Title: [175374] trunk/Source/WebKit2
- Revision
- 175374
- Author
- m...@apple.com
- Date
- 2014-10-30 11:48:43 -0700 (Thu, 30 Oct 2014)
Log Message
When a client certificate is rejected, Safari says the website didn’t accept the certificate “unknown” instead of naming the certificate
https://bugs.webkit.org/show_bug.cgi?id=138216
Reviewed by Alexey Proskuryakov.
* Shared/cf/ArgumentCodersCF.cpp:
(IPC::typeFromCFTypeRef): Remove no-longer-necessary platform guards around SecIdentityRef.
(IPC::encode): Ditto.
(IPC::decode): Ditto.
* Shared/mac/WebCoreArgumentCodersMac.mm:
(IPC::ArgumentCoder<ResourceError>::encodePlatformData): If NSErrorClientCertificateChainKey
is present in the error’s userInfo dictionary, assert that it’s an array of identities and
certificates, and include it in the filtered dictionary.
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (175373 => 175374)
--- trunk/Source/WebKit2/ChangeLog 2014-10-30 17:39:52 UTC (rev 175373)
+++ trunk/Source/WebKit2/ChangeLog 2014-10-30 18:48:43 UTC (rev 175374)
@@ -1,3 +1,19 @@
+2014-10-30 Dan Bernstein <m...@apple.com>
+
+ When a client certificate is rejected, Safari says the website didn’t accept the certificate “unknown” instead of naming the certificate
+ https://bugs.webkit.org/show_bug.cgi?id=138216
+
+ Reviewed by Alexey Proskuryakov.
+
+ * Shared/cf/ArgumentCodersCF.cpp:
+ (IPC::typeFromCFTypeRef): Remove no-longer-necessary platform guards around SecIdentityRef.
+ (IPC::encode): Ditto.
+ (IPC::decode): Ditto.
+ * Shared/mac/WebCoreArgumentCodersMac.mm:
+ (IPC::ArgumentCoder<ResourceError>::encodePlatformData): If NSErrorClientCertificateChainKey
+ is present in the error’s userInfo dictionary, assert that it’s an array of identities and
+ certificates, and include it in the filtered dictionary.
+
2014-10-29 Hunseop Jeong <hs85.je...@samsung.com>
[CoordinatedGraphics] Use modern for-loops
Modified: trunk/Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp (175373 => 175374)
--- trunk/Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp 2014-10-30 17:39:52 UTC (rev 175373)
+++ trunk/Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp 2014-10-30 18:48:43 UTC (rev 175374)
@@ -80,9 +80,7 @@
CFString,
CFURL,
SecCertificate,
-#if PLATFORM(IOS)
SecIdentity,
-#endif
#if HAVE(SEC_KEYCHAIN)
SecKeychainItem,
#endif
@@ -121,10 +119,8 @@
return CFURL;
if (typeID == SecCertificateGetTypeID())
return SecCertificate;
-#if PLATFORM(IOS)
if (typeID == SecIdentityGetTypeID())
return SecIdentity;
-#endif
#if HAVE(SEC_KEYCHAIN)
if (typeID == SecKeychainItemGetTypeID())
return SecKeychainItem;
@@ -173,11 +169,9 @@
case SecCertificate:
encode(encoder, (SecCertificateRef)typeRef);
return;
-#if PLATFORM(IOS)
case SecIdentity:
encode(encoder, (SecIdentityRef)(typeRef));
return;
-#endif
#if HAVE(SEC_KEYCHAIN)
case SecKeychainItem:
encode(encoder, (SecKeychainItemRef)typeRef);
@@ -270,7 +264,6 @@
result = adoptCF(certificate.leakRef());
return true;
}
-#if PLATFORM(IOS)
case SecIdentity: {
RetainPtr<SecIdentityRef> identity;
if (!decode(decoder, identity))
@@ -278,7 +271,6 @@
result = adoptCF(identity.leakRef());
return true;
}
-#endif
#if HAVE(SEC_KEYCHAIN)
case SecKeychainItem: {
RetainPtr<SecKeychainItemRef> keychainItem;
Modified: trunk/Source/WebKit2/Shared/mac/WebCoreArgumentCodersMac.mm (175373 => 175374)
--- trunk/Source/WebKit2/Shared/mac/WebCoreArgumentCodersMac.mm 2014-10-30 17:39:52 UTC (rev 175373)
+++ trunk/Source/WebKit2/Shared/mac/WebCoreArgumentCodersMac.mm 2014-10-30 18:48:43 UTC (rev 175374)
@@ -198,6 +198,19 @@
CFDictionarySetValue(filteredUserInfo.get(), key, value);
}];
+ if (NSArray *clientIdentityAndCertificates = [userInfo objectForKey:@"NSErrorClientCertificateChainKey"]) {
+ ASSERT([clientIdentityAndCertificates isKindOfClass:[NSArray class]]);
+ ASSERT(^{
+ for (id object in clientIdentityAndCertificates) {
+ if (CFGetTypeID(object) != SecIdentityGetTypeID() && CFGetTypeID(object) != SecCertificateGetTypeID())
+ return false;
+ }
+ return true;
+ }());
+
+ CFDictionarySetValue(filteredUserInfo.get(), @"NSErrorClientCertificateChainKey", clientIdentityAndCertificates);
+ };
+
IPC::encode(encoder, filteredUserInfo.get());
id peerCertificateChain = [userInfo objectForKey:@"NSErrorPeerCertificateChainKey"];
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes