Conditionalize SSL validation on libsoup 2.29.91
The flag in the SoupMessage to verify secure connections is only available in recent versions of libsoup. So we continue to be oblivious to certificates with older versions.
This commit is contained in:
Christian Dywan
parent
505c7e4bc1
commit
aade642897
3 changed files with 8 additions and 2 deletions
|
|
@ -849,6 +849,10 @@ midori_soup_session_prepare (SoupSession* session,
|
||||||
SoupCookieJar* cookie_jar,
|
SoupCookieJar* cookie_jar,
|
||||||
MidoriWebSettings* settings)
|
MidoriWebSettings* settings)
|
||||||
{
|
{
|
||||||
|
SoupSessionFeature* feature;
|
||||||
|
gchar* config_file;
|
||||||
|
|
||||||
|
#if WEBKIT_CHECK_VERSION (1, 1, 14) && defined (HAVE_LIBSOUP_2_29_91)
|
||||||
const gchar* certificate_files[] =
|
const gchar* certificate_files[] =
|
||||||
{
|
{
|
||||||
"/etc/pki/tls/certs/ca-bundle.crt",
|
"/etc/pki/tls/certs/ca-bundle.crt",
|
||||||
|
|
@ -856,8 +860,6 @@ midori_soup_session_prepare (SoupSession* session,
|
||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
guint i;
|
guint i;
|
||||||
SoupSessionFeature* feature;
|
|
||||||
gchar* config_file;
|
|
||||||
|
|
||||||
for (i = 0; i < G_N_ELEMENTS (certificate_files); i++)
|
for (i = 0; i < G_N_ELEMENTS (certificate_files); i++)
|
||||||
if (g_access (certificate_files[i], F_OK) == 0)
|
if (g_access (certificate_files[i], F_OK) == 0)
|
||||||
|
|
@ -871,6 +873,7 @@ midori_soup_session_prepare (SoupSession* session,
|
||||||
if (i == G_N_ELEMENTS (certificate_files))
|
if (i == G_N_ELEMENTS (certificate_files))
|
||||||
g_warning (_("No root certificate file is available. "
|
g_warning (_("No root certificate file is available. "
|
||||||
"SSL certificates cannot be verified."));
|
"SSL certificates cannot be verified."));
|
||||||
|
#endif
|
||||||
|
|
||||||
soup_session_settings_notify_http_proxy_cb (settings, NULL, session);
|
soup_session_settings_notify_http_proxy_cb (settings, NULL, session);
|
||||||
g_signal_connect (settings, "notify::http-proxy",
|
g_signal_connect (settings, "notify::http-proxy",
|
||||||
|
|
|
||||||
|
|
@ -1050,6 +1050,7 @@ webkit_web_view_load_committed_cb (WebKitWebView* web_view,
|
||||||
|
|
||||||
if (!strncmp (uri, "https", 5))
|
if (!strncmp (uri, "https", 5))
|
||||||
{
|
{
|
||||||
|
#if WEBKIT_CHECK_VERSION (1, 1, 14) && defined (HAVE_LIBSOUP_2_29_91)
|
||||||
WebKitWebDataSource *source;
|
WebKitWebDataSource *source;
|
||||||
WebKitNetworkRequest *request;
|
WebKitNetworkRequest *request;
|
||||||
SoupMessage *message;
|
SoupMessage *message;
|
||||||
|
|
@ -1062,6 +1063,7 @@ webkit_web_view_load_committed_cb (WebKitWebView* web_view,
|
||||||
&& soup_message_get_flags (message) & SOUP_MESSAGE_CERTIFICATE_TRUSTED)
|
&& soup_message_get_flags (message) & SOUP_MESSAGE_CERTIFICATE_TRUSTED)
|
||||||
view->security = MIDORI_SECURITY_TRUSTED;
|
view->security = MIDORI_SECURITY_TRUSTED;
|
||||||
else
|
else
|
||||||
|
#endif
|
||||||
view->security = MIDORI_SECURITY_UNKNOWN;
|
view->security = MIDORI_SECURITY_UNKNOWN;
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
|
|
||||||
1
wscript
1
wscript
|
|
@ -217,6 +217,7 @@ def configure (conf):
|
||||||
conf.define ('HAVE_LIBSOUP_2_25_2', 1)
|
conf.define ('HAVE_LIBSOUP_2_25_2', 1)
|
||||||
check_pkg ('libsoup-2.4', '2.27.90', False, var='LIBSOUP_2_27_90')
|
check_pkg ('libsoup-2.4', '2.27.90', False, var='LIBSOUP_2_27_90')
|
||||||
check_pkg ('libsoup-2.4', '2.29.3', False, var='LIBSOUP_2_29_3')
|
check_pkg ('libsoup-2.4', '2.29.3', False, var='LIBSOUP_2_29_3')
|
||||||
|
check_pkg ('libsoup-2.4', '2.29.91', False, var='LIBSOUP_2_29_91')
|
||||||
check_pkg ('libxml-2.0', '2.6')
|
check_pkg ('libxml-2.0', '2.6')
|
||||||
|
|
||||||
if conf.env['HAVE_LIBSOUP_2_27_90']:
|
if conf.env['HAVE_LIBSOUP_2_27_90']:
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue