[PATCH] Make Konqueror show correct information about SSL certificates.
Roland Harnau
truthandprogress at googlemail.com
Fri Jan 23 10:31:26 GMT 2009
2009/1/23, Andreas Hartmetz <ahartmetz at gmail.com>:
> Can you describe in a few words how you found the bug and how/why the patch
> fixes it? It is important that this bug is understood and will not be reintroduced
> (and fixed, and reintroduced...) again by accident. Some necessary changes are
> probably still ahead, as always :)
For its SSL dialog Konqueror relies on MetaData send by the HTTP
slave. Currenty this is done inside TCPSlaveBase::startTLSInternal
by means of the sendAndKeepMetaData method. The problem is that the
verification if the host name matches the certificate is done after
the MetaData is send (inside TCPSlaveBase::verifyServerCertificate).
My patch simply changes this order (and refactors startTLSInternal a
bit).
There are still some issues, e.g. Konqueror does not always show the
SSL icon if the connection is encrypted. Maybe this is the case if a
persistent connection is reused by the slave, because then
TCPSlaveBae::connectToHost and therefore sendAndKeepMetaData are not
called.
Btw: I can commit the patch myself if we have a consensus.
Roland
More information about the kde-core-devel
mailing list