[EFL][WK2] Add ewk API to allow accepting a specific TLS certificate for a specific...
authorpmolnar.u-szeged@partner.samsung.com <pmolnar.u-szeged@partner.samsung.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 4 Dec 2014 09:23:28 +0000 (09:23 +0000)
committerpmolnar.u-szeged@partner.samsung.com <pmolnar.u-szeged@partner.samsung.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 4 Dec 2014 09:23:28 +0000 (09:23 +0000)
https://bugs.webkit.org/show_bug.cgi?id=131160

Reviewed by Gyuyoung Kim.

* UIProcess/API/efl/ewk_context.cpp:
(EwkContext::allowSpecificHTTPSCertificateForHost):
(ewk_context_tls_certificate_for_host_allow):
* UIProcess/API/efl/ewk_context.h:
* UIProcess/API/efl/ewk_context_private.h:
* UIProcess/API/efl/tests/test_ewk2_ssl.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@176786 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit2/ChangeLog
Source/WebKit2/UIProcess/API/efl/ewk_context.cpp
Source/WebKit2/UIProcess/API/efl/ewk_context.h
Source/WebKit2/UIProcess/API/efl/ewk_context_private.h
Source/WebKit2/UIProcess/API/efl/tests/test_ewk2_ssl.cpp

index ea9d4d8..c89b0a5 100644 (file)
@@ -1,3 +1,17 @@
+2014-12-04  Peter Molnar  <pmolnar.u-szeged@partner.samsung.com>
+
+        [EFL][WK2] Add ewk API to allow accepting a specific TLS certificate for a specific host
+        https://bugs.webkit.org/show_bug.cgi?id=131160
+
+        Reviewed by Gyuyoung Kim.
+
+        * UIProcess/API/efl/ewk_context.cpp:
+        (EwkContext::allowSpecificHTTPSCertificateForHost):
+        (ewk_context_tls_certificate_for_host_allow):
+        * UIProcess/API/efl/ewk_context.h:
+        * UIProcess/API/efl/ewk_context_private.h:
+        * UIProcess/API/efl/tests/test_ewk2_ssl.cpp:
+
 2014-12-03  Commit Queue  <commit-queue@webkit.org>
 
         Unreviewed, rolling out r176457.
 2014-12-03  Commit Queue  <commit-queue@webkit.org>
 
         Unreviewed, rolling out r176457.
index 770f210..8149622 100644 (file)
@@ -40,6 +40,8 @@
 #include "ewk_storage_manager_private.h"
 #include "ewk_url_scheme_request_private.h"
 #include <JavaScriptCore/JSContextRef.h>
 #include "ewk_storage_manager_private.h"
 #include "ewk_url_scheme_request_private.h"
 #include <JavaScriptCore/JSContextRef.h>
+#include <Shared/WebCertificateInfo.h>
+#include <WebCore/CertificateInfo.h>
 #include <WebCore/FileSystem.h>
 #include <WebCore/IconDatabase.h>
 #include <WebCore/Language.h>
 #include <WebCore/FileSystem.h>
 #include <WebCore/IconDatabase.h>
 #include <WebCore/Language.h>
@@ -443,6 +445,23 @@ void EwkContext::setIgnoreTLSErrors(Ewk_TLS_Error_Policy TLSErrorPolicy) const
     toImpl(m_context.get())->setIgnoreTLSErrors(isNewPolicy);
 }
 
     toImpl(m_context.get())->setIgnoreTLSErrors(isNewPolicy);
 }
 
+void EwkContext::allowSpecificHTTPSCertificateForHost(const String& pem, const String& host) const
+{
+    CString certificate = pem.ascii();
+
+    GTlsCertificate* gTlsCertificate = g_tls_certificate_new_from_pem(
+        certificate.data(), certificate.length(), nullptr);
+
+    if (!gTlsCertificate)
+        return;
+
+    WebCore::CertificateInfo certificateInfo = WebCore::CertificateInfo(gTlsCertificate, G_TLS_CERTIFICATE_VALIDATE_ALL);
+
+    RefPtr<WebCertificateInfo> webCertificateInfo = WebCertificateInfo::create(certificateInfo);
+
+    toImpl(m_context.get())->allowSpecificHTTPSCertificateForHost(webCertificateInfo.get(), host);
+}
+
 Ewk_Context* ewk_context_default_get()
 {
     return EwkContext::defaultContext();
 Ewk_Context* ewk_context_default_get()
 {
     return EwkContext::defaultContext();
@@ -595,3 +614,10 @@ void ewk_context_preferred_languages_set(Eina_List* languages)
     WebCore::overrideUserPreferredLanguages(preferredLanguages);
     WebCore::languageDidChange();
 }
     WebCore::overrideUserPreferredLanguages(preferredLanguages);
     WebCore::languageDidChange();
 }
+
+void ewk_context_tls_certificate_for_host_allow(Ewk_Context* context, const char* pem, const char* host)
+{
+    EWK_OBJ_GET_IMPL_OR_RETURN(const EwkContext, context, impl);
+
+    impl->allowSpecificHTTPSCertificateForHost(pem, host);
+}
index dd91b68..8c38b7d 100644 (file)
@@ -443,6 +443,16 @@ EAPI void ewk_context_tls_error_policy_set(Ewk_Context *context, Ewk_TLS_Error_P
  */
 EAPI void ewk_context_preferred_languages_set(Eina_List *languages);
 
  */
 EAPI void ewk_context_preferred_languages_set(Eina_List *languages);
 
+
+/**
+ * Allows accepting the specified TLS certificate for the speficied host.
+ *
+ * @param context context object to allow accepting a specific certificate for a specific host
+ * @param pem the certificate to be accepted in PEM format
+ * @param host the host for which the certificate is to be accepted
+ */
+EAPI void ewk_context_tls_certificate_for_host_allow(Ewk_Context *context, const char *pem, const char *host);
+
 #ifdef __cplusplus
 }
 #endif
 #ifdef __cplusplus
 }
 #endif
index 32d23ed..4fd7053 100644 (file)
@@ -88,6 +88,8 @@ public:
 
     const String& extensionsPath() const { return m_extensionsPath; }
 
 
     const String& extensionsPath() const { return m_extensionsPath; }
 
+    void allowSpecificHTTPSCertificateForHost(const String& pem, const String& host) const;
+
 #if ENABLE(NETSCAPE_PLUGIN_API)
     void setAdditionalPluginPath(const String&);
 #endif
 #if ENABLE(NETSCAPE_PLUGIN_API)
     void setAdditionalPluginPath(const String&);
 #endif
index 2b3d73f..c9578ed 100644 (file)
@@ -262,3 +262,30 @@ TEST_F(EWK2SSLTest, ewk_ssl_bad_cert_redirect_https_to_http)
 
     waitUntilTrue(finishTest, testTimeoutSeconds);
 }
 
     waitUntilTrue(finishTest, testTimeoutSeconds);
 }
+
+TEST_F(EWK2SSLTest, ewk_ssl_bad_cert_page_load_test_allow_specific)
+{
+    finishTest = false;
+
+    Ewk_Context* context = ewk_view_context_get(webView());
+    ewk_context_tls_error_policy_set(context, EWK_TLS_ERROR_POLICY_FAIL);
+    ewk_context_tls_certificate_for_host_allow(context, certificate_data, "127.0.0.1");
+
+    GTlsCertificate* TLSCertificate = getCertificate();
+
+    if (!TLSCertificate)
+        FAIL();
+
+    std::unique_ptr<EWK2UnitTestServer> httpsServer = std::make_unique<EWK2UnitTestServer>(TLSCertificate);
+    httpsServer->run(serverCallbackBadCertPageLoadTest);
+
+    Ewk_Error* error = nullptr;
+    evas_object_smart_callback_add(webView(), "load,provisional,failed", onLoadProvisionalFailedIgnore, &error);
+
+    bool isFinished = false;
+    evas_object_smart_callback_add(webView(), "load,finished", onLoadFinishedIgnore, &isFinished);
+
+    ewk_view_url_set(webView(), httpsServer->getURLForPath("/index.html").data());
+
+    waitUntilTrue(finishTest, testTimeoutSeconds);
+}