oxen-io/session-ios
1
0
Fork 0
mirror of https://github.com/oxen-io/session-ios.git synced 2023-12-13 21:30:14 +01:00
Code Issues Projects Releases Wiki Activity

Pinning upstream cert.

Browse source
This commit is contained in:
Frederic Jacobs 2015-01-29 22:28:31 -10:00
parent 797492fc13
commit 5e92fdbbbe
6 changed files with 11 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Podfile
View file

@ -4,7 +4,7 @@ inhibit_all_warnings!
link_with ["Signal", "SignalTests"]
pod 'SocketRocket', :git => 'https://github.com/square/SocketRocket.git', :commit => '954750c018'
pod 'SocketRocket', :git => 'https://github.com/FredericJacobs/SocketRocket.git', :commit => '73d8a19'
pod 'OpenSSL', '~> 1.0.200'
pod 'libPhoneNumber-iOS', '~> 0.7'
pod 'AxolotlKit', '~> 0.5'

10
Podfile.lock
View file

@ -73,7 +73,7 @@ DEPENDENCIES:
- OpenSSL (~> 1.0.200)
- PastelogKit (~> 1.2)
- SCWaveformView
- SocketRocket (from `https://github.com/square/SocketRocket.git`, commit `954750c018`)
- SocketRocket (from `https://github.com/FredericJacobs/SocketRocket.git`, commit `73d8a19`)
- SSKeychain
- TwistedOakCollapsingFutures (~> 1.0)
- UICKeyChainStore (from `Podspecs/UICKeyChainStore.podspec`)
@ -87,8 +87,8 @@ EXTERNAL SOURCES:
:branch: JSignalQ
:git: https://github.com/WhisperSystems/JSQMessagesViewController
SocketRocket:
:commit: 954750c018
:git: https://github.com/square/SocketRocket.git
:commit: 73d8a19
:git: https://github.com/FredericJacobs/SocketRocket.git
UICKeyChainStore:
:podspec: Podspecs/UICKeyChainStore.podspec
@ -100,8 +100,8 @@ CHECKOUT OPTIONS:
:commit: 26fb5cbcf4a2bf15b6f384d29028b15a5e1a62f5
:git: https://github.com/WhisperSystems/JSQMessagesViewController
SocketRocket:
:commit: 954750c018
:git: https://github.com/square/SocketRocket.git
:commit: 73d8a19
:git: https://github.com/FredericJacobs/SocketRocket.git
SPEC CHECKSUMS:
25519: 601ffb5d258aa33d642062d6fa4096db210e02e7

2
Pods

@ -1 +1 @@
Subproject commit a824d242dc20309948cd9a0396c3f1265473986e
Subproject commit cf26bdeb6884a541de1b72146d01b96a217cc8c9

BIN
Signal/Certificates/textsecure.cer
View file

Binary file not shown.

2
Signal/src/network/http/RPServerRequestsManager.m
View file

@ -36,7 +36,7 @@ MacrosSingletonImplemention
NSURL *endPointURL = [NSURL URLWithString:[NSString stringWithFormat:@"https://%@:%hu", endpoint.hostname, endpoint.port]];
NSURLSessionConfiguration *sessionConf = NSURLSessionConfiguration.defaultSessionConfiguration;
self.operationManager = [[AFHTTPSessionManager alloc] initWithBaseURL:endPointURL sessionConfiguration:sessionConf];
self.operationManager.securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeNone];
self.operationManager.securityPolicy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
self.operationManager.securityPolicy.allowInvalidCertificates = YES;
NSString *certPath = [NSBundle.mainBundle pathForResource:@"redphone" ofType:@"cer"];
NSData *certData = [NSData dataWithContentsOfFile:certPath];

4
Signal/src/textsecure/Network/API/TSNetworkManager.m
View file

@ -38,8 +38,10 @@
if (self = [super init]) {
NSURLSessionConfiguration *sessionConf = NSURLSessionConfiguration.ephemeralSessionConfiguration;
self.operationManager = [[AFHTTPSessionManager alloc] initWithBaseURL:[[NSURL alloc] initWithString:textSecureServerURL] sessionConfiguration:sessionConf];
AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
policy.allowInvalidCertificates = YES;
policy.validatesDomainName = NO;
policy.validatesCertificateChain = NO;
NSString *certPath = [NSBundle.mainBundle pathForResource:@"textsecure" ofType:@"cer"];
NSData *certData = [NSData dataWithContentsOfFile:certPath];
SecCertificateRef cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)(certData));