Use libsoup exclusively for retrieving remote certs

This removes the side channel for getting and verifying remote HTTPS
certificates.  As the http_proxy settings only affected messages
downloaded as part of the webkit soup session, this side channel would
create its own TCP connections which sidesteped the proxy, leaving a
privacy leak.

For simplicity, the remote certificate chain is now saved in pem
format as part of the tab structure, and converted to a gnutls
certificate chain when needed for viewing and displaying certs.

Most of the initial code done by dhill@ and marco@

0 files changed, 0 insertions, 0 deletions