oxen-io
/
session-ios
mirror of https://github.com/oxen-io/session-ios.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

profiles vs. censorship circumvention 

// FREEBIE
This commit is contained in:
Michael Kirk 2017-08-24 22:37:45 -04:00
parent c630a1ecc0
commit 251e206b6d
6 changed files with 54 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Signal/src/Profiles/OWSProfileManager.m
View File

@ -196,7 +196,7 @@ const NSUInteger kOWSProfileManager_MaxAvatarDiameter = 640;
- (AFHTTPSessionManager *)avatarHTTPManager
{
return [OWSSignalService sharedInstance].cdnSessionManager;
return [OWSSignalService sharedInstance].CDNSessionManager;
}
#pragma mark - User Profile Accessor
@ -571,22 +571,8 @@ const NSUInteger kOWSProfileManager_MaxAvatarDiameter = 640;
@"%@ avatar upload progress: %.2f%%", self.tag, uploadProgress.fractionCompleted * 100);
}
success:^(NSURLSessionDataTask *_Nonnull uploadTask, id _Nullable responseObject) {
OWSAssert([uploadTask.response isKindOfClass:[NSHTTPURLResponse class]]);
NSHTTPURLResponse *response = (NSHTTPURLResponse *)uploadTask.response;
// We could also construct this URL locally from manager.baseUrl + formKey
// but the approach of getting it from the remote provider seems a more
// robust way to ensure we've actually created the resource where we
// think we have.
NSString *avatarUrlPath = response.allHeaderFields[@"Location"];
if (avatarUrlPath.length == 0) {
OWSProdFail(@"profile_manager_error_avatar_upload_no_location_in_response");
failureBlock();
return;
}
DDLogVerbose(@"%@ successfully uploaded avatar url: %@", self.tag, avatarUrlPath);
successBlock(avatarUrlPath);
DDLogDebug(@"%@ successfully uploaded avatar with key: %@", self.tag, formKey);
successBlock(formKey);
}
failure:^(NSURLSessionDataTask *_Nullable uploadTask, NSError *_Nonnull error) {
DDLogVerbose(@"%@ uploading avatar failed with error: %@", self.tag, error);

3
SignalServiceKit/src/Network/OWSCensorshipConfiguration.h
View File

@ -9,7 +9,8 @@ NS_ASSUME_NONNULL_BEGIN
@interface OWSCensorshipConfiguration : NSObject
- (NSString *)frontingHost:(NSString *)e164PhoneNumber;
- (NSString *)reflectorHost;
- (NSString *)signalServiceReflectorHost;
- (NSString *)CDNReflectorHost;
- (BOOL)isCensoredPhoneNumber:(NSString *)e164PhoneNumber;
@end

14
SignalServiceKit/src/Network/OWSCensorshipConfiguration.m
View File

@ -3,12 +3,11 @@
//
#import "OWSCensorshipConfiguration.h"
#import "TSConstants.h"
#import "TSStorageManager.h"
NS_ASSUME_NONNULL_BEGIN
NSString *const OWSCensorshipConfigurationReflectorHost = @"signal-reflector-meek.appspot.com";
@implementation OWSCensorshipConfiguration
- (NSString *)frontingHost:(NSString *)e164PhoneNumber
@ -32,9 +31,14 @@ NSString *const OWSCensorshipConfigurationReflectorHost = @"signal-reflector-mee
return [@"https://" stringByAppendingString:domain];
}
- (NSString *)reflectorHost
- (NSString *)signalServiceReflectorHost
{
return OWSCensorshipConfigurationReflectorHost;
return textSecureServiceReflectorHost;
}
- (NSString *)CDNReflectorHost
{
return textSecureCDNReflectorHost;
}
- (NSDictionary<NSString *, NSString *> *)censoredCountryCodes
@ -49,7 +53,7 @@ NSString *const OWSCensorshipConfigurationReflectorHost = @"signal-reflector-mee
//
// a) Add the appropriate pinning certificate(s) in
// SignalServiceKit.podspec.
// b) Update reflectorHost accordingly.
// b) Update signalServiceReflectorHost accordingly.
return @{
// Egypt
@"+20": @"google.com.eg",

2
SignalServiceKit/src/Network/OWSSignalService.h
View File

@ -16,7 +16,7 @@ extern NSString *const kNSNotificationName_IsCensorshipCircumventionActiveDidCha
@property (nonatomic, readonly) AFHTTPSessionManager *signalServiceSessionManager;
/// For uploading avatar assets.
@property (nonatomic, readonly) AFHTTPSessionManager *cdnSessionManager;
@property (nonatomic, readonly) AFHTTPSessionManager *CDNSessionManager;
@property (atomic, readonly) BOOL isCensorshipCircumventionActive;

38
SignalServiceKit/src/Network/OWSSignalService.m
View File

@ -179,7 +179,7 @@ NSString *const kNSNotificationName_IsCensorshipCircumventionActiveDidChange =
return sessionManager;
}
- (AFHTTPSessionManager *)reflectorSignalServiceSessionManager
- (NSURL *)domainFrontingBaseURL
{
NSString *localNumber = [TSAccountManager localNumber];
OWSAssert(localNumber.length > 0);
@ -192,14 +192,20 @@ NSString *const kNSNotificationName_IsCensorshipCircumventionActiveDidChange =
};
NSURL *baseURL = [[NSURL alloc] initWithString:[self.censorshipConfiguration frontingHost:localNumber]];
OWSAssert(baseURL);
return baseURL;
}
- (AFHTTPSessionManager *)reflectorSignalServiceSessionManager
{
NSURLSessionConfiguration *sessionConf = NSURLSessionConfiguration.ephemeralSessionConfiguration;
AFHTTPSessionManager *sessionManager =
[[AFHTTPSessionManager alloc] initWithBaseURL:baseURL sessionConfiguration:sessionConf];
[[AFHTTPSessionManager alloc] initWithBaseURL:self.domainFrontingBaseURL sessionConfiguration:sessionConf];
sessionManager.securityPolicy = [[self class] googlePinningPolicy];
sessionManager.requestSerializer = [AFJSONRequestSerializer serializer];
[sessionManager.requestSerializer setValue:self.censorshipConfiguration.reflectorHost forHTTPHeaderField:@"Host"];
[sessionManager.requestSerializer setValue:self.censorshipConfiguration.signalServiceReflectorHost forHTTPHeaderField:@"Host"];
sessionManager.responseSerializer = [AFJSONResponseSerializer serializer];
@ -208,12 +214,18 @@ NSString *const kNSNotificationName_IsCensorshipCircumventionActiveDidChange =
#pragma mark - Profile Uploading
- (AFHTTPSessionManager *)cdnSessionManager
- (AFHTTPSessionManager *)CDNSessionManager
{
if (self.isCensorshipCircumventionActive) {
DDLogInfo(@"%@ Profile uploading may not work when under censorship.", self.tag);
DDLogInfo(@"%@ using reflector CDNSessionManager", self.tag);
return self.reflectorCDNSessionManager;
} else {
return self.defaultCDNSessionManager;
}
}
- (AFHTTPSessionManager *)defaultCDNSessionManager
{
NSURL *baseURL = [[NSURL alloc] initWithString:textSecureCDNServerURL];
OWSAssert(baseURL);
@ -229,6 +241,22 @@ NSString *const kNSNotificationName_IsCensorshipCircumventionActiveDidChange =
return sessionManager;
}
- (AFHTTPSessionManager *)reflectorCDNSessionManager
{
NSURLSessionConfiguration *sessionConf = NSURLSessionConfiguration.ephemeralSessionConfiguration;
AFHTTPSessionManager *sessionManager =
[[AFHTTPSessionManager alloc] initWithBaseURL:self.domainFrontingBaseURL sessionConfiguration:sessionConf];
sessionManager.securityPolicy = [[self class] googlePinningPolicy];
sessionManager.requestSerializer = [AFJSONRequestSerializer serializer];
[sessionManager.requestSerializer setValue:self.censorshipConfiguration.CDNReflectorHost forHTTPHeaderField:@"Host"];
sessionManager.responseSerializer = [AFJSONResponseSerializer serializer];
return sessionManager;
}
#pragma mark - Google Pinning Policy
/**

6
SignalServiceKit/src/TSConstants.h
View File

@ -24,15 +24,21 @@ typedef enum { kSMSVerification, kPhoneNumberVerification } VerificationTranspor
#ifndef DEBUG
// Production
#define textSecureWebSocketAPI @"wss://textsecure-service.whispersystems.org/v1/websocket/"
#define textSecureServerURL @"https://textsecure-service.whispersystems.org/"
#define textSecureCDNServerURL @"https://cdn.signal.org"
#define textSecureServiceReflectorHost @"signal-reflector-meek.appspot.com"
#define textSecureCDNReflectorHost @"signal-cdn-reflector.appspot.com"
#else
// Staging
#define textSecureWebSocketAPI @"wss://textsecure-service-staging.whispersystems.org/v1/websocket/"
#define textSecureServerURL @"https://textsecure-service-staging.whispersystems.org/"
#define textSecureCDNServerURL @"https://cdn-staging.signal.org"
#define textSecureServiceReflectorHost @"meek-signal-service-staging.appspot.com";
#define textSecureCDNReflectorHost @"meek-signal-cdn-staging.appspot.com";
#endif