[Xfce4-commits] <midori:master> Unify certificate checks during load
Christian Dywan
noreply at xfce.org
Sat Apr 6 23:14:04 CEST 2013
Updating branch refs/heads/master
to 1f430e6eaa48832f384d6076b2c00f94e528cce9 (commit)
from 6ff427549112a18a19bf0719346278915d329d34 (commit)
commit 1f430e6eaa48832f384d6076b2c00f94e528cce9
Author: Christian Dywan <christian at twotoasts.de>
Date: Sat Apr 6 23:02:50 2013 +0200
Unify certificate checks during load
midori/midori-locationaction.c | 7 +++++++
midori/midori-session.c | 2 +-
midori/midori-view.c | 34 +++++++++++++++++-----------------
3 files changed, 25 insertions(+), 18 deletions(-)
diff --git a/midori/midori-locationaction.c b/midori/midori-locationaction.c
index 63e8e83..c956fef 100644
--- a/midori/midori-locationaction.c
+++ b/midori/midori-locationaction.c
@@ -1283,6 +1283,7 @@ midori_location_action_focus_out_event_cb (GtkWidget* widget,
#endif
#if defined (HAVE_LIBSOUP_2_34_0)
+#ifndef HAVE_WEBKIT2
static GHashTable* message_map = NULL;
void
midori_map_add_message (SoupMessage* message)
@@ -1300,10 +1301,13 @@ midori_map_get_message (SoupMessage* message)
SoupURI* uri = soup_message_get_uri (message);
SoupMessage* full;
g_return_val_if_fail (uri && uri->host, message);
+ if (message_map == NULL)
+ message_map = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, g_object_unref);
full = g_hash_table_lookup (message_map, uri->host);
g_return_val_if_fail (full, message);
return full;
}
+#endif
#ifdef HAVE_GCR
typedef enum {
@@ -1398,7 +1402,10 @@ midori_location_action_show_page_info (GtkWidget* widget,
#endif
midori_view_get_tls_info (view, request, &tls_cert, &tls_flags, &hostname);
if (tls_cert == NULL)
+ {
+ g_free (hostname);
return;
+ }
#ifdef HAVE_GCR
GByteArray* der_cert;
diff --git a/midori/midori-session.c b/midori/midori-session.c
index f485a21..8e6c48a 100644
--- a/midori/midori-session.c
+++ b/midori/midori-session.c
@@ -102,7 +102,7 @@ soup_session_settings_notify_first_party_cb (MidoriWebSettings* settings,
}
#endif
-#if defined (HAVE_LIBSOUP_2_34_0)
+#if !defined (HAVE_WEBKIT2) && defined (HAVE_LIBSOUP_2_34_0)
/* Implemented in MidoriLocationAction */
void
midori_map_add_message (SoupMessage* message);
diff --git a/midori/midori-view.c b/midori/midori-view.c
index 7a41d66..2ebffc4 100644
--- a/midori/midori-view.c
+++ b/midori/midori-view.c
@@ -30,9 +30,11 @@
#define GCR_API_SUBJECT_TO_CHANGE
#include <gcr/gcr.h>
+#ifndef HAVE_WEBKIT2
SoupMessage*
midori_map_get_message (SoupMessage* message);
#endif
+#endif
#include <string.h>
#include <stdlib.h>
@@ -923,52 +925,50 @@ midori_view_load_committed (MidoriView* view)
if (!strncmp (uri, "https", 5))
{
+ #if defined (HAVE_LIBSOUP_2_29_91)
#ifdef HAVE_WEBKIT2
- /* Not implemented */
- #elif defined (HAVE_LIBSOUP_2_29_91)
+ void* request = NULL;
+ #else
WebKitWebFrame* web_frame = webkit_web_view_get_main_frame (WEBKIT_WEB_VIEW (view->web_view));
WebKitWebDataSource* source = webkit_web_frame_get_data_source (web_frame);
WebKitNetworkRequest* request = webkit_web_data_source_get_request (source);
- SoupMessage* message = webkit_network_request_get_message (request);
-
- if (message
- && soup_message_get_flags (message) & SOUP_MESSAGE_CERTIFICATE_TRUSTED)
+ #endif
+ GTlsCertificate* tls_cert;
+ GTlsCertificateFlags tls_flags;
+ gchar* hostname; /* FIXME leak */
+ if (midori_view_get_tls_info (view, request, &tls_cert, &tls_flags, &hostname))
midori_tab_set_security (MIDORI_TAB (view), MIDORI_SECURITY_TRUSTED);
#ifdef HAVE_GCR
- else if (!midori_tab_get_special (MIDORI_TAB (view)) && message != NULL)
+ else if (!midori_tab_get_special (MIDORI_TAB (view)) && tls_cert != NULL)
{
- GTlsCertificate* tls_cert;
GcrCertificate* gcr_cert;
GByteArray* der_cert;
- SoupURI* soup_uri;
- message = midori_map_get_message (message);
- g_object_get (message, "tls-certificate", &tls_cert, NULL);
- g_return_if_fail (tls_cert != NULL);
g_object_get (tls_cert, "certificate", &der_cert, NULL);
gcr_cert = gcr_simple_certificate_new (der_cert->data, der_cert->len);
g_byte_array_unref (der_cert);
- soup_uri = soup_message_get_uri (message);
- if (gcr_trust_is_certificate_pinned (gcr_cert, GCR_PURPOSE_SERVER_AUTH, soup_uri->host, NULL, NULL))
+ if (gcr_trust_is_certificate_pinned (gcr_cert, GCR_PURPOSE_SERVER_AUTH, hostname, NULL, NULL))
midori_tab_set_security (MIDORI_TAB (view), MIDORI_SECURITY_TRUSTED);
else
{
- GTlsCertificateFlags tls_flags;
midori_tab_set_security (MIDORI_TAB (view), MIDORI_SECURITY_UNKNOWN);
- g_object_get (message, "tls-errors", &tls_flags, NULL);
midori_tab_stop_loading (MIDORI_TAB (view));
midori_view_display_error (view, NULL, NULL, _("Security unknown"),
midori_location_action_tls_flags_to_string (tls_flags),
_("Trust this website"),
NULL);
}
- g_object_unref (tls_cert);
g_object_unref (gcr_cert);
}
#endif
else
#endif
midori_tab_set_security (MIDORI_TAB (view), MIDORI_SECURITY_UNKNOWN);
+ #if defined (HAVE_LIBSOUP_2_29_91)
+ if (tls_cert != NULL)
+ g_object_unref (tls_cert);
+ g_free (hostname);
+ #endif
}
else
midori_tab_set_security (MIDORI_TAB (view), MIDORI_SECURITY_NONE);
More information about the Xfce4-commits
mailing list