Changeset 230886 in webkit

Timestamp:

Apr 20, 2018 11:36:12 PM (6 years ago)

Author:

Carlos Garcia Campos

Message:

REGRESSION(r228088): [SOUP] Check TLS errors for WebSockets on GTlsConnection::accept-certificate
​https://bugs.webkit.org/show_bug.cgi?id=184804

Source/WebCore:

Reviewed by Michael Catanzaro.

• platform/network/soup/SocketStreamHandleImpl.h: Add a public url getter.
• platform/network/soup/SocketStreamHandleImplSoup.cpp:

(WebCore::acceptCertificateCallback): Call SoupNetworkSession::checkTLSErrors() to decide whether to accept the
certificate or not.
(WebCore::connectProgressCallback): Receive the SocketStreamHandle and pass it to acceptCertificateCallback callback.
(WebCore::socketClientEventCallback): Ditto.
(WebCore::SocketStreamHandleImpl::create): Always connect to network events.
(WebCore::wssConnectionAcceptCertificateCallback): Deleted.
(WebCore::wssSocketClientEventCallback): Deleted.

Tools:

Patch by Michael Catanzaro <Michael Catanzaro> on 2018-04-20
Reviewed by Carlos Garcia Campos.

• TestWebKitAPI/Tests/WebKitGLib/TestSSL.cpp:

(WebSocketTest::WebSocketTest):
(WebSocketTest::~WebSocketTest):
(WebSocketTest::serverWebSocketCallback):
(WebSocketTest::webSocketTestResultCallback):
(WebSocketTest::connectToServerAndWaitForEvents):
(testWebSocketTLSErrors):
(beforeAll):

Location:

trunk

Files:

• Source/WebCore/ChangeLog (modified) (1 diff)
• Source/WebCore/platform/network/soup/SocketStreamHandleImpl.h (modified) (1 diff)
• Source/WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp (modified) (4 diffs)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/Tests/WebKitGLib/TestSSL.cpp (modified) (2 diffs)

trunk/Source/WebCore/ChangeLog

@@ +1 @@
+2018-04-20  Carlos Garcia Campos  <cgarcia@igalia.com>
+
+        REGRESSION(r228088): [SOUP] Check TLS errors for WebSockets on GTlsConnection::accept-certificate
+        https://bugs.webkit.org/show_bug.cgi?id=184804
+
+        Reviewed by Michael Catanzaro.
+
+        * platform/network/soup/SocketStreamHandleImpl.h: Add a public url getter.
+        * platform/network/soup/SocketStreamHandleImplSoup.cpp:
+        (WebCore::acceptCertificateCallback): Call SoupNetworkSession::checkTLSErrors() to decide whether to accept the
+        certificate or not.
+        (WebCore::connectProgressCallback): Receive the SocketStreamHandle and pass it to acceptCertificateCallback callback.
+        (WebCore::socketClientEventCallback): Ditto.
+        (WebCore::SocketStreamHandleImpl::create): Always connect to network events.
+        (WebCore::wssConnectionAcceptCertificateCallback): Deleted.
+        (WebCore::wssSocketClientEventCallback): Deleted.
+
 2018-04-20  Carlos Garcia Campos  <cgarcia@igalia.com>
 

trunk/Source/WebCore/platform/network/soup/SocketStreamHandleImpl.h

@@ -52 +52 @@
     virtual ~SocketStreamHandleImpl();
 
+    const URL& url() const { return m_url; }
+
     void platformSend(const uint8_t* data, size_t length, Function<void(bool)>&&) final;
     void platformSendHandshake(const uint8_t* data, size_t length, const std::optional<CookieRequestHeaderFieldProxy>&, Function<void(bool, bool)>&&) final;

trunk/Source/WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp

@@ -51 +51 @@
 namespace WebCore {
 
-static gboolean wssConnectionAcceptCertificateCallback(GTlsConnection*, GTlsCertificate*, GTlsCertificateFlags)
-{
-    return TRUE;
+static gboolean acceptCertificateCallback(GTlsConnection*, GTlsCertificate* certificate, GTlsCertificateFlags errors, SocketStreamHandleImpl* handle)
+{
+    // FIXME: Using DeprecatedGlobalSettings from here is a layering violation.
+    if (DeprecatedGlobalSettings::allowsAnySSLCertificate())
+        return TRUE;
+
+    return !SoupNetworkSession::checkTLSErrors(handle->url(), certificate, errors);
 }
 
 #if SOUP_CHECK_VERSION(2, 61, 90)
-static void wssSocketClientEventCallback(SoupSession*, GSocketClientEvent event, GIOStream* connection)
+static void connectProgressCallback(SoupSession*, GSocketClientEvent event, GIOStream* connection, SocketStreamHandleImpl* handle)
 {
     if (event != G_SOCKET_CLIENT_TLS_HANDSHAKING)
         return;
 
-    g_signal_connect(connection, "accept-certificate", G_CALLBACK(wssConnectionAcceptCertificateCallback), nullptr);
+    g_signal_connect(connection, "accept-certificate", G_CALLBACK(acceptCertificateCallback), handle);
 }
 #else
-static void wssSocketClientEventCallback(GSocketClient*, GSocketClientEvent event, GSocketConnectable*, GIOStream* connection)
+static void socketClientEventCallback(GSocketClient*, GSocketClientEvent event, GSocketConnectable*, GIOStream* connection, SocketStreamHandleImpl* handle)
 {
     if (event != G_SOCKET_CLIENT_TLS_HANDSHAKING)
         return;
 
-    g_signal_connect(connection, "accept-certificate", G_CALLBACK(wssConnectionAcceptCertificateCallback), nullptr);
+    g_signal_connect(connection, "accept-certificate", G_CALLBACK(acceptCertificateCallback), handle);
 }
 #endif
@@ -77 +81 @@
 {
     Ref<SocketStreamHandleImpl> socket = adoptRef(*new SocketStreamHandleImpl(url, client));
-
-    // FIXME: Using DeprecatedGlobalSettings from here is a layering violation.
-    bool allowsAnySSLCertificate = url.protocolIs("wss") && DeprecatedGlobalSettings::allowsAnySSLCertificate();
 
 #if SOUP_CHECK_VERSION(2, 61, 90)
@@ -89 +90 @@
     Ref<SocketStreamHandle> protectedSocketStreamHandle = socket.copyRef();
     soup_session_connect_async(networkStorageSession->getOrCreateSoupNetworkSession().soupSession(), uri.get(), socket->m_cancellable.get(),
-        allowsAnySSLCertificate ? reinterpret_cast<SoupSessionConnectProgressCallback>(wssSocketClientEventCallback) : nullptr,
+        url.protocolIs("wss") ? reinterpret_cast<SoupSessionConnectProgressCallback>(connectProgressCallback) : nullptr,
         reinterpret_cast<GAsyncReadyCallback>(connectedCallback), &protectedSocketStreamHandle.leakRef());
 #else
@@ -97 +98 @@
     if (url.protocolIs("wss")) {
         g_socket_client_set_tls(socketClient.get(), TRUE);
-        if (allowsAnySSLCertificate)
-            g_signal_connect(socketClient.get(), "event", G_CALLBACK(wssSocketClientEventCallback), nullptr);
+        g_signal_connect(socketClient.get(), "event", G_CALLBACK(socketClientEventCallback), socket.ptr());
     }
     Ref<SocketStreamHandle> protectedSocketStreamHandle = socket.copyRef();

trunk/Tools/ChangeLog

@@ +1 @@
+2018-04-20  Michael Catanzaro  <mcatanzaro@igalia.com>
+
+        REGRESSION(r228088): [SOUP] Check TLS errors for WebSockets on GTlsConnection::accept-certificate
+        https://bugs.webkit.org/show_bug.cgi?id=184804
+
+        Reviewed by Carlos Garcia Campos.
+
+        * TestWebKitAPI/Tests/WebKitGLib/TestSSL.cpp:
+        (WebSocketTest::WebSocketTest):
+        (WebSocketTest::~WebSocketTest):
+        (WebSocketTest::serverWebSocketCallback):
+        (WebSocketTest::webSocketTestResultCallback):
+        (WebSocketTest::connectToServerAndWaitForEvents):
+        (testWebSocketTLSErrors):
+        (beforeAll):
+
 2018-04-20  Chris Dumez  <cdumez@apple.com>
 

trunk/Tools/TestWebKitAPI/Tests/WebKitGLib/TestSSL.cpp

@@ -339 +339 @@
 }
 
+#if SOUP_CHECK_VERSION(2, 50, 0)
+class WebSocketTest : public WebViewTest {
+public:
+    MAKE_GLIB_TEST_FIXTURE(WebSocketTest);
+
+    enum EventFlags {
+        None = 0,
+        DidServerCompleteHandshake = 1 << 0,
+        DidOpen = 1 << 1,
+        DidClose = 1 << 2
+    };
+
+    WebSocketTest()
+    {
+        webkit_user_content_manager_register_script_message_handler(m_userContentManager.get(), "event");
+        g_signal_connect(m_userContentManager.get(), "script-message-received::event", G_CALLBACK(webSocketTestResultCallback), this);
+    }
+
+    virtual ~WebSocketTest()
+    {
+        webkit_user_content_manager_unregister_script_message_handler(m_userContentManager.get(), "event");
+        g_signal_handlers_disconnect_by_data(m_userContentManager.get(), this);
+    }
+
+    static constexpr const char* webSocketTestJSFormat =
+        "var socket = new WebSocket('%s');"
+        "socket.addEventListener('open', onOpen);"
+        "socket.addEventListener('close', onClose);"
+        "function onOpen() {"
+        "    window.webkit.messageHandlers.event.postMessage('open');"
+        "    socket.removeEventListener('close', onClose);"
+        "}"
+        "function onClose() {"
+        "    window.webkit.messageHandlers.event.postMessage('close');"
+        "    socket.removeEventListener('open', onOpen);"
+        "}";
+
+    static void serverWebSocketCallback(SoupServer*, SoupWebsocketConnection*, const char*, SoupClientContext*, gpointer userData)
+    {
+        static_cast<WebSocketTest*>(userData)->m_events |= WebSocketTest::EventFlags::DidServerCompleteHandshake;
+    }
+
+    static void webSocketTestResultCallback(WebKitUserContentManager*, WebKitJavascriptResult* javascriptResult, WebSocketTest* test)
+    {
+        GUniquePtr<char> event(WebViewTest::javascriptResultToCString(javascriptResult));
+        if (!g_strcmp0(event.get(), "open"))
+            test->m_events |= WebSocketTest::EventFlags::DidOpen;
+        else if (!g_strcmp0(event.get(), "close"))
+            test->m_events |= WebSocketTest::EventFlags::DidClose;
+        else
+            g_assert_not_reached();
+        test->quitMainLoop();
+    }
+
+    unsigned connectToServerAndWaitForEvents(WebKitTestServer* server)
+    {
+        m_events = 0;
+
+        server->addWebSocketHandler(serverWebSocketCallback, this);
+        GUniquePtr<char> createWebSocketJS(g_strdup_printf(webSocketTestJSFormat, server->getWebSocketURIForPath("/foo").data()));
+        webkit_web_view_run_javascript(m_webView, createWebSocketJS.get(), nullptr, nullptr, nullptr);
+        g_main_loop_run(m_mainLoop);
+        server->removeWebSocketHandler();
+
+        return m_events;
+    }
+
+    unsigned m_events { 0 };
+};
+
+static void testWebSocketTLSErrors(WebSocketTest* test, gconstpointer)
+{
+    WebKitWebContext* context = webkit_web_view_get_context(test->m_webView);
+    WebKitTLSErrorsPolicy originalPolicy = webkit_web_context_get_tls_errors_policy(context);
+    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_FAIL);
+
+    // First, check that insecure ws:// web sockets work fine.
+    unsigned events = test->connectToServerAndWaitForEvents(kHttpServer);
+    g_assert_true(events);
+    g_assert_true(events & WebSocketTest::EventFlags::DidServerCompleteHandshake);
+    g_assert_true(events & WebSocketTest::EventFlags::DidOpen);
+    g_assert_false(events & WebSocketTest::EventFlags::DidClose);
+
+    // Try again using wss:// this time. It should be blocked because the
+    // server certificate is self-signed.
+    events = test->connectToServerAndWaitForEvents(kHttpsServer);
+    g_assert_true(events);
+    g_assert_false(events & WebSocketTest::EventFlags::DidServerCompleteHandshake);
+    g_assert_false(events & WebSocketTest::EventFlags::DidOpen);
+    g_assert_true(events & WebSocketTest::EventFlags::DidClose);
+
+    // Now try wss:// again, this time ignoring TLS errors.
+    webkit_web_context_set_tls_errors_policy(context, WEBKIT_TLS_ERRORS_POLICY_IGNORE);
+    events = test->connectToServerAndWaitForEvents(kHttpsServer);
+    g_assert_true(events & WebSocketTest::EventFlags::DidServerCompleteHandshake);
+    g_assert_true(events & WebSocketTest::EventFlags::DidOpen);
+    g_assert_false(events & WebSocketTest::EventFlags::DidClose);
+
+    webkit_web_context_set_tls_errors_policy(context, originalPolicy);
+}
+#endif
+
 static void httpsServerCallback(SoupServer* server, SoupMessage* message, const char* path, GHashTable*, SoupClientContext*, gpointer)
 {
@@ -425 +527 @@
     TLSSubresourceTest::add("WebKitWebView", "tls-subresource", testSubresourceLoadFailedWithTLSErrors);
     TLSErrorsTest::add("WebKitWebView", "load-failed-with-tls-errors", testLoadFailedWithTLSErrors);
+#if SOUP_CHECK_VERSION(2, 50, 0)
+    WebSocketTest::add("WebKitWebView", "web-socket-tls-errors", testWebSocketTLSErrors);
+#endif
 }