Changeset 198865 in webkit
- Timestamp:
- Mar 30, 2016 4:44:08 PM (8 years ago)
- Location:
- trunk/Source/WebKit2
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Source/WebKit2/ChangeLog
r198856 r198865 1 2016-03-30 Daniel Bates <dabates@apple.com> 2 3 Unreviewed, rolling out r198856. 4 5 Broke the tests on the Apple El Capitan Release WK2 (Tests) 6 bot. Further investigation needed. 7 8 Reverted changeset: 9 10 "REGRESSION (r194660): Navigating to HTTPS sites may fail with 11 error" 12 https://bugs.webkit.org/show_bug.cgi?id=155455 13 http://trac.webkit.org/changeset/198856 14 1 15 2016-03-30 Daniel Bates <dabates@apple.com> 2 16 -
trunk/Source/WebKit2/Shared/mac/ChildProcessMac.mm
r198856 r198865 79 79 } 80 80 81 static String codeSigningIdentifierForProcess(pid_t pid, OSStatus& errorCode) 81 // FIXME: Remove this macro guard once we fix <rdar://problem/24308793>. 82 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200 83 static RetainPtr<SecCodeRef> findSecCodeForProcess(pid_t pid) 82 84 { 83 85 RetainPtr<CFNumberRef> pidCFNumber = adoptCF(CFNumberCreate(kCFAllocatorDefault, kCFNumberIntType, &pid)); … … 86 88 RetainPtr<CFDictionaryRef> attributes = adoptCF(CFDictionaryCreate(kCFAllocatorDefault, keys, values, WTF_ARRAY_LENGTH(keys), &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks)); 87 89 SecCodeRef code = nullptr; 88 if ((errorCode = SecCodeCopyGuestWithAttributes(nullptr, attributes.get(), kSecCSDefaultFlags, &code))) 89 return String(); 90 RetainPtr<SecCodeRef> codePtr = adoptCF(code); 91 RELEASE_ASSERT(codePtr); 92 93 CFStringRef appleSignedOrMacAppStoreSignedOrAppleDeveloperSignedRequirement = CFSTR("(anchor apple) or (anchor apple generic and certificate leaf[field.1.2.840.113635.100.6.1.9]) or (anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] and certificate leaf[field.1.2.840.113635.100.6.1.13])"); 94 SecRequirementRef signingRequirement = nullptr; 95 RELEASE_ASSERT(!SecRequirementCreateWithString(appleSignedOrMacAppStoreSignedOrAppleDeveloperSignedRequirement, kSecCSDefaultFlags, &signingRequirement)); 96 RetainPtr<SecRequirementRef> signingRequirementPtr = adoptCF(signingRequirement); 97 errorCode = SecCodeCheckValidity(codePtr.get(), kSecCSDefaultFlags, signingRequirementPtr.get()); 98 if (errorCode == errSecCSUnsigned || errorCode == errSecCSReqFailed) 99 return String(); // Unsigned or signed by a third-party 100 if (errorCode != errSecSuccess) 101 return emptyString(); // e.g. invalid/malformed signature 102 String codeSigningIdentifier; 103 CFDictionaryRef signingInfo = nullptr; 104 RELEASE_ASSERT(!SecCodeCopySigningInformation(codePtr.get(), kSecCSDefaultFlags, &signingInfo)); 105 RetainPtr<CFDictionaryRef> signingInfoPtr = adoptCF(signingInfo); 106 if (CFDictionaryRef plist = dynamic_cf_cast<CFDictionaryRef>(CFDictionaryGetValue(signingInfoPtr.get(), kSecCodeInfoPList))) 107 codeSigningIdentifier = String(dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(plist, kCFBundleIdentifierKey))); 108 else 109 codeSigningIdentifier = String(dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(signingInfoPtr.get(), kSecCodeInfoIdentifier))); 110 RELEASE_ASSERT(!codeSigningIdentifier.isEmpty()); 111 return codeSigningIdentifier; 112 } 90 if (SecCodeCopyGuestWithAttributes(nullptr, attributes.get(), kSecCSDefaultFlags, &code)) 91 return nullptr; 92 return adoptCF(code); 93 } 94 #endif 113 95 114 96 void ChildProcess::initializeSandbox(const ChildProcessInitializationParameters& parameters, SandboxInitializationParameters& sandboxParameters) … … 117 99 String defaultProfilePath = [webkit2Bundle pathForResource:[[NSBundle mainBundle] bundleIdentifier] ofType:@"sb"]; 118 100 119 bool willUseUserDirectorySuffixInitializationParameter = false;120 101 if (sandboxParameters.userDirectorySuffix().isNull()) { 121 auto userDirectorySuffix = parameters.extraInitializationData.find("user-directory-suffix"); 122 if (userDirectorySuffix != parameters.extraInitializationData.end()) { 123 willUseUserDirectorySuffixInitializationParameter = true; 124 sandboxParameters.setUserDirectorySuffix([makeString(userDirectorySuffix->value, '/', String([[NSBundle mainBundle] bundleIdentifier])) fileSystemRepresentation]); 102 // FIXME: Remove this macro guard once we fix <rdar://problem/24308793>. 103 #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200 104 if (const OSObjectPtr<xpc_connection_t>& xpcConnection = parameters.connectionIdentifier.xpcConnection) { 105 pid_t clientProcessID = xpc_connection_get_pid(xpcConnection.get()); 106 RetainPtr<SecCodeRef> code = findSecCodeForProcess(clientProcessID); 107 RELEASE_ASSERT(code); 108 109 CFStringRef appleSignedOrMacAppStoreSignedOrAppleDeveloperSignedRequirement = CFSTR("(anchor apple) or (anchor apple generic and certificate leaf[field.1.2.840.113635.100.6.1.9]) or (anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] and certificate leaf[field.1.2.840.113635.100.6.1.13])"); 110 SecRequirementRef signingRequirement = nullptr; 111 OSStatus status = SecRequirementCreateWithString(appleSignedOrMacAppStoreSignedOrAppleDeveloperSignedRequirement, kSecCSDefaultFlags, &signingRequirement); 112 RELEASE_ASSERT(status == errSecSuccess); 113 114 status = SecCodeCheckValidity(code.get(), kSecCSDefaultFlags, signingRequirement); 115 if (status == errSecSuccess) { 116 String clientIdentifierToUse; 117 CFDictionaryRef signingInfo = nullptr; 118 status = SecCodeCopySigningInformation(code.get(), kSecCSDefaultFlags, &signingInfo); 119 RELEASE_ASSERT(status == errSecSuccess); 120 if (CFDictionaryRef plist = dynamic_cf_cast<CFDictionaryRef>(CFDictionaryGetValue(signingInfo, kSecCodeInfoPList))) 121 clientIdentifierToUse = String(dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(plist, kCFBundleIdentifierKey))); 122 else 123 clientIdentifierToUse = String(dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(signingInfo, kSecCodeInfoIdentifier))); 124 CFRelease(signingInfo); 125 RELEASE_ASSERT(!clientIdentifierToUse.isEmpty()); 126 sandboxParameters.setUserDirectorySuffix(makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', clientIdentifierToUse)); 127 } else { 128 // Unsigned, signed by a third party, or has an invalid/malformed signature 129 auto userDirectorySuffix = parameters.extraInitializationData.find("user-directory-suffix"); 130 if (userDirectorySuffix != parameters.extraInitializationData.end()) 131 sandboxParameters.setUserDirectorySuffix([makeString(userDirectorySuffix->value, '/', String([[NSBundle mainBundle] bundleIdentifier])) fileSystemRepresentation]); 132 sandboxParameters.setUserDirectorySuffix(makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', parameters.clientIdentifier)); 133 } 134 CFRelease(signingRequirement); 125 135 } else { 126 String defaultUserDirectorySuffix = makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', parameters.clientIdentifier);127 sandboxParameters.setUserDirectorySuffix( defaultUserDirectorySuffix);136 // Legacy client 137 sandboxParameters.setUserDirectorySuffix(makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', parameters.clientIdentifier)); 128 138 } 139 #else 140 sandboxParameters.setUserDirectorySuffix(makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', parameters.clientIdentifier)); 141 #endif 129 142 } 130 143 … … 205 218 OSStatus error = WKEnableSandboxStyleFileQuarantine(); 206 219 if (error) { 207 WTFLogAlways("%s: Couldn't enable sandbox style file quarantine: %ld\n", getprogname(), static_cast<long>(error)); 208 exit(EX_NOPERM); 209 } 210 211 error = noErr; 212 String clientCodeSigningIdentifier = codeSigningIdentifierForProcess(xpc_connection_get_pid(parameters.connectionIdentifier.xpcConnection.get()), error); 213 bool isClientCodeSigned = !clientCodeSigningIdentifier.isNull(); 214 if (isClientCodeSigned && willUseUserDirectorySuffixInitializationParameter) { 215 WTFLogAlways("%s: Only unsigned clients can specify parameter user-directory-suffix\n", getprogname()); 216 exit(EX_NOPERM); 217 } 218 if (isClientCodeSigned && clientCodeSigningIdentifier != parameters.clientIdentifier) { 219 WTFLogAlways("%s: Code signing identifier of client differs from passed client identifier: %ld\n", getprogname(), static_cast<long>(error)); 220 WTFLogAlways("%s: Couldn't enable sandbox style file quarantine: %ld\n", getprogname(), (long)error); 220 221 exit(EX_NOPERM); 221 222 }
Note: See TracChangeset
for help on using the changeset viewer.