[Webkit-unassigned] [Bug 131734] [EFL][WK1] SSL Strict is set according to input parameter.
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Apr 16 22:32:47 PDT 2014
https://bugs.webkit.org/show_bug.cgi?id=131734
--- Comment #4 from Jeongeun Kim <je_julie.kim at samsung.com> 2014-04-16 22:33:05 PST ---
(In reply to comment #3)
> EAPI void ewk_network_tls_certificate_check_set(Eina_Bool enable);
>
> > Source/WebKit/efl/ewk/ewk_network.cpp:58
> > unsigned policy = WebCore::SoupNetworkSession::defaultSession().sslPolicy();
>
> Now I understand this API behavior is to enable soup SSL policy if checkCertificates is enabled. However, it looks this API is getting current ssl policy value unnecessary because you set *policy* value only depends on *checkCertificates*. I think there are two choices. One is just to set the policy regardless of current policy value. The other is to enable only both when *checkCertificates* is enabled and *current policy value* is disabled.
>
> Below may be one of examples for first one.
>
> void ewk_network_tls_certificate_check_set(Eina_Bool checkCertificates) {
> if (checkCertificates)
> policy = WebCore::SoupNetworkSession::SSLStrict;
> else
> policy = ~WebCore::SoupNetworkSession::SSLStrict;
>
> WebCore::SoupNetworkSession::defaultSession().setSSLPolicy(policy);
> }
Thanks, Gyuyoung.
SoupNetworkSession::SSLPolicy SoupNetworkSession::sslPolicy() includes two options, SOUP_SESSION_SSL_USE_SYSTEM_CA_FILE and SOUP_SESSION_SSL_STRICT.
We can set both of them using setSSLPolicy. That's why I'm getting current value.
Originally, ewk_network_tls_certificate_check_set is only related to SSL-Strict.
As to the second suggestion, It means that
if (checkCertificates && !(policy | WebCore::SoupNetworkSession::SSLStrict))
policy |= WebCore::SoupNetworkSession::SSLStrict;
else if (!checkCertificates && (policy | WebCore::SoupNetworkSession::SSLStrict))
policy &= ~WebCore::SoupNetworkSession::SSLStrict;
So, your suggestion is that?
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list