrors()));
         CurlCacheManager::getInstance().didFail(*m_handle);
     }
 }
@@ -990,7 +996,7 @@ void ResourceHandleInternal::dispatchSynchronousJob()
 
     if (client()) {
         if (ret != CURLE_OK)
-            client()->didFail(m_handle, ResourceError(m_curlHandle, m_sslErrors));
+            client()->didFail(m_handle, ResourceError(CurlContext::errorDomain, m_curlHandle.errorCode(), m_curlHandle.getEffectiveURL(), m_curlHandle.errorDescription(), m_curlHandle.getSslErrors()));
         else
             client()->didReceiveResponse(m_handle, ResourceResponse(m_response));
     }
index f8f9755..96facce 100644 (file)
 
 namespace WebCore {
 
-typedef std::tuple<String, String> clientCertificate;
-
 static HashMap<String, ListHashSet<String>, ASCIICaseInsensitiveHash>& allowedHosts()
 {
     static NeverDestroyed<HashMap<String, ListHashSet<String>, ASCIICaseInsensitiveHash>> map;
     return map;
 }
 
-static HashMap<String, clientCertificate, ASCIICaseInsensitiveHash>& allowedClientHosts()
+static HashMap<String, ClientCertificate, ASCIICaseInsensitiveHash>& allowedClientHosts()
 {
-    static NeverDestroyed<HashMap<String, clientCertificate, ASCIICaseInsensitiveHash>> map;
+    static NeverDestroyed<HashMap<String, ClientCertificate, ASCIICaseInsensitiveHash>> map;
     return map;
 }
 
@@ -62,23 +60,17 @@ void allowsAnyHTTPSCertificateHosts(const String& host)
 
 void addAllowedClientCertificate(const String& host, const String& certificate, const String& key)
 {
-    clientCertificate clientInfo(certificate, key);
+    ClientCertificate clientInfo { certificate, key };
     allowedClientHosts().set(host, clientInfo);
 }
 
-void setSSLClientCertificate(ResourceHandle* handle)
+std::optional<ClientCertificate> getSSLClientCertificate(const String& host)
 {
-    String host = handle->firstRequest().url().host();
     auto it = allowedClientHosts().find(host);
     if (it == allowedClientHosts().end())
-        return;
-
-    ResourceHandleInternal* d = handle->getInternal();
-    clientCertificate clientInfo = it->value;
+        return std::nullopt;
 
-    d->m_curlHandle.setSslCert(std::get<0>(clientInfo).utf8().data());
-    d->m_curlHandle.setSslCertType("P12");
-    d->m_curlHandle.setSslKeyPassword(std::get<1>(clientInfo).utf8().data());
+    return it->value;
 }
 
 bool sslIgnoreHTTPSCertificate(const String& host, const ListHashSet<String>& certificates)
@@ -203,11 +195,10 @@ static int certVerifyCallback(int ok, X509_STORE_CTX* ctx)
 
     SSL* ssl = reinterpret_cast<SSL*>(X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
     SSL_CTX* sslctx = SSL_get_SSL_CTX(ssl);
-    ResourceHandle* job = reinterpret_cast<ResourceHandle*>(SSL_CTX_get_app_data(sslctx));
-    String host = job->firstRequest().url().host();
-    ResourceHandleInternal* d = job->getInternal();
+    CurlHandle* handle = reinterpret_cast<CurlHandle*>(SSL_CTX_get_app_data(sslctx));
+    String host = handle->getEffectiveURL().host();
 
-    d->m_sslErrors = sslCertificateFlag(err);
+    handle->setSslErrors(sslCertificateFlag(err));
 
 #if PLATFORM(WIN)
     auto it = allowedHosts().find(host);
@@ -222,7 +213,7 @@ static int certVerifyCallback(int ok, X509_STORE_CTX* ctx)
     if (ok) {
         // if the host and the certificate are stored for the current handle that means is enabled,
         // so don't need to curl verifies the authenticity of the peer's certificate
-        d->m_curlHandle.setSslVerifyPeer(CurlHandle::VerifyPeerDisable);
+        handle->setSslVerifyPeer(CurlHandle::VerifyPeerDisable);
     }
     return ok;
 }
@@ -234,11 +225,9 @@ static CURLcode sslctxfun(CURL* curl, void* sslctx, void* parm)
     return CURLE_OK;
 }
 
-void setSSLVerifyOptions(ResourceHandle* handle)
+void setSSLVerifyOptions(CurlHandle& handle)
 {
-    ResourceHandleInternal* d = handle->getInternal();
-
-    d->m_curlHandle.setSslCtxCallbackFunction(sslctxfun, handle);
+    handle.setSslCtxCallbackFunction(sslctxfun, &handle);
 }
 
 }
index 0a5847d..6b29455 100644 (file)
@@ -32,6 +32,8 @@
 
 namespace WebCore {
 
+class CurlHandle;
+
 typedef enum {
     SSL_CERTIFICATE_UNKNOWN_CA = (1 << 0), // The signing certificate authority is not known.
     SSL_CERTIFICATE_BAD_IDENTITY = (1 << 1), // The certificate does not match the expected identity of the site that it was retrieved from.
@@ -42,12 +44,13 @@ typedef enum {
     SSL_CERTIFICATE_GENERIC_ERROR = (1 << 6) // Some other error occurred validating the certificate
 } SSLCertificateFlags;
 
+typedef std::pair<String, String> ClientCertificate;
 
 void addAllowedClientCertificate(const String&, const String&, const String&);
 void allowsAnyHTTPSCertificateHosts(const String&);
 bool sslIgnoreHTTPSCertificate(const String&, const String&);
-void setSSLVerifyOptions(ResourceHandle*);
-void setSSLClientCertificate(ResourceHandle*);
+std::optional<ClientCertificate> getSSLClientCertificate(const String&);
+void setSSLVerifyOptions(CurlHandle&);
 
 }