diff options
| author | bors-servo <servo-ops@mozilla.com> | 2020-06-09 21:59:09 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-06-09 21:59:09 -0400 |
| commit | 0b0ea17dca72d867b56ddf518240e25f30d93f3e (patch) | |
| tree | 050da2b9782a7ceb6d6d2ef83ed5069fa1e1fc74 /components/net/websocket_loader.rs | |
| parent | aaa6cea57fab894bb06bfa9b14e08cd7625ea48b (diff) | |
| parent | c8692d83ab46899dc3ed3f58388164df50b485b9 (diff) | |
| download | servo-0b0ea17dca72d867b56ddf518240e25f30d93f3e.tar.gz servo-0b0ea17dca72d867b56ddf518240e25f30d93f3e.zip | |
Auto merge of #26716 - jdm:selfsigned, r=Manishearth,asajeffrey
Add UI for bypassing SSL handshake failures
There are several parts to these changes:
1. resurrecting the network error classification code to distinguish between SSL failures and other network errors
1. adding an SSL verification callback to support verifying certs against a list that can change at runtime, rather than just at program initialization
1. exposing a privileged chrome://allowcert URI which accepts the PEM cert contents along with a secret token
1. extracting the PEM cert contents out of the network layer when a handshake failure occurs, and getting them into the HTML that is parsed when an SSL failure occurs
1. adding a button in the handshake failure page that performs an XHR to chrome://allowcert with knowledge of the secret token and the PEM cert contents, before reloading the original URL that failed
The presence of the secret token means that while the chrome://allowcert URL is currently visible to web content, they cannot make use of it to inject arbitrary certs into the verification process.
---
- [x] `./mach build -d` does not report any errors
- [x] `./mach test-tidy` does not report any errors
- [x] These changes fix #26683
- [x] These changes do not require tests because the UI requires user activation and can't clearly be automated
Diffstat (limited to 'components/net/websocket_loader.rs')
| -rw-r--r-- | components/net/websocket_loader.rs | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/components/net/websocket_loader.rs b/components/net/websocket_loader.rs index 69d3c430fcb..bece51173bb 100644 --- a/components/net/websocket_loader.rs +++ b/components/net/websocket_loader.rs @@ -2,7 +2,7 @@ * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at https://mozilla.org/MPL/2.0/. */ -use crate::connector::{create_tls_config, ALPN_H1}; +use crate::connector::{create_tls_config, ConnectionCerts, ExtraCerts, ALPN_H1}; use crate::cookie::Cookie; use crate::fetch::methods::should_be_blocked_due_to_bad_port; use crate::hosts::replace_host; @@ -38,6 +38,8 @@ struct Client<'a> { event_sender: &'a IpcSender<WebSocketNetworkEvent>, protocol_in_use: Option<String>, certificate_path: Option<String>, + extra_certs: ExtraCerts, + connection_certs: ConnectionCerts, } impl<'a> Factory for Client<'a> { @@ -167,7 +169,12 @@ impl<'a> Handler for Client<'a> { WebSocketErrorKind::Protocol, format!("Unable to parse domain from {}. Needed for SSL.", url), ))?; - let tls_config = create_tls_config(&certs, ALPN_H1); + let tls_config = create_tls_config( + &certs, + ALPN_H1, + self.extra_certs.clone(), + self.connection_certs.clone(), + ); tls_config .build() .connect(domain, stream) @@ -181,6 +188,8 @@ pub fn init( dom_action_receiver: IpcReceiver<WebSocketDomAction>, http_state: Arc<HttpState>, certificate_path: Option<String>, + extra_certs: ExtraCerts, + connection_certs: ConnectionCerts, ) { thread::Builder::new() .name(format!("WebSocket connection to {}", req_builder.url)) @@ -229,6 +238,8 @@ pub fn init( event_sender: &resource_event_sender, protocol_in_use: None, certificate_path, + extra_certs, + connection_certs, }; let mut ws = WebSocket::new(client).unwrap(); |