New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 603634 link

Starred by 1 user
Status: Fixed
Owner:
eugene...@chromium.org
Closed: Aug 2016
Cc:
svaldez@chromium.org
rsleevi@chromium.org
pkl@chromium.org
ios-bugs-priority@chromium.org
ios-bugs@chromium.org
EstimatedDays: ----
NextAction: ----
OS: iOS
Pri: 1
Type: Bug



Sign in to add a comment

Do not use second cert validation on iOS

Project Member Reported by eugene...@chromium.org, Apr 14 2016 
With initial WKWebView release SecTrustRef was used for making load/no-load decision and NSS for getting the reason of cert failure.

Now on iOS CertVerifier uses SecTrust API for cert verification, so we do double work evaluating SecTrust twice.

Specifically for WebView cert verification we should reuse the code from this CL:
https://codereview.chromium.org/1871043003/patch/280001/290003

Comment 1 by pkl@chromium.org, May 25 2016

Cc: pkl@chromium.org
Labels: -Pri-2 Pri-1

Comment 2 by eugene...@chromium.org, Aug 5 2016

Status: Started (was: Assigned)

Comment 3 by eugene...@chromium.org, Aug 5 2016

Components: Mobile>WebView>Glue
Project Member

Comment 4 by bugdroid1@chromium.org, Aug 15 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2

commit bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2
Author: eugenebut <eugenebut@chromium.org>
Date: Mon Aug 15 23:34:55 2016

[ios] Removed CertVerifierBlockAdapter.

cert_verify_proc_ios.cc uses SecTrustRef to get the reason of cert
verification failure, so there is no reason to use CertVerifier for
web view cert verification.

Removing CertVerifier usage should have positive impact on battery
life (because second versification will not be performed) and simplify
the code (especially threading part).

BUG= 603634 
TEST=interstitials show correct reason of failure

Review-Url: https://codereview.chromium.org/2225483002
Cr-Commit-Position: refs/heads/master@{#412096}

[modify] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/ios/web/BUILD.gn
[modify] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/ios/web/ios_web.gyp
[modify] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/ios/web/ios_web_unittests.gyp
[delete] https://crrev.com/8e74f22a19f675ffa5e2f64ba101c677b019133b/ios/web/net/cert_verifier_block_adapter.cc
[delete] https://crrev.com/8e74f22a19f675ffa5e2f64ba101c677b019133b/ios/web/net/cert_verifier_block_adapter.h
[delete] https://crrev.com/8e74f22a19f675ffa5e2f64ba101c677b019133b/ios/web/net/cert_verifier_block_adapter_unittest.cc
[modify] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/ios/web/net/crw_cert_verification_controller.h
[modify] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/ios/web/net/crw_cert_verification_controller.mm
[modify] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/ios/web/net/crw_cert_verification_controller_unittest.mm
[modify] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/ios/web/web_state/ui/crw_web_controller.mm
[modify] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/net/cert/cert_verify_proc_ios.cc
[modify] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/net/cert/cert_verify_proc_ios.h
[add] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/net/cert/cert_verify_proc_ios_unittest.cc
[modify] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/net/net.gypi
[modify] https://crrev.com/bbaae2f91795c442ef62bdfe42be1d5ea75f7cc2/tools/metrics/histograms/histograms.xml

Comment 5 by eugene...@chromium.org, Aug 15 2016

Status: Fixed (was: Started)

Sign in to add a comment