Changeset 175270 in webkit


Ignore:
Timestamp:
Oct 28, 2014 1:01:47 PM (10 years ago)
Author:
mitz@apple.com
Message:

[Cocoa] REGERESSION (r171801): Client certificate authentication is failing
https://bugs.webkit.org/show_bug.cgi?id=138144

Reviewed by Alexey Proskuryakov.

NSURLCredential’s implementation of NSSecureCoding fails to encode identity-based
credentials properly. Work around that by encoding the identity, certificate, and
persistence individually.

  • Shared/mac/WebCoreArgumentCodersMac.mm:

(IPC::ArgumentCoder<Credential>::encodePlatformData):
(IPC::ArgumentCoder<Credential>::decodePlatformData):

Location:
trunk/Source/WebKit2
Files:
2 edited

Legend:

Unmodified
Added
Removed

  • trunk/Source/WebKit2/ChangeLog

    r175266 r175270  
     12014-10-28  Dan Bernstein  <mitz@apple.com>
     2
     3        [Cocoa] REGERESSION (r171801): Client certificate authentication is failing
     4        https://bugs.webkit.org/show_bug.cgi?id=138144
     5
     6        Reviewed by Alexey Proskuryakov.
     7
     8        NSURLCredential’s implementation of NSSecureCoding fails to encode identity-based
     9        credentials properly. Work around that by encoding the identity, certificate, and
     10        persistence individually.
     11
     12        * Shared/mac/WebCoreArgumentCodersMac.mm:
     13        (IPC::ArgumentCoder<Credential>::encodePlatformData):
     14        (IPC::ArgumentCoder<Credential>::decodePlatformData):
     15
    1162014-10-28  Joseph Pecoraro  <pecoraro@apple.com>
    217

  • trunk/Source/WebKit2/Shared/mac/WebCoreArgumentCodersMac.mm

    r173356 r175270  
    283283void ArgumentCoder<Credential>::encodePlatformData(ArgumentEncoder& encoder, const Credential& credential)
    284284{
     285    NSURLCredential *nsCredential = credential.nsCredential();
     286    // NSURLCredential doesn't serialize identities correctly, so we encode the pieces individually in the identity case.
     287    if (SecIdentityRef identity = nsCredential.identity) {
     288        encoder << true;
     289        IPC::encode(encoder, identity);
     290
     291        if (NSArray *certificates = nsCredential.certificates) {
     292            encoder << true;
     293            IPC::encode(encoder, reinterpret_cast<CFArrayRef>(certificates));
     294        } else
     295            encoder << false;
     296
     297        encoder << static_cast<uint64_t>(nsCredential.persistence);
     298        return;
     299    }
     300
     301    encoder << false;
    285302    RetainPtr<NSMutableData> data = adoptNS([[NSMutableData alloc] init]);
    286303    RetainPtr<NSKeyedArchiver> archiver = adoptNS([[NSKeyedArchiver alloc] initForWritingWithMutableData:data.get()]);
    287304    [archiver setRequiresSecureCoding:YES];
    288     [archiver encodeObject:credential.nsCredential() forKey:@"credential"];
     305    [archiver encodeObject:nsCredential forKey:@"credential"];
    289306    [archiver finishEncoding];
    290307    IPC::encode(encoder, reinterpret_cast<CFDataRef>(data.get()));
     
    293310bool ArgumentCoder<Credential>::decodePlatformData(ArgumentDecoder& decoder, Credential& credential)
    294311{
     312    bool hasIdentity;
     313    if (!decoder.decode(hasIdentity))
     314        return false;
     315
     316    if (hasIdentity) {
     317        RetainPtr<SecIdentityRef> identity;
     318        if (!IPC::decode(decoder, identity))
     319            return false;
     320
     321        RetainPtr<CFArrayRef> certificates;
     322        bool hasCertificates;
     323        if (!decoder.decode(hasCertificates))
     324            return false;
     325
     326        if (hasCertificates) {
     327            if (!IPC::decode(decoder, certificates))
     328                return false;
     329        }
     330
     331        uint64_t persistence;
     332        if (!decoder.decode(persistence))
     333            return false;
     334
     335        credential = Credential(adoptNS([[NSURLCredential alloc] initWithIdentity:identity.get() certificates:(NSArray *)certificates.get() persistence:(NSURLCredentialPersistence)persistence]).get());
     336        return true;
     337    }
     338
    295339    RetainPtr<CFDataRef> data;
    296340    if (!IPC::decode(decoder, data))
Note: See TracChangeset for help on using the changeset viewer.