Changeset 228933 in webkit


Ignore:
Timestamp:
Feb 22, 2018 2:05:06 PM (6 years ago)
Author:
rniwa@webkit.org
Message:

Add an entitlement check for service worker on iOS
https://bugs.webkit.org/show_bug.cgi?id=182865

Reviewed by Dan Bernstein.

Addressed Dan's comment by using xpc_connection_copy_entitlement_value instead of obtaining the audit token first.

  • Shared/mac/SandboxUtilities.h:
  • Shared/mac/SandboxUtilities.mm:

(WebKit::connectedProcessHasEntitlement):

  • StorageProcess/ios/StorageProcessIOS.mm:

(WebKit::StorageProcess::parentProcessHasServiceWorkerEntitlement const):

  • WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::parentProcessHasServiceWorkerEntitlement const):

Location:
trunk/Source/WebKit
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebKit/ChangeLog

    r228930 r228933  
     12018-02-22  Ryosuke Niwa  <rniwa@webkit.org>
     2
     3        Add an entitlement check for service worker on iOS
     4        https://bugs.webkit.org/show_bug.cgi?id=182865
     5
     6        Reviewed by Dan Bernstein.
     7
     8        Addressed Dan's comment by using xpc_connection_copy_entitlement_value instead of obtaining the audit token first.
     9
     10        * Shared/mac/SandboxUtilities.h:
     11        * Shared/mac/SandboxUtilities.mm:
     12        (WebKit::connectedProcessHasEntitlement):
     13        * StorageProcess/ios/StorageProcessIOS.mm:
     14        (WebKit::StorageProcess::parentProcessHasServiceWorkerEntitlement const):
     15        * WebProcess/WebPage/ios/WebPageIOS.mm:
     16        (WebKit::WebPage::parentProcessHasServiceWorkerEntitlement const):
     17
    1182018-02-22  Youenn Fablet  <youenn@apple.com>
    219
  • trunk/Source/WebKit/Shared/mac/SandboxUtilities.h

    r228589 r228933  
    4040
    4141bool processHasEntitlement(NSString *entitlement);
    42 bool connectedProcessHasEntitlement(xpc_connection_t, NSString *entitlement);
     42bool connectedProcessHasEntitlement(xpc_connection_t, const char *entitlement);
    4343
    4444}
  • trunk/Source/WebKit/Shared/mac/SandboxUtilities.mm

    r228589 r228933  
    2929#import <array>
    3030#import <sys/param.h>
     31#import <wtf/OSObjectPtr.h>
    3132#import <wtf/spi/cocoa/SecuritySPI.h>
    3233#import <wtf/spi/darwin/SandboxSPI.h>
     
    9394}
    9495
    95 bool connectedProcessHasEntitlement(xpc_connection_t connection, NSString *entitlement)
     96bool connectedProcessHasEntitlement(xpc_connection_t connection, const char *entitlement)
    9697{
    97     audit_token_t token;
    98     xpc_connection_get_audit_token(connection, &token);
    99     auto task = adoptCF(SecTaskCreateWithAuditToken(NULL, token));
    100 
    101     auto value = adoptCF(SecTaskCopyValueForEntitlement(task.get(), (__bridge CFStringRef)entitlement, nullptr));
     98    auto value = adoptOSObject(xpc_connection_copy_entitlement_value(connection, entitlement));
    10299    if (!value)
    103100        return false;
    104101
    105     if (CFGetTypeID(value.get()) != CFBooleanGetTypeID())
    106         return false;
    107 
    108     return CFBooleanGetValue(static_cast<CFBooleanRef>(value.get()));
     102    return xpc_get_type(value.get()) == XPC_TYPE_BOOL && xpc_bool_get_value(value.get());
    109103}
    110104
  • trunk/Source/WebKit/StorageProcess/ios/StorageProcessIOS.mm

    r228589 r228933  
    6262bool StorageProcess::parentProcessHasServiceWorkerEntitlement() const
    6363{
    64     static bool hasEntitlement = connectedProcessHasEntitlement(parentProcessConnection()->xpcConnection(), @"com.apple.developer.WebKit.ServiceWorkers");
     64    static bool hasEntitlement = connectedProcessHasEntitlement(parentProcessConnection()->xpcConnection(), "com.apple.developer.WebKit.ServiceWorkers");
    6565    return hasEntitlement;
    6666}
  • trunk/Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm

    r228602 r228933  
    393393bool WebPage::parentProcessHasServiceWorkerEntitlement() const
    394394{
    395     static bool hasEntitlement = connectedProcessHasEntitlement(WebProcess::singleton().parentProcessConnection()->xpcConnection(), @"com.apple.developer.WebKit.ServiceWorkers");
     395    static bool hasEntitlement = connectedProcessHasEntitlement(WebProcess::singleton().parentProcessConnection()->xpcConnection(), "com.apple.developer.WebKit.ServiceWorkers");
    396396    return hasEntitlement;
    397397}
Note: See TracChangeset for help on using the changeset viewer.