Changeset 175374 in webkit


Ignore:
Timestamp:
Oct 30, 2014, 11:48:43 AM (11 years ago)
Author:
mitz@apple.com
Message:

When a client certificate is rejected, Safari says the website didn’t accept the certificate “unknown” instead of naming the certificate
https://bugs.webkit.org/show_bug.cgi?id=138216

Reviewed by Alexey Proskuryakov.

  • Shared/cf/ArgumentCodersCF.cpp:

(IPC::typeFromCFTypeRef): Remove no-longer-necessary platform guards around SecIdentityRef.
(IPC::encode): Ditto.
(IPC::decode): Ditto.

  • Shared/mac/WebCoreArgumentCodersMac.mm:

(IPC::ArgumentCoder<ResourceError>::encodePlatformData): If NSErrorClientCertificateChainKey
is present in the error’s userInfo dictionary, assert that it’s an array of identities and
certificates, and include it in the filtered dictionary.

Location:
trunk/Source/WebKit2
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebKit2/ChangeLog

    r175361 r175374  
     12014-10-30  Dan Bernstein  <mitz@apple.com>
     2
     3        When a client certificate is rejected, Safari says the website didn’t accept the certificate “unknown” instead of naming the certificate
     4        https://bugs.webkit.org/show_bug.cgi?id=138216
     5
     6        Reviewed by Alexey Proskuryakov.
     7
     8        * Shared/cf/ArgumentCodersCF.cpp:
     9        (IPC::typeFromCFTypeRef): Remove no-longer-necessary platform guards around SecIdentityRef.
     10        (IPC::encode): Ditto.
     11        (IPC::decode): Ditto.
     12        * Shared/mac/WebCoreArgumentCodersMac.mm:
     13        (IPC::ArgumentCoder<ResourceError>::encodePlatformData): If NSErrorClientCertificateChainKey
     14        is present in the error’s userInfo dictionary, assert that it’s an array of identities and
     15        certificates, and include it in the filtered dictionary.
     16
    1172014-10-29  Hunseop Jeong  <hs85.jeong@samsung.com>
    218
  • trunk/Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp

    r171485 r175374  
    8181    CFURL,
    8282    SecCertificate,
    83 #if PLATFORM(IOS)
    8483    SecIdentity,
    85 #endif
    8684#if HAVE(SEC_KEYCHAIN)
    8785    SecKeychainItem,
     
    122120    if (typeID == SecCertificateGetTypeID())
    123121        return SecCertificate;
    124 #if PLATFORM(IOS)
    125122    if (typeID == SecIdentityGetTypeID())
    126123        return SecIdentity;
    127 #endif
    128124#if HAVE(SEC_KEYCHAIN)
    129125    if (typeID == SecKeychainItemGetTypeID())
     
    174170        encode(encoder, (SecCertificateRef)typeRef);
    175171        return;
    176 #if PLATFORM(IOS)
    177172    case SecIdentity:
    178173        encode(encoder, (SecIdentityRef)(typeRef));
    179174        return;
    180 #endif
    181175#if HAVE(SEC_KEYCHAIN)
    182176    case SecKeychainItem:
     
    271265        return true;
    272266    }
    273 #if PLATFORM(IOS)
    274267    case SecIdentity: {
    275268        RetainPtr<SecIdentityRef> identity;
     
    279272        return true;
    280273    }
    281 #endif
    282274#if HAVE(SEC_KEYCHAIN)
    283275    case SecKeychainItem: {
  • trunk/Source/WebKit2/Shared/mac/WebCoreArgumentCodersMac.mm

    r175275 r175374  
    199199    }];
    200200
     201    if (NSArray *clientIdentityAndCertificates = [userInfo objectForKey:@"NSErrorClientCertificateChainKey"]) {
     202        ASSERT([clientIdentityAndCertificates isKindOfClass:[NSArray class]]);
     203        ASSERT(^{
     204            for (id object in clientIdentityAndCertificates) {
     205                if (CFGetTypeID(object) != SecIdentityGetTypeID() && CFGetTypeID(object) != SecCertificateGetTypeID())
     206                    return false;
     207            }
     208            return true;
     209        }());
     210
     211        CFDictionarySetValue(filteredUserInfo.get(), @"NSErrorClientCertificateChainKey", clientIdentityAndCertificates);
     212    };
     213
    201214    IPC::encode(encoder, filteredUserInfo.get());
    202215
Note: See TracChangeset for help on using the changeset viewer.