diff options
| author | mark@chromium.org <mark@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-05-17 23:17:58 +0000 |
|---|---|---|
| committer | mark@chromium.org <mark@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2012-05-17 23:17:58 +0000 |
| commit | 279d0db954367d00b49a1600423858b4dcb32139 (patch) | |
| tree | 998108e1d2921cc67befd678ea97ae24af6fcbea /chrome/browser/mac | |
| parent | 4664fd7c7406c89f425eec9f5dba3bf13a49a3fa (diff) | |
| download | chromium_src-279d0db954367d00b49a1600423858b4dcb32139.zip chromium_src-279d0db954367d00b49a1600423858b4dcb32139.tar.gz chromium_src-279d0db954367d00b49a1600423858b4dcb32139.tar.bz2 | |
Ensure that the at-launch reauthorize actually reauthorizes all items, even
if an at-update reauthorize already ran.
Although the at-update reauthorization renders items readable by the
application when signed by either certificate, the icon and application name
displayed in Keychain Access are wrong, because they refer to the stub
reauthorization executable on the ejected updater dmg. There is no functional
problem here, but as long as it remains possible to reauthorize at launch,
it's good to do so to fix the UI in Keychain Access.
BUG=108238
TEST=none
Review URL: https://chromiumcodereview.appspot.com/10388184
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@137768 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/mac')
| -rw-r--r-- | chrome/browser/mac/keychain_reauthorize.mm | 63 |
1 files changed, 50 insertions, 13 deletions
diff --git a/chrome/browser/mac/keychain_reauthorize.mm b/chrome/browser/mac/keychain_reauthorize.mm index 50faa8a..26fc485 100644 --- a/chrome/browser/mac/keychain_reauthorize.mm +++ b/chrome/browser/mac/keychain_reauthorize.mm @@ -26,8 +26,26 @@ namespace mac { namespace { -// Returns the set of requirement strings that ought to be reauthorized. -std::vector<std::string> RequirementMatches(); +// Returns the requirement string embedded within a SecTrustedApplicationRef, +// or an empty string on error. +std::string RequirementStringForApplication( + SecTrustedApplicationRef application); + +// Returns the set of requirement strings that ought to be reauthorized. In a +// bundled application, the requirement string from |application| will also be +// added to the hard-coded list. This allows an at-launch reauthorization to +// re-reauthorize anything done by a previous at-update reauthorization. +// Although items reauthorized during the at-update step will work properly in +// every way, they contain a reference to the missing reauthorization stub +// executable from the disk image in the Keychain, resulting in no icon and +// a weird name like "com.google" (non-Canary) or "com.google.Chrome" +// (Canary). Because reauthorization is controlled by a preference that limits +// it to a single successful run at update and a single successful run at +// launch, protection already exists against perpetually reauthorizing items. +// This addition exists simply to make the Keychain Access UI match +// expectations. +std::vector<std::string> GetRequirementMatches( + SecTrustedApplicationRef application); // Reauthorizes an ACL by examining all of the applications it names, and upon // finding any whose requirement matches any element of requirement_matches, @@ -107,12 +125,12 @@ void KeychainReauthorize() { CSSM_DL_DB_RECORD_ANY, NULL)); - std::vector<std::string> requirement_matches = - RequirementMatches(); - base::mac::ScopedCFTypeRef<SecTrustedApplicationRef> this_application( CrSTrustedApplicationCreateFromPath(NULL)); + std::vector<std::string> requirement_matches = + GetRequirementMatches(this_application); + std::vector<CrSKeychainItemAndAccess> items_and_reauthorized_accesses = KCSearchToKCItemsAndReauthorizedAccesses(search, requirement_matches, @@ -160,7 +178,24 @@ void KeychainReauthorizeIfNeeded(NSString* pref_key, int max_tries) { namespace { -std::vector<std::string> RequirementMatches() { +std::string RequirementStringForApplication( + SecTrustedApplicationRef application) { + base::mac::ScopedCFTypeRef<SecRequirementRef> requirement( + CrSTrustedApplicationCopyRequirement(application)); + base::mac::ScopedCFTypeRef<CFStringRef> requirement_string_cf( + CrSRequirementCopyString(requirement, kSecCSDefaultFlags)); + if (!requirement_string_cf) { + return std::string(); + } + + std::string requirement_string = + base::SysCFStringRefToUTF8(requirement_string_cf); + + return requirement_string; +} + +std::vector<std::string> GetRequirementMatches( + SecTrustedApplicationRef application) { // See the designated requirement for a signed released build: // codesign -d -r- "Google Chrome.app" // @@ -250,6 +285,12 @@ std::vector<std::string> RequirementMatches() { } } + if (application && base::mac::AmIBundled()) { + std::string application_requirement = + RequirementStringForApplication(application); + requirement_matches.push_back(application_requirement); + } + return requirement_matches; } @@ -345,16 +386,12 @@ bool ReauthorizeACL( base::mac::CFCast<SecTrustedApplicationRef>( CFArrayGetValueAtIndex(acl_simple_contents->application_list, application_index)); - base::mac::ScopedCFTypeRef<SecRequirementRef> requirement( - CrSTrustedApplicationCopyRequirement(application)); - base::mac::ScopedCFTypeRef<CFStringRef> requirement_string_cf( - CrSRequirementCopyString(requirement, kSecCSDefaultFlags)); - if (!requirement_string_cf) { + std::string requirement_string = + RequirementStringForApplication(application); + if (requirement_string.empty()) { continue; } - std::string requirement_string = - base::SysCFStringRefToUTF8(requirement_string_cf); if (std::find(requirement_matches.begin(), requirement_matches.end(), requirement_string) != requirement_matches.end()) { |