Summary: | [iOS] Client-certificate authentication isn’t working with some certificates | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | mitz | ||||
Component: | WebKit2 | Assignee: | Nobody <webkit-unassigned> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | Keywords: | InRadar | ||||
Priority: | P2 | ||||||
Version: | 528+ (Nightly build) | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Attachments: |
|
Description
mitz
2014-07-23 12:08:02 PDT
Created attachment 235368 [details]
Specify an access group when creating a persistent reference to a key
Comment on attachment 235368 [details] Specify an access group when creating a persistent reference to a key View in context: https://bugs.webkit.org/attachment.cgi?id=235368&action=review > Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp:637 > + RetainPtr<NSDictionary> query = @{ This doesn't need to be a RetainPtr. Comment on attachment 235368 [details] Specify an access group when creating a persistent reference to a key View in context: https://bugs.webkit.org/attachment.cgi?id=235368&action=review > Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp:632 > +static CFDataRef copyPersistentRef(SecKeyRef key) This doesn't seem to be in a PLATFORM(IOS) ifdef, and it should. > Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp:637 > + RetainPtr<NSDictionary> query = @{ I don't see how this RetainPtr can be appropriate here. > Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp:645 > + OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query.get(), &persistentRef); Do we need __bridge in WebKit code? > Source/WebKit2/Shared/cf/ArgumentCodersCF.cpp:652 > + if (CFGetTypeID(persistentRef) != CFDataGetTypeID()) { > + CFRelease(persistentRef); > + return nullptr; > + } Can this happen? Documentation says that kSecReturnPersistentRef always provides a CFDataRef. Fixed in <http://trac.webkit.org/r171485>. |