| Index: chrome/installer/mac/keystone_install.sh
|
| diff --git a/chrome/installer/mac/keystone_install.sh b/chrome/installer/mac/keystone_install.sh
|
| index 6f08c12799fce47d725586adc65c0ac4f55019b2..7673926bd8d173c46968b5516967e81ae072c71f 100755
|
| --- a/chrome/installer/mac/keystone_install.sh
|
| +++ b/chrome/installer/mac/keystone_install.sh
|
| @@ -720,7 +720,6 @@ main() {
|
| readonly KS_BRAND_KEY="KSBrandID"
|
|
|
| readonly QUARANTINE_ATTR="com.apple.quarantine"
|
| - readonly KEYCHAIN_REAUTHORIZE_DIR=".keychain_reauthorize"
|
|
|
| # Don't use rsync -a, because -a expands to -rlptgoD. -g and -o copy owners
|
| # and groups, respectively, from the source, and that is undesirable in this
|
| @@ -1610,51 +1609,6 @@ main() {
|
| 2> /dev/null
|
| fi
|
|
|
| - # Do Keychain reauthorization. This involves running a stub executable on
|
| - # the dmg that loads the newly-updated framework and jumps to it to perform
|
| - # the reauthorization. The stub executable can be signed by the old
|
| - # certificate even after the rest of Chrome switches to the new certificate,
|
| - # so it still has access to the old Keychain items. The stub executable is
|
| - # an unbundled flat file executable whose name matches the real
|
| - # application's bundle identifier, so it's permitted access to the Keychain
|
| - # items. Doing a reauthorization step at update time reauthorizes Keychain
|
| - # items for users who never bother restarting Chrome, and provides a
|
| - # mechanism to continue doing reauthorizations even after the certificate
|
| - # changes. However, it only works for non-system ticket installations of
|
| - # Chrome, because the updater runs as root when on a system ticket, and root
|
| - # can't access individual user Keychains.
|
| - #
|
| - # Even if the reauthorization tool is launched, it doesn't necessarily try
|
| - # to do anything. It will only attempt to perform a reauthorization if one
|
| - # hasn't yet been done at update time.
|
| - note "maybe reauthorizing Keychain"
|
| -
|
| - if [[ -z "${system_ticket}" ]]; then
|
| - local new_bundleid_app
|
| - new_bundleid_app="$(infoplist_read "${installed_app_plist}" \
|
| - "${APP_BUNDLEID_KEY}" || true)"
|
| - note "new_bundleid_app = ${new_bundleid_app}"
|
| -
|
| - local keychain_reauthorize_dir="\
|
| -${update_dmg_mount_point}/${KEYCHAIN_REAUTHORIZE_DIR}"
|
| - local keychain_reauthorize_path="\
|
| -${keychain_reauthorize_dir}/${new_bundleid_app}"
|
| - note "keychain_reauthorize_path = ${keychain_reauthorize_path}"
|
| -
|
| - if [[ -x "${keychain_reauthorize_path}" ]]; then
|
| - local framework_dir="${new_versioned_dir}/${FRAMEWORK_DIR}"
|
| - local framework_code_path="${framework_dir}/${FRAMEWORK_NAME}"
|
| - note "framework_code_path = ${framework_code_path}"
|
| -
|
| - if [[ -f "${framework_code_path}" ]]; then
|
| - note "reauthorizing Keychain"
|
| - "${keychain_reauthorize_path}" "${framework_code_path}"
|
| - fi
|
| - fi
|
| - else
|
| - note "system ticket, not reauthorizing Keychain"
|
| - fi
|
| -
|
| # Great success!
|
| note "done!"
|
|
|
|
|
Chromium Code Reviews
Issue 183713003:
Remove keychain_reauthorize (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src