- Revision
- 171066
- Author
- [email protected]
- Date
- 2014-07-14 09:17:26 -0700 (Mon, 14 Jul 2014)
Log Message
<rdar://problem/17657391> [iOS] Networking process writes persistent credentials to the keychain
https://bugs.webkit.org/show_bug.cgi?id=134878
Reviewed by Sam Weinig.
Route CFNetwork’s calls to Security API through to the UI process.
* NetworkProcess/ios/NetworkProcessIOS.mm:
(WebKit::NetworkProcess::platformInitializeNetworkProcess): Initialize SecItemShim.
* Shared/mac/SecItemShim.cpp:
(WebKit::SecItemShim::initialize): On iOS, rather than using a shim library, supply
CFNetwork with alternate functions to call.
* Shared/mac/SecItemShim.messages.in: Removed #if !PLATFORM(IOS).
* UIProcess/mac/SecItemShimProxy.messages.in: Ditto.
* config.h: Define ENABLE_SEC_ITEM_SHIM to 1 on iOS as well.
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (171065 => 171066)
--- trunk/Source/WebKit2/ChangeLog 2014-07-14 16:16:56 UTC (rev 171065)
+++ trunk/Source/WebKit2/ChangeLog 2014-07-14 16:17:26 UTC (rev 171066)
@@ -1,5 +1,26 @@
2014-07-14 Dan Bernstein <[email protected]>
+ <rdar://problem/17657391> [iOS] Networking process writes persistent credentials to the keychain
+ https://bugs.webkit.org/show_bug.cgi?id=134878
+
+ Reviewed by Sam Weinig.
+
+ Route CFNetwork’s calls to Security API through to the UI process.
+
+ * NetworkProcess/ios/NetworkProcessIOS.mm:
+ (WebKit::NetworkProcess::platformInitializeNetworkProcess): Initialize SecItemShim.
+
+ * Shared/mac/SecItemShim.cpp:
+ (WebKit::SecItemShim::initialize): On iOS, rather than using a shim library, supply
+ CFNetwork with alternate functions to call.
+
+ * Shared/mac/SecItemShim.messages.in: Removed #if !PLATFORM(IOS).
+ * UIProcess/mac/SecItemShimProxy.messages.in: Ditto.
+
+ * config.h: Define ENABLE_SEC_ITEM_SHIM to 1 on iOS as well.
+
+2014-07-14 Dan Bernstein <[email protected]>
+
<rdar://problem/17398060> NetworkProcess sometimes hangs under copyDefaultCredentialForProtectionSpace
https://bugs.webkit.org/show_bug.cgi?id=134666
Modified: trunk/Source/WebKit2/NetworkProcess/ios/NetworkProcessIOS.mm (171065 => 171066)
--- trunk/Source/WebKit2/NetworkProcess/ios/NetworkProcessIOS.mm 2014-07-14 16:16:56 UTC (rev 171065)
+++ trunk/Source/WebKit2/NetworkProcess/ios/NetworkProcessIOS.mm 2014-07-14 16:17:26 UTC (rev 171066)
@@ -30,6 +30,7 @@
#import "NetworkProcessCreationParameters.h"
#import "SandboxInitializationParameters.h"
+#import "SecItemShim.h"
#import <WebCore/CertificateInfo.h>
#import <WebCore/NotImplemented.h>
#import <WebCore/WebCoreThreadSystemInterface.h>
@@ -79,6 +80,9 @@
void NetworkProcess::platformInitializeNetworkProcess(const NetworkProcessCreationParameters& parameters)
{
+#if ENABLE(SEC_ITEM_SHIM)
+ SecItemShim::shared().initialize(this);
+#endif
platformInitializeNetworkProcessCocoa(parameters);
}
Modified: trunk/Source/WebKit2/Shared/mac/SecItemShim.cpp (171065 => 171066)
--- trunk/Source/WebKit2/Shared/mac/SecItemShim.cpp 2014-07-14 16:16:56 UTC (rev 171065)
+++ trunk/Source/WebKit2/Shared/mac/SecItemShim.cpp 2014-07-14 16:17:26 UTC (rev 171066)
@@ -41,6 +41,21 @@
#include <mutex>
#include <wtf/NeverDestroyed.h>
+#if __has_include(<CFNetwork/CFURLConnectionPriv.h>)
+#include <CFNetwork/CFURLConnectionPriv.h>
+#else
+struct _CFNFrameworksStubs {
+ CFIndex version;
+
+ OSStatus (*SecItem_stub_CopyMatching)(CFDictionaryRef query, CFTypeRef *result);
+ OSStatus (*SecItem_stub_Add)(CFDictionaryRef attributes, CFTypeRef *result);
+ OSStatus (*SecItem_stub_Update)(CFDictionaryRef query, CFDictionaryRef attributesToUpdate);
+ OSStatus (*SecItem_stub_Delete)(CFDictionaryRef query);
+};
+#endif
+
+extern "C" void _CFURLConnectionSetFrameworkStubs(const struct _CFNFrameworksStubs* stubs);
+
namespace WebKit {
static BlockingResponseMap<SecItemResponseData>& responseMap()
@@ -136,6 +151,19 @@
{
sharedProcess = process;
+#if PLATFORM(IOS)
+ struct _CFNFrameworksStubs stubs = {
+ .version = 0,
+ .SecItem_stub_CopyMatching = webSecItemCopyMatching,
+ .SecItem_stub_Add = webSecItemAdd,
+ .SecItem_stub_Update = webSecItemUpdate,
+ .SecItem_stub_Delete = webSecItemDelete,
+ };
+
+ _CFURLConnectionSetFrameworkStubs(&stubs);
+#endif
+
+#if PLATFORM(MAC)
const SecItemShimCallbacks callbacks = {
webSecItemCopyMatching,
webSecItemAdd,
@@ -145,6 +173,7 @@
SecItemShimInitializeFunc func = reinterpret_cast<SecItemShimInitializeFunc>(dlsym(RTLD_DEFAULT, "WebKitSecItemShimInitialize"));
func(callbacks);
+#endif
}
void SecItemShim::initializeConnection(IPC::Connection* connection)
Modified: trunk/Source/WebKit2/Shared/mac/SecItemShim.messages.in (171065 => 171066)
--- trunk/Source/WebKit2/Shared/mac/SecItemShim.messages.in 2014-07-14 16:16:56 UTC (rev 171065)
+++ trunk/Source/WebKit2/Shared/mac/SecItemShim.messages.in 2014-07-14 16:17:26 UTC (rev 171066)
@@ -20,7 +20,6 @@
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#if !PLATFORM(IOS)
messages -> SecItemShim {
#if ENABLE(SEC_ITEM_SHIM)
@@ -28,4 +27,3 @@
#endif
}
-#endif
Modified: trunk/Source/WebKit2/UIProcess/mac/SecItemShimProxy.messages.in (171065 => 171066)
--- trunk/Source/WebKit2/UIProcess/mac/SecItemShimProxy.messages.in 2014-07-14 16:16:56 UTC (rev 171065)
+++ trunk/Source/WebKit2/UIProcess/mac/SecItemShimProxy.messages.in 2014-07-14 16:17:26 UTC (rev 171066)
@@ -20,7 +20,6 @@
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#if !PLATFORM(IOS)
messages -> SecItemShimProxy {
#if ENABLE(SEC_ITEM_SHIM)
@@ -28,4 +27,3 @@
#endif
}
-#endif
Modified: trunk/Source/WebKit2/config.h (171065 => 171066)
--- trunk/Source/WebKit2/config.h 2014-07-14 16:16:56 UTC (rev 171065)
+++ trunk/Source/WebKit2/config.h 2014-07-14 16:17:26 UTC (rev 171066)
@@ -75,7 +75,7 @@
#endif
#ifndef ENABLE_SEC_ITEM_SHIM
-#if PLATFORM(MAC)
+#if PLATFORM(MAC) || PLATFORM(IOS)
#define ENABLE_SEC_ITEM_SHIM 1
#endif
#endif
