Changeset 260497 in webkit

Timestamp:

Apr 21, 2020 8:58:34 PM (4 years ago)

Author:

Ryan Haddad

Message:

Unreviewed, reverting r260410.

Caused crashes in Safari

Reverted changeset:

"SPI clients using fastServerTrustEvaluationEnabled need SPI
to inform them of modern TLS negotiation"
​https://bugs.webkit.org/show_bug.cgi?id=210533
​https://trac.webkit.org/changeset/260410

Location:

trunk

Files:

• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/NetworkProcess/NetworkDataTask.h (modified) (1 diff)
• Source/WebKit/NetworkProcess/NetworkLoad.cpp (modified) (2 diffs)
• Source/WebKit/NetworkProcess/NetworkLoad.h (modified) (1 diff)
• Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h (modified) (1 diff)
• Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm (modified) (1 diff)
• Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (modified) (1 diff)
• Source/WebKit/UIProcess/API/APINavigationClient.h (modified) (1 diff)
• Source/WebKit/UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h (modified) (1 diff)
• Source/WebKit/UIProcess/Cocoa/NavigationState.h (modified) (2 diffs)
• Source/WebKit/UIProcess/Cocoa/NavigationState.mm (modified) (3 diffs)
• Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp (modified) (1 diff)
• Source/WebKit/UIProcess/Network/NetworkProcessProxy.h (modified) (1 diff)
• Source/WebKit/UIProcess/Network/NetworkProcessProxy.messages.in (modified) (1 diff)
• Source/WebKit/UIProcess/WebPageProxy.cpp (modified) (1 diff)
• Source/WebKit/UIProcess/WebPageProxy.h (modified) (1 diff)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/TLSDeprecation.mm (modified) (5 diffs)

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2020-04-21  Ryan Haddad  <ryanhaddad@apple.com>
+
+        Unreviewed, reverting r260410.
+
+        Caused crashes in Safari
+
+        Reverted changeset:
+
+        "SPI clients using fastServerTrustEvaluationEnabled need SPI
+        to inform them of modern TLS negotiation"
+        https://bugs.webkit.org/show_bug.cgi?id=210533
+        https://trac.webkit.org/changeset/260410
+
 2020-04-21  Ryan Haddad  <ryanhaddad@apple.com>
 

trunk/Source/WebKit/NetworkProcess/NetworkDataTask.h

@@ -72 +72 @@
 
     virtual bool shouldCaptureExtraNetworkLoadMetrics() const { return false; }
-
-    virtual void didNegotiateModernTLS(const WebCore::AuthenticationChallenge&) { }
 
     void didCompleteWithError(const WebCore::ResourceError& error)

trunk/Source/WebKit/NetworkProcess/NetworkLoad.cpp

@@ -31 +31 @@
 #include "NetworkDataTaskBlob.h"
 #include "NetworkProcess.h"
-#include "NetworkProcessProxyMessages.h"
 #include "NetworkSession.h"
 #include "WebErrors.h"
@@ -287 +286 @@
 }
 
-void NetworkLoad::didNegotiateModernTLS(const WebCore::AuthenticationChallenge& challenge)
-{
-    m_networkProcess->send(Messages::NetworkProcessProxy::DidNegotiateModernTLS(m_parameters.webPageProxyID, challenge));
-}
-
 String NetworkLoad::description() const
 {

trunk/Source/WebKit/NetworkProcess/NetworkLoad.h

@@ -82 +82 @@
     void cannotShowURL() final;
     void wasBlockedByRestrictions() final;
-    void didNegotiateModernTLS(const WebCore::AuthenticationChallenge&) final;
 
     void notifyDidReceiveResponse(WebCore::ResourceResponse&&, NegotiatedLegacyTLS, ResponseCompletionHandler&&);

trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.h

@@ -54 +54 @@
     void didSendData(uint64_t totalBytesSent, uint64_t totalBytesExpectedToSend);
     void didReceiveChallenge(WebCore::AuthenticationChallenge&&, NegotiatedLegacyTLS, ChallengeCompletionHandler&&);
-    void didNegotiateModernTLS(const WebCore::AuthenticationChallenge&);
     void didCompleteWithError(const WebCore::ResourceError&, const WebCore::NetworkLoadMetrics&);
     void didReceiveResponse(WebCore::ResourceResponse&&, NegotiatedLegacyTLS, ResponseCompletionHandler&&);

trunk/Source/WebKit/NetworkProcess/cocoa/NetworkDataTaskCocoa.mm

@@ -317 +317 @@
         completionHandler(AuthenticationChallengeDisposition::PerformDefaultHandling, { });
     }
-}
-
-void NetworkDataTaskCocoa::didNegotiateModernTLS(const WebCore::AuthenticationChallenge& challenge)
-{
-    if (m_client)
-        m_client->didNegotiateModernTLS(challenge);
 }
 

trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm

@@ -675 +675 @@
         // Handle server trust evaluation at platform-level if requested, for performance reasons and to use ATS defaults.
         if (sessionCocoa->fastServerTrustEvaluationEnabled() && negotiatedLegacyTLS == NegotiatedLegacyTLS::No) {
+#if HAVE(CFNETWORK_NSURLSESSION_STRICTRUSTEVALUATE)
             auto* networkDataTask = [self existingTask:task];
-            if (networkDataTask)
-                networkDataTask->didNegotiateModernTLS(challenge);
-#if HAVE(CFNETWORK_NSURLSESSION_STRICTRUSTEVALUATE)
             auto decisionHandler = makeBlockPtr([weakSelf = WeakObjCPtr<WKNetworkSessionDelegate>(self), sessionCocoa = makeWeakPtr(sessionCocoa), completionHandler = makeBlockPtr(completionHandler), taskIdentifier, networkDataTask = makeRefPtr(networkDataTask), negotiatedLegacyTLS](NSURLAuthenticationChallenge *challenge, OSStatus trustResult) mutable {
                 auto strongSelf = weakSelf.get();

trunk/Source/WebKit/UIProcess/API/APINavigationClient.h

@@ -103 +103 @@
     virtual void didReceiveAuthenticationChallenge(WebKit::WebPageProxy&, WebKit::AuthenticationChallengeProxy& challenge) { challenge.listener().completeChallenge(WebKit::AuthenticationChallengeDisposition::PerformDefaultHandling); }
     virtual void shouldAllowLegacyTLS(WebKit::WebPageProxy&, WebKit::AuthenticationChallengeProxy&, CompletionHandler<void(bool)>&& completionHandler) { completionHandler(true); }
-    virtual void didNegotiateModernTLS(const WebCore::AuthenticationChallenge&) { }
     virtual bool shouldBypassContentModeSafeguards() const { return false; }
 

trunk/Source/WebKit/UIProcess/API/Cocoa/WKNavigationDelegatePrivate.h

@@ -87 +87 @@
 
 - (void)_webView:(WKWebView *)webView authenticationChallenge:(NSURLAuthenticationChallenge *)challenge shouldAllowLegacyTLS:(void (^)(BOOL))completionHandler WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
-- (void)_webView:(WKWebView *)webView didNegotiateModernTLS:(NSURLAuthenticationChallenge *)challenge WK_API_AVAILABLE(macos(WK_MAC_TBA), ios(WK_IOS_TBA));
 
 - (void)_webViewDidBeginNavigationGesture:(WKWebView *)webView;

trunk/Source/WebKit/UIProcess/Cocoa/NavigationState.h

@@ -118 +118 @@
         void didReceiveAuthenticationChallenge(WebPageProxy&, AuthenticationChallengeProxy&) override;
         void shouldAllowLegacyTLS(WebPageProxy&, AuthenticationChallengeProxy&, CompletionHandler<void(bool)>&&) final;
-        void didNegotiateModernTLS(const WebCore::AuthenticationChallenge&) final;
         bool processDidTerminate(WebPageProxy&, ProcessTerminationReason) override;
         void processDidBecomeResponsive(WebPageProxy&) override;
@@ -231 +230 @@
         bool webViewDidReceiveAuthenticationChallengeCompletionHandler : 1;
         bool webViewAuthenticationChallengeShouldAllowLegacyTLS : 1;
-        bool webViewDidNegotiateModernTLS : 1;
         bool webViewWebContentProcessDidTerminate : 1;
         bool webViewWebContentProcessDidTerminateWithReason : 1;

trunk/Source/WebKit/UIProcess/Cocoa/NavigationState.mm

@@ -71 +71 @@
 #import "_WKSameDocumentNavigationTypeInternal.h"
 #import "_WKWebsitePoliciesInternal.h"
-#import <WebCore/AuthenticationMac.h>
 #import <WebCore/ContentRuleListResults.h>
 #import <WebCore/Credential.h>
@@ -180 +179 @@
     m_navigationDelegateMethods.webViewDidReceiveAuthenticationChallengeCompletionHandler = [delegate respondsToSelector:@selector(webView:didReceiveAuthenticationChallenge:completionHandler:)];
     m_navigationDelegateMethods.webViewAuthenticationChallengeShouldAllowLegacyTLS = [delegate respondsToSelector:@selector(_webView:authenticationChallenge:shouldAllowLegacyTLS:)];
-    m_navigationDelegateMethods.webViewDidNegotiateModernTLS = [delegate respondsToSelector:@selector(_webView:didNegotiateModernTLS:)];
     m_navigationDelegateMethods.webViewWebContentProcessDidTerminate = [delegate respondsToSelector:@selector(webViewWebContentProcessDidTerminate:)];
     m_navigationDelegateMethods.webViewWebContentProcessDidTerminateWithReason = [delegate respondsToSelector:@selector(_webView:webContentProcessDidTerminateWithReason:)];
@@ -1049 +1047 @@
 }
 
-void NavigationState::NavigationClient::didNegotiateModernTLS(const WebCore::AuthenticationChallenge& challenge)
-{
-    if (!m_navigationState.m_navigationDelegateMethods.webViewDidNegotiateModernTLS)
-        return;
-
-    auto navigationDelegate = m_navigationState.m_navigationDelegate.get();
-    if (!navigationDelegate)
-        return;
-
-    [static_cast<id <WKNavigationDelegatePrivate>>(navigationDelegate.get()) _webView:m_navigationState.m_webView didNegotiateModernTLS:mac(challenge)];
-}
-
 static _WKProcessTerminationReason wkProcessTerminationReason(ProcessTerminationReason reason)
 {

trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.cpp

@@ -345 +345 @@
 }
 
-void NetworkProcessProxy::didNegotiateModernTLS(WebPageProxyIdentifier pageID, const WebCore::AuthenticationChallenge& challenge)
-{
-    if (auto* page = pageID ? WebProcessProxy::webPage(pageID) : nullptr)
-        page->didNegotiateModernTLS(challenge);
-}
-
 void NetworkProcessProxy::didFetchWebsiteData(CallbackID callbackID, const WebsiteData& websiteData)
 {

trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.h

@@ -252 +252 @@
     void didReceiveAuthenticationChallenge(PAL::SessionID, WebPageProxyIdentifier, const Optional<WebCore::SecurityOriginData>&, WebCore::AuthenticationChallenge&&, bool, uint64_t challengeID);
     void negotiatedLegacyTLS(WebPageProxyIdentifier);
-    void didNegotiateModernTLS(WebPageProxyIdentifier, const WebCore::AuthenticationChallenge&);
     void didFetchWebsiteData(CallbackID, const WebsiteData&);
     void didDeleteWebsiteData(CallbackID);

trunk/Source/WebKit/UIProcess/Network/NetworkProcessProxy.messages.in

@@ -24 +24 @@
     DidReceiveAuthenticationChallenge(PAL::SessionID sessionID, WebKit::WebPageProxyIdentifier pageID, Optional<WebCore::SecurityOriginData> topOrigin, WebCore::AuthenticationChallenge challenge, bool negotiatedLegacyTLS, uint64_t challengeID)
     NegotiatedLegacyTLS(WebKit::WebPageProxyIdentifier pageID)
-    DidNegotiateModernTLS(WebKit::WebPageProxyIdentifier pageID, WebCore::AuthenticationChallenge challenge)
 
     DidFetchWebsiteData(WebKit::CallbackID callbackID, struct WebKit::WebsiteData websiteData)

trunk/Source/WebKit/UIProcess/WebPageProxy.cpp

@@ -7941 +7941 @@
 }
 
-void WebPageProxy::didNegotiateModernTLS(const WebCore::AuthenticationChallenge& challenge)
-{
-    m_navigationClient->didNegotiateModernTLS(challenge);
-}
-
 void WebPageProxy::exceededDatabaseQuota(FrameIdentifier frameID, const String& originIdentifier, const String& databaseName, const String& displayName, uint64_t currentQuota, uint64_t currentOriginUsage, uint64_t currentDatabaseUsage, uint64_t expectedUsage, Messages::WebPageProxy::ExceededDatabaseQuota::DelayedReply&& reply)
 {

trunk/Source/WebKit/UIProcess/WebPageProxy.h

@@ -1370 +1370 @@
     void didReceiveAuthenticationChallengeProxy(Ref<AuthenticationChallengeProxy>&&, NegotiatedLegacyTLS);
     void negotiatedLegacyTLS();
-    void didNegotiateModernTLS(const WebCore::AuthenticationChallenge&);
 
     SpellDocumentTag spellDocumentTag();

trunk/Tools/ChangeLog

@@ +1 @@
+2020-04-21  Ryan Haddad  <ryanhaddad@apple.com>
+
+        Unreviewed, reverting r260410.
+
+        Caused crashes in Safari
+
+        Reverted changeset:
+
+        "SPI clients using fastServerTrustEvaluationEnabled need SPI
+        to inform them of modern TLS negotiation"
+        https://bugs.webkit.org/show_bug.cgi?id=210533
+        https://trac.webkit.org/changeset/260410
+
 2020-04-21  Cathie Chen  <cathiechen@igalia.com>
 

trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/TLSDeprecation.mm

@@ -74 +74 @@
 - (void)waitForDidFinishNavigation;
 - (void)waitForDidFailProvisionalNavigation;
-- (NSURLAuthenticationChallenge *)waitForDidNegotiateModernTLS;
 - (bool)receivedShouldAllowLegacyTLS;
 @property (nonatomic) bool shouldAllowLegacyTLS;
@@ -83 +82 @@
     bool _navigationFailed;
     bool _receivedShouldAllowLegacyTLS;
-    RetainPtr<NSURLAuthenticationChallenge> _negotiatedModernTLS;
 }
 
@@ -96 +94 @@
     while (!_navigationFailed)
         TestWebKitAPI::Util::spinRunLoop();
-}
-
-- (NSURLAuthenticationChallenge *)waitForDidNegotiateModernTLS
-{
-    while (!_negotiatedModernTLS)
-        TestWebKitAPI::Util::spinRunLoop();
-    return _negotiatedModernTLS.autorelease();
 }
 
@@ -130 +121 @@
     _receivedShouldAllowLegacyTLS = true;
     completionHandler([self shouldAllowLegacyTLS]);
-}
-
-- (void)_webView:(WKWebView *)webView didNegotiateModernTLS:(NSURLAuthenticationChallenge *)challenge
-{
-    _negotiatedModernTLS = challenge;
 }
 
@@ -384 +370 @@
 }
 
-TEST(TLSVersion, DidNegotiateModernTLS)
-{
-    HTTPServer server({
-        { "/", { "hello" }}
-    }, HTTPServer::Protocol::Https);
-
-    auto delegate = adoptNS([TLSNavigationDelegate new]);
-    auto configuration = adoptNS([WKWebViewConfiguration new]);
-    auto dataStoreConfiguration = adoptNS([_WKWebsiteDataStoreConfiguration new]);
-    [dataStoreConfiguration setFastServerTrustEvaluationEnabled:YES];
-    [configuration setWebsiteDataStore:[[[WKWebsiteDataStore alloc] _initWithConfiguration:dataStoreConfiguration.get()] autorelease]];
-    auto webView = adoptNS([[WKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600) configuration:configuration.get()]);
-    [webView setNavigationDelegate:delegate.get()];
-    [webView loadRequest:server.request()];
-    NSURLAuthenticationChallenge *challenge = [delegate waitForDidNegotiateModernTLS];
-    EXPECT_WK_STREQ(challenge.protectionSpace.host, "127.0.0.1");
-    EXPECT_EQ(challenge.protectionSpace.port, server.port());
-}
-
 TEST(TLSVersion, BackForwardHasOnlySecureContent)
 {