[webkit-gtk] SSL Handshake failed on some sites

Sergio Villar Senin svillar at igalia.com
Wed Feb 27 00:35:56 PST 2013

En 26/02/13 20:37, Thomas Weißschuh escribiu:
> The problem here isn't webkitgtk but a miscommunication between
> libsoup/glib-networking/gnutls.
> In libsoup/soup-socket.c:soup_socket_handshake_sync() a connectinon attempt is
> made. Then there is a check whether a TLS or SSL error occurred (different
> things in this case). If it was a TLS error; higher up the callstack a retry is
> scheduled. This time using SSL instead of TLS (exactly to prevent TLS
> incompabilities)
> In this case however the error reported by g_tls_connection_handshake is a
> certificate parsing error, which is classified as SSL error, so no retry is
> performed.
> If one forces the certificate parsing error to be a TLS error, the retried
> connection will succeed (including parsing the certificate), so this
> certificate can't be completely broken.
> Are people on this list who want to handle this themselves or should I file
> this with those other projects?

Can you file a bug in bugzilla?


More information about the webkit-gtk mailing list