[EFL] Add API to control whether SSL certificates should be checked.
authorkubo@profusion.mobi <kubo@profusion.mobi@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 12 Dec 2011 18:17:40 +0000 (18:17 +0000)
committerkubo@profusion.mobi <kubo@profusion.mobi@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 12 Dec 2011 18:17:40 +0000 (18:17 +0000)
https://bugs.webkit.org/show_bug.cgi?id=74299

Reviewed by Martin Robinson.

* ewk/ewk_main.cpp:
(_ewk_init_body): Explicitly disable certificate checks by default.
* ewk/ewk_network.cpp:
(ewk_network_tls_certificate_check_get):
(ewk_network_tls_certificate_check_set):
* ewk/ewk_network.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@102598 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebKit/efl/ChangeLog [changed mode: 0755->0644]
Source/WebKit/efl/ewk/ewk_main.cpp
Source/WebKit/efl/ewk/ewk_network.cpp
Source/WebKit/efl/ewk/ewk_network.h

old mode 100755 (executable)
new mode 100644 (file)
index f435105..5f12e8d
@@ -1,3 +1,17 @@
+2011-12-12  Raphael Kubo da Costa  <kubo@profusion.mobi>
+
+        [EFL] Add API to control whether SSL certificates should be checked.
+        https://bugs.webkit.org/show_bug.cgi?id=74299
+
+        Reviewed by Martin Robinson.
+
+        * ewk/ewk_main.cpp:
+        (_ewk_init_body): Explicitly disable certificate checks by default.
+        * ewk/ewk_network.cpp:
+        (ewk_network_tls_certificate_check_get):
+        (ewk_network_tls_certificate_check_set):
+        * ewk/ewk_network.h:
+
 2011-12-07  Ryuan Choi  <ryuan.choi@samsung.com>
 
         [EFL] Introduce AssertMatchingEnums.cpp.
index 369316d0129a4aadef22bd84c06fed763b1993f9..e821a4a18635b7df9cf463a95f8cbdaf9844adc7 100644 (file)
@@ -28,6 +28,7 @@
 #include "ScriptController.h"
 #include "Settings.h"
 #include "ewk_logging.h"
+#include "ewk_network.h"
 #include "ewk_private.h"
 #include "ewk_settings.h"
 #include "runtime/InitializeThreading.h"
@@ -185,6 +186,8 @@ Eina_Bool _ewk_init_body(void)
         ewk_settings_application_cache_path_set(webkitDirectory.utf8().data());
     }
 
+    ewk_network_tls_certificate_check_set(false);
+
     // TODO: this should move to WebCore, already reported to webkit-gtk folks:
 #if USE(SOUP)
     if (1) {
index 0602d9d200b436ac9d8b2b522a3d07401696c675..d50689dfb8b368095b46ee3177e15401e03c20d2 100644 (file)
@@ -75,6 +75,26 @@ void ewk_network_state_notifier_online_set(Eina_Bool online)
     WebCore::networkStateNotifier().setOnLine(online);
 }
 
+Eina_Bool ewk_network_tls_certificate_check_get()
+{
+    bool checkCertificates = false;
+
+#if USE(SOUP)
+    SoupSession* defaultSession = WebCore::ResourceHandle::defaultSession();
+    g_object_get(defaultSession, "ssl-strict", &checkCertificates, NULL);
+#endif
+
+    return checkCertificates;
+}
+
+void ewk_network_tls_certificate_check_set(Eina_Bool checkCertificates)
+{
+#if USE(SOUP)
+    SoupSession* defaultSession = WebCore::ResourceHandle::defaultSession();
+    g_object_set(defaultSession, "ssl-strict", checkCertificates, NULL);
+#endif
+}
+
 SoupSession* ewk_network_default_soup_session_get()
 {
 #if USE(SOUP)
index 720de74d91687902c754b2b64938604f8590acc4..ec8e6905d51f370f61fd028d8a28d3c6003c2739 100644 (file)
@@ -31,6 +31,8 @@
 extern "C" {
 #endif
 
+typedef struct _SoupSession SoupSession;
+
 /**
  * Sets the given proxy URI to network backend.
  *
@@ -54,7 +56,21 @@ EAPI const char      *ewk_network_proxy_uri_get(void);
  */
 EAPI void             ewk_network_state_notifier_online_set(Eina_Bool online);
 
-typedef struct _SoupSession SoupSession;
+/**
+ * Returns whether HTTPS connections should check the received certificate and error out if it is invalid.
+ *
+ * By default, HTTPS connections are performed regardless of the validity of the certificate provided.
+ */
+EAPI Eina_Bool        ewk_network_tls_certificate_check_get(void);
+
+/**
+ * Sets whether HTTPS connections should check the received certificate and error out if it is invalid.
+ *
+ * By default, HTTPS connections are performed regardless of the validity of the certificate provided.
+ *
+ * @param enable Whether to check the provided certificates or not.
+ */
+EAPI void             ewk_network_tls_certificate_check_set(Eina_Bool enable);
 
 /**
  * Returns the default @c SoupSession used by all views.