WebKit Bugzilla
Attachment 369871 Details for
Bug 197887
: REGRESSION(r245281): Broke API Test TestWebKitAPI.Challenge.ClientCertificate (Requested by aakashjain on #webkit).
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
ROLLOUT of r245281
bug-197887-20190514110639.patch (text/plain), 42.37 KB, created by
WebKit Commit Bot
on 2019-05-14 11:06:40 PDT
(
hide
)
Description:
ROLLOUT of r245281
Filename:
MIME Type:
Creator:
WebKit Commit Bot
Created:
2019-05-14 11:06:40 PDT
Size:
42.37 KB
patch
obsolete
>Subversion Revision: 245289 >diff --git a/Source/WTF/ChangeLog b/Source/WTF/ChangeLog >index 5c0c09d180065304dfeb55742c09fddf4bec9c3c..6bc60aa7e4bf74aa275461c4ac185caa4d982601 100644 >--- a/Source/WTF/ChangeLog >+++ b/Source/WTF/ChangeLog >@@ -1,3 +1,17 @@ >+2019-05-14 Commit Queue <commit-queue@webkit.org> >+ >+ Unreviewed, rolling out r245281. >+ https://bugs.webkit.org/show_bug.cgi?id=197887 >+ >+ Broke API Test TestWebKitAPI.Challenge.ClientCertificate >+ (Requested by aakashjain on #webkit). >+ >+ Reverted changeset: >+ >+ "Add a unit test for client certificate authentication" >+ https://bugs.webkit.org/show_bug.cgi?id=197800 >+ https://trac.webkit.org/changeset/245281 >+ > 2019-05-14 Alex Christensen <achristensen@webkit.org> > > Add a unit test for client certificate authentication >diff --git a/Source/WebKit/ChangeLog b/Source/WebKit/ChangeLog >index 65924d05d736dcc8fa3137968ec0f9c2643e02f9..de4e5fc6910bc5081da5618fa0c6758d0e472dd5 100644 >--- a/Source/WebKit/ChangeLog >+++ b/Source/WebKit/ChangeLog >@@ -1,3 +1,17 @@ >+2019-05-14 Commit Queue <commit-queue@webkit.org> >+ >+ Unreviewed, rolling out r245281. >+ https://bugs.webkit.org/show_bug.cgi?id=197887 >+ >+ Broke API Test TestWebKitAPI.Challenge.ClientCertificate >+ (Requested by aakashjain on #webkit). >+ >+ Reverted changeset: >+ >+ "Add a unit test for client certificate authentication" >+ https://bugs.webkit.org/show_bug.cgi?id=197800 >+ https://trac.webkit.org/changeset/245281 >+ > 2019-05-14 Daniel Bates <dabates@apple.com> > > [iOS] Cannot scroll to beginning of document after scrolling to end of document and vice versa via key commands >diff --git a/Source/WTF/wtf/spi/cocoa/SecuritySPI.h b/Source/WTF/wtf/spi/cocoa/SecuritySPI.h >index 9357d0c8bef9177a75c5cd68e905524cb2f73e8c..96e30a7c7d294f455c03b0de37be0a4d12135e42 100644 >--- a/Source/WTF/wtf/spi/cocoa/SecuritySPI.h >+++ b/Source/WTF/wtf/spi/cocoa/SecuritySPI.h >@@ -27,10 +27,7 @@ > > #if USE(APPLE_INTERNAL_SDK) > >-#include <Security/SecAccessControlPriv.h> > #include <Security/SecCertificatePriv.h> >-#include <Security/SecIdentityPriv.h> >-#include <Security/SecKeyPriv.h> > #include <Security/SecTask.h> > #include <Security/SecTrustPriv.h> > >@@ -70,11 +67,7 @@ WTF_EXTERN_C_BEGIN > > SecTaskRef SecTaskCreateWithAuditToken(CFAllocatorRef, audit_token_t); > SecTaskRef SecTaskCreateFromSelf(CFAllocatorRef); >-CFTypeRef SecTaskCopyValueForEntitlement(SecTaskRef, CFStringRef entitlement, CFErrorRef*); >-SecIdentityRef SecIdentityCreate(CFAllocatorRef, SecCertificateRef, SecKeyRef); >-OSStatus SecKeyFindWithPersistentRef(CFDataRef persistentRef, SecKeyRef* lookedUpData); >-SecAccessControlRef SecAccessControlCreateFromData(CFAllocatorRef, CFDataRef, CFErrorRef*); >-CFDataRef SecAccessControlCopyData(SecAccessControlRef); >+CFTypeRef SecTaskCopyValueForEntitlement(SecTaskRef, CFStringRef entitlement, CFErrorRef *); > > #if PLATFORM(MAC) > #include <Security/SecAsn1Types.h> >diff --git a/Source/WebKit/Shared/cf/ArgumentCodersCF.cpp b/Source/WebKit/Shared/cf/ArgumentCodersCF.cpp >index d35925b9394da5817171398b834ad837b3265a88..fdb8e88574d3ad53a2eaf32d8aba0b33e098e745 100644 >--- a/Source/WebKit/Shared/cf/ArgumentCodersCF.cpp >+++ b/Source/WebKit/Shared/cf/ArgumentCodersCF.cpp >@@ -41,6 +41,29 @@ > #import <Foundation/Foundation.h> > #endif > >+#if USE(APPLE_INTERNAL_SDK) >+#include <Security/SecIdentityPriv.h> >+#endif >+ >+extern "C" SecIdentityRef SecIdentityCreate(CFAllocatorRef allocator, SecCertificateRef certificate, SecKeyRef privateKey); >+ >+#if PLATFORM(IOS_FAMILY) >+#if USE(APPLE_INTERNAL_SDK) >+#include <Security/SecKeyPriv.h> >+#endif >+ >+extern "C" OSStatus SecKeyFindWithPersistentRef(CFDataRef persistentRef, SecKeyRef* lookedUpData); >+#endif >+ >+#if HAVE(SEC_ACCESS_CONTROL) >+#if USE(APPLE_INTERNAL_SDK) >+#include <Security/SecAccessControlPriv.h> >+#endif >+ >+extern "C" SecAccessControlRef SecAccessControlCreateFromData(CFAllocatorRef allocator, CFDataRef data, CFErrorRef *error); >+extern "C" CFDataRef SecAccessControlCopyData(SecAccessControlRef access_control); >+#endif >+ > namespace IPC { > using namespace WebCore; > >diff --git a/Tools/ChangeLog b/Tools/ChangeLog >index bea3c4ee8c90c227bb3005da5e9a2348ea19e6e3..c4f34e1046607ed1fc6e7d25d72e44b48fc293e7 100644 >--- a/Tools/ChangeLog >+++ b/Tools/ChangeLog >@@ -1,3 +1,17 @@ >+2019-05-14 Commit Queue <commit-queue@webkit.org> >+ >+ Unreviewed, rolling out r245281. >+ https://bugs.webkit.org/show_bug.cgi?id=197887 >+ >+ Broke API Test TestWebKitAPI.Challenge.ClientCertificate >+ (Requested by aakashjain on #webkit). >+ >+ Reverted changeset: >+ >+ "Add a unit test for client certificate authentication" >+ https://bugs.webkit.org/show_bug.cgi?id=197800 >+ https://trac.webkit.org/changeset/245281 >+ > 2019-05-14 Youenn Fablet <youenn@apple.com> > > Add support for webkit-test-runner options to WPT importer >diff --git a/Tools/TestWebKitAPI/TCPServer.cpp b/Tools/TestWebKitAPI/TCPServer.cpp >index 2ba7a63414721e849a426ddd1ce2a31688645914..31b147012668606a1e41ee1d5a102fa107533d72 100644 >--- a/Tools/TestWebKitAPI/TCPServer.cpp >+++ b/Tools/TestWebKitAPI/TCPServer.cpp >@@ -30,7 +30,6 @@ > #include <thread> > #include <unistd.h> > #include <wtf/Optional.h> >-#include <wtf/text/Base64.h> > > extern "C" { > >@@ -39,10 +38,6 @@ struct X509; > struct SSL_CTX; > struct EVP_PKEY; > struct SSL_METHOD; >-struct X509_STORE_CTX { >- void* unused; >- X509* cert; >-}; > struct pem_password_cb; > int BIO_free(BIO*); > int SSL_free(SSL*); >@@ -61,15 +56,6 @@ int SSL_CTX_use_PrivateKey(SSL_CTX*, EVP_PKEY*); > SSL* SSL_new(SSL_CTX*); > int SSL_accept(SSL*); > int SSL_set_fd(SSL*, int); >-void SSL_CTX_set_verify(SSL_CTX*, int, int (*)(int, X509_STORE_CTX*)); >-void SSL_CTX_set_cert_verify_callback(SSL_CTX*, int (*)(X509_STORE_CTX*, void*), void*); >-int SSL_get_error(const SSL*, int); >-int SSL_read(SSL*, void*, int); >-int SSL_write(SSL*, const void*, int); >-int i2d_X509(X509*, unsigned char**); >-void OPENSSL_free(void*); >-#define SSL_VERIFY_PEER 0x01 >-#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02 > > } // extern "C" > >@@ -106,12 +92,6 @@ template<> struct deleter<EVP_PKEY> { > EVP_PKEY_free(key); > } > }; >-template<> struct deleter<uint8_t[]> { >- void operator()(uint8_t* buffer) >- { >- OPENSSL_free(buffer); >- } >-}; > > TCPServer::TCPServer(Function<void(Socket)>&& connectionHandler, size_t connections) > : m_connectionHandler(WTFMove(connectionHandler)) >@@ -121,7 +101,7 @@ TCPServer::TCPServer(Function<void(Socket)>&& connectionHandler, size_t connecti > > TCPServer::TCPServer(Protocol protocol, Function<void(SSL*)>&& secureConnectionHandler) > { >- auto startSecureConnection = [secureConnectionHandler = WTFMove(secureConnectionHandler), protocol] (Socket socket) { >+ auto startSecureConnection = [secureConnectionHandler = WTFMove(secureConnectionHandler)] (Socket socket) { > SSL_library_init(); > > std::unique_ptr<SSL_CTX, deleter<SSL_CTX>> ctx(SSL_CTX_new(SSLv23_server_method())); >@@ -149,20 +129,6 @@ TCPServer::TCPServer(Protocol protocol, Function<void(SSL*)>&& secureConnectionH > ASSERT(certX509); > SSL_CTX_use_certificate(ctx.get(), certX509.get()); > >- if (protocol == Protocol::HTTPSWithClientCertificateRequest) { >- SSL_CTX_set_verify(ctx.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr); >- SSL_CTX_set_cert_verify_callback(ctx.get(), [] (X509_STORE_CTX* store_ctx, void*) -> int { >- uint8_t* bufferPointer = nullptr; >- auto length = i2d_X509(store_ctx->cert, &bufferPointer); >- std::unique_ptr<uint8_t[], deleter<uint8_t[]>> buffer(bufferPointer); >- auto expectedCert = testCertificate(); >- EXPECT_EQ(static_cast<int>(expectedCert.size()), length); >- for (int i = 0; i < length; ++i) >- EXPECT_EQ(buffer.get()[i], expectedCert[i]); >- return 1; >- }, nullptr); >- } >- > // This is a test key from BoringSSL. > char kKeyPEM[] = > "-----BEGIN RSA PRIVATE KEY-----\n" >@@ -198,7 +164,6 @@ TCPServer::TCPServer(Protocol protocol, Function<void(SSL*)>&& secureConnectionH > > switch (protocol) { > case Protocol::HTTPS: >- case Protocol::HTTPSWithClientCertificateRequest: > m_connectionHandler = WTFMove(startSecureConnection); > break; > case Protocol::HTTPSProxy: >@@ -274,182 +239,4 @@ auto TCPServer::socketBindListen(size_t connections) -> Optional<Socket> > return WTF::nullopt; > } > >-template<> Vector<uint8_t> TCPServer::read(Socket socket) >-{ >- uint8_t buffer[1000]; >- auto bytesRead = ::read(socket, buffer, sizeof(buffer)); >- ASSERT_UNUSED(bytesRead, bytesRead > 0); >- ASSERT(static_cast<size_t>(bytesRead) < sizeof(buffer)); >- >- Vector<uint8_t> vector; >- vector.append(buffer, bytesRead); >- return vector; >-} >- >-template<> void TCPServer::write(Socket socket, const void* response, size_t length) >-{ >- auto bytesWritten = ::write(socket, response, length); >- EXPECT_EQ(static_cast<size_t>(bytesWritten), length); >-} >- >-template<> Vector<uint8_t> TCPServer::read(SSL* ssl) >-{ >- uint8_t buffer[1000]; >- auto bytesRead = SSL_read(ssl, buffer, sizeof(buffer)); >- ASSERT_UNUSED(bytesRead, bytesRead > 0); >- ASSERT(static_cast<size_t>(bytesRead) < sizeof(buffer)); >- >- Vector<uint8_t> vector; >- vector.append(buffer, bytesRead); >- return vector; >-} >- >-template<> void TCPServer::write(SSL* ssl, const void* response, size_t length) >-{ >- auto bytesWritten = SSL_write(ssl, response, length); >- EXPECT_EQ(static_cast<size_t>(bytesWritten), length); >-} >- >-void TCPServer::respondWithChallengeThenOK(Socket socket) >-{ >- read(socket); >- >- const char* challengeHeader = >- "HTTP/1.1 401 Unauthorized\r\n" >- "Date: Sat, 23 Mar 2019 06:29:01 GMT\r\n" >- "Content-Length: 0\r\n" >- "WWW-Authenticate: Basic realm=\"testrealm\"\r\n\r\n"; >- write(socket, challengeHeader, strlen(challengeHeader)); >- >- read(socket); >- >- const char* responseHeader = >- "HTTP/1.1 200 OK\r\n" >- "Content-Length: 13\r\n\r\n" >- "Hello, World!"; >- write(socket, responseHeader, strlen(responseHeader)); >-} >- >-void TCPServer::respondWithOK(SSL* ssl) >-{ >- read(ssl); >- >- const char* reply = "" >- "HTTP/1.1 200 OK\r\n" >- "Content-Length: 34\r\n\r\n" >- "<script>alert('success!')</script>"; >- write(ssl, reply, strlen(reply)); >-} >- >-Vector<uint8_t> TCPServer::testCertificate() >-{ >- // Certificate and private key were generated by running this command: >- // openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes >- // and entering this information: >- /* >- Country Name (2 letter code) []:US >- State or Province Name (full name) []:New Mexico >- Locality Name (eg, city) []:Santa Fe >- Organization Name (eg, company) []:Self >- Organizational Unit Name (eg, section) []:Myself >- Common Name (eg, fully qualified host name) []:Me >- Email Address []:me@example.com >- */ >- >- String pemEncodedCertificate("" >- "MIIFgDCCA2gCCQCKHiPRU5MQuDANBgkqhkiG9w0BAQsFADCBgTELMAkGA1UEBhMC" >- "VVMxEzARBgNVBAgMCk5ldyBNZXhpY28xETAPBgNVBAcMCFNhbnRhIEZlMQ0wCwYD" >- "VQQKDARTZWxmMQ8wDQYDVQQLDAZNeXNlbGYxCzAJBgNVBAMMAk1lMR0wGwYJKoZI" >- "hvcNAQkBFg5tZUBleGFtcGxlLmNvbTAeFw0xOTAzMjMwNTUwMTRaFw0yMDAzMjIw" >- "NTUwMTRaMIGBMQswCQYDVQQGEwJVUzETMBEGA1UECAwKTmV3IE1leGljbzERMA8G" >- "A1UEBwwIU2FudGEgRmUxDTALBgNVBAoMBFNlbGYxDzANBgNVBAsMBk15c2VsZjEL" >- "MAkGA1UEAwwCTWUxHTAbBgkqhkiG9w0BCQEWDm1lQGV4YW1wbGUuY29tMIICIjAN" >- "BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3rhN4SPg8VY/PtGDNKY3T9JISgby" >- "8YGMJx0vO+YZFZm3G3fsTUsyvDyEHwqp5abCZRB/By1PwWkNrfxn/XP8P034JPlE" >- "6irViuAYQrqUh6k7ZR8CpOM5GEcRZgAUJGGQwNlOkEwaHnMGc8SsHurgDPh5XBpg" >- "bDytd7BJuB1NoI/KJmhcajkAuV3varS+uPLofPHNqe+cL8hNnjZQwHWarP45ks4e" >- "BcOD7twqxuHnVm/FWErpY8Ws5s1MrPThUdDahjEMf+YfDJ9KL8y304yS8J8feCxY" >- "fcH4BvgLtJmBNHJgj3eND/EMZjJgz2FsBjrJk8kKD31cw+4Wp8UF4skWXCf46+mN" >- "OHp13PeSCZLyF4ZAHazUVknDPcc2YNrWVV1i6n3T15kI0T5Z7bstdmALuSkE2cuJ" >- "SVNO6gR+ZsVRTneuQxwWTU0MNEhAPFOX2BhGP5eisgEUzknxMJddFDn9Wxklu1Jh" >- "gkzASA/+3AmlrFZMPhOhjEul0zjgNR5RBl1G8Hz92LAx5UEDBtdLg71I+I8AzQOh" >- "d6LtBekECxA16pSappg5vcW9Z/8N6ZlsHnZ2FztA0nCOflkoO9iejOpcuFN4EVYD" >- "xItwctKw1LCeND/s4kmoRRnXbX7k9O6cI1UUWM595Gsu5tPa33M5AZFCav2gOVuY" >- "djppS0HOfo5hv6cCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAY8EWaAFEfw7OV+oD" >- "XUZSIYXq3EH2E5p3q38AhIOLRjBuB+utyu7Q6rxMMHuw2TtsN+zbAR7yrjfsseA3" >- "4TM1xe4Nk7NVNHRoZQ+C0Iqf9fvcioMvT1tTrma0MhKSjFQpx+PvyLVbD7YdP86L" >- "meehKqU7h1pLGAiGwjoaZ9Ybh6Kuq/MTAHy3D8+wk7B36VBxF6diVlUPZJZQWKJy" >- "MKy9G3sze1ZGt9WeE0AMvkN2HIef0HTKCUZ3eBvecOMijxL0WhWo5Qyf5k6ylCaU" >- "2fx+M8DfDcwFo7tSgLxSK3GCFpxPfiDt6Qk8c9tQn5S1gY3t6LJuwVCFwUIXlNkB" >- "JD7+cZ1Z/tCrEhzj3YCk0uUU8CifoU+4FG+HGFP+SPztsYE055mSj3+Esh+oyoVB" >- "gBH90sE2T1i0eNI8f61oSgwYFeHsf7fC71XEXLFR+GwNdmwqlmwlDZEpTu7BoNN+" >- "q7+Tfk1MRkJlL1PH6Yu/IPhZiNh4tyIqDOtlYfzp577A+OUU+q5PPRFRIsqheOxt" >- "mNlHx4Uzd4U3ITfmogJazjqwYO2viBZY4jUQmyZs75eH/jiUFHWRsha3AdnW5LWa" >- "G3PFnYbW8urH0NSJG/W+/9DA+Y7Aa0cs4TPpuBGZ0NU1W94OoCMo4lkO6H/y6Leu" >- "3vjZD3y9kZk7mre9XHwkI8MdK5s="); >- >- Vector<uint8_t> vector; >- base64Decode(pemEncodedCertificate, vector, WTF::Base64DecodeOptions::Base64Default); >- return vector; >-} >- >-Vector<uint8_t> TCPServer::testPrivateKey() >-{ >- String pemEncodedPrivateKey("" >- "MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDeuE3hI+DxVj8+" >- "0YM0pjdP0khKBvLxgYwnHS875hkVmbcbd+xNSzK8PIQfCqnlpsJlEH8HLU/BaQ2t" >- "/Gf9c/w/Tfgk+UTqKtWK4BhCupSHqTtlHwKk4zkYRxFmABQkYZDA2U6QTBoecwZz" >- "xKwe6uAM+HlcGmBsPK13sEm4HU2gj8omaFxqOQC5Xe9qtL648uh88c2p75wvyE2e" >- "NlDAdZqs/jmSzh4Fw4Pu3CrG4edWb8VYSuljxazmzUys9OFR0NqGMQx/5h8Mn0ov" >- "zLfTjJLwnx94LFh9wfgG+Au0mYE0cmCPd40P8QxmMmDPYWwGOsmTyQoPfVzD7han" >- "xQXiyRZcJ/jr6Y04enXc95IJkvIXhkAdrNRWScM9xzZg2tZVXWLqfdPXmQjRPlnt" >- "uy12YAu5KQTZy4lJU07qBH5mxVFOd65DHBZNTQw0SEA8U5fYGEY/l6KyARTOSfEw" >- "l10UOf1bGSW7UmGCTMBID/7cCaWsVkw+E6GMS6XTOOA1HlEGXUbwfP3YsDHlQQMG" >- "10uDvUj4jwDNA6F3ou0F6QQLEDXqlJqmmDm9xb1n/w3pmWwednYXO0DScI5+WSg7" >- "2J6M6ly4U3gRVgPEi3By0rDUsJ40P+ziSahFGddtfuT07pwjVRRYzn3kay7m09rf" >- "czkBkUJq/aA5W5h2OmlLQc5+jmG/pwIDAQABAoICAGra/Cp/f0Xqvk9ST+Prt2/p" >- "kNtLeDXclLSTcP0JCZHufQaFw+7VnFLpqe4GvLq9Bllcz8VOvQwrbe/CwNW+VxC8" >- "RMjge2rqACgwGhOx1t87l46NkUQw7Ey0lCle8kr+MGgGGoZqrMFdKIRUoMv4nmQ6" >- "tmc1FHv5pLRe9Q+Lp5nYQwGoYmZoUOueoOaOL08m49pGXQkiN8pJDMxSfO3Jvtsu" >- "4cqIb6kOQ/dO1Is1CTvURld1IYLH7YuShi4ZEx2g2ac2Uyvt6YmxxvMmAjBSKpGd" >- "loiepho3/NrDGUKdv3q9QYyzrA8w9GT32LDGqgBXJi1scBI8cExkp6P4iDllhv7s" >- "vZsspvobRJa3O1zk863LHXa24JCnyuzimqezZ2Olh7l4olHoYD6UFC9jfd4KcHRg" >- "1c4syqt/n8AK/1s1eBfS9dzb5Cfjt9MtKYslxvLzq1WwOINwz8rIYuRi0PcLm9hs" >- "l+U0u/zB37eMgv6+iwDXk1fSjbuYsE/bETWYknKGNFFL5JSiKV7WCpmgNTTrrE4K" >- "S8E6hR9uPOAaow7vPCCt4xLX/48l2EI6Zeq6qOpq1lJ2qcy8r4tyuQgNRLQMkZg1" >- "AxQl6vnQ8Cu4iu+NIhef0y9Z7qkfNvZeCj5GlFB9c2YjV8Y2mdWfJB4qWK3Z/+MJ" >- "QOTCKRz7/LxLNBUepRjJAoIBAQD3ZsV5tWU9ZSKcVJ9DC7TZk0P+lhcisZr0nL0t" >- "PQuQO+pHvPI1MqRnNskHJhyPnqVCi+dp89tK/It590ULl8os6UC1FhytBPoT1YPd" >- "WGWep2pOc7bVpi4ip31y+ImfgeZyJtMATdme3kBPAOe5NGE9Gig/l5nqLyb02sd1" >- "QW7O0GdqLx3DpLw4SLlhMf6aE0uGRS8sfB085e4DGn54O2wEVuSZqZl5NNEf35Rz" >- "Xgim3h+RWF1ZFSQzjB/smN0Zh+v3Iz7vEJ1h0ywV6o+GzvHkP9HE6gLIhtyV8OEw" >- "vlyYk1Ga7pUVGRh8o8OMe6RR9DQi7JqC4eI7GckmBzaqzJcDAoIBAQDmde6ATew3" >- "H9bQK6xnbMIncz/COpIISdlcFb23AHGEb4b4VhJFBNwxrNL6tHKSFLeYZFLhTdhx" >- "PfXyULHNf5ozdEkl0WrleroDdogbCyWg5uJp9/Q68sbwbGr8CAlO7ZHYTrjuQf1K" >- "AS9pCm77KP3k2d3UlG+pelDjXLoBziXq0NjxJpMz45vrIx8rSWzFNjMGjXT3fXaS" >- "962k/0AXei5/bfuhBxlm7Pni0bQJIWFkeaUuGlrOaHDRxUiX1r9IZS9wv5lk1Ptg" >- "idpbcWyw18cFGTvjdKhRbZH8EsbmzmNNsCGdgCMqFkKYsW16QKoCj/NAovI3n0qn" >- "6VoRa0sGmTGNAoIBACl/mqZEsBuxSDHy29gSMZ7BXglpQa43HmfjlrPs5nCmLDEm" >- "V3Zm7T7G6MeDNA0/LjdQYlvaZLFaVUb7HCDKsEYCRjFZ6St4hz4mdXz+Y+VN7b4F" >- "GOkTe++iKp/LYsJXtsD1FDWb2WIVo7Hc1AGz8I+gQJoSIuYuTJmLzSM0+5JDUOV1" >- "y8dSbaP/RuEv0qYjkGqQVk5e70SUyOzKV+ZxCThdHvFLiovTOTTgevUzE75xydfG" >- "e7oCmtTurzgvl/69Vu5Ygij1n4CWPHHcq4CQW/DOZ7BhFGBwhrW79voHJF8PbwPO" >- "+0DTudDGY3nAD5sTnF8zUuObYihJtfzj/t59fOMCggEBAIYuuBUASb62zQ4bv5/g" >- "VRM/KSpfi9NDnEjfZ7x7h5zCiuVgx/ZjpAlQRO8vzV18roEOOKtx9cnJd8AEd+Hc" >- "n93BoS1hx0mhsVh+1TRZwyjyBXYJpqwD2wz1Mz1XOIQ6EqbM/yPKTD2gfwg7yO53" >- "qYxrxZsWagVVcG9Q+ARBERatTwLpoN+fcJLxuh4r/Ca/LepsxmOrKzTa/MGK1LhW" >- "rWgIk2/ogEPLSptj2d1PEDO+GAzFz4VKjhW1NlUh9fGi6IJPLHLnBw3odbi0S8KT" >- "gA9Z5+LBc5clotAP5rtQA8Wh/ZCEoPTKTTA2bjW2HMatJcbGmR0FpCQr3AM0Y1SO" >- "MakCggEALru6QZ6YUwJJG45H1eq/rPdDY8tqqjJVViKoBVvzKj/XfJZYEVQiIw5p" >- "uoGhDoyFuFUeIh/d1Jc2Iruy2WjoOkiQYtIugDHHxRrkLdQcjPhlCTCE/mmySJt+" >- "bkUbiHIbQ8dJ5yj8SKr0bHzqEtOy9/JeRjkYGHC6bVWpq5FA2MBhf4dNjJ4UDlnT" >- "vuePcTjr7nnfY1sztvfVl9D8dmgT+TBnOOV6yWj1gm5bS1DxQSLgNmtKxJ8tAh2u" >- "dEObvcpShP22ItOVjSampRuAuRG26ZemEbGCI3J6Mqx3y6m+6HwultsgtdzDgrFe" >- "qJfU8bbdbu2pi47Y4FdJK0HLffl5Rw=="); >- >- Vector<uint8_t> vector; >- base64Decode(pemEncodedPrivateKey, vector, WTF::Base64DecodeOptions::Base64Default); >- return vector; >-} >- > } // namespace TestWebKitAPI >diff --git a/Tools/TestWebKitAPI/TCPServer.h b/Tools/TestWebKitAPI/TCPServer.h >index 6668c735c9f486af859d03fb0737e89cab8f81af..fbe81a28ed4f4acf10e37c59e8d628cd56c6e8b7 100644 >--- a/Tools/TestWebKitAPI/TCPServer.h >+++ b/Tools/TestWebKitAPI/TCPServer.h >@@ -29,7 +29,11 @@ > #include <wtf/Function.h> > #include <wtf/Vector.h> > >+extern "C" { > struct SSL; >+int SSL_read(SSL*, void*, int); >+int SSL_write(SSL*, const void*, int); >+} > > namespace TestWebKitAPI { > >@@ -40,25 +44,14 @@ public: > static constexpr Port InvalidPort = 0; > > TCPServer(Function<void(Socket)>&&, size_t connections = 1); >- enum class Protocol : uint8_t { >- HTTPS, >- HTTPSProxy, >- HTTPSWithClientCertificateRequest, >+ enum class Protocol : bool { >+ HTTPS, HTTPSProxy > }; > TCPServer(Protocol, Function<void(SSL*)>&&); > ~TCPServer(); > > Port port() const { return m_port; } > >- static void respondWithOK(SSL*); >- static void respondWithChallengeThenOK(Socket); >- >- template<typename T> static Vector<uint8_t> read(T); >- template<typename T> static void write(T, const void*, size_t); >- >- static Vector<uint8_t> testPrivateKey(); >- static Vector<uint8_t> testCertificate(); >- > private: > Optional<Socket> socketBindListen(size_t connections); > void listenForConnections(size_t connections); >diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm b/Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm >index 551bba36970307d04b8592f1d93c88f39e5bb9eb..816afb565552b674a334d3ce7177b19a486c2be7 100644 >--- a/Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm >+++ b/Tools/TestWebKitAPI/Tests/WebKitCocoa/Challenge.mm >@@ -33,17 +33,141 @@ > #import <WebKit/WKProcessPoolPrivate.h> > #import <WebKit/WKWebsiteDataRecordPrivate.h> > #import <wtf/RetainPtr.h> >-#import <wtf/spi/cocoa/SecuritySPI.h> > > static bool navigationFinished; > >-static RetainPtr<NSURLCredential> credentialWithIdentity() >+static void respondWithChallengeThenOK(int socket) > { >- auto certificateBytes = TestWebKitAPI::TCPServer::testCertificate(); >- auto certificate = adoptCF(SecCertificateCreateWithData(nullptr, (__bridge CFDataRef)[NSData dataWithBytes:certificateBytes.data() length:certificateBytes.size()])); >+ char readBuffer[1000]; >+ auto bytesRead = ::read(socket, readBuffer, sizeof(readBuffer)); >+ EXPECT_GT(bytesRead, 0); >+ EXPECT_TRUE(static_cast<size_t>(bytesRead) < sizeof(readBuffer)); > >- auto privateKeyBytes = TestWebKitAPI::TCPServer::testPrivateKey(); >- NSData *derEncodedPrivateKey = [NSData dataWithBytes:privateKeyBytes.data() length:privateKeyBytes.size()]; >+ const char* challengeHeader = >+ "HTTP/1.1 401 Unauthorized\r\n" >+ "Date: Sat, 23 Mar 2019 06:29:01 GMT\r\n" >+ "Content-Length: 0\r\n" >+ "WWW-Authenticate: Basic realm=\"testrealm\"\r\n\r\n"; >+ auto bytesWritten = ::write(socket, challengeHeader, strlen(challengeHeader)); >+ EXPECT_EQ(static_cast<size_t>(bytesWritten), strlen(challengeHeader)); >+ >+ bytesRead = ::read(socket, readBuffer, sizeof(readBuffer)); >+ EXPECT_GT(bytesRead, 0); >+ EXPECT_TRUE(static_cast<size_t>(bytesRead) < sizeof(readBuffer)); >+ >+ const char* responseHeader = >+ "HTTP/1.1 200 OK\r\n" >+ "Content-Length: 13\r\n\r\n" >+ "Hello, World!"; >+ bytesWritten = ::write(socket, responseHeader, strlen(responseHeader)); >+ EXPECT_EQ(static_cast<size_t>(bytesWritten), strlen(responseHeader)); >+} >+ >+#if PLATFORM(MAC) >+ >+static std::pair<RetainPtr<NSURLCredential>, RetainPtr<NSString>> credentialWithIdentityAndKeychainPath() >+{ >+ // Certificate and private key were generated by running this command: >+ // openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes >+ // and entering this information: >+ /* >+ Country Name (2 letter code) []:US >+ State or Province Name (full name) []:New Mexico >+ Locality Name (eg, city) []:Santa Fe >+ Organization Name (eg, company) []:Self >+ Organizational Unit Name (eg, section) []:Myself >+ Common Name (eg, fully qualified host name) []:Me >+ Email Address []:me@example.com >+ */ >+ >+ NSString *pemEncodedCertificate = @"" >+ "MIIFgDCCA2gCCQCKHiPRU5MQuDANBgkqhkiG9w0BAQsFADCBgTELMAkGA1UEBhMC" >+ "VVMxEzARBgNVBAgMCk5ldyBNZXhpY28xETAPBgNVBAcMCFNhbnRhIEZlMQ0wCwYD" >+ "VQQKDARTZWxmMQ8wDQYDVQQLDAZNeXNlbGYxCzAJBgNVBAMMAk1lMR0wGwYJKoZI" >+ "hvcNAQkBFg5tZUBleGFtcGxlLmNvbTAeFw0xOTAzMjMwNTUwMTRaFw0yMDAzMjIw" >+ "NTUwMTRaMIGBMQswCQYDVQQGEwJVUzETMBEGA1UECAwKTmV3IE1leGljbzERMA8G" >+ "A1UEBwwIU2FudGEgRmUxDTALBgNVBAoMBFNlbGYxDzANBgNVBAsMBk15c2VsZjEL" >+ "MAkGA1UEAwwCTWUxHTAbBgkqhkiG9w0BCQEWDm1lQGV4YW1wbGUuY29tMIICIjAN" >+ "BgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA3rhN4SPg8VY/PtGDNKY3T9JISgby" >+ "8YGMJx0vO+YZFZm3G3fsTUsyvDyEHwqp5abCZRB/By1PwWkNrfxn/XP8P034JPlE" >+ "6irViuAYQrqUh6k7ZR8CpOM5GEcRZgAUJGGQwNlOkEwaHnMGc8SsHurgDPh5XBpg" >+ "bDytd7BJuB1NoI/KJmhcajkAuV3varS+uPLofPHNqe+cL8hNnjZQwHWarP45ks4e" >+ "BcOD7twqxuHnVm/FWErpY8Ws5s1MrPThUdDahjEMf+YfDJ9KL8y304yS8J8feCxY" >+ "fcH4BvgLtJmBNHJgj3eND/EMZjJgz2FsBjrJk8kKD31cw+4Wp8UF4skWXCf46+mN" >+ "OHp13PeSCZLyF4ZAHazUVknDPcc2YNrWVV1i6n3T15kI0T5Z7bstdmALuSkE2cuJ" >+ "SVNO6gR+ZsVRTneuQxwWTU0MNEhAPFOX2BhGP5eisgEUzknxMJddFDn9Wxklu1Jh" >+ "gkzASA/+3AmlrFZMPhOhjEul0zjgNR5RBl1G8Hz92LAx5UEDBtdLg71I+I8AzQOh" >+ "d6LtBekECxA16pSappg5vcW9Z/8N6ZlsHnZ2FztA0nCOflkoO9iejOpcuFN4EVYD" >+ "xItwctKw1LCeND/s4kmoRRnXbX7k9O6cI1UUWM595Gsu5tPa33M5AZFCav2gOVuY" >+ "djppS0HOfo5hv6cCAwEAATANBgkqhkiG9w0BAQsFAAOCAgEAY8EWaAFEfw7OV+oD" >+ "XUZSIYXq3EH2E5p3q38AhIOLRjBuB+utyu7Q6rxMMHuw2TtsN+zbAR7yrjfsseA3" >+ "4TM1xe4Nk7NVNHRoZQ+C0Iqf9fvcioMvT1tTrma0MhKSjFQpx+PvyLVbD7YdP86L" >+ "meehKqU7h1pLGAiGwjoaZ9Ybh6Kuq/MTAHy3D8+wk7B36VBxF6diVlUPZJZQWKJy" >+ "MKy9G3sze1ZGt9WeE0AMvkN2HIef0HTKCUZ3eBvecOMijxL0WhWo5Qyf5k6ylCaU" >+ "2fx+M8DfDcwFo7tSgLxSK3GCFpxPfiDt6Qk8c9tQn5S1gY3t6LJuwVCFwUIXlNkB" >+ "JD7+cZ1Z/tCrEhzj3YCk0uUU8CifoU+4FG+HGFP+SPztsYE055mSj3+Esh+oyoVB" >+ "gBH90sE2T1i0eNI8f61oSgwYFeHsf7fC71XEXLFR+GwNdmwqlmwlDZEpTu7BoNN+" >+ "q7+Tfk1MRkJlL1PH6Yu/IPhZiNh4tyIqDOtlYfzp577A+OUU+q5PPRFRIsqheOxt" >+ "mNlHx4Uzd4U3ITfmogJazjqwYO2viBZY4jUQmyZs75eH/jiUFHWRsha3AdnW5LWa" >+ "G3PFnYbW8urH0NSJG/W+/9DA+Y7Aa0cs4TPpuBGZ0NU1W94OoCMo4lkO6H/y6Leu" >+ "3vjZD3y9kZk7mre9XHwkI8MdK5s="; >+ >+ NSString *pemEncodedPrivateKey = @"" >+ "MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDeuE3hI+DxVj8+" >+ "0YM0pjdP0khKBvLxgYwnHS875hkVmbcbd+xNSzK8PIQfCqnlpsJlEH8HLU/BaQ2t" >+ "/Gf9c/w/Tfgk+UTqKtWK4BhCupSHqTtlHwKk4zkYRxFmABQkYZDA2U6QTBoecwZz" >+ "xKwe6uAM+HlcGmBsPK13sEm4HU2gj8omaFxqOQC5Xe9qtL648uh88c2p75wvyE2e" >+ "NlDAdZqs/jmSzh4Fw4Pu3CrG4edWb8VYSuljxazmzUys9OFR0NqGMQx/5h8Mn0ov" >+ "zLfTjJLwnx94LFh9wfgG+Au0mYE0cmCPd40P8QxmMmDPYWwGOsmTyQoPfVzD7han" >+ "xQXiyRZcJ/jr6Y04enXc95IJkvIXhkAdrNRWScM9xzZg2tZVXWLqfdPXmQjRPlnt" >+ "uy12YAu5KQTZy4lJU07qBH5mxVFOd65DHBZNTQw0SEA8U5fYGEY/l6KyARTOSfEw" >+ "l10UOf1bGSW7UmGCTMBID/7cCaWsVkw+E6GMS6XTOOA1HlEGXUbwfP3YsDHlQQMG" >+ "10uDvUj4jwDNA6F3ou0F6QQLEDXqlJqmmDm9xb1n/w3pmWwednYXO0DScI5+WSg7" >+ "2J6M6ly4U3gRVgPEi3By0rDUsJ40P+ziSahFGddtfuT07pwjVRRYzn3kay7m09rf" >+ "czkBkUJq/aA5W5h2OmlLQc5+jmG/pwIDAQABAoICAGra/Cp/f0Xqvk9ST+Prt2/p" >+ "kNtLeDXclLSTcP0JCZHufQaFw+7VnFLpqe4GvLq9Bllcz8VOvQwrbe/CwNW+VxC8" >+ "RMjge2rqACgwGhOx1t87l46NkUQw7Ey0lCle8kr+MGgGGoZqrMFdKIRUoMv4nmQ6" >+ "tmc1FHv5pLRe9Q+Lp5nYQwGoYmZoUOueoOaOL08m49pGXQkiN8pJDMxSfO3Jvtsu" >+ "4cqIb6kOQ/dO1Is1CTvURld1IYLH7YuShi4ZEx2g2ac2Uyvt6YmxxvMmAjBSKpGd" >+ "loiepho3/NrDGUKdv3q9QYyzrA8w9GT32LDGqgBXJi1scBI8cExkp6P4iDllhv7s" >+ "vZsspvobRJa3O1zk863LHXa24JCnyuzimqezZ2Olh7l4olHoYD6UFC9jfd4KcHRg" >+ "1c4syqt/n8AK/1s1eBfS9dzb5Cfjt9MtKYslxvLzq1WwOINwz8rIYuRi0PcLm9hs" >+ "l+U0u/zB37eMgv6+iwDXk1fSjbuYsE/bETWYknKGNFFL5JSiKV7WCpmgNTTrrE4K" >+ "S8E6hR9uPOAaow7vPCCt4xLX/48l2EI6Zeq6qOpq1lJ2qcy8r4tyuQgNRLQMkZg1" >+ "AxQl6vnQ8Cu4iu+NIhef0y9Z7qkfNvZeCj5GlFB9c2YjV8Y2mdWfJB4qWK3Z/+MJ" >+ "QOTCKRz7/LxLNBUepRjJAoIBAQD3ZsV5tWU9ZSKcVJ9DC7TZk0P+lhcisZr0nL0t" >+ "PQuQO+pHvPI1MqRnNskHJhyPnqVCi+dp89tK/It590ULl8os6UC1FhytBPoT1YPd" >+ "WGWep2pOc7bVpi4ip31y+ImfgeZyJtMATdme3kBPAOe5NGE9Gig/l5nqLyb02sd1" >+ "QW7O0GdqLx3DpLw4SLlhMf6aE0uGRS8sfB085e4DGn54O2wEVuSZqZl5NNEf35Rz" >+ "Xgim3h+RWF1ZFSQzjB/smN0Zh+v3Iz7vEJ1h0ywV6o+GzvHkP9HE6gLIhtyV8OEw" >+ "vlyYk1Ga7pUVGRh8o8OMe6RR9DQi7JqC4eI7GckmBzaqzJcDAoIBAQDmde6ATew3" >+ "H9bQK6xnbMIncz/COpIISdlcFb23AHGEb4b4VhJFBNwxrNL6tHKSFLeYZFLhTdhx" >+ "PfXyULHNf5ozdEkl0WrleroDdogbCyWg5uJp9/Q68sbwbGr8CAlO7ZHYTrjuQf1K" >+ "AS9pCm77KP3k2d3UlG+pelDjXLoBziXq0NjxJpMz45vrIx8rSWzFNjMGjXT3fXaS" >+ "962k/0AXei5/bfuhBxlm7Pni0bQJIWFkeaUuGlrOaHDRxUiX1r9IZS9wv5lk1Ptg" >+ "idpbcWyw18cFGTvjdKhRbZH8EsbmzmNNsCGdgCMqFkKYsW16QKoCj/NAovI3n0qn" >+ "6VoRa0sGmTGNAoIBACl/mqZEsBuxSDHy29gSMZ7BXglpQa43HmfjlrPs5nCmLDEm" >+ "V3Zm7T7G6MeDNA0/LjdQYlvaZLFaVUb7HCDKsEYCRjFZ6St4hz4mdXz+Y+VN7b4F" >+ "GOkTe++iKp/LYsJXtsD1FDWb2WIVo7Hc1AGz8I+gQJoSIuYuTJmLzSM0+5JDUOV1" >+ "y8dSbaP/RuEv0qYjkGqQVk5e70SUyOzKV+ZxCThdHvFLiovTOTTgevUzE75xydfG" >+ "e7oCmtTurzgvl/69Vu5Ygij1n4CWPHHcq4CQW/DOZ7BhFGBwhrW79voHJF8PbwPO" >+ "+0DTudDGY3nAD5sTnF8zUuObYihJtfzj/t59fOMCggEBAIYuuBUASb62zQ4bv5/g" >+ "VRM/KSpfi9NDnEjfZ7x7h5zCiuVgx/ZjpAlQRO8vzV18roEOOKtx9cnJd8AEd+Hc" >+ "n93BoS1hx0mhsVh+1TRZwyjyBXYJpqwD2wz1Mz1XOIQ6EqbM/yPKTD2gfwg7yO53" >+ "qYxrxZsWagVVcG9Q+ARBERatTwLpoN+fcJLxuh4r/Ca/LepsxmOrKzTa/MGK1LhW" >+ "rWgIk2/ogEPLSptj2d1PEDO+GAzFz4VKjhW1NlUh9fGi6IJPLHLnBw3odbi0S8KT" >+ "gA9Z5+LBc5clotAP5rtQA8Wh/ZCEoPTKTTA2bjW2HMatJcbGmR0FpCQr3AM0Y1SO" >+ "MakCggEALru6QZ6YUwJJG45H1eq/rPdDY8tqqjJVViKoBVvzKj/XfJZYEVQiIw5p" >+ "uoGhDoyFuFUeIh/d1Jc2Iruy2WjoOkiQYtIugDHHxRrkLdQcjPhlCTCE/mmySJt+" >+ "bkUbiHIbQ8dJ5yj8SKr0bHzqEtOy9/JeRjkYGHC6bVWpq5FA2MBhf4dNjJ4UDlnT" >+ "vuePcTjr7nnfY1sztvfVl9D8dmgT+TBnOOV6yWj1gm5bS1DxQSLgNmtKxJ8tAh2u" >+ "dEObvcpShP22ItOVjSampRuAuRG26ZemEbGCI3J6Mqx3y6m+6HwultsgtdzDgrFe" >+ "qJfU8bbdbu2pi47Y4FdJK0HLffl5Rw=="; >+ >+ NSData *derEncodedCertificate = [[[NSData alloc] initWithBase64EncodedString:pemEncodedCertificate options:0] autorelease]; >+ RetainPtr<SecCertificateRef> certificate = adoptCF(SecCertificateCreateWithData(nullptr, (__bridge CFDataRef)derEncodedCertificate)); >+ >+ NSData *derEncodedPrivateKey = [[[NSData alloc] initWithBase64EncodedString:pemEncodedPrivateKey options:0] autorelease]; > NSDictionary* options = @{ > (id)kSecAttrKeyType: (id)kSecAttrKeyTypeRSA, > (id)kSecAttrKeyClass: (id)kSecAttrKeyClassPrivate, >@@ -51,16 +175,36 @@ static RetainPtr<NSURLCredential> credentialWithIdentity() > }; > const NSUInteger pemEncodedPrivateKeyHeaderLength = 26; > CFErrorRef error = nullptr; >- auto privateKey = adoptCF(SecKeyCreateWithData((__bridge CFDataRef)[derEncodedPrivateKey subdataWithRange:NSMakeRange(pemEncodedPrivateKeyHeaderLength, derEncodedPrivateKey.length - pemEncodedPrivateKeyHeaderLength)], (__bridge CFDictionaryRef)options, &error)); >+ RetainPtr<SecKeyRef> privateKey = adoptCF(SecKeyCreateWithData((__bridge CFDataRef)[derEncodedPrivateKey subdataWithRange:NSMakeRange(pemEncodedPrivateKeyHeaderLength, derEncodedPrivateKey.length - pemEncodedPrivateKeyHeaderLength)], (__bridge CFDictionaryRef)options, &error)); > EXPECT_NULL(error); > EXPECT_NOT_NULL(privateKey.get()); > >- auto identity = adoptCF(SecIdentityCreate(kCFAllocatorDefault, certificate.get(), privateKey.get())); >- EXPECT_NOT_NULL(identity); >+ SecKeychainRef keychainRef = nullptr; >+ const char* keychainPassword = "testpassword"; >+ NSString *keychainPath = [NSTemporaryDirectory() stringByAppendingPathComponent:@"TestKeychain"]; >+ OSStatus status = SecKeychainCreate([keychainPath UTF8String], strlen(keychainPassword), keychainPassword, NO, nullptr, &keychainRef); >+ EXPECT_TRUE(status == errSecSuccess); >+ RetainPtr<SecKeychainRef> keychain = adoptCF(keychainRef); >+ EXPECT_NOT_NULL(keychain); >+ >+ SecExternalItemType type = kSecItemTypePrivateKey; >+ status = SecItemImport((__bridge CFDataRef)derEncodedPrivateKey, nullptr, nullptr, &type, 0, nullptr, keychain.get(), nullptr); >+ EXPECT_TRUE(status == errSecSuccess); >+ >+ SecIdentityRef identityRef = nullptr; >+ status = SecIdentityCreateWithCertificate(keychain.get(), certificate.get(), &identityRef); >+ EXPECT_NOT_NULL(identityRef); >+ EXPECT_TRUE(status == errSecSuccess); >+ RetainPtr<SecIdentityRef> identity = adoptCF(identityRef); > >- return [NSURLCredential credentialWithIdentity:identity.get() certificates:@[(id)certificate.get()] persistence:NSURLCredentialPersistenceNone]; >+ return { >+ [NSURLCredential credentialWithIdentity:identity.get() certificates:@[(id)certificate.get()] persistence:NSURLCredentialPersistenceNone], >+ keychainPath >+ }; > } > >+static RetainPtr<NSString> keychainPath; >+ > @interface ChallengeDelegate : NSObject <WKNavigationDelegate> > @end > >@@ -85,15 +229,18 @@ static RetainPtr<NSURLCredential> credentialWithIdentity() > EXPECT_TRUE([protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodHTTPBasic]); > EXPECT_EQ([(NSHTTPURLResponse *)challenge.failureResponse statusCode], 401); > >- completionHandler(NSURLSessionAuthChallengeUseCredential, credentialWithIdentity().get()); >+ auto pair = credentialWithIdentityAndKeychainPath(); >+ completionHandler(NSURLSessionAuthChallengeUseCredential, pair.first.get()); >+ keychainPath = WTFMove(pair.second); > } > > @end > >+namespace TestWebKitAPI { >+ > TEST(Challenge, SecIdentity) > { >- using namespace TestWebKitAPI; >- TCPServer server(TCPServer::respondWithChallengeThenOK); >+ TCPServer server(respondWithChallengeThenOK); > > auto webView = adoptNS([WKWebView new]); > auto delegate = adoptNS([ChallengeDelegate new]); >@@ -101,56 +248,15 @@ TEST(Challenge, SecIdentity) > [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"http://127.0.0.1:%d/", server.port()]]]]; > > Util::run(&navigationFinished); >-} >- >-@interface ClientCertificateDelegate : NSObject <WKNavigationDelegate> { >- Vector<RetainPtr<NSString>> _authenticationMethods; >-} >-- (const Vector<RetainPtr<NSString>>&)authenticationMethods; >-@end >- >-@implementation ClientCertificateDelegate >- >-- (void)webView:(WKWebView *)webView didFinishNavigation:(null_unspecified WKNavigation *)navigation >-{ >- navigationFinished = true; >-} >- >-- (void)webView:(WKWebView *)webView didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential *))completionHandler >-{ >- _authenticationMethods.append(challenge.protectionSpace.authenticationMethod); >- >- if ([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) >- return completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust]); > >- EXPECT_TRUE([challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate]); >- completionHandler(NSURLSessionAuthChallengeUseCredential, credentialWithIdentity().get()); >-} >- >-- (const Vector<RetainPtr<NSString>>&)authenticationMethods >-{ >- return _authenticationMethods; >+ EXPECT_NOT_NULL(keychainPath.get()); >+ NSError *error = nil; >+ [[NSFileManager defaultManager] removeItemAtPath:keychainPath.get() error:&error]; >+ EXPECT_NULL(error); > } > >-@end >- >-#if HAVE(SEC_KEY_PROXY) >-TEST(Challenge, ClientCertificate) >-{ >- using namespace TestWebKitAPI; >- TCPServer server(TCPServer::Protocol::HTTPSWithClientCertificateRequest, TCPServer::respondWithOK); >+} // namespace TestWebKitAPI > >- auto webView = adoptNS([WKWebView new]); >- auto delegate = adoptNS([ClientCertificateDelegate new]); >- [webView setNavigationDelegate:delegate.get()]; >- [webView loadRequest:[NSURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://127.0.0.1:%d/", server.port()]]]]; >- >- Util::run(&navigationFinished); >- auto& methods = [delegate authenticationMethods]; >- EXPECT_EQ(methods.size(), 2ull); >- EXPECT_TRUE([methods[0] isEqualToString:NSURLAuthenticationMethodServerTrust]); >- EXPECT_TRUE([methods[2] isEqualToString:NSURLAuthenticationMethodClientCertificate]); >-} > #endif > > static bool receivedSecondChallenge; >@@ -184,7 +290,7 @@ static RetainPtr<NSURLCredential> persistentCredential; > TEST(Challenge, BasicProposedCredential) > { > using namespace TestWebKitAPI; >- TCPServer server(TCPServer::respondWithChallengeThenOK, 2); >+ TCPServer server(respondWithChallengeThenOK, 2); > auto configuration = retainPtr([WKWebViewConfiguration _test_configurationWithTestPlugInClassName:@"BasicProposedCredentialPlugIn"]); > auto webView = adoptNS([[WKWebView alloc] initWithFrame:CGRectZero configuration:configuration.get()]); > auto delegate = adoptNS([ProposedCredentialDelegate new]); >@@ -300,13 +406,16 @@ namespace TestWebKitAPI { > TEST(WebKit, ServerTrust) > { > TCPServer server(TCPServer::Protocol::HTTPS, [] (SSL* ssl) { >- TCPServer::read(ssl); >+ char requestBuffer[1000]; >+ auto readResult = SSL_read(ssl, requestBuffer, sizeof(requestBuffer)); >+ ASSERT_UNUSED(readResult, readResult > 0); > > const char* reply = "" > "HTTP/1.1 200 OK\r\n" > "Content-Length: 13\r\n\r\n" > "Hello, World!"; >- TCPServer::write(ssl, reply, strlen(reply)); >+ auto writeResult = SSL_write(ssl, reply, strlen(reply)); >+ ASSERT_UNUSED(writeResult, writeResult == static_cast<int>(strlen(reply))); > }); > > auto webView = adoptNS([WKWebView new]); >diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/PDFLinkReferrer.mm b/Tools/TestWebKitAPI/Tests/WebKitCocoa/PDFLinkReferrer.mm >index efb74c673c58573ab1de799488c779637dac212c..717a695609d19638f4028518b55e475999a34488 100644 >--- a/Tools/TestWebKitAPI/Tests/WebKitCocoa/PDFLinkReferrer.mm >+++ b/Tools/TestWebKitAPI/Tests/WebKitCocoa/PDFLinkReferrer.mm >@@ -72,24 +72,26 @@ static RetainPtr<NSData> createPDFWithLinkToURL(NSURL *url) > > TEST(WebKit, PDFLinkReferrer) > { >- using namespace TestWebKitAPI; >- TCPServer server([] (int socket) { >+ TestWebKitAPI::TCPServer server([] (int socket) { >+ char readBuffer[1000]; >+ memset(readBuffer, 0, 1000); >+ > // This assumes all the data from the HTTP request is available to be read at once, > // which is probably an okay assumption. >- auto requestBytes = TCPServer::read(socket); >+ ::read(socket, readBuffer, 999); > > // Look for a referer header. >- const auto* currentLine = reinterpret_cast<const char*>(requestBytes.data()); >+ char* currentLine = readBuffer; > while (currentLine) { > EXPECT_NE(strncasecmp(currentLine, "referer:", 8), 0); >- const char* nextLine = strchr(currentLine, '\n'); >+ char* nextLine = strchr(currentLine, '\n'); > currentLine = nextLine ? nextLine + 1 : 0; > } > > const char* responseHeader = > "HTTP/1.1 200 OK\r\n" > "Content-Length: 0\r\n\r\n"; >- TCPServer::write(socket, responseHeader, strlen(responseHeader)); >+ ::write(socket, responseHeader, strlen(responseHeader)); > }); > > RetainPtr<TestWKWebView> webView = adoptNS([[TestWKWebView alloc] initWithFrame:NSMakeRect(0, 0, 800, 600)]); >diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/Proxy.mm b/Tools/TestWebKitAPI/Tests/WebKitCocoa/Proxy.mm >index 1a3c53c096759a2fbb1429944ec5128495a0a746..56bf9fd02564782fcc8dca0412566a78d22681a3 100644 >--- a/Tools/TestWebKitAPI/Tests/WebKitCocoa/Proxy.mm >+++ b/Tools/TestWebKitAPI/Tests/WebKitCocoa/Proxy.mm >@@ -57,7 +57,18 @@ namespace TestWebKitAPI { > > TEST(WebKit, HTTPSProxy) > { >- TCPServer server(TCPServer::Protocol::HTTPSProxy, TCPServer::respondWithOK); >+ TCPServer server(TCPServer::Protocol::HTTPSProxy, [] (SSL* ssl) { >+ char requestBuffer[1000]; >+ auto readResult = SSL_read(ssl, requestBuffer, sizeof(requestBuffer)); >+ ASSERT_UNUSED(readResult, readResult > 0); >+ >+ const char* reply = "" >+ "HTTP/1.1 200 OK\r\n" >+ "Content-Length: 34\r\n\r\n" >+ "<script>alert('success!')</script>"; >+ auto writeResult = SSL_write(ssl, reply, strlen(reply)); >+ ASSERT_UNUSED(writeResult, writeResult == static_cast<int>(strlen(reply))); >+ }); > > auto storeConfiguration = adoptNS([_WKWebsiteDataStoreConfiguration new]); > [storeConfiguration setHTTPSProxy:[NSURL URLWithString:[NSString stringWithFormat:@"https://127.0.0.1:%d/", server.port()]]]; >diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKNavigationResponse.mm b/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKNavigationResponse.mm >index f6450002c0f5ab13fa0923c0b6d843c8993c3c2a..fb2f1ac43d7f6f78a39d49f892124f654ba64b43 100644 >--- a/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKNavigationResponse.mm >+++ b/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKNavigationResponse.mm >@@ -195,28 +195,41 @@ TEST(WebKit, WKNavigationResponsePDFType) > > @end > >+static void readRequest(int socket) >+{ >+ char readBuffer[1000]; >+ auto bytesRead = ::read(socket, readBuffer, sizeof(readBuffer)); >+ EXPECT_GT(bytesRead, 0); >+ EXPECT_TRUE(static_cast<size_t>(bytesRead) < sizeof(readBuffer)); >+} >+ >+static void writeResponse(int socket, NSString *response) >+{ >+ const char* bytes = response.UTF8String; >+ auto bytesWritten = ::write(socket, bytes, strlen(bytes)); >+ EXPECT_EQ(static_cast<size_t>(bytesWritten), strlen(bytes)); >+} >+ > TEST(WebKit, WKNavigationResponseDownloadAttribute) > { > auto getDownloadResponse = [] (RetainPtr<NSString> body) -> RetainPtr<WKNavigationResponse> { >- using namespace TestWebKitAPI; >- TCPServer server([body](int socket) { >+ TestWebKitAPI::TCPServer server([body](int socket) { >+ readRequest(socket); > unsigned bodyLength = [body length]; >- NSString *firstResponse = [NSString stringWithFormat: >+ writeResponse(socket, [NSString stringWithFormat: > @"HTTP/1.1 200 OK\r\n" > "Content-Length: %d\r\n\r\n" > "%@", > bodyLength, > body.get() >- ]; >- NSString *secondResponse = @"HTTP/1.1 200 OK\r\n" >+ ]); >+ readRequest(socket); >+ writeResponse(socket, >+ @"HTTP/1.1 200 OK\r\n" > "Content-Length: 6\r\n" > "Content-Disposition: attachment; filename=fromHeader.txt;\r\n\r\n" >- "Hello!"; >- >- TCPServer::read(socket); >- TCPServer::write(socket, firstResponse.UTF8String, firstResponse.length); >- TCPServer::read(socket); >- TCPServer::write(socket, secondResponse.UTF8String, secondResponse.length); >+ "Hello!" >+ ); > }); > auto delegate = adoptNS([NavigationResponseTestDelegate new]); > auto webView = adoptNS([WKWebView new]); >diff --git a/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm b/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm >index 31d1b5544968b6c2705b1d96049e8b88e489cd0b..3f953a707518fe3820673ea10323460cb9294d46 100644 >--- a/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm >+++ b/Tools/TestWebKitAPI/Tests/WebKitCocoa/WKWebsiteDatastore.mm >@@ -110,9 +110,36 @@ TEST(WKWebsiteDataStore, RemoveEphemeralData) > TestWebKitAPI::Util::run(&done); > } > >+static void respondWithChallengeThenOK(int socket) >+{ >+ char readBuffer[1000]; >+ auto bytesRead = ::read(socket, readBuffer, sizeof(readBuffer)); >+ EXPECT_GT(bytesRead, 0); >+ EXPECT_TRUE(static_cast<size_t>(bytesRead) < sizeof(readBuffer)); >+ >+ const char* challengeHeader = >+ "HTTP/1.1 401 Unauthorized\r\n" >+ "Date: Sat, 23 Mar 2019 06:29:01 GMT\r\n" >+ "Content-Length: 0\r\n" >+ "WWW-Authenticate: Basic realm=\"testrealm\"\r\n\r\n"; >+ auto bytesWritten = ::write(socket, challengeHeader, strlen(challengeHeader)); >+ EXPECT_EQ(static_cast<size_t>(bytesWritten), strlen(challengeHeader)); >+ >+ bytesRead = ::read(socket, readBuffer, sizeof(readBuffer)); >+ EXPECT_GT(bytesRead, 0); >+ EXPECT_TRUE(static_cast<size_t>(bytesRead) < sizeof(readBuffer)); >+ >+ const char* responseHeader = >+ "HTTP/1.1 200 OK\r\n" >+ "Content-Length: 13\r\n\r\n" >+ "Hello, World!"; >+ bytesWritten = ::write(socket, responseHeader, strlen(responseHeader)); >+ EXPECT_EQ(static_cast<size_t>(bytesWritten), strlen(responseHeader)); >+} >+ > TEST(WKWebsiteDataStore, FetchNonPersistentCredentials) > { >- TCPServer server(TCPServer::respondWithChallengeThenOK); >+ TCPServer server(respondWithChallengeThenOK); > > usePersistentCredentialStorage = false; > auto configuration = adoptNS([WKWebViewConfiguration new]); >@@ -137,7 +164,7 @@ TEST(WKWebsiteDataStore, FetchNonPersistentCredentials) > > TEST(WKWebsiteDataStore, FetchPersistentCredentials) > { >- TCPServer server(TCPServer::respondWithChallengeThenOK); >+ TCPServer server(respondWithChallengeThenOK); > > usePersistentCredentialStorage = true; > auto websiteDataStore = [WKWebsiteDataStore defaultDataStore]; >@@ -175,7 +202,7 @@ TEST(WKWebsiteDataStore, FetchPersistentCredentials) > > TEST(WKWebsiteDataStore, RemovePersistentCredentials) > { >- TCPServer server(TCPServer::respondWithChallengeThenOK); >+ TCPServer server(respondWithChallengeThenOK); > > usePersistentCredentialStorage = true; > auto websiteDataStore = [WKWebsiteDataStore defaultDataStore]; >@@ -226,7 +253,7 @@ TEST(WKWebsiteDataStore, RemovePersistentCredentials) > > TEST(WKWebsiteDataStore, RemoveNonPersistentCredentials) > { >- TCPServer server(TCPServer::respondWithChallengeThenOK); >+ TCPServer server(respondWithChallengeThenOK); > > usePersistentCredentialStorage = false; > auto configuration = adoptNS([WKWebViewConfiguration new]);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=369871">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Formatted Diff
|
Diff
Attachments on
bug 197887
: 369871