<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[200785] trunk/Source</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta">
<dt>Revision</dt> <dd><a href="http://trac.webkit.org/projects/webkit/changeset/200785">200785</a></dd>
<dt>Author</dt> <dd>dbates@webkit.org</dd>
<dt>Date</dt> <dd>2016-05-12 12:14:48 -0700 (Thu, 12 May 2016)</dd>
</dl>
<h3>Log Message</h3>
<pre>Use SecTask SPI to retrieve code signing identifier for user directory suffix
https://bugs.webkit.org/show_bug.cgi?id=157570
Source/WebKit2:
<rdar://problem/25706517>
Reviewed by Darin Adler.
It is sufficient to make use of the SecTask SPI to retrieve the code signing
identifier of the embedding client for use in the user directory suffix. This
avoids the need to allow Code Signing Services to have access to the bundle
of the embedding client.
* Shared/mac/ChildProcessMac.mm:
(WebKit::ChildProcess::initializeSandbox): Use the code signing identifier of the
embedding client as part of the user directory suffix if available.
* Shared/mac/CodeSigning.h: Update comment and include header wtf/spi/darwin/XPCSPI.h
for the definition of xpc_connection_t. Renamed codeSigningIdentifier() to codeSigningIdentifierForCurrentProcess()
to convey that it returns the code signing identifier for the current process. Repurposed
the name codeSigningIdentifier for the variant of this function that takes a xpc_connection_t.
* Shared/mac/CodeSigning.mm:
(WebKit::codeSigningIdentifier): Added. Uses the audit token associated with the specified
XPC connection to get the code signing identifier for the embedding client.
(WebKit::codeSigningIdentifierForCurrentProcess): Renamed; formerly named codeSigningIdentifier.
Implemented in terms of the SecTask API.
(WebKit::secCodeForCurrentProcess): Deleted.
(WebKit::secCodeForProcess): Deleted.
(WebKit::secCodeSigningInformation): Deleted.
(WebKit::appleSignedOrMacAppStoreSignedOrAppleDeveloperSignedRequirement): Deleted.
(WebKit::secCodeSigningIdentifier): Deleted.
(WebKit::codeSigningIdentifierForProcess): Deleted.
* UIProcess/Launcher/mac/ProcessLauncherMac.mm:
(WebKit::connectToService): Update code due to renaming.
Source/WTF:
Reviewed by Darin Adler.
<rdar://problem/25706517>
Forward declare SPI SecTaskCopySigningIdentifier().
* wtf/spi/cocoa/SecuritySPI.h:</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkSourceWTFChangeLog">trunk/Source/WTF/ChangeLog</a></li>
<li><a href="#trunkSourceWTFwtfspicocoaSecuritySPIh">trunk/Source/WTF/wtf/spi/cocoa/SecuritySPI.h</a></li>
<li><a href="#trunkSourceWebKit2ChangeLog">trunk/Source/WebKit2/ChangeLog</a></li>
<li><a href="#trunkSourceWebKit2SharedmacChildProcessMacmm">trunk/Source/WebKit2/Shared/mac/ChildProcessMac.mm</a></li>
<li><a href="#trunkSourceWebKit2SharedmacCodeSigningh">trunk/Source/WebKit2/Shared/mac/CodeSigning.h</a></li>
<li><a href="#trunkSourceWebKit2SharedmacCodeSigningmm">trunk/Source/WebKit2/Shared/mac/CodeSigning.mm</a></li>
<li><a href="#trunkSourceWebKit2UIProcessLaunchermacProcessLauncherMacmm">trunk/Source/WebKit2/UIProcess/Launcher/mac/ProcessLauncherMac.mm</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkSourceWTFChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WTF/ChangeLog (200784 => 200785)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WTF/ChangeLog 2016-05-12 19:13:57 UTC (rev 200784)
+++ trunk/Source/WTF/ChangeLog 2016-05-12 19:14:48 UTC (rev 200785)
</span><span class="lines">@@ -1,3 +1,15 @@
</span><ins>+2016-05-12 Daniel Bates <dabates@apple.com>
+
+ Use SecTask SPI to retrieve code signing identifier for user directory suffix
+ https://bugs.webkit.org/show_bug.cgi?id=157570
+
+ Reviewed by Darin Adler.
+ <rdar://problem/25706517>
+
+ Forward declare SPI SecTaskCopySigningIdentifier().
+
+ * wtf/spi/cocoa/SecuritySPI.h:
+
</ins><span class="cx"> 2016-05-12 Csaba Osztrogonác <ossy@webkit.org>
</span><span class="cx">
</span><span class="cx"> Remove ENABLE(ES6_ARROWFUNCTION_SYNTAX) guards
</span></span></pre></div>
<a id="trunkSourceWTFwtfspicocoaSecuritySPIh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WTF/wtf/spi/cocoa/SecuritySPI.h (200784 => 200785)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WTF/wtf/spi/cocoa/SecuritySPI.h 2016-05-12 19:13:57 UTC (rev 200784)
+++ trunk/Source/WTF/wtf/spi/cocoa/SecuritySPI.h 2016-05-12 19:14:48 UTC (rev 200785)
</span><span class="lines">@@ -58,6 +58,10 @@
</span><span class="cx"> EXTERN_C SecTaskRef SecTaskCreateFromSelf(CFAllocatorRef);
</span><span class="cx"> EXTERN_C CFTypeRef SecTaskCopyValueForEntitlement(SecTaskRef, CFStringRef entitlement, CFErrorRef *);
</span><span class="cx">
</span><ins>+#if PLATFORM(MAC) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200
+EXTERN_C CFStringRef SecTaskCopySigningIdentifier(SecTaskRef, CFErrorRef *);
+#endif
+
</ins><span class="cx"> #if HAVE(SEC_TRUST_SERIALIZATION)
</span><span class="cx"> EXTERN_C CF_RETURNS_RETAINED CFDataRef SecTrustSerialize(SecTrustRef, CFErrorRef *);
</span><span class="cx"> EXTERN_C CF_RETURNS_RETAINED SecTrustRef SecTrustDeserialize(CFDataRef serializedTrust, CFErrorRef *);
</span></span></pre></div>
<a id="trunkSourceWebKit2ChangeLog"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/ChangeLog (200784 => 200785)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/ChangeLog 2016-05-12 19:13:57 UTC (rev 200784)
+++ trunk/Source/WebKit2/ChangeLog 2016-05-12 19:14:48 UTC (rev 200785)
</span><span class="lines">@@ -1,3 +1,37 @@
</span><ins>+2016-05-12 Daniel Bates <dabates@apple.com>
+
+ Use SecTask SPI to retrieve code signing identifier for user directory suffix
+ https://bugs.webkit.org/show_bug.cgi?id=157570
+ <rdar://problem/25706517>
+
+ Reviewed by Darin Adler.
+
+ It is sufficient to make use of the SecTask SPI to retrieve the code signing
+ identifier of the embedding client for use in the user directory suffix. This
+ avoids the need to allow Code Signing Services to have access to the bundle
+ of the embedding client.
+
+ * Shared/mac/ChildProcessMac.mm:
+ (WebKit::ChildProcess::initializeSandbox): Use the code signing identifier of the
+ embedding client as part of the user directory suffix if available.
+ * Shared/mac/CodeSigning.h: Update comment and include header wtf/spi/darwin/XPCSPI.h
+ for the definition of xpc_connection_t. Renamed codeSigningIdentifier() to codeSigningIdentifierForCurrentProcess()
+ to convey that it returns the code signing identifier for the current process. Repurposed
+ the name codeSigningIdentifier for the variant of this function that takes a xpc_connection_t.
+ * Shared/mac/CodeSigning.mm:
+ (WebKit::codeSigningIdentifier): Added. Uses the audit token associated with the specified
+ XPC connection to get the code signing identifier for the embedding client.
+ (WebKit::codeSigningIdentifierForCurrentProcess): Renamed; formerly named codeSigningIdentifier.
+ Implemented in terms of the SecTask API.
+ (WebKit::secCodeForCurrentProcess): Deleted.
+ (WebKit::secCodeForProcess): Deleted.
+ (WebKit::secCodeSigningInformation): Deleted.
+ (WebKit::appleSignedOrMacAppStoreSignedOrAppleDeveloperSignedRequirement): Deleted.
+ (WebKit::secCodeSigningIdentifier): Deleted.
+ (WebKit::codeSigningIdentifierForProcess): Deleted.
+ * UIProcess/Launcher/mac/ProcessLauncherMac.mm:
+ (WebKit::connectToService): Update code due to renaming.
+
</ins><span class="cx"> 2016-05-12 Konstantin Tokarev <annulen@yandex.ru>
</span><span class="cx">
</span><span class="cx"> Use reference instead of pointer in FrameLoaderClient::saveViewStateToItem.
</span></span></pre></div>
<a id="trunkSourceWebKit2SharedmacChildProcessMacmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Shared/mac/ChildProcessMac.mm (200784 => 200785)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Shared/mac/ChildProcessMac.mm 2016-05-12 19:13:57 UTC (rev 200784)
+++ trunk/Source/WebKit2/Shared/mac/ChildProcessMac.mm 2016-05-12 19:14:48 UTC (rev 200785)
</span><span class="lines">@@ -83,14 +83,15 @@
</span><span class="cx"> NSBundle *webkit2Bundle = [NSBundle bundleForClass:NSClassFromString(@"WKView")];
</span><span class="cx"> String defaultProfilePath = [webkit2Bundle pathForResource:[[NSBundle mainBundle] bundleIdentifier] ofType:@"sb"];
</span><span class="cx">
</span><del>- bool willUseUserDirectorySuffixInitializationParameter = false;
</del><span class="cx"> if (sandboxParameters.userDirectorySuffix().isNull()) {
</span><span class="cx"> auto userDirectorySuffix = parameters.extraInitializationData.find("user-directory-suffix");
</span><del>- if (userDirectorySuffix != parameters.extraInitializationData.end()) {
- willUseUserDirectorySuffixInitializationParameter = true;
</del><ins>+ if (userDirectorySuffix != parameters.extraInitializationData.end())
</ins><span class="cx"> sandboxParameters.setUserDirectorySuffix([makeString(userDirectorySuffix->value, '/', String([[NSBundle mainBundle] bundleIdentifier])) fileSystemRepresentation]);
</span><del>- } else {
- String defaultUserDirectorySuffix = makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', parameters.clientIdentifier);
</del><ins>+ else {
+ String clientIdentifier = codeSigningIdentifier(parameters.connectionIdentifier.xpcConnection.get());
+ if (clientIdentifier.isNull())
+ clientIdentifier = parameters.clientIdentifier;
+ String defaultUserDirectorySuffix = makeString(String([[NSBundle mainBundle] bundleIdentifier]), '+', clientIdentifier);
</ins><span class="cx"> sandboxParameters.setUserDirectorySuffix(defaultUserDirectorySuffix);
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="lines">@@ -174,15 +175,6 @@
</span><span class="cx"> WTFLogAlways("%s: Couldn't enable sandbox style file quarantine: %ld\n", getprogname(), static_cast<long>(error));
</span><span class="cx"> exit(EX_NOPERM);
</span><span class="cx"> }
</span><del>-
- if (willUseUserDirectorySuffixInitializationParameter)
- return;
- String clientCodeSigningIdentifier = codeSigningIdentifierForProcess(xpc_connection_get_pid(parameters.connectionIdentifier.xpcConnection.get()));
- bool isClientCodeSigned = !clientCodeSigningIdentifier.isNull();
- if (isClientCodeSigned && clientCodeSigningIdentifier != parameters.clientIdentifier) {
- WTFLogAlways("%s: Code signing identifier of client differs from passed client identifier.\n", getprogname());
- exit(EX_NOPERM);
- }
</del><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> #if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101100
</span></span></pre></div>
<a id="trunkSourceWebKit2SharedmacCodeSigningh"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Shared/mac/CodeSigning.h (200784 => 200785)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Shared/mac/CodeSigning.h 2016-05-12 19:13:57 UTC (rev 200784)
+++ trunk/Source/WebKit2/Shared/mac/CodeSigning.h 2016-05-12 19:14:48 UTC (rev 200785)
</span><span class="lines">@@ -26,11 +26,12 @@
</span><span class="cx"> #pragma once
</span><span class="cx">
</span><span class="cx"> #include <wtf/Forward.h>
</span><ins>+#include <wtf/spi/darwin/XPCSPI.h>
</ins><span class="cx">
</span><span class="cx"> namespace WebKit {
</span><span class="cx">
</span><del>-// These functions return a null string if the process is either unsigned or signed by a third-party.
-String codeSigningIdentifier();
-String codeSigningIdentifierForProcess(pid_t);
</del><ins>+// These functions return a null string if the process is unsigned.
+String codeSigningIdentifierForCurrentProcess();
+String codeSigningIdentifier(xpc_connection_t);
</ins><span class="cx">
</span><span class="cx"> } // namespace WebKit
</span></span></pre></div>
<a id="trunkSourceWebKit2SharedmacCodeSigningmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/Shared/mac/CodeSigning.mm (200784 => 200785)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/Shared/mac/CodeSigning.mm 2016-05-12 19:13:57 UTC (rev 200784)
+++ trunk/Source/WebKit2/Shared/mac/CodeSigning.mm 2016-05-12 19:14:48 UTC (rev 200785)
</span><span class="lines">@@ -28,81 +28,40 @@
</span><span class="cx">
</span><span class="cx"> #if PLATFORM(MAC)
</span><span class="cx">
</span><del>-#include <Security/Security.h>
</del><span class="cx"> #include <wtf/RetainPtr.h>
</span><del>-#include <wtf/cf/TypeCastsCF.h>
</del><ins>+#include <wtf/spi/cocoa/SecuritySPI.h>
</ins><span class="cx"> #include <wtf/text/WTFString.h>
</span><span class="cx">
</span><span class="cx"> namespace WebKit {
</span><span class="cx">
</span><del>-static RetainPtr<SecCodeRef> secCodeForCurrentProcess()
</del><ins>+#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200
+static String codeSigningIdentifier(SecTaskRef task)
</ins><span class="cx"> {
</span><del>- SecCodeRef code = nullptr;
- RELEASE_ASSERT(!SecCodeCopySelf(kSecCSDefaultFlags, &code));
- return adoptCF(code);
</del><ins>+ return adoptCF(SecTaskCopySigningIdentifier(task, nullptr)).get();
</ins><span class="cx"> }
</span><ins>+#endif
</ins><span class="cx">
</span><del>-static RetainPtr<SecCodeRef> secCodeForProcess(pid_t pid)
</del><ins>+String codeSigningIdentifierForCurrentProcess()
</ins><span class="cx"> {
</span><del>- RetainPtr<CFNumberRef> pidCFNumber = adoptCF(CFNumberCreate(kCFAllocatorDefault, kCFNumberIntType, &pid));
- const void* keys[] = { kSecGuestAttributePid };
- const void* values[] = { pidCFNumber.get() };
- RetainPtr<CFDictionaryRef> attributes = adoptCF(CFDictionaryCreate(kCFAllocatorDefault, keys, values, WTF_ARRAY_LENGTH(keys), &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
- SecCodeRef code = nullptr;
- OSStatus errorCode = noErr;
- // FIXME: We should RELEASE_ASSERT() that SecCodeCopyGuestWithAttributes() returns without error. See <rdar://problem/25706517>.
- if ((errorCode = SecCodeCopyGuestWithAttributes(nullptr, attributes.get(), kSecCSDefaultFlags, &code))) {
- WTFLogAlways("SecCodeCopyGuestWithAttributes() failed with error: %ld\n", static_cast<long>(errorCode));
- return nullptr;
- }
- return adoptCF(code);
</del><ins>+#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200
+ return codeSigningIdentifier(adoptCF(SecTaskCreateFromSelf(kCFAllocatorDefault)).get());
+#else
+ return { };
+#endif
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-static RetainPtr<CFDictionaryRef> secCodeSigningInformation(SecCodeRef code)
</del><ins>+String codeSigningIdentifier(xpc_connection_t connection)
</ins><span class="cx"> {
</span><del>- CFDictionaryRef signingInfo = nullptr;
- RELEASE_ASSERT(!SecCodeCopySigningInformation(code, kSecCSDefaultFlags, &signingInfo));
- return adoptCF(signingInfo);
</del><ins>+#if __MAC_OS_X_VERSION_MIN_REQUIRED >= 101200
+ audit_token_t auditToken;
+ xpc_connection_get_audit_token(connection, &auditToken);
+ return codeSigningIdentifier(adoptCF(SecTaskCreateWithAuditToken(kCFAllocatorDefault, auditToken)).get());
+#else
+ UNUSED_PARAM(connection);
+ return { };
+#endif
</ins><span class="cx"> }
</span><span class="cx">
</span><del>-static RetainPtr<SecRequirementRef> appleSignedOrMacAppStoreSignedOrAppleDeveloperSignedRequirement()
-{
- CFStringRef requirement = CFSTR("(anchor apple) or (anchor apple generic and certificate leaf[field.1.2.840.113635.100.6.1.9]) or (anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] and certificate leaf[field.1.2.840.113635.100.6.1.13])");
- SecRequirementRef signingRequirement = nullptr;
- RELEASE_ASSERT(!SecRequirementCreateWithString(requirement, kSecCSDefaultFlags, &signingRequirement));
- return adoptCF(signingRequirement);
-}
-
-static String secCodeSigningIdentifier(SecCodeRef code)
-{
- RetainPtr<SecRequirementRef> signingRequirement = appleSignedOrMacAppStoreSignedOrAppleDeveloperSignedRequirement();
- OSStatus errorCode = SecCodeCheckValidity(code, kSecCSDefaultFlags, signingRequirement.get());
- if (errorCode == errSecCSUnsigned || errorCode == errSecCSReqFailed)
- return String(); // Unsigned or signed by a third-party
- RELEASE_ASSERT_WITH_MESSAGE(!errorCode, "SecCodeCheckValidity() failed with error: %ld", static_cast<long>(errorCode));
- String codeSigningIdentifier;
- RetainPtr<CFDictionaryRef> signingInfo = secCodeSigningInformation(code);
- if (CFDictionaryRef plist = dynamic_cf_cast<CFDictionaryRef>(CFDictionaryGetValue(signingInfo.get(), kSecCodeInfoPList)))
- codeSigningIdentifier = dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(plist, kCFBundleIdentifierKey));
- else
- codeSigningIdentifier = dynamic_cf_cast<CFStringRef>(CFDictionaryGetValue(signingInfo.get(), kSecCodeInfoIdentifier));
- RELEASE_ASSERT(!codeSigningIdentifier.isEmpty());
- return codeSigningIdentifier;
-}
-
-String codeSigningIdentifier()
-{
- return secCodeSigningIdentifier(secCodeForCurrentProcess().get());
-}
-
-String codeSigningIdentifierForProcess(pid_t pid)
-{
- auto code = secCodeForProcess(pid);
- if (!code)
- return String();
- return secCodeSigningIdentifier(code.get());
-}
-
</del><span class="cx"> } // namespace WebKit
</span><span class="cx">
</span><span class="cx"> #endif // PLATFORM(MAC)
</span></span></pre></div>
<a id="trunkSourceWebKit2UIProcessLaunchermacProcessLauncherMacmm"></a>
<div class="modfile"><h4>Modified: trunk/Source/WebKit2/UIProcess/Launcher/mac/ProcessLauncherMac.mm (200784 => 200785)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/Source/WebKit2/UIProcess/Launcher/mac/ProcessLauncherMac.mm 2016-05-12 19:13:57 UTC (rev 200784)
+++ trunk/Source/WebKit2/UIProcess/Launcher/mac/ProcessLauncherMac.mm 2016-05-12 19:14:48 UTC (rev 200785)
</span><span class="lines">@@ -142,7 +142,7 @@
</span><span class="cx">
</span><span class="cx"> String clientIdentifier;
</span><span class="cx"> #if PLATFORM(MAC)
</span><del>- clientIdentifier = codeSigningIdentifier();
</del><ins>+ clientIdentifier = codeSigningIdentifierForCurrentProcess();
</ins><span class="cx"> #endif
</span><span class="cx"> if (clientIdentifier.isNull())
</span><span class="cx"> clientIdentifier = [[NSBundle mainBundle] bundleIdentifier];
</span></span></pre>
</div>
</div>
</body>
</html>