Midori Web Browser

enforce SSL certificates verification

Bug #996697 reported by Yves-Alexis Perez on 2012-05-08

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	Midori Web Browser	Fix Released	High	Cris Dywan

Bug Description

Hey,

SSL/TLS support and x509 certificate handling doesn't really exist right now in Midori. But until there's proper handling, and considering the current state, it should be safer to use libsoup strict ssl mode, so when the SSL status is bad, the connection won't be made at all. I know right now the url bar is set to red when a bad status is received, but it's already too late, cookies have been sent etc.

Attached patch does just that.

Tags:

Revision history for this message

Yves-Alexis Perez (corsac) wrote on 2012-05-08:

force ssl certificates verification Edit (783 bytes, text/x-diff)

Revision history for this message

Yves-Alexis Perez (corsac) wrote on 2012-05-08:

https://bugzilla.novell.com/show_bug.cgi?id=760517 might have some insights too.

Revision history for this message

franciszen (franciszenker) wrote on 2012-05-09:

some certificates fail to meet the success in giving a complete installation mostly a self signed SSL certificate but certificate authorities like Comodo SSL Certificate provider gives the best solution in the industries

Revision history for this message

Yves-Alexis Perez (corsac) wrote on 2012-05-09:

I don't see your point?

Revision history for this message

Cris Dywan (kalikiana) wrote on 2012-05-13:

This is wrong because it will be impossible to open such URLs without modifying system certificates and without any means to find out which one is needed. See bug 706857.

Short of the full UI, checking the certificate and showing an error page with a Continue button would make sense to me. See https://bugs.launchpad.net/midori/+bug/706857/+attachment/3143468/+files/gcr-icon-click.diff - unfortunately doesn't work for me, takers welcome.

Revision history for this message

Yves-Alexis Perez (corsac) wrote on 2012-05-13:

It's not wrong, it's the only sensible solution. If you can't be sure of the certificate status then you shouldn't connect *at all*. I know that means not accessing some sites anymore, but better safe than sorry. Until there's a real support for certificates handling, it should be kept that way.

Cris Dywan (kalikiana) on 2012-05-14

Changed in midori:
importance:	Undecided → High
tags:	added: ssl

Revision history for this message

Cris Dywan (kalikiana) wrote on 2012-05-20:

security_inconsistency_check.diff Edit (6.5 KiB, text/plain)

This patch adds checks if 'http' resources are loaded into trusted https sites or unverified ssl mixed with trusted https. The OK button doesn't do anything, and it doesn't block anything.
What we need to proceed is test cases.

Secure connection using http:
https://torrentfreak.com/pirate-bay-boosts-sharing-is-caring-into-the-music-charts-120427/

Cris Dywan (kalikiana) on 2012-07-15

Changed in midori:
assignee:	nobody → Christian Dywan (kalikiana)

Revision history for this message

Cris Dywan (kalikiana) wrote on 2012-07-15:

After some interesting discussions we decided to go for a confirmation page instead of relying on color. So any unverifiable site will not load by default. I filed bug 1024980 for more fine-grained consistency checks.

Changed in midori:
status:	New → Fix Committed

Revision history for this message

Yves-Alexis Perez (corsac) wrote on 2012-07-15:

Seems that “load page” doesn't do anything for the override here. It loops on the error page.

Revision history for this message

Cris Dywan (kalikiana) wrote on 2012-07-17:

#10

We have optional gcr support now, and the code path won't be active if it's not there since there's no way to override verification (which is technically what the bug report asked for).

Cris Dywan (kalikiana) on 2012-09-20