[webkit-changes] [214573] branches/safari-604.1.14-branch/Source/WebKit2

Wed, 29 Mar 2017 16:42:06 -0700

Title: [214573] branches/safari-604.1.14-branch/Source/WebKit2
Revision
214573
Author
jmarc...@apple.com
Date
2017-03-29 16:41:41 -0700 (Wed, 29 Mar 2017)

Log Message

Cherry-pick r214389. rdar://problem/31095987


Modified Paths

Diff

Modified: branches/safari-604.1.14-branch/Source/WebKit2/ChangeLog (214572 => 214573)


--- branches/safari-604.1.14-branch/Source/WebKit2/ChangeLog	2017-03-29 23:12:08 UTC (rev 214572)
+++ branches/safari-604.1.14-branch/Source/WebKit2/ChangeLog	2017-03-29 23:41:41 UTC (rev 214573)
@@ -1,3 +1,16 @@
+2017-03-24  John Wilander  <wilan...@apple.com>
+
+        Re-enable the network process' keychain access to fix client certificate authentication
+        https://bugs.webkit.org/show_bug.cgi?id=170074
+        <rdar://problem/31095987>
+
+        Reviewed by Brent Fulgham.
+
+        * NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in:
+            Reverted remaining change from
+            https://trac.webkit.org/changeset/208702/webkit and
+            https://trac.webkit.org/changeset/208707/webkit.
+
 2017-03-22  Wenson Hsieh  <wenson_hs...@apple.com>
 
         WKScrollView should not require data interaction gestures to fail before panning

Modified: branches/safari-604.1.14-branch/Source/WebKit2/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in (214572 => 214573)


--- branches/safari-604.1.14-branch/Source/WebKit2/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in	2017-03-29 23:12:08 UTC (rev 214572)
+++ branches/safari-604.1.14-branch/Source/WebKit2/NetworkProcess/mac/com.apple.WebKit.NetworkProcess.sb.in	2017-03-29 23:41:41 UTC (rev 214573)
@@ -152,7 +152,6 @@
        (global-name "com.apple.CoreAuthentication.agent.libxpc")
        (global-name "com.apple.SecurityServer"))
 
-#if __MAC_OS_X_VERSION_MIN_REQUIRED < 101240
 ;; FIXME: This should be removed when <rdar://problem/10479685> is fixed.
 ;; Restrict AppSandboxed processes from creating /Library/Keychains, but allow access to the contents of /Library/Keychains:
 (allow file-read-data file-read-metadata file-write-data
@@ -163,7 +162,6 @@
 (deny file-read* file-write*
     (regex (string-append "/Library/Keychains/" (uuid-regex-string) "(/|$)"))
     (home-regex (string-append "/Library/Keychains/" (uuid-regex-string) "(/|$)")))
-#endif
 
 (allow file-read* file-write* (subpath "/private/var/db/mds/system")) ;; FIXME: This should be removed when <rdar://problem/9538414> is fixed.
 

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to