[webkitgtk4/f21] Add patch for late certificate verification
catanzaro
catanzaro at fedoraproject.org
Tue Mar 17 20:05:12 UTC 2015
commit 905a4aa857989b2159bfd95abb43a364c08e655a
Author: Michael Catanzaro <mcatanzaro at gnome.org>
Date: Tue Mar 17 15:05:10 2015 -0500
Add patch for late certificate verification
...itgtk-2.6.5-late-certificate-verification.patch | 32 ++++++++++++++++++++++
webkitgtk4.spec | 8 +++++-
2 files changed, 39 insertions(+), 1 deletion(-)
---
diff --git a/webkitgtk-2.6.5-late-certificate-verification.patch b/webkitgtk-2.6.5-late-certificate-verification.patch
new file mode 100644
index 0000000..6aa0437
--- /dev/null
+++ b/webkitgtk-2.6.5-late-certificate-verification.patch
@@ -0,0 +1,32 @@
+--- a/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp
++++ b/Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp
+@@ -331,5 +331,5 @@
+ }
+
+-static void gotHeadersCallback(SoupMessage* message, gpointer data)
++static void tlsErrorsChangedCallback(SoupMessage* message, GParamSpec*, gpointer data)
+ {
+ ResourceHandle* handle = static_cast<ResourceHandle*>(data);
+@@ -337,8 +337,13 @@
+ return;
+
+- if (handleUnignoredTLSErrors(handle, message)) {
++ if (handleUnignoredTLSErrors(handle, message))
+ handle->cancel();
+- return;
+- }
++}
++
++static void gotHeadersCallback(SoupMessage* message, gpointer data)
++{
++ ResourceHandle* handle = static_cast<ResourceHandle*>(data);
++ if (!handle || handle->cancelledOrClientless())
++ return;
+
+ ResourceHandleInternal* d = handle->getInternal();
+@@ -935,4 +940,5 @@
+ soup_message_headers_set_content_length(soupMessage->request_headers, 0);
+
++ g_signal_connect(d->m_soupMessage.get(), "notify::tls-errors", G_CALLBACK(tlsErrorsChangedCallback), handle);
+ g_signal_connect(d->m_soupMessage.get(), "got-headers", G_CALLBACK(gotHeadersCallback), handle);
+ g_signal_connect(d->m_soupMessage.get(), "wrote-body-data", G_CALLBACK(wroteBodyDataCallback), handle);
diff --git a/webkitgtk4.spec b/webkitgtk4.spec
index 154ce23..6d34294 100644
--- a/webkitgtk4.spec
+++ b/webkitgtk4.spec
@@ -10,7 +10,7 @@
Name: webkitgtk4
Version: 2.6.5
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: GTK+ Web content engine library
License: LGPLv2
@@ -23,6 +23,8 @@ Patch2: webkitgtk-2.5.90-cloop_fix.patch
Patch3: webkitgtk-2.5.2-commit_align.patch
# https://bugs.webkit.org/show_bug.cgi?id=142309
Patch4: webkitgtk-2.6.5-ax-child-changed.patch
+# http://seclists.org/oss-sec/2015/q1/871
+Patch5: webkitgtk-2.6.5-late-certificate-verification.patch
BuildRequires: at-spi2-core-devel
BuildRequires: bison
@@ -97,6 +99,7 @@ This package contains developer documentation for %{name}.
%patch3 -p1 -b .commit_align
%endif
%patch4 -p1 -b .ax_child_changed
+%patch5 -p1 -b .late_certificate_verification
# Remove bundled libraries
rm -rf Source/ThirdParty/leveldb/
@@ -189,6 +192,9 @@ make %{?_smp_mflags} -C %{_target_platform}
%{_datadir}/gtk-doc/html/webkitdomgtk-4.0/
%changelog
+* Tue Mar 17 2015 Michael Catanzaro <mcatanzaro at gnome.org> - 2.6.5-3
+- Add patch for late certificate verification
+
* Mon Mar 16 2015 Michael Catanzaro <mcatanzaro at gnome.org> - 2.6.5-2
- Add patch for rbz#1156330
More information about the scm-commits
mailing list