[Webkit-unassigned] [Bug 195908] New: webkit_web_context_allow_tls_certificate_for_host() fails for IPv6 URIs produced by SoupURI

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Mar 18 13:53:33 PDT 2019 

https://bugs.webkit.org/show_bug.cgi?id=195908

            Bug ID: 195908
           Summary: webkit_web_context_allow_tls_certificate_for_host()
                    fails for IPv6 URIs produced by SoupURI
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKitGTK
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at igalia.com
                CC: bugs-noreply at webkitgtk.org

webkit_web_context_allow_tls_certificate_for_host() fails for IPv6 URIs produced by SoupURI because SoupURI handles normalization differently (less-conformantly) than WTF::URI.

The problem is the [] brackets are being normalized away when stored in the misnamed clientCertificates() map (they are server certificates, not client certificates). But the brackets are still there when being checked against the map. Then [2a01:4f8:172:122a::2] is considered nonequal to 2a01:4f8:172:122a::2.

I'd argue that it's a SoupURI bug for not storing the [] brackets in the host portion of the URI, but sadly it's documented behavior:

"""
If host is an IPv6 IP address, it should not include the brackets required by the URI syntax; they will be added automatically when converting uri to a string.
"""

(The brackets are required to be a normalized URI.)

This unacceptable hack "fixes" the problem:

void SoupNetworkSession::allowSpecificHTTPSCertificateForHost(const CertificateInfo& certificateInfo, const String& host)
{
    URL urlForNormalizingHost(URL(), makeString("http://[", host, "]"));
    String normalizedHost = urlForNormalizingHost.host().toString();
WTFLogAlways("%s: host=%s normalizedHost=%s", __FUNCTION__, host.utf8().data(), normalizedHost.utf8().data());
    allowedCertificates().add(normalizedHost, HostTLSCertificateSet()).iterator->value.add(certificateInfo.certificate());
}

More discussion here:

https://gitlab.gnome.org/GNOME/epiphany/issues/451

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20190318/4e4c885c/attachment.html>

More information about the webkit-unassigned mailing list