Attachment 340447 Details for Bug 185662 – Patch

[patch] Patch

bug-185662-20180515165201.patch (text/plain), 31.56 KB, created by Jiewen Tan on 2018-05-15 16:52:02 PDT

(hide)

Description:

Filename:

MIME Type:

Creator: Jiewen Tan

Created: 2018-05-15 16:52:02 PDT

Size: 31.56 KB

patch

obsolete

>Subversion Revision: 231661
>diff --git a/Source/WTF/ChangeLog b/Source/WTF/ChangeLog
>index 571658db3822b8b099d20b4c98e4ca34a8aba4b7..1b1790e816ba10bc7df8c92125626121b34d3434 100644
>--- a/Source/WTF/ChangeLog
>+++ b/Source/WTF/ChangeLog
>@@ -1,3 +1,15 @@
>+2018-05-15  Jiewen Tan  <jiewen_tan@apple.com>
>+
>+        Convert CertificateInfo into Credential in UI Process instead of Networking Process
>+        https://bugs.webkit.org/show_bug.cgi?id=185662
>+        <rdar://problem/40275561>
>+
>+        Reviewed by NOBODY (OOPS!).
>+
>+        Remove marco HAVE_SEC_IDENTITY since it is no longer useful.
>+
>+        * wtf/Platform.h:
>+
> 2018-05-10  Tim Horton  <timothy_horton@apple.com>
> 
>         Fix the build after r231393
>diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog
>index 73ea77bcf106b446328624db550349b2aceafc04..78c76ddac93101293dd615e86d0c3ec446846f77 100644
>--- a/Source/WebKit/ChangeLog
>+++ b/Source/WebKit/ChangeLog
>@@ -1,3 +1,41 @@
>+2018-05-15  Jiewen Tan  <jiewen_tan@apple.com>
>+
>+        Convert CertificateInfo into Credential in UI Process instead of Networking Process
>+        https://bugs.webkit.org/show_bug.cgi?id=185662
>+        <rdar://problem/40275561>
>+
>+        Reviewed by NOBODY (OOPS!).
>+
>+        Right now we convert CertificateInfo into Credential in the very last stage of client certificate authentication process
>+        when it reaches Networking Process. This patch moves that conversion earlier in UI Process such that we don't have to
>+        pass both Credential and CertificateInfo to Networking Process.
>+
>+        CertificateInfo is only used in macOS for C API specifically. WK2 includes macOS/iOS relies on NSURLCredential/WebCore::Credential
>+        solely. WK2 has already exercised the ability of using WebCore::Credential to do client certficate authentication. This patch therefore
>+        takes advantage of that. It converts CertficateInfo objects into Credential objects right after WebCredential is initialized, and then merge
>+        any code paths that utilizes CertficateInfo into ones that uses WebCore::Credenital.
>+
>+        Covered by existing tests.
>+
>+        * Shared/Authentication/AuthenticationManager.cpp:
>+        (WebKit::AuthenticationManager::useCredentialForChallenge):
>+        (WebKit::AuthenticationManager::useCredentialForSingleChallenge):
>+        (WebKit::AuthenticationManager::tryUseCertificateInfoForChallenge): Deleted.
>+        * Shared/Authentication/AuthenticationManager.h:
>+        * Shared/Authentication/AuthenticationManager.messages.in:
>+        * UIProcess/Authentication/AuthenticationChallengeProxy.cpp:
>+        (WebKit::AuthenticationChallengeProxy::useCredential):
>+        * UIProcess/Authentication/WebCredential.cpp:
>+        (WebKit::WebCredential::WebCredential):
>+        (WebKit::WebCredential::certificateInfo): Deleted.
>+        * UIProcess/Authentication/WebCredential.h:
>+        (WebKit::WebCredential::create):
>+        * UIProcess/Authentication/mac/WebCredentialMac.mm: Renamed from Source/WebKit/Shared/Authentication/mac/AuthenticationManager.mac.mm.
>+        (WebKit::leafCertificate):
>+        (WebKit::chain):
>+        (WebKit::WebCredential::WebCredential):
>+        * WebKit.xcodeproj/project.pbxproj:
>+
> 2018-05-10  Chris Dumez  <cdumez@apple.com>
> 
>         'Cross-Origin-Options header implementation follow-up
>diff --git a/Source/WTF/wtf/Platform.h b/Source/WTF/wtf/Platform.h
>index 1f0ed538cd0b5ada4252b65d3e01ad59cc751ae3..56f415fa631ca2e90f54251125704cdcf2ad79b0 100644
>--- a/Source/WTF/wtf/Platform.h
>+++ b/Source/WTF/wtf/Platform.h
>@@ -572,7 +572,6 @@
> 
> #define USE_APPKIT 1
> #define HAVE_RUNLOOP_TIMER 1
>-#define HAVE_SEC_IDENTITY 1
> #define HAVE_SEC_KEYCHAIN 1
> 
> #if CPU(X86_64)
>diff --git a/Source/WebKit/Shared/Authentication/AuthenticationManager.cpp b/Source/WebKit/Shared/Authentication/AuthenticationManager.cpp
>index 3c4cc5ed0f142467aabc3024196980b13a859977..b2881b29e52bceaca21089313e0ea44b7de7871d 100644
>--- a/Source/WebKit/Shared/Authentication/AuthenticationManager.cpp
>+++ b/Source/WebKit/Shared/Authentication/AuthenticationManager.cpp
>@@ -135,31 +135,20 @@ void AuthenticationManager::didReceiveAuthenticationChallenge(IPC::MessageSender
>     download.send(Messages::DownloadProxy::DidReceiveAuthenticationChallenge(authenticationChallenge, challengeID));
> }
> 
>-// Currently, only Mac knows how to respond to authentication challenges with certificate info.
>-#if !HAVE(SEC_IDENTITY)
>-bool AuthenticationManager::tryUseCertificateInfoForChallenge(const WebCore::AuthenticationChallenge&, const CertificateInfo&, ChallengeCompletionHandler&)
>-{
>-    return false;
>-}
>-#endif
>-
>-void AuthenticationManager::useCredentialForChallenge(uint64_t challengeID, const Credential& credential, const CertificateInfo& certificateInfo)
>+void AuthenticationManager::useCredentialForChallenge(uint64_t challengeID, const Credential& credential)
> {
>     ASSERT(RunLoop::isMain());
> 
>     for (auto& coalescedChallengeID : coalesceChallengesMatching(challengeID))
>-        useCredentialForSingleChallenge(coalescedChallengeID, credential, certificateInfo);
>+        useCredentialForSingleChallenge(coalescedChallengeID, credential);
> }
> 
>-void AuthenticationManager::useCredentialForSingleChallenge(uint64_t challengeID, const Credential& credential, const CertificateInfo& certificateInfo)
>+void AuthenticationManager::useCredentialForSingleChallenge(uint64_t challengeID, const Credential& credential)
> {
>     auto challenge = m_challenges.take(challengeID);
>     ASSERT(!challenge.challenge.isNull());
> 
>     auto completionHandler = WTFMove(challenge.completionHandler);
>-    
>-    if (tryUseCertificateInfoForChallenge(challenge.challenge, certificateInfo, completionHandler))
>-        return;
> 
>     if (completionHandler)
>         completionHandler(AuthenticationChallengeDisposition::UseCredential, credential);
>diff --git a/Source/WebKit/Shared/Authentication/AuthenticationManager.h b/Source/WebKit/Shared/Authentication/AuthenticationManager.h
>index 6c30c04fdd0ad39917a065c4056426369fe0f877..2c669bafe19168373b95c26bf76b1ab47ab7d8a2 100644
>--- a/Source/WebKit/Shared/Authentication/AuthenticationManager.h
>+++ b/Source/WebKit/Shared/Authentication/AuthenticationManager.h
>@@ -40,7 +40,6 @@ class MessageSender;
> 
> namespace WebCore {
> class AuthenticationChallenge;
>-class CertificateInfo;
> class Credential;
> }
> 
>@@ -72,7 +71,7 @@ public:
>     void continueCanAuthenticateAgainstProtectionSpace(DownloadID, bool canAuthenticate);
> #endif
> 
>-    void useCredentialForChallenge(uint64_t challengeID, const WebCore::Credential&, const WebCore::CertificateInfo&);
>+    void useCredentialForChallenge(uint64_t challengeID, const WebCore::Credential&);
>     void continueWithoutCredentialForChallenge(uint64_t challengeID);
>     void cancelChallenge(uint64_t challengeID);
>     void performDefaultHandling(uint64_t challengeID);
>@@ -96,12 +95,10 @@ private:
>     // IPC::MessageReceiver
>     void didReceiveMessage(IPC::Connection&, IPC::Decoder&) override;
> 
>-    bool tryUseCertificateInfoForChallenge(const WebCore::AuthenticationChallenge&, const WebCore::CertificateInfo&, ChallengeCompletionHandler&);
>-
>     uint64_t addChallengeToChallengeMap(Challenge&&);
>     bool shouldCoalesceChallenge(uint64_t pageID, uint64_t challengeID, const WebCore::AuthenticationChallenge&) const;
> 
>-    void useCredentialForSingleChallenge(uint64_t challengeID, const WebCore::Credential&, const WebCore::CertificateInfo&);
>+    void useCredentialForSingleChallenge(uint64_t challengeID, const WebCore::Credential&);
>     void continueWithoutCredentialForSingleChallenge(uint64_t challengeID);
>     void cancelSingleChallenge(uint64_t challengeID);
>     void performDefaultHandlingForSingleChallenge(uint64_t challengeID);
>diff --git a/Source/WebKit/Shared/Authentication/AuthenticationManager.messages.in b/Source/WebKit/Shared/Authentication/AuthenticationManager.messages.in
>index da79cecf5e31c2c744adc368e16075774511181b..a7f45ec5fdd6e9a3c8318e343e7cc20efe3a392a 100644
>--- a/Source/WebKit/Shared/Authentication/AuthenticationManager.messages.in
>+++ b/Source/WebKit/Shared/Authentication/AuthenticationManager.messages.in
>@@ -21,7 +21,7 @@
> # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
> 
> messages -> AuthenticationManager {
>-    void UseCredentialForChallenge(uint64_t challengeID, WebCore::Credential credential, WebCore::CertificateInfo certificate);
>+    void UseCredentialForChallenge(uint64_t challengeID, WebCore::Credential credential);
>     void ContinueWithoutCredentialForChallenge(uint64_t challengeID);
>     void CancelChallenge(uint64_t challengeID);
>     void PerformDefaultHandling(uint64_t challengeID);
>diff --git a/Source/WebKit/Shared/Authentication/mac/AuthenticationManager.mac.mm b/Source/WebKit/Shared/Authentication/mac/AuthenticationManager.mac.mm
>deleted file mode 100644
>index 377a7f80c4e2efa55d89926ef8d086cc3b638cc9..0000000000000000000000000000000000000000
>--- a/Source/WebKit/Shared/Authentication/mac/AuthenticationManager.mac.mm
>+++ /dev/null
>@@ -1,102 +0,0 @@
>-/*
>- * Copyright (C) 2011 Apple Inc. All rights reserved.
>- *
>- * Redistribution and use in source and binary forms, with or without
>- * modification, are permitted provided that the following conditions
>- * are met:
>- * 1. Redistributions of source code must retain the above copyright
>- *    notice, this list of conditions and the following disclaimer.
>- * 2. Redistributions in binary form must reproduce the above copyright
>- *    notice, this list of conditions and the following disclaimer in the
>- *    documentation and/or other materials provided with the distribution.
>- *
>- * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
>- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
>- * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
>- * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
>- * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
>- * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
>- * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
>- * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
>- * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
>- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
>- * THE POSSIBILITY OF SUCH DAMAGE.
>- */
>-
>-#include "config.h"
>-#include "AuthenticationManager.h"
>-
>-#if HAVE(SEC_IDENTITY)
>-
>-#include <Security/SecIdentity.h>
>-#include <WebCore/AuthenticationChallenge.h>
>-#include <WebCore/CertificateInfo.h>
>-#include <WebCore/NotImplemented.h>
>-#include <wtf/cf/TypeCastsCF.h>
>-
>-WTF_DECLARE_CF_TYPE_TRAIT(SecCertificate);
>-
>-using namespace WebCore;
>-
>-namespace WebKit {
>-
>-static SecCertificateRef leafCertificate(const CertificateInfo& certificateInfo)
>-{
>-#if HAVE(SEC_TRUST_SERIALIZATION)
>-    if (certificateInfo.type() == CertificateInfo::Type::Trust)
>-        return SecTrustGetCertificateAtIndex(certificateInfo.trust(), 0);
>-#endif
>-    ASSERT(certificateInfo.type() == CertificateInfo::Type::CertificateChain);
>-    ASSERT(CFArrayGetCount(certificateInfo.certificateChain()));
>-    return checked_cf_cast<SecCertificateRef>(CFArrayGetValueAtIndex(certificateInfo.certificateChain(), 0));
>-}
>-
>-static NSArray *chain(const CertificateInfo& certificateInfo)
>-{
>-#if HAVE(SEC_TRUST_SERIALIZATION)
>-    if (certificateInfo.type() == CertificateInfo::Type::Trust) {
>-        CFIndex count = SecTrustGetCertificateCount(certificateInfo.trust());
>-        if (count < 2)
>-            return nil;
>-
>-        NSMutableArray *array = [NSMutableArray array];
>-        for (CFIndex i = 1; i < count; ++i)
>-            [array addObject:(id)SecTrustGetCertificateAtIndex(certificateInfo.trust(), i)];
>-            
>-        return array;
>-    }
>-#endif
>-    ASSERT(certificateInfo.type() == CertificateInfo::Type::CertificateChain);
>-    CFIndex chainCount = CFArrayGetCount(certificateInfo.certificateChain());
>-    return chainCount > 1 ? [(NSArray *)certificateInfo.certificateChain() subarrayWithRange:NSMakeRange(1, chainCount - 1)] : nil;
>-}
>-
>-// FIXME: This function creates an identity from a certificate, which should not be needed. We should pass an identity over IPC (as we do on iOS).
>-bool AuthenticationManager::tryUseCertificateInfoForChallenge(const AuthenticationChallenge& challenge, const CertificateInfo& certificateInfo, ChallengeCompletionHandler& completionHandler)
>-{
>-    if (certificateInfo.isEmpty())
>-        return false;
>-
>-    // The passed-in certificate chain includes the identity certificate at index 0, and additional certificates starting at index 1.
>-    SecIdentityRef identity;
>-    OSStatus result = SecIdentityCreateWithCertificate(NULL, leafCertificate(certificateInfo), &identity);
>-    if (result != errSecSuccess) {
>-        LOG_ERROR("Unable to create SecIdentityRef with certificate - %i", result);
>-        if (completionHandler)
>-            completionHandler(AuthenticationChallengeDisposition::Cancel, { });
>-        else
>-            [challenge.sender() cancelAuthenticationChallenge:challenge.nsURLAuthenticationChallenge()];
>-        return true;
>-    }
>-
>-    NSURLCredential *credential = [NSURLCredential credentialWithIdentity:identity certificates:chain(certificateInfo) persistence:NSURLCredentialPersistenceNone];
>-    if (completionHandler)
>-        completionHandler(AuthenticationChallengeDisposition::UseCredential, Credential(credential));
>-    else
>-        [challenge.sender() useCredential:credential forAuthenticationChallenge:challenge.nsURLAuthenticationChallenge()];
>-    return true;
>-}
>-
>-} // namespace WebKit
>-
>-#endif // HAVE(SEC_IDENTITY)
>diff --git a/Source/WebKit/UIProcess/Authentication/AuthenticationChallengeProxy.cpp b/Source/WebKit/UIProcess/Authentication/AuthenticationChallengeProxy.cpp
>index 2b75a0ba036f04f0a7a9f31fab0bff01ac3ac51d..b9a137594e319d628ec95664edb6d4fdb217932c 100644
>--- a/Source/WebKit/UIProcess/Authentication/AuthenticationChallengeProxy.cpp
>+++ b/Source/WebKit/UIProcess/Authentication/AuthenticationChallengeProxy.cpp
>@@ -70,11 +70,7 @@ void AuthenticationChallengeProxy::useCredential(WebCredential* credential)
>         return;
>     }
> 
>-    WebCore::CertificateInfo certificateInfo;
>-    if (credential->certificateInfo())
>-        certificateInfo = credential->certificateInfo()->certificateInfo();
>-
>-    m_connection->send(Messages::AuthenticationManager::UseCredentialForChallenge(challengeID, credential->credential(), certificateInfo), 0);
>+    m_connection->send(Messages::AuthenticationManager::UseCredentialForChallenge(challengeID, credential->credential()), 0);
> }
> 
> void AuthenticationChallengeProxy::cancel()
>diff --git a/Source/WebKit/UIProcess/Authentication/WebCredential.cpp b/Source/WebKit/UIProcess/Authentication/WebCredential.cpp
>index a2d1d17cd1e78ee90eeb9b01b7e866cc132f2082..aabf724ef457b6d5c43fa7b1389fdcc4c844db21 100644
>--- a/Source/WebKit/UIProcess/Authentication/WebCredential.cpp
>+++ b/Source/WebKit/UIProcess/Authentication/WebCredential.cpp
>@@ -26,8 +26,6 @@
> #include "config.h"
> #include "WebCredential.h"
> 
>-#include "WebCertificateInfo.h"
>-
> namespace WebKit {
> 
> WebCredential::WebCredential(const WebCore::Credential& credential)
>@@ -35,20 +33,16 @@ WebCredential::WebCredential(const WebCore::Credential& credential)
> {
> }
> 
>+#if !PLATFORM(MAC)
> WebCredential::WebCredential(WebCertificateInfo* certificateInfo)
>-    : m_certificateInfo(certificateInfo)
> {
> }
>+#endif
> 
> WebCredential::~WebCredential()
> {
> }
> 
>-WebCertificateInfo* WebCredential::certificateInfo()
>-{
>-    return m_certificateInfo.get();
>-}
>-
> const WebCore::Credential& WebCredential::credential()
> {
>     return m_coreCredential;
>diff --git a/Source/WebKit/UIProcess/Authentication/WebCredential.h b/Source/WebKit/UIProcess/Authentication/WebCredential.h
>index eaaa1f70c6d85d546974b7b906a406a64d8fe052..a37db2f0fd02cf4d65be3c788f66333c6a7ece17 100644
>--- a/Source/WebKit/UIProcess/Authentication/WebCredential.h
>+++ b/Source/WebKit/UIProcess/Authentication/WebCredential.h
>@@ -47,8 +47,6 @@ public:
>     {
>         return adoptRef(*new WebCredential(certificateInfo));
>     }
>-    
>-    WebCertificateInfo* certificateInfo();
> 
>     const WebCore::Credential& credential();
> 
>@@ -57,7 +55,6 @@ private:
>     explicit WebCredential(WebCertificateInfo*);
> 
>     WebCore::Credential m_coreCredential;
>-    RefPtr<WebCertificateInfo> m_certificateInfo;
> };
> 
> } // namespace WebKit
>diff --git a/Source/WebKit/UIProcess/Authentication/mac/WebCredentialMac.mm b/Source/WebKit/UIProcess/Authentication/mac/WebCredentialMac.mm
>new file mode 100644
>index 0000000000000000000000000000000000000000..68de3ec9db27879c9c5d71d0d610682d8ec64300
>--- /dev/null
>+++ b/Source/WebKit/UIProcess/Authentication/mac/WebCredentialMac.mm
>@@ -0,0 +1,91 @@
>+/*
>+ * Copyright (C) 2018 Apple Inc. All rights reserved.
>+ *
>+ * Redistribution and use in source and binary forms, with or without
>+ * modification, are permitted provided that the following conditions
>+ * are met:
>+ * 1. Redistributions of source code must retain the above copyright
>+ *    notice, this list of conditions and the following disclaimer.
>+ * 2. Redistributions in binary form must reproduce the above copyright
>+ *    notice, this list of conditions and the following disclaimer in the
>+ *    documentation and/or other materials provided with the distribution.
>+ *
>+ * THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
>+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
>+ * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
>+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
>+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
>+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
>+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
>+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
>+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
>+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
>+ * THE POSSIBILITY OF SUCH DAMAGE.
>+ */
>+
>+#include "config.h"
>+#include "WebCredential.h"
>+
>+#if PLATFORM(MAC)
>+
>+#include "WebCertificateInfo.h"
>+#include <Security/SecIdentity.h>
>+#include <WebCore/CertificateInfo.h>
>+#include <wtf/cf/TypeCastsCF.h>
>+
>+WTF_DECLARE_CF_TYPE_TRAIT(SecCertificate);
>+
>+using namespace WebCore;
>+
>+namespace WebKit {
>+
>+static SecCertificateRef leafCertificate(const CertificateInfo& certificateInfo)
>+{
>+#if HAVE(SEC_TRUST_SERIALIZATION)
>+    if (certificateInfo.type() == CertificateInfo::Type::Trust)
>+        return SecTrustGetCertificateAtIndex(certificateInfo.trust(), 0);
>+#endif
>+    ASSERT(certificateInfo.type() == CertificateInfo::Type::CertificateChain);
>+    ASSERT(CFArrayGetCount(certificateInfo.certificateChain()));
>+    return checked_cf_cast<SecCertificateRef>(CFArrayGetValueAtIndex(certificateInfo.certificateChain(), 0));
>+}
>+
>+static NSArray *chain(const CertificateInfo& certificateInfo)
>+{
>+#if HAVE(SEC_TRUST_SERIALIZATION)
>+    if (certificateInfo.type() == CertificateInfo::Type::Trust) {
>+        CFIndex count = SecTrustGetCertificateCount(certificateInfo.trust());
>+        if (count < 2)
>+            return nil;
>+
>+        NSMutableArray *array = [NSMutableArray array];
>+        for (CFIndex i = 1; i < count; ++i)
>+            [array addObject:(id)SecTrustGetCertificateAtIndex(certificateInfo.trust(), i)];
>+
>+        return array;
>+    }
>+#endif
>+    ASSERT(certificateInfo.type() == CertificateInfo::Type::CertificateChain);
>+    CFIndex chainCount = CFArrayGetCount(certificateInfo.certificateChain());
>+    return chainCount > 1 ? [(NSArray *)certificateInfo.certificateChain() subarrayWithRange:NSMakeRange(1, chainCount - 1)] : nil;
>+}
>+
>+WebCredential::WebCredential(WebCertificateInfo* certificateInfo)
>+{
>+    if (!certificateInfo || certificateInfo->certificateInfo().isEmpty())
>+        return;
>+
>+    // The passed-in certificate chain includes the identity certificate at index 0, and additional certificates starting at index 1.
>+    SecIdentityRef identity;
>+    OSStatus result = SecIdentityCreateWithCertificate(NULL, leafCertificate(certificateInfo->certificateInfo()), &identity);
>+    if (result != errSecSuccess) {
>+        LOG_ERROR("Unable to create SecIdentityRef with certificate - %i", result);
>+        return;
>+    }
>+
>+    m_coreCredential = Credential([NSURLCredential credentialWithIdentity:identity certificates:chain(certificateInfo->certificateInfo()) persistence:NSURLCredentialPersistenceNone]);
>+}
>+
>+} // namespace WebKit
>+
>+#endif // PLATFORM(MAC)
>diff --git a/Source/WebKit/WebKit.xcodeproj/project.pbxproj b/Source/WebKit/WebKit.xcodeproj/project.pbxproj
>index 9fd2227f417143a663cb194e1a235a7a33d7ef93..1163a848c3d1adb440a80ed76d718a2bfa39524a 100644
>--- a/Source/WebKit/WebKit.xcodeproj/project.pbxproj
>+++ b/Source/WebKit/WebKit.xcodeproj/project.pbxproj
>@@ -1107,7 +1107,6 @@
> 		518D2CAE12D5153B003BB93B /* WebBackForwardListItem.h in Headers */ = {isa = PBXBuildFile; fileRef = 518D2CAC12D5153B003BB93B /* WebBackForwardListItem.h */; };
> 		518E8EF816B2091C00E91429 /* AuthenticationManager.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 518E8EF316B2091C00E91429 /* AuthenticationManager.cpp */; };
> 		518E8EF916B2091C00E91429 /* AuthenticationManager.h in Headers */ = {isa = PBXBuildFile; fileRef = 518E8EF416B2091C00E91429 /* AuthenticationManager.h */; };
>-		518E8EFB16B2091C00E91429 /* AuthenticationManager.mac.mm in Sources */ = {isa = PBXBuildFile; fileRef = 518E8EF716B2091C00E91429 /* AuthenticationManager.mac.mm */; };
> 		51933DEF1965EB31008AC3EA /* MenuUtilities.h in Headers */ = {isa = PBXBuildFile; fileRef = 51933DEB1965EB24008AC3EA /* MenuUtilities.h */; };
> 		51933DF01965EB31008AC3EA /* MenuUtilities.mm in Sources */ = {isa = PBXBuildFile; fileRef = 51933DEC1965EB24008AC3EA /* MenuUtilities.mm */; };
> 		51A4D5A916CAC4FF000E615E /* StatisticsRequest.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 51A4D5A816CAC4FF000E615E /* StatisticsRequest.cpp */; };
>@@ -1220,6 +1219,7 @@
> 		53BA47D01DC2EF5E004DF4AD /* NetworkDataTaskBlob.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 539EB5461DC2EE40009D48CF /* NetworkDataTaskBlob.cpp */; };
> 		53BA47D11DC2EF5E004DF4AD /* NetworkDataTaskBlob.h in Headers */ = {isa = PBXBuildFile; fileRef = 539EB5471DC2EE40009D48CF /* NetworkDataTaskBlob.h */; };
> 		53DEA3661DDE423100E82648 /* json.hpp in Headers */ = {isa = PBXBuildFile; fileRef = 53DEA3651DDE422E00E82648 /* json.hpp */; };
>+		575075A820AB8DE100693EA9 /* WebCredentialMac.mm in Sources */ = {isa = PBXBuildFile; fileRef = 575075A720AB763600693EA9 /* WebCredentialMac.mm */; };
> 		5760828E2029895E00116678 /* WebCredentialsMessenger.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5760828C2029854200116678 /* WebCredentialsMessenger.cpp */; };
> 		57608298202BD8BA00116678 /* WebCredentialsMessengerProxy.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 57608296202BD8BA00116678 /* WebCredentialsMessengerProxy.cpp */; };
> 		5760829C202D2C3C00116678 /* WebCredentialsMessengerMessageReceiver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5760829020298FBD00116678 /* WebCredentialsMessengerMessageReceiver.cpp */; };
>@@ -2072,7 +2072,6 @@
> 		CDA29A2B1CBEB67A00901CCF /* PlaybackSessionManagerProxyMessages.h in Headers */ = {isa = PBXBuildFile; fileRef = CDA29A271CBEB67A00901CCF /* PlaybackSessionManagerProxyMessages.h */; };
> 		CDC2831D201BD79D00E6E745 /* WKFullscreenStackView.h in Headers */ = {isa = PBXBuildFile; fileRef = CDC2831B201BD79D00E6E745 /* WKFullscreenStackView.h */; };
> 		CDC2831E201BD79D00E6E745 /* WKFullscreenStackView.mm in Sources */ = {isa = PBXBuildFile; fileRef = CDC2831C201BD79D00E6E745 /* WKFullscreenStackView.mm */; };
>-		CDC382FE17211799008A2FC3 /* SecItemShimLibrary.mm in Sources */ = {isa = PBXBuildFile; fileRef = 511F8A78138B460900A95F44 /* SecItemShimLibrary.mm */; };
> 		CDCA85C8132ABA4E00E961DF /* WKFullScreenWindowController.mm in Sources */ = {isa = PBXBuildFile; fileRef = CDCA85C6132ABA4E00E961DF /* WKFullScreenWindowController.mm */; };
> 		CDCA85C9132ABA4E00E961DF /* WKFullScreenWindowController.h in Headers */ = {isa = PBXBuildFile; fileRef = CDCA85C7132ABA4E00E961DF /* WKFullScreenWindowController.h */; };
> 		CE11AD501CBC47F800681EE5 /* CodeSigning.mm in Sources */ = {isa = PBXBuildFile; fileRef = CE11AD4F1CBC47F800681EE5 /* CodeSigning.mm */; };
>@@ -3522,7 +3521,6 @@
> 		518E8EF316B2091C00E91429 /* AuthenticationManager.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = AuthenticationManager.cpp; path = Authentication/AuthenticationManager.cpp; sourceTree = "<group>"; };
> 		518E8EF416B2091C00E91429 /* AuthenticationManager.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = AuthenticationManager.h; path = Authentication/AuthenticationManager.h; sourceTree = "<group>"; };
> 		518E8EF516B2091C00E91429 /* AuthenticationManager.messages.in */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = AuthenticationManager.messages.in; path = Authentication/AuthenticationManager.messages.in; sourceTree = "<group>"; };
>-		518E8EF716B2091C00E91429 /* AuthenticationManager.mac.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = AuthenticationManager.mac.mm; sourceTree = "<group>"; };
> 		51933DEB1965EB24008AC3EA /* MenuUtilities.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MenuUtilities.h; sourceTree = "<group>"; };
> 		51933DEC1965EB24008AC3EA /* MenuUtilities.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = MenuUtilities.mm; sourceTree = "<group>"; };
> 		5194B3861F192FB900FA4708 /* CookieStorageUtilsCF.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = CookieStorageUtilsCF.h; sourceTree = "<group>"; };
>@@ -3662,6 +3660,7 @@
> 		539EB5471DC2EE40009D48CF /* NetworkDataTaskBlob.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = NetworkDataTaskBlob.h; path = NetworkProcess/NetworkDataTaskBlob.h; sourceTree = "<group>"; };
> 		53DEA3651DDE422E00E82648 /* json.hpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.h; name = json.hpp; path = NetworkProcess/capture/json.hpp; sourceTree = "<group>"; };
> 		53F3CAA5206C443E0086490E /* NetworkActivityTracker.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = NetworkActivityTracker.cpp; path = NetworkProcess/NetworkActivityTracker.cpp; sourceTree = "<group>"; };
>+		575075A720AB763600693EA9 /* WebCredentialMac.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; path = WebCredentialMac.mm; sourceTree = "<group>"; };
> 		5750F32A2032D4E500389347 /* LocalAuthentication.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = LocalAuthentication.framework; path = System/Library/Frameworks/LocalAuthentication.framework; sourceTree = SDKROOT; };
> 		5760828B2029854200116678 /* WebCredentialsMessenger.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = WebCredentialsMessenger.h; sourceTree = "<group>"; };
> 		5760828C2029854200116678 /* WebCredentialsMessenger.cpp */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.cpp; path = WebCredentialsMessenger.cpp; sourceTree = "<group>"; };
>@@ -4605,7 +4604,6 @@
> 		CDC2831B201BD79D00E6E745 /* WKFullscreenStackView.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; name = WKFullscreenStackView.h; path = ios/fullscreen/WKFullscreenStackView.h; sourceTree = "<group>"; };
> 		CDC2831C201BD79D00E6E745 /* WKFullscreenStackView.mm */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.cpp.objcpp; name = WKFullscreenStackView.mm; path = ios/fullscreen/WKFullscreenStackView.mm; sourceTree = "<group>"; };
> 		CDC382F717211506008A2FC3 /* CFNetwork.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CFNetwork.framework; path = /System/Library/Frameworks/CFNetwork.framework; sourceTree = "<absolute>"; };
>-		CDC3830617211799008A2FC3 /* WebProcessShim.dylib */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.dylib"; includeInIndex = 0; path = WebProcessShim.dylib; sourceTree = BUILT_PRODUCTS_DIR; };
> 		CDC8F4881725E67800166F6E /* CoreFoundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreFoundation.framework; path = /System/Library/Frameworks/CoreFoundation.framework; sourceTree = "<absolute>"; };
> 		CDCA85C6132ABA4E00E961DF /* WKFullScreenWindowController.mm */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.objcpp; path = WKFullScreenWindowController.mm; sourceTree = "<group>"; };
> 		CDCA85C7132ABA4E00E961DF /* WKFullScreenWindowController.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = WKFullScreenWindowController.h; sourceTree = "<group>"; };
>@@ -6531,6 +6529,7 @@
> 		512F588D12A8836F00629530 /* Authentication */ = {
> 			isa = PBXGroup;
> 			children = (
>+				575075A620AB75AB00693EA9 /* mac */,
> 				512F588E12A8838800629530 /* AuthenticationChallengeProxy.cpp */,
> 				512F588F12A8838800629530 /* AuthenticationChallengeProxy.h */,
> 				512F589012A8838800629530 /* AuthenticationDecisionListener.cpp */,
>@@ -6631,7 +6630,6 @@
> 		518E8EF116B208F000E91429 /* Authentication */ = {
> 			isa = PBXGroup;
> 			children = (
>-				518E8EF616B2091C00E91429 /* mac */,
> 				518E8EF316B2091C00E91429 /* AuthenticationManager.cpp */,
> 				518E8EF416B2091C00E91429 /* AuthenticationManager.h */,
> 				518E8EF516B2091C00E91429 /* AuthenticationManager.messages.in */,
>@@ -6639,15 +6637,6 @@
> 			name = Authentication;
> 			sourceTree = "<group>";
> 		};
>-		518E8EF616B2091C00E91429 /* mac */ = {
>-			isa = PBXGroup;
>-			children = (
>-				518E8EF716B2091C00E91429 /* AuthenticationManager.mac.mm */,
>-			);
>-			name = mac;
>-			path = Authentication/mac;
>-			sourceTree = "<group>";
>-		};
> 		51B15A7D138439B200321AD8 /* unix */ = {
> 			isa = PBXGroup;
> 			children = (
>@@ -6767,6 +6756,14 @@
> 			name = capture;
> 			sourceTree = "<group>";
> 		};
>+		575075A620AB75AB00693EA9 /* mac */ = {
>+			isa = PBXGroup;
>+			children = (
>+				575075A720AB763600693EA9 /* WebCredentialMac.mm */,
>+			);
>+			path = mac;
>+			sourceTree = "<group>";
>+		};
> 		5750F3292032D4E300389347 /* Frameworks */ = {
> 			isa = PBXGroup;
> 			children = (
>@@ -10515,7 +10512,6 @@
> 				512F589612A8838800629530 /* AuthenticationChallengeProxy.cpp in Sources */,
> 				512F589812A8838800629530 /* AuthenticationDecisionListener.cpp in Sources */,
> 				518E8EF816B2091C00E91429 /* AuthenticationManager.cpp in Sources */,
>-				518E8EFB16B2091C00E91429 /* AuthenticationManager.mac.mm in Sources */,
> 				512F58A212A883AD00629530 /* AuthenticationManagerMessageReceiver.cpp in Sources */,
> 				9955A6F41C7986DC00EB6A93 /* AutomationBackendDispatchers.cpp in Sources */,
> 				99C81D591C20E1E5005C4C82 /* AutomationClient.mm in Sources */,
>@@ -10977,6 +10973,7 @@
> 				1AB1F7901D1B34A6007C9BD1 /* WebCoreArgumentCodersCocoa.mm in Sources */,
> 				BCE23263122C6CF300D5C35A /* WebCoreArgumentCodersMac.mm in Sources */,
> 				512F589A12A8838800629530 /* WebCredential.cpp in Sources */,
>+				575075A820AB8DE100693EA9 /* WebCredentialMac.mm in Sources */,
> 				5760828E2029895E00116678 /* WebCredentialsMessenger.cpp in Sources */,
> 				5760829C202D2C3C00116678 /* WebCredentialsMessengerMessageReceiver.cpp in Sources */,
> 				57608298202BD8BA00116678 /* WebCredentialsMessengerProxy.cpp in Sources */,
>@@ -11450,14 +11447,6 @@
> 			);
> 			runOnlyForDeploymentPostprocessing = 0;
> 		};
>-		CDC382FD17211799008A2FC3 /* Sources */ = {
>-			isa = PBXSourcesBuildPhase;
>-			buildActionMask = 2147483647;
>-			files = (
>-				CDC382FE17211799008A2FC3 /* SecItemShimLibrary.mm in Sources */,
>-			);
>-			runOnlyForDeploymentPostprocessing = 0;
>-		};
> /* End PBXSourcesBuildPhase section */
> 
> /* Begin PBXTargetDependency section */

Actions: View | Formatted Diff | Diff

Attachments on bug 185662: 340447 | 340450