Diff
Modified: branches/safari-602.1.32-branch/Source/WTF/ChangeLog (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WTF/ChangeLog 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WTF/ChangeLog 2016-05-13 06:37:09 UTC (rev 200816)
@@ -1,3 +1,7 @@
+2016-05-12 Babak Shafiei <[email protected]>
+
+ Roll out r200463.
+
2016-05-08 Chris Dumez <[email protected]>
[COCOA] Disable HAVE_DTRACE at build time
Modified: branches/safari-602.1.32-branch/Source/WTF/wtf/Platform.h (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WTF/wtf/Platform.h 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WTF/wtf/Platform.h 2016-05-13 06:37:09 UTC (rev 200816)
@@ -1146,9 +1146,6 @@
#endif
#endif
-#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200) || (PLATFORM(IOS) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 100000)
-#define HAVE_SEC_TRUST_SERIALIZATION 1
-#endif
#if !defined(WTF_DEFAULT_EVENT_LOOP)
#define WTF_DEFAULT_EVENT_LOOP 1
Modified: branches/safari-602.1.32-branch/Source/WTF/wtf/spi/cocoa/SecuritySPI.h (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WTF/wtf/spi/cocoa/SecuritySPI.h 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WTF/wtf/spi/cocoa/SecuritySPI.h 2016-05-13 06:37:09 UTC (rev 200816)
@@ -30,7 +30,6 @@
#include <Security/SecCertificatePriv.h>
#include <Security/SecTask.h>
-#include <Security/SecTrustPriv.h>
#else
@@ -58,9 +57,4 @@
EXTERN_C SecTaskRef SecTaskCreateFromSelf(CFAllocatorRef);
EXTERN_C CFTypeRef SecTaskCopyValueForEntitlement(SecTaskRef, CFStringRef entitlement, CFErrorRef *);
-#if HAVE(SEC_TRUST_SERIALIZATION)
-EXTERN_C CF_RETURNS_RETAINED CFDataRef SecTrustSerialize(SecTrustRef, CFErrorRef *);
-EXTERN_C CF_RETURNS_RETAINED SecTrustRef SecTrustDeserialize(CFDataRef serializedTrust, CFErrorRef *);
-#endif
-
#endif // SecuritySPI_h
Modified: branches/safari-602.1.32-branch/Source/WebCore/ChangeLog (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebCore/ChangeLog 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebCore/ChangeLog 2016-05-13 06:37:09 UTC (rev 200816)
@@ -1,5 +1,9 @@
2016-05-12 Babak Shafiei <[email protected]>
+ Roll out r200463.
+
+2016-05-12 Babak Shafiei <[email protected]>
+
Roll out r200469.
2016-05-11 Babak Shafiei <[email protected]>
Modified: branches/safari-602.1.32-branch/Source/WebCore/platform/network/cf/CertificateInfo.h (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebCore/platform/network/cf/CertificateInfo.h 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebCore/platform/network/cf/CertificateInfo.h 2016-05-13 06:37:09 UTC (rev 200816)
@@ -29,59 +29,28 @@
#include "PlatformExportMacros.h"
#include <wtf/RetainPtr.h>
-#if HAVE(SEC_TRUST_SERIALIZATION)
-#include <Security/SecTrust.h>
-#endif
-
namespace WebCore {
class CertificateInfo {
public:
- CertificateInfo() = default;
-
- enum class Type {
- None,
- CertificateChain,
-#if HAVE(SEC_TRUST_SERIALIZATION)
- Trust,
-#endif
- };
+ CertificateInfo() { }
+ CertificateInfo(RetainPtr<CFArrayRef> certificateChain)
+ : m_certificateChain(certificateChain)
+ { }
-#if HAVE(SEC_TRUST_SERIALIZATION)
- explicit CertificateInfo(RetainPtr<SecTrustRef>&& trust)
- : m_trust(WTFMove(trust))
- {
- }
-
- SecTrustRef trust() const { return m_trust.get(); }
-#endif
+ void setCertificateChain(CFArrayRef certificateChain) { m_certificateChain = certificateChain; }
+ CFArrayRef certificateChain() const { return m_certificateChain.get(); }
- CertificateInfo(RetainPtr<CFArrayRef>&& certificateChain)
- : m_certificateChain(WTFMove(certificateChain))
- {
- }
-
- WEBCORE_EXPORT CFArrayRef certificateChain() const;
-
- WEBCORE_EXPORT Type type() const;
WEBCORE_EXPORT bool containsNonRootSHA1SignedCertificate() const;
- bool isEmpty() const { return type() == Type::None; }
-
-#if PLATFORM(COCOA)
- static RetainPtr<CFArrayRef> certificateChainFromSecTrust(SecTrustRef);
-#endif
-
#ifndef NDEBUG
void dump() const;
#endif
private:
-#if HAVE(SEC_TRUST_SERIALIZATION)
- RetainPtr<SecTrustRef> m_trust;
-#endif
- mutable RetainPtr<CFArrayRef> m_certificateChain;
+ RetainPtr<CFArrayRef> m_certificateChain;
};
}
+
#endif
Modified: branches/safari-602.1.32-branch/Source/WebCore/platform/network/cocoa/ResourceResponseCocoa.mm (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebCore/platform/network/cocoa/ResourceResponseCocoa.mm 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebCore/platform/network/cocoa/ResourceResponseCocoa.mm 2016-05-13 06:37:09 UTC (rev 200816)
@@ -99,11 +99,12 @@
return { };
}
-#if HAVE(SEC_TRUST_SERIALIZATION)
- return CertificateInfo(trust);
-#else
- return CertificateInfo(CertificateInfo::certificateChainFromSecTrust(trust));
-#endif
+ CFIndex count = SecTrustGetCertificateCount(trust);
+ auto certificateChain = CFArrayCreateMutable(0, count, &kCFTypeArrayCallBacks);
+ for (CFIndex i = 0; i < count; i++)
+ CFArrayAppendValue(certificateChain, SecTrustGetCertificateAtIndex(trust, i));
+
+ return CertificateInfo(adoptCF(certificateChain));
}
#if USE(CFNETWORK)
Modified: branches/safari-602.1.32-branch/Source/WebCore/platform/network/mac/CertificateInfoMac.mm (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebCore/platform/network/mac/CertificateInfoMac.mm 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebCore/platform/network/mac/CertificateInfoMac.mm 2016-05-13 06:37:09 UTC (rev 200816)
@@ -31,104 +31,35 @@
namespace WebCore {
-#if PLATFORM(COCOA)
-RetainPtr<CFArrayRef> CertificateInfo::certificateChainFromSecTrust(SecTrustRef trust)
-{
- auto count = SecTrustGetCertificateCount(trust);
- auto certificateChain = CFArrayCreateMutable(0, count, &kCFTypeArrayCallBacks);
- for (CFIndex i = 0; i < count; i++)
- CFArrayAppendValue(certificateChain, SecTrustGetCertificateAtIndex(trust, i));
- return adoptCF((CFArrayRef)certificateChain);
-}
-#endif
-
-CertificateInfo::Type CertificateInfo::type() const
-{
-#if HAVE(SEC_TRUST_SERIALIZATION)
- if (m_trust)
- return Type::Trust;
-#endif
- if (m_certificateChain)
- return Type::CertificateChain;
- return Type::None;
-}
-
-CFArrayRef CertificateInfo::certificateChain() const
-{
-#if HAVE(SEC_TRUST_SERIALIZATION)
- if (m_certificateChain)
- return m_certificateChain.get();
-
- if (m_trust)
- m_certificateChain = CertificateInfo::certificateChainFromSecTrust(m_trust.get());
-#endif
-
- return m_certificateChain.get();
-}
-
bool CertificateInfo::containsNonRootSHA1SignedCertificate() const
{
-#if HAVE(SEC_TRUST_SERIALIZATION)
- if (m_trust) {
- // Allow only the root certificate (the last in the chain) to be SHA1.
- for (CFIndex i = 0, size = SecTrustGetCertificateCount(trust()) - 1; i < size; ++i) {
- auto certificate = SecTrustGetCertificateAtIndex(trust(), i);
- if (SecCertificateGetSignatureHashAlgorithm(certificate) == kSecSignatureHashAlgorithmSHA1)
- return true;
- }
-
- return false;
- }
-#endif
-
#if (PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101100) || PLATFORM(IOS)
- if (m_certificateChain) {
- // Allow only the root certificate (the last in the chain) to be SHA1.
- for (CFIndex i = 0, size = CFArrayGetCount(m_certificateChain.get()) - 1; i < size; ++i) {
- auto certificate = (SecCertificateRef)CFArrayGetValueAtIndex(m_certificateChain.get(), i);
- if (SecCertificateGetSignatureHashAlgorithm(certificate) == kSecSignatureHashAlgorithmSHA1)
- return true;
- }
+ if (!m_certificateChain)
return false;
+
+ for (CFIndex i = 0, size = CFArrayGetCount(m_certificateChain.get()) - 1; i < size; ++i) {
+ SecCertificateRef certificate = (SecCertificateRef)CFArrayGetValueAtIndex(m_certificateChain.get(), i);
+ if (SecCertificateGetSignatureHashAlgorithm(certificate) == kSecSignatureHashAlgorithmSHA1)
+ return true;
}
+ return false;
#else
notImplemented();
-#endif
-
return false;
+#endif
}
#ifndef NDEBUG
void CertificateInfo::dump() const
{
-#if HAVE(SEC_TRUST_SERIALIZATION)
- if (m_trust) {
- CFIndex entries = SecTrustGetCertificateCount(trust());
+ unsigned entries = m_certificateChain ? CFArrayGetCount(m_certificateChain.get()) : 0;
- NSLog(@"CertificateInfo SecTrust\n");
- NSLog(@" Entries: %ld\n", entries);
- for (CFIndex i = 0; i < entries; ++i) {
- RetainPtr<CFStringRef> summary = adoptCF(SecCertificateCopySubjectSummary(SecTrustGetCertificateAtIndex(trust(), i)));
- NSLog(@" %@", (NSString *)summary.get());
- }
-
- return;
+ NSLog(@"CertificateInfo\n");
+ NSLog(@" Entries: %d\n", entries);
+ for (unsigned i = 0; i < entries; ++i) {
+ RetainPtr<CFStringRef> summary = adoptCF(SecCertificateCopySubjectSummary((SecCertificateRef)CFArrayGetValueAtIndex(m_certificateChain.get(), i)));
+ NSLog(@" %@", (NSString *)summary.get());
}
-#endif
- if (m_certificateChain) {
- CFIndex entries = CFArrayGetCount(m_certificateChain.get());
-
- NSLog(@"CertificateInfo (Certificate Chain)\n");
- NSLog(@" Entries: %ld\n", entries);
- for (CFIndex i = 0; i < entries; ++i) {
- RetainPtr<CFStringRef> summary = adoptCF(SecCertificateCopySubjectSummary((SecCertificateRef)CFArrayGetValueAtIndex(m_certificateChain.get(), i)));
- NSLog(@" %@", (NSString *)summary.get());
- }
-
- return;
- }
-
- NSLog(@"CertificateInfo (Empty)\n");
}
#endif
Modified: branches/safari-602.1.32-branch/Source/WebKit2/ChangeLog (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/ChangeLog 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/ChangeLog 2016-05-13 06:37:09 UTC (rev 200816)
@@ -1,3 +1,7 @@
+2016-05-12 Babak Shafiei <[email protected]>
+
+ Roll out r200463.
+
2016-05-09 Anders Carlsson <[email protected]>
Add injected bundle SPI for getting favicon and touch icon URLs
Modified: branches/safari-602.1.32-branch/Source/WebKit2/Shared/API/c/mac/WKCertificateInfoMac.h (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/Shared/API/c/mac/WKCertificateInfoMac.h 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/Shared/API/c/mac/WKCertificateInfoMac.h 2016-05-13 06:37:09 UTC (rev 200816)
@@ -27,7 +27,6 @@
#define WKCertificateInfoMac_h
#include <CoreFoundation/CoreFoundation.h>
-#include <Security/SecTrust.h>
#include <WebKit/WKBase.h>
#ifdef __cplusplus
@@ -35,9 +34,6 @@
#endif
WK_EXPORT WKCertificateInfoRef WKCertificateInfoCreateWithCertficateChain(CFArrayRef certificateChain);
-WK_EXPORT SecTrustRef WKCertificateInfoGetServerTrust(WKCertificateInfoRef certificateInfo);
-
-// Deprecated
WK_EXPORT CFArrayRef WKCertificateInfoGetCertificateChain(WKCertificateInfoRef certificateInfo);
#ifdef __cplusplus
Modified: branches/safari-602.1.32-branch/Source/WebKit2/Shared/API/c/mac/WKCertificateInfoMac.mm (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/Shared/API/c/mac/WKCertificateInfoMac.mm 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/Shared/API/c/mac/WKCertificateInfoMac.mm 2016-05-13 06:37:09 UTC (rev 200816)
@@ -42,12 +42,3 @@
{
return toImpl(certificateInfoRef)->certificateInfo().certificateChain();
}
-
-SecTrustRef WKCertificateInfoGetServerTrust(WKCertificateInfoRef certificateInfoRef)
-{
-#if HAVE(SEC_TRUST_SERIALIZATION)
- return toImpl(certificateInfoRef)->certificateInfo().trust();
-#else
- return nullptr;
-#endif
-}
Modified: branches/safari-602.1.32-branch/Source/WebKit2/Shared/Authentication/mac/AuthenticationManager.mac.mm (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/Shared/Authentication/mac/AuthenticationManager.mac.mm 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/Shared/Authentication/mac/AuthenticationManager.mac.mm 2016-05-13 06:37:09 UTC (rev 200816)
@@ -36,44 +36,18 @@
namespace WebKit {
-static SecCertificateRef leafCertificate(const CertificateInfo& certificateInfo)
-{
-#if HAVE(SEC_TRUST_SERIALIZATION)
- return SecTrustGetCertificateAtIndex(certificateInfo.trust(), 0);
-#else
- ASSERT(CFArrayGetCount(certificateInfo.certificateChain()));
- return (SecCertificateRef)CFArrayGetValueAtIndex(certificateInfo.certificateChain(), 0);
-#endif
-}
-
-static NSArray *chain(const CertificateInfo& certificateInfo)
-{
-#if HAVE(SEC_TRUST_SERIALIZATION)
- CFIndex count = SecTrustGetCertificateCount(certificateInfo.trust());
- if (count < 2)
- return nil;
-
- NSMutableArray *array = [NSMutableArray array];
- for (CFIndex i = 1; i < count; ++i)
- [array addObject:(id)SecTrustGetCertificateAtIndex(certificateInfo.trust(), i)];
-
- return array;
-#else
- CFIndex chainCount = CFArrayGetCount(certificateInfo.certificateChain());
- return chainCount > 1 ? [(NSArray *)certificateInfo.certificateChain() subarrayWithRange:NSMakeRange(1, chainCount - 1)] : nil;
-#endif
-}
-
-
// FIXME: This function creates an identity from a certificate, which should not be needed. We should pass an identity over IPC (as we do on iOS).
bool AuthenticationManager::tryUseCertificateInfoForChallenge(const AuthenticationChallenge& challenge, const CertificateInfo& certificateInfo, ChallengeCompletionHandler completionHandler)
{
- if (certificateInfo.isEmpty())
+ CFArrayRef chain = certificateInfo.certificateChain();
+ if (!chain)
return false;
+
+ ASSERT(CFArrayGetCount(chain));
// The passed-in certificate chain includes the identity certificate at index 0, and additional certificates starting at index 1.
SecIdentityRef identity;
- OSStatus result = SecIdentityCreateWithCertificate(NULL, leafCertificate(certificateInfo), &identity);
+ OSStatus result = SecIdentityCreateWithCertificate(NULL, (SecCertificateRef)CFArrayGetValueAtIndex(chain, 0), &identity);
if (result != errSecSuccess) {
LOG_ERROR("Unable to create SecIdentityRef with certificate - %i", result);
if (completionHandler)
@@ -83,7 +57,13 @@
return true;
}
- NSURLCredential *credential = [NSURLCredential credentialWithIdentity:identity certificates:chain(certificateInfo) persistence:NSURLCredentialPersistenceNone];
+ CFIndex chainCount = CFArrayGetCount(chain);
+ NSArray *nsChain = chainCount > 1 ? [(NSArray *)chain subarrayWithRange:NSMakeRange(1, chainCount - 1)] : nil;
+
+ NSURLCredential *credential = [NSURLCredential credentialWithIdentity:identity
+ certificates:nsChain
+ persistence:NSURLCredentialPersistenceNone];
+
if (completionHandler)
completionHandler(AuthenticationChallengeDisposition::UseCredential, Credential(credential));
else
Modified: branches/safari-602.1.32-branch/Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp 2016-05-13 06:37:09 UTC (rev 200816)
@@ -31,7 +31,6 @@
#include "DataReference.h"
#include <WebCore/CFURLExtras.h>
#include <wtf/Vector.h>
-#include <wtf/spi/cocoa/SecuritySPI.h>
#if USE(FOUNDATION)
#import <Foundation/Foundation.h>
@@ -88,9 +87,6 @@
#if HAVE(SEC_ACCESS_CONTROL)
SecAccessControl,
#endif
-#if HAVE(SEC_TRUST_SERIALIZATION)
- SecTrust,
-#endif
Null,
Unknown,
};
@@ -133,10 +129,6 @@
if (typeID == SecAccessControlGetTypeID())
return SecAccessControl;
#endif
-#if HAVE(SEC_TRUST_SERIALIZATION)
- if (typeID == SecTrustGetTypeID())
- return SecTrust;
-#endif
ASSERT_NOT_REACHED();
return Unknown;
@@ -190,11 +182,6 @@
encode(encoder, (SecAccessControlRef)typeRef);
return;
#endif
-#if HAVE(SEC_TRUST_SERIALIZATION)
- case SecTrust:
- encode(encoder, (SecTrustRef)typeRef);
- return;
-#endif
case Null:
return;
case Unknown:
@@ -302,15 +289,6 @@
return true;
}
#endif
-#if HAVE(SEC_TRUST_SERIALIZATION)
- case SecTrust: {
- RetainPtr<SecTrustRef> trust;
- if (!decode(decoder, trust))
- return false;
- result = adoptCF(trust.leakRef());
- return true;
- }
-#endif
case Null:
result = tokenNullTypeRef();
return true;
@@ -763,41 +741,7 @@
return true;
}
-#endif
-#if HAVE(SEC_TRUST_SERIALIZATION)
-void encode(ArgumentEncoder& encoder, SecTrustRef trust)
-{
- auto data = "" nullptr));
- if (!data) {
- encoder << false;
- return;
- }
-
- encoder << true;
- IPC::encode(encoder, data.get());
-}
-
-bool decode(ArgumentDecoder& decoder, RetainPtr<SecTrustRef>& result)
-{
- bool hasTrust;
- if (!decoder.decode(hasTrust))
- return false;
-
- if (!hasTrust)
- return true;
-
- RetainPtr<CFDataRef> trustData;
- if (!IPC::decode(decoder, trustData))
- return false;
-
- auto trust = adoptCF(SecTrustDeserialize(trustData.get(), nullptr));
- if (!trust)
- return false;
-
- result = WTFMove(trust);
- return true;
-}
#endif
} // namespace IPC
Modified: branches/safari-602.1.32-branch/Source/WebKit2/Shared/cf/ArgumentCodersCF.h (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/Shared/cf/ArgumentCodersCF.h 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/Shared/cf/ArgumentCodersCF.h 2016-05-13 06:37:09 UTC (rev 200816)
@@ -27,7 +27,6 @@
#define ArgumentCodersCF_h
#include <Security/SecCertificate.h>
-#include <Security/SecTrust.h>
#include <wtf/RetainPtr.h>
#if HAVE(SEC_KEYCHAIN)
@@ -95,12 +94,6 @@
bool decode(ArgumentDecoder&, RetainPtr<SecAccessControlRef>& result);
#endif
-#if HAVE(SEC_TRUST_SERIALIZATION)
-// SecTrustRef
-void encode(ArgumentEncoder&, SecTrustRef);
-bool decode(ArgumentDecoder&, RetainPtr<SecTrustRef>&);
-#endif
-
#if PLATFORM(IOS)
void setAllowsDecodingSecKeyRef(bool);
#endif
Modified: branches/safari-602.1.32-branch/Source/WebKit2/Shared/mac/WebCoreArgumentCodersMac.mm (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/Shared/mac/WebCoreArgumentCodersMac.mm 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/Shared/mac/WebCoreArgumentCodersMac.mm 2016-05-13 06:37:09 UTC (rev 200816)
@@ -163,53 +163,31 @@
void ArgumentCoder<CertificateInfo>::encode(ArgumentEncoder& encoder, const CertificateInfo& certificateInfo)
{
- encoder.encodeEnum(certificateInfo.type());
-
- switch (certificateInfo.type()) {
-#if HAVE(SEC_TRUST_SERIALIZATION)
- case CertificateInfo::Type::Trust:
- IPC::encode(encoder, certificateInfo.trust());
- break;
-#endif
- case CertificateInfo::Type::CertificateChain:
- IPC::encode(encoder, certificateInfo.certificateChain());
- break;
- case CertificateInfo::Type::None:
- // Do nothing.
- break;
+ CFArrayRef certificateChain = certificateInfo.certificateChain();
+ if (!certificateChain) {
+ encoder << false;
+ return;
}
+
+ encoder << true;
+ IPC::encode(encoder, certificateChain);
}
bool ArgumentCoder<CertificateInfo>::decode(ArgumentDecoder& decoder, CertificateInfo& certificateInfo)
{
- CertificateInfo::Type certificateInfoType;
- if (!decoder.decodeEnum(certificateInfoType))
+ bool hasCertificateChain;
+ if (!decoder.decode(hasCertificateChain))
return false;
- switch (certificateInfoType) {
-#if HAVE(SEC_TRUST_SERIALIZATION)
- case CertificateInfo::Type::Trust: {
- RetainPtr<SecTrustRef> trust;
- if (!IPC::decode(decoder, trust))
- return false;
-
- certificateInfo = CertificateInfo(WTFMove(trust));
+ if (!hasCertificateChain)
return true;
- }
-#endif
- case CertificateInfo::Type::CertificateChain: {
- RetainPtr<CFArrayRef> certificateChain;
- if (!IPC::decode(decoder, certificateChain))
- return false;
- certificateInfo = CertificateInfo(WTFMove(certificateChain));
- return true;
- }
- case CertificateInfo::Type::None:
- // Do nothing.
- break;
- }
+ RetainPtr<CFArrayRef> certificateChain;
+ if (!IPC::decode(decoder, certificateChain))
+ return false;
+ certificateInfo.setCertificateChain(certificateChain.get());
+
return true;
}
@@ -241,8 +219,10 @@
}());
CFDictionarySetValue(filteredUserInfo.get(), @"NSErrorClientCertificateChainKey", clientIdentityAndCertificates);
- }
+ };
+ IPC::encode(encoder, filteredUserInfo.get());
+
id peerCertificateChain = [userInfo objectForKey:@"NSErrorPeerCertificateChainKey"];
if (!peerCertificateChain) {
if (SecTrustRef peerTrust = (SecTrustRef)[userInfo objectForKey:NSURLErrorFailingURLPeerTrustErrorKey]) {
@@ -253,16 +233,8 @@
}
}
ASSERT(!peerCertificateChain || [peerCertificateChain isKindOfClass:[NSArray class]]);
- if (peerCertificateChain)
- CFDictionarySetValue(filteredUserInfo.get(), @"NSErrorPeerCertificateChainKey", peerCertificateChain);
+ encoder << CertificateInfo((CFArrayRef)peerCertificateChain);
-#if HAVE(SEC_TRUST_SERIALIZATION)
- if (SecTrustRef peerTrust = (SecTrustRef)[userInfo objectForKey:NSURLErrorFailingURLPeerTrustErrorKey])
- CFDictionarySetValue(filteredUserInfo.get(), NSURLErrorFailingURLPeerTrustErrorKey, peerTrust);
-#endif
-
- IPC::encode(encoder, filteredUserInfo.get());
-
if (id underlyingError = [userInfo objectForKey:NSUnderlyingErrorKey]) {
ASSERT([underlyingError isKindOfClass:[NSError class]]);
encoder << true;
@@ -297,6 +269,15 @@
if (!IPC::decode(decoder, userInfo))
return false;
+ CertificateInfo certificate;
+ if (!decoder.decode(certificate))
+ return false;
+
+ if (certificate.certificateChain()) {
+ userInfo = adoptCF(CFDictionaryCreateMutableCopy(kCFAllocatorDefault, CFDictionaryGetCount(userInfo.get()) + 1, userInfo.get()));
+ CFDictionarySetValue((CFMutableDictionaryRef)userInfo.get(), CFSTR("NSErrorPeerCertificateChainKey"), (CFArrayRef)certificate.certificateChain());
+ }
+
bool hasUnderlyingError = false;
if (!decoder.decode(hasUnderlyingError))
return false;
Modified: branches/safari-602.1.32-branch/Source/WebKit2/UIProcess/API/Cocoa/WKWebView.h (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/UIProcess/API/Cocoa/WKWebView.h 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/UIProcess/API/Cocoa/WKWebView.h 2016-05-13 06:37:09 UTC (rev 200816)
@@ -164,11 +164,12 @@
*/
@property (nonatomic, readonly) BOOL hasOnlySecureContent;
-/*! @abstract A SecTrustRef for the currently committed navigation.
- @discussion @link WKWebView @/link is key-value observing (KVO) compliant
- for this property.
+/*! @abstract An array of SecCertificateRef objects forming the certificate
+ chain for the currently committed navigation.
+ @discussion The certificates are ordered from leaf (at index 0) to anchor.
+ @link WKWebView @/link is key-value observing (KVO) compliant for this property.
*/
-@property (nonatomic, readonly, nullable) SecTrustRef serverTrust WK_AVAILABLE(WK_MAC_TBA, WK_IOS_TBA);
+@property (nonatomic, readonly, copy) NSArray *certificateChain WK_AVAILABLE(10_11, 9_0);
/*! @abstract A Boolean value indicating whether there is a back item in
the back-forward list that can be navigated to.
@@ -304,12 +305,6 @@
#endif
-@interface WKWebView (WKDeprecated)
-
-@property (nonatomic, readonly, copy) NSArray *certificateChain WK_DEPRECATED(10_11, WK_MAC_TBA, 9_0, WK_IOS_TBA, "Please use serverTrust");
-
-@end
-
NS_ASSUME_NONNULL_END
#endif
Modified: branches/safari-602.1.32-branch/Source/WebKit2/UIProcess/API/Cocoa/WKWebView.mm (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/UIProcess/API/Cocoa/WKWebView.mm 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/UIProcess/API/Cocoa/WKWebView.mm 2016-05-13 06:37:09 UTC (rev 200816)
@@ -724,17 +724,13 @@
return _page->pageLoadState().hasOnlySecureContent();
}
-- (SecTrustRef)serverTrust
+- (NSArray *)certificateChain
{
-#if HAVE(SEC_TRUST_SERIALIZATION)
auto certificateInfo = _page->pageLoadState().certificateInfo();
if (!certificateInfo)
- return nil;
+ return @[ ];
- return certificateInfo->certificateInfo().trust();
-#else
- return nil;
-#endif
+ return (NSArray *)certificateInfo->certificateInfo().certificateChain() ?: @[ ];
}
- (BOOL)canGoBack
@@ -4576,19 +4572,6 @@
@end
#endif
-@implementation WKWebView (WKDeprecated)
-
-- (NSArray *)certificateChain
-{
- auto certificateInfo = _page->pageLoadState().certificateInfo();
- if (!certificateInfo)
- return @[ ];
-
- return (NSArray *)certificateInfo->certificateInfo().certificateChain() ?: @[ ];
-}
-
-@end
-
#if PLATFORM(IOS) && USE(APPLE_INTERNAL_SDK)
#import <WebKitAdditions/WKWebViewAdditions.mm>
#endif
Modified: branches/safari-602.1.32-branch/Source/WebKit2/UIProcess/Cocoa/NavigationState.mm (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/UIProcess/Cocoa/NavigationState.mm 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/UIProcess/Cocoa/NavigationState.mm 2016-05-13 06:37:09 UTC (rev 200816)
@@ -902,14 +902,12 @@
void NavigationState::willChangeCertificateInfo()
{
- [m_webView willChangeValueForKey:@"serverTrust"];
[m_webView willChangeValueForKey:@"certificateChain"];
}
void NavigationState::didChangeCertificateInfo()
{
[m_webView didChangeValueForKey:@"certificateChain"];
- [m_webView didChangeValueForKey:@"serverTrust"];
}
void NavigationState::willChangeWebProcessIsResponsive()
Modified: branches/safari-602.1.32-branch/Source/WebKit2/WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInFrame.mm (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInFrame.mm 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInFrame.mm 2016-05-13 06:37:09 UTC (rev 200816)
@@ -149,15 +149,6 @@
return (NSArray *)_frame->certificateInfo().certificateChain();
}
-- (SecTrustRef)_serverTrust
-{
-#if HAVE(SEC_TRUST_SERIALIZATION)
- return _frame->certificateInfo().trust();
-#else
- return nil;
-#endif
-}
-
- (NSURL *)_provisionalURL
{
return [NSURL _web_URLWithWTFString:_frame->provisionalURL()];
Modified: branches/safari-602.1.32-branch/Source/WebKit2/WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInFramePrivate.h (200815 => 200816)
--- branches/safari-602.1.32-branch/Source/WebKit2/WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInFramePrivate.h 2016-05-13 06:34:27 UTC (rev 200815)
+++ branches/safari-602.1.32-branch/Source/WebKit2/WebProcess/InjectedBundle/API/Cocoa/WKWebProcessPlugInFramePrivate.h 2016-05-13 06:37:09 UTC (rev 200816)
@@ -37,7 +37,6 @@
@property (nonatomic, readonly) BOOL _hasCustomContentProvider;
@property (nonatomic, readonly) NSArray *_certificateChain;
-@property (nonatomic, readonly) SecTrustRef _serverTrust;
@property (nonatomic, readonly) NSURL *_provisionalURL;
@property (nonatomic, readonly) WKWebProcessPlugInFrame *_parentFrame;
