[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: [PATCH] Make Konqueror show correct information about SSL
From: Andreas Hartmetz <ahartmetz () gmail ! com>
Date: 2009-01-23 12:32:55
Message-ID: 200901231332.55807.ahartmetz () gmail ! com
[Download RAW message or body]
On Friday 23 January 2009 11:31:26 Roland Harnau wrote:
> 2009/1/23, Andreas Hartmetz <ahartmetz@gmail.com>:
> > Can you describe in a few words how you found the bug and how/why the
> > patch fixes it? It is important that this bug is understood and will not
> > be reintroduced (and fixed, and reintroduced...) again by accident. Some
> > necessary changes are probably still ahead, as always :)
>
> For its SSL dialog Konqueror relies on MetaData send by the HTTP
> slave. Currenty this is done inside TCPSlaveBase::startTLSInternal
> by means of the sendAndKeepMetaData method. The problem is that the
> verification if the host name matches the certificate is done after
> the MetaData is send (inside TCPSlaveBase::verifyServerCertificate).
> My patch simply changes this order (and refactors startTLSInternal a
> bit).
>
Heh. There used to be a bug in the opposite direction: If metadata was sent
too early it sometimes wouldn't reach Konqueror but e.g. krunner. Therefore
there's now sendAndKeepMetaData() so the metadata will be retransmitted later.
> There are still some issues, e.g. Konqueror does not always show the
> SSL icon if the connection is encrypted. Maybe this is the case if a
> persistent connection is reused by the slave, because then
> TCPSlaveBae::connectToHost and therefore sendAndKeepMetaData are not
> called.
>
I've tested the patch and Konqueror indeed doesn't show the icon sometimes :(
This is the recurring bug I was talking of.
> Btw: I can commit the patch myself if we have a consensus.
>
OK, I wasn't sure if you have an account.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic