mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions 1

Use object for verification request

Browse source
This commit is contained in:
Kevin Sawicki 2017-02-07 16:35:37 -08:00
parent 5245d42d15
commit 70178adb6e
7 changed files with 52 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

12
atom/browser/api/atom_api_session.cc
View file

@ -204,6 +204,18 @@ struct Converter<net::ProxyConfig> {
} }
}; };
template<>
struct Converter<atom::VerifyRequest> {
static v8::Local<v8::Value> ToV8(v8::Isolate* isolate,
atom::VerifyRequest val) {
mate::Dictionary dict = mate::Dictionary::CreateEmpty(isolate);
dict.Set("hostname", val.hostname);
dict.Set("certificate", val.certificate);
dict.Set("verificationResult", val.default_result);
return dict.GetHandle();
}
};
} // namespace mate } // namespace mate
namespace atom { namespace atom {

8
atom/browser/net/atom_cert_verifier.cc
View file

@ -89,10 +89,14 @@ class CertVerifierRequest : public AtomCertVerifier::Request {
void OnDefaultVerificationDone(int error) { void OnDefaultVerificationDone(int error) {
error_ = error; error_ = error;
VerifyRequest request = {
params_.hostname(),
net::ErrorToString(error),
params_.certificate()
};
BrowserThread::PostTask( BrowserThread::PostTask(
BrowserThread::UI, FROM_HERE, BrowserThread::UI, FROM_HERE,
base::Bind(cert_verifier_->verify_proc(), params_.hostname(), base::Bind(cert_verifier_->verify_proc(), request,
params_.certificate(), net::ErrorToString(error),
base::Bind(&CertVerifierRequest::OnResponseInUI, base::Bind(&CertVerifierRequest::OnResponseInUI,
weak_ptr_factory_.GetWeakPtr()))); weak_ptr_factory_.GetWeakPtr())));
} }

10
atom/browser/net/atom_cert_verifier.h
View file

@ -16,14 +16,18 @@ namespace atom {
class AtomCTDelegate; class AtomCTDelegate;
class CertVerifierRequest; class CertVerifierRequest;
struct VerifyRequest {
std::string hostname;
std::string default_result;
scoped_refptr<net::X509Certificate> certificate;
};
class AtomCertVerifier : public net::CertVerifier { class AtomCertVerifier : public net::CertVerifier {
public: public:
explicit AtomCertVerifier(AtomCTDelegate* ct_delegate); explicit AtomCertVerifier(AtomCTDelegate* ct_delegate);
virtual ~AtomCertVerifier(); virtual ~AtomCertVerifier();
using VerifyProc = base::Callback<void(const std::string& hostname, using VerifyProc = base::Callback<void(VerifyRequest request,
scoped_refptr<net::X509Certificate>,
const std::string& default_result,
const net::CompletionCallback&)>; const net::CompletionCallback&)>;
void SetVerifyProc(const VerifyProc& proc); void SetVerifyProc(const VerifyProc& proc);

7
docs/api/session.md
View file

@ -250,6 +250,7 @@ the original network configuration.
#### `ses.setCertificateVerifyProc(proc)` #### `ses.setCertificateVerifyProc(proc)`
* `proc` Function * `proc` Function
* `request` Object
* `hostname` String * `hostname` String
* `certificate` [Certificate](structures/certificate.md) * `certificate` [Certificate](structures/certificate.md)
* `error` String - Verification result from chromium. * `error` String - Verification result from chromium.
@ -262,9 +263,9 @@ the original network configuration.
* `-3` - Uses the verification result from chromium. * `-3` - Uses the verification result from chromium.
Sets the certificate verify proc for `session`, the `proc` will be called with Sets the certificate verify proc for `session`, the `proc` will be called with
`proc(hostname, certificate, callback)` whenever a server certificate `proc(request, callback)` whenever a server certificate
verification is requested. Calling `callback(true)` accepts the certificate, verification is requested. Calling `callback(0)` accepts the certificate,
calling `callback(false)` rejects it. calling `callback(-2)` rejects it.
Calling `setCertificateVerifyProc(null)` will revert back to default certificate Calling `setCertificateVerifyProc(null)` will revert back to default certificate
verify proc. verify proc.

2
docs/tutorial/planned-breaking-changes.md
View file

@ -99,7 +99,7 @@ ses.setCertificateVerifyProc(function (hostname, certificate, callback) {
callback(true) callback(true)
}) })
// Replace with // Replace with
ses.setCertificateVerifyProc(function (hostname, certificate, error, callback) { ses.setCertificateVerifyProc(function (request, callback) {
callback(0) callback(0)
}) })
``` ```

4
lib/browser/api/session.js
View file

@ -22,9 +22,9 @@ Session.prototype._init = function () {
} }
Session.prototype.setCertificateVerifyProc = function (verifyProc) { Session.prototype.setCertificateVerifyProc = function (verifyProc) {
if (verifyProc != null && verifyProc.length <= 3) { if (verifyProc != null && verifyProc.length > 2) {
// TODO(kevinsawicki): Remove in 2.0, deprecate before then with warnings // TODO(kevinsawicki): Remove in 2.0, deprecate before then with warnings
this._setCertificateVerifyProc((hostname, certificate, error, cb) => { this._setCertificateVerifyProc(({hostname, certificate, verificationResult}, cb) => {
verifyProc(hostname, certificate, (result) => { verifyProc(hostname, certificate, (result) => {
cb(result ? 0 : -2) cb(result ? 0 : -2)
}) })

21
spec/api-session-spec.js
View file

@ -557,8 +557,8 @@ describe('session module', function () {
}) })
it('accepts the request when the callback is called with true', function (done) { it('accepts the request when the callback is called with true', function (done) {
session.defaultSession.setCertificateVerifyProc(function (hostname, certificate, error, callback) { session.defaultSession.setCertificateVerifyProc(function ({hostname, certificate, verificationResult}, callback) {
assert.equal(error, 'net::ERR_CERT_AUTHORITY_INVALID') assert.equal(verificationResult, 'net::ERR_CERT_AUTHORITY_INVALID')
callback(0) callback(0)
}) })
@ -569,8 +569,21 @@ describe('session module', function () {
w.loadURL(`https://127.0.0.1:${server.address().port}`) w.loadURL(`https://127.0.0.1:${server.address().port}`)
}) })
it('supports the old function signature', function (done) {
session.defaultSession.setCertificateVerifyProc(function (hostname, certificate, callback) {
assert.equal(hostname, '127.0.0.1')
callback(true)
})
w.webContents.once('did-finish-load', function () {
assert.equal(w.webContents.getTitle(), 'hello')
done()
})
w.loadURL(`https://127.0.0.1:${server.address().port}`)
})
it('rejects the request when the callback is called with false', function (done) { it('rejects the request when the callback is called with false', function (done) {
session.defaultSession.setCertificateVerifyProc(function (hostname, certificate, error, callback) { session.defaultSession.setCertificateVerifyProc(function ({hostname, certificate, verificationResult}, callback) {
assert.equal(hostname, '127.0.0.1') assert.equal(hostname, '127.0.0.1')
assert.equal(certificate.issuerName, 'Intermediate CA') assert.equal(certificate.issuerName, 'Intermediate CA')
assert.equal(certificate.subjectName, 'localhost') assert.equal(certificate.subjectName, 'localhost')
@ -581,7 +594,7 @@ describe('session module', function () {
assert.equal(certificate.issuerCert.issuerCert.issuer.commonName, 'Root CA') assert.equal(certificate.issuerCert.issuerCert.issuer.commonName, 'Root CA')
assert.equal(certificate.issuerCert.issuerCert.subject.commonName, 'Root CA') assert.equal(certificate.issuerCert.issuerCert.subject.commonName, 'Root CA')
assert.equal(certificate.issuerCert.issuerCert.issuerCert, undefined) assert.equal(certificate.issuerCert.issuerCert.issuerCert, undefined)
assert.equal(error, 'net::ERR_CERT_AUTHORITY_INVALID') assert.equal(verificationResult, 'net::ERR_CERT_AUTHORITY_INVALID')
callback(-2) callback(-2)
}) })