fix: set macOS crypto keychain name earlier (#34683)
* fix: set macOS crypto keychain name earlier * spec: ensure arm64 mac tests are cleaned up
This commit is contained in:
parent
8a0b4fa338
commit
324db14969
4 changed files with 12 additions and 14 deletions
|
@ -216,6 +216,7 @@ step-maybe-cleanup-arm64-mac: &step-maybe-cleanup-arm64-mac
|
||||||
rm -rf ~/Library/Application\ Support/electron*
|
rm -rf ~/Library/Application\ Support/electron*
|
||||||
security delete-generic-password -l "Chromium Safe Storage" || echo "✓ Keychain does not contain password from tests"
|
security delete-generic-password -l "Chromium Safe Storage" || echo "✓ Keychain does not contain password from tests"
|
||||||
security delete-generic-password -l "Electron Test Main Safe Storage" || echo "✓ Keychain does not contain password from tests"
|
security delete-generic-password -l "Electron Test Main Safe Storage" || echo "✓ Keychain does not contain password from tests"
|
||||||
|
security delete-generic-password -a "electron-test-safe-storage" || echo "✓ Keychain does not contain password from tests"
|
||||||
elif [ "$TARGET_ARCH" == "arm" ] || [ "$TARGET_ARCH" == "arm64" ]; then
|
elif [ "$TARGET_ARCH" == "arm" ] || [ "$TARGET_ARCH" == "arm64" ]; then
|
||||||
XVFB=/usr/bin/Xvfb
|
XVFB=/usr/bin/Xvfb
|
||||||
/sbin/start-stop-daemon --stop --exec $XVFB || echo "Xvfb not running"
|
/sbin/start-stop-daemon --stop --exec $XVFB || echo "Xvfb not running"
|
||||||
|
|
|
@ -91,6 +91,7 @@
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if BUILDFLAG(IS_MAC)
|
#if BUILDFLAG(IS_MAC)
|
||||||
|
#include "components/os_crypt/keychain_password_mac.h"
|
||||||
#include "services/device/public/cpp/geolocation/geolocation_manager.h"
|
#include "services/device/public/cpp/geolocation/geolocation_manager.h"
|
||||||
#include "shell/browser/ui/cocoa/views_delegate_mac.h"
|
#include "shell/browser/ui/cocoa/views_delegate_mac.h"
|
||||||
#else
|
#else
|
||||||
|
@ -490,6 +491,9 @@ void ElectronBrowserMainParts::WillRunMainMessageLoop(
|
||||||
}
|
}
|
||||||
|
|
||||||
void ElectronBrowserMainParts::PostCreateMainMessageLoop() {
|
void ElectronBrowserMainParts::PostCreateMainMessageLoop() {
|
||||||
|
#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_MAC)
|
||||||
|
std::string app_name = electron::Browser::Get()->GetName();
|
||||||
|
#endif
|
||||||
#if BUILDFLAG(IS_LINUX)
|
#if BUILDFLAG(IS_LINUX)
|
||||||
auto shutdown_cb =
|
auto shutdown_cb =
|
||||||
base::BindOnce(base::RunLoop::QuitCurrentWhenIdleClosureDeprecated());
|
base::BindOnce(base::RunLoop::QuitCurrentWhenIdleClosureDeprecated());
|
||||||
|
@ -500,7 +504,6 @@ void ElectronBrowserMainParts::PostCreateMainMessageLoop() {
|
||||||
// Set up crypt config. This needs to be done before anything starts the
|
// Set up crypt config. This needs to be done before anything starts the
|
||||||
// network service, as the raw encryption key needs to be shared with the
|
// network service, as the raw encryption key needs to be shared with the
|
||||||
// network service for encrypted cookie storage.
|
// network service for encrypted cookie storage.
|
||||||
std::string app_name = electron::Browser::Get()->GetName();
|
|
||||||
const base::CommandLine& command_line =
|
const base::CommandLine& command_line =
|
||||||
*base::CommandLine::ForCurrentProcess();
|
*base::CommandLine::ForCurrentProcess();
|
||||||
std::unique_ptr<os_crypt::Config> config =
|
std::unique_ptr<os_crypt::Config> config =
|
||||||
|
@ -517,6 +520,10 @@ void ElectronBrowserMainParts::PostCreateMainMessageLoop() {
|
||||||
base::PathService::Get(DIR_SESSION_DATA, &config->user_data_path);
|
base::PathService::Get(DIR_SESSION_DATA, &config->user_data_path);
|
||||||
OSCrypt::SetConfig(std::move(config));
|
OSCrypt::SetConfig(std::move(config));
|
||||||
#endif
|
#endif
|
||||||
|
#if BUILDFLAG(IS_MAC)
|
||||||
|
KeychainPassword::GetServiceName() = app_name + " Safe Storage";
|
||||||
|
KeychainPassword::GetAccountName() = app_name;
|
||||||
|
#endif
|
||||||
#if BUILDFLAG(IS_POSIX)
|
#if BUILDFLAG(IS_POSIX)
|
||||||
// Exit in response to SIGINT, SIGTERM, etc.
|
// Exit in response to SIGINT, SIGTERM, etc.
|
||||||
InstallShutdownSignalHandlers(
|
InstallShutdownSignalHandlers(
|
||||||
|
|
|
@ -42,10 +42,6 @@
|
||||||
#include "shell/common/options_switches.h"
|
#include "shell/common/options_switches.h"
|
||||||
#include "url/gurl.h"
|
#include "url/gurl.h"
|
||||||
|
|
||||||
#if BUILDFLAG(IS_MAC)
|
|
||||||
#include "components/os_crypt/keychain_password_mac.h"
|
|
||||||
#endif
|
|
||||||
|
|
||||||
#if BUILDFLAG(IS_LINUX)
|
#if BUILDFLAG(IS_LINUX)
|
||||||
#include "components/os_crypt/key_storage_config_linux.h"
|
#include "components/os_crypt/key_storage_config_linux.h"
|
||||||
#endif
|
#endif
|
||||||
|
@ -288,12 +284,6 @@ void SystemNetworkContextManager::OnNetworkServiceCreated(
|
||||||
base::FeatureList::IsEnabled(features::kAsyncDns),
|
base::FeatureList::IsEnabled(features::kAsyncDns),
|
||||||
default_secure_dns_mode, doh_config, additional_dns_query_types_enabled);
|
default_secure_dns_mode, doh_config, additional_dns_query_types_enabled);
|
||||||
|
|
||||||
std::string app_name = electron::Browser::Get()->GetName();
|
|
||||||
#if BUILDFLAG(IS_MAC)
|
|
||||||
KeychainPassword::GetServiceName() = app_name + " Safe Storage";
|
|
||||||
KeychainPassword::GetAccountName() = app_name;
|
|
||||||
#endif
|
|
||||||
|
|
||||||
// The OSCrypt keys are process bound, so if network service is out of
|
// The OSCrypt keys are process bound, so if network service is out of
|
||||||
// process, send it the required key.
|
// process, send it the required key.
|
||||||
if (content::IsOutOfProcessNetworkService() &&
|
if (content::IsOutOfProcessNetworkService() &&
|
||||||
|
|
|
@ -4,7 +4,7 @@ import { safeStorage } from 'electron/main';
|
||||||
import { expect } from 'chai';
|
import { expect } from 'chai';
|
||||||
import { emittedOnce } from './events-helpers';
|
import { emittedOnce } from './events-helpers';
|
||||||
import { ifdescribe } from './spec-helpers';
|
import { ifdescribe } from './spec-helpers';
|
||||||
import * as fs from 'fs';
|
import * as fs from 'fs-extra';
|
||||||
|
|
||||||
/* isEncryptionAvailable returns false in Linux when running CI due to a mocked dbus. This stops
|
/* isEncryptionAvailable returns false in Linux when running CI due to a mocked dbus. This stops
|
||||||
* Chrome from reaching the system's keyring or libsecret. When running the tests with config.store
|
* Chrome from reaching the system's keyring or libsecret. When running the tests with config.store
|
||||||
|
@ -36,8 +36,8 @@ describe('safeStorage module', () => {
|
||||||
ifdescribe(process.platform !== 'linux')('safeStorage module', () => {
|
ifdescribe(process.platform !== 'linux')('safeStorage module', () => {
|
||||||
after(async () => {
|
after(async () => {
|
||||||
const pathToEncryptedString = path.resolve(__dirname, 'fixtures', 'api', 'safe-storage', 'encrypted.txt');
|
const pathToEncryptedString = path.resolve(__dirname, 'fixtures', 'api', 'safe-storage', 'encrypted.txt');
|
||||||
if (fs.existsSync(pathToEncryptedString)) {
|
if (await fs.pathExists(pathToEncryptedString)) {
|
||||||
await fs.unlinkSync(pathToEncryptedString);
|
await fs.remove(pathToEncryptedString);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue