[webkit-changes] [WebKit/WebKit] 58dd45: [Curl] Use CURLINFO_SSL_VERIFYRESULT to get the re...

Kenji Shukuwa noreply at github.com
Fri Nov 18 01:59:17 PST 2022


  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 58dd451692d4c6eb0c0bc367b3bd5a841d80c651
      https://github.com/WebKit/WebKit/commit/58dd451692d4c6eb0c0bc367b3bd5a841d80c651
  Author: Kenji Shukuwa <kenji.shukuwa at open-tec.co.jp>
  Date:   2022-11-18 (Fri, 18 Nov 2022)

  Changed paths:
    M Source/WebCore/platform/network/curl/CurlContext.cpp
    M Source/WebCore/platform/network/curl/CurlContext.h
    M Source/WebCore/platform/network/curl/CurlSSLVerifier.cpp
    M Source/WebCore/platform/network/curl/CurlSSLVerifier.h
    M Source/WebCore/platform/network/curl/OpenSSLHelper.cpp
    M Source/WebCore/platform/network/curl/OpenSSLHelper.h

  Log Message:
  -----------
  [Curl] Use CURLINFO_SSL_VERIFYRESULT to get the result of the certificate verification
https://bugs.webkit.org/show_bug.cgi?id=208806

Reviewed by Fujii Hironori.

There are cases where SSL certificate verification has failed,
but the result of the certificate verification to 0 (X509_V_OK).
We can fix this by using CURLINFO_SSL_VERIFYRESULT.

* Source/WebCore/platform/network/curl/CurlContext.cpp:
(WebCore::CurlHandle::sslErrors const):
(WebCore::CurlHandle::getSSLVerifyResult const):
(WebCore::CurlHandle::certificateInfo const):
* Source/WebCore/platform/network/curl/CurlContext.h:
* Source/WebCore/platform/network/curl/CurlSSLVerifier.cpp:
(WebCore::CurlSSLVerifier::createCertificateInfo):
(WebCore::CurlSSLVerifier::collectInfo):
(WebCore::CurlSSLVerifier::convertToSSLCertificateFlags):
(WebCore::convertToSSLCertificateFlags): Deleted.
* Source/WebCore/platform/network/curl/CurlSSLVerifier.h:
(WebCore::CurlSSLVerifier::sslErrors): Deleted.
(WebCore::CurlSSLVerifier::certificateInfo const): Deleted.
(): Deleted.
* Source/WebCore/platform/network/curl/OpenSSLHelper.cpp:
(OpenSSL::pemDataFromCtx):
(OpenSSL::createCertificateInfo):
(OpenSSL::createCertificateChain):
* Source/WebCore/platform/network/curl/OpenSSLHelper.h:

Canonical link: https://commits.webkit.org/256827@main




More information about the webkit-changes mailing list