oxen-io
/
session-ios
mirror of https://github.com/oxen-io/session-ios.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Code cleanup. 

- Clarification about pinning strategy.
- Removing unused code in TSRecipient.
This commit is contained in:
Frederic Jacobs 2015-03-03 01:33:33 +01:00
parent ee62cbdf23
commit a2f20de411
4 changed files with 3 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Signal/src/textsecure/Contacts/TSRecipient.h
View File

@ -20,12 +20,6 @@
- (void)removeDevices:(NSSet *)set;
#pragma mark Fingerprint verification
- (BOOL)hasVerifiedFingerprint;
- (void)setFingerPrintVerified:(BOOL)verified transaction:(YapDatabaseReadTransaction*)transaction;
@property (nonatomic, readonly) NSString *relay;
@end

29
Signal/src/textsecure/Contacts/TSRecipient.m
View File

@ -12,7 +12,6 @@
@interface TSRecipient ()
@property (nonatomic, retain) NSMutableSet *devices;
@property (nonatomic, copy) NSData *verifiedKey;
@end
@ -27,7 +26,6 @@
if (self) {
_devices = [NSMutableSet setWithObject:[NSNumber numberWithInt:1]];
_verifiedKey = nil;
_relay = relay;
}
@ -50,31 +48,4 @@
[_devices minusSet:set];
}
#pragma mark Fingerprint verification
- (BOOL)hasVerifiedFingerprint{
if (self.verifiedKey) {
BOOL equalsStoredValue = [self.verifiedKey isEqualToData:[[TSStorageManager sharedManager] identityKeyForRecipientId:self.uniqueId]];
if (equalsStoredValue) {
return YES;
} else{
self.verifiedKey = nil;
return NO;
}
} else{
return NO;
}
}
- (void)setFingerPrintVerified:(BOOL)verified transaction:(YapDatabaseReadTransaction*)transaction{
if (verified) {
self.verifiedKey = [[TSStorageManager sharedManager] identityKeyForRecipientId:self.uniqueId];
} else{
self.verifiedKey = nil;
}
}
@end

2
Signal/src/textsecure/Messages/TSMessagesManager.m
View File

@ -301,7 +301,7 @@
TSContactThread *cThread = [TSContactThread getOrCreateThreadWithContactId:message.source
transaction:transaction
pushSignal:message];
[cThread saveWithTransaction:transaction];
incomingMessage = [[TSIncomingMessage alloc] initWithTimestamp:timeStamp
inThread:cThread
messageBody:body

4
Signal/src/textsecure/Network/API/TSNetworkManager.m
View File

@ -40,8 +40,8 @@
self.operationManager = [[AFHTTPSessionManager alloc] initWithBaseURL:[[NSURL alloc] initWithString:textSecureServerURL] sessionConfiguration:sessionConf];
AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
policy.allowInvalidCertificates = YES;
policy.validatesDomainName = NO;
policy.validatesCertificateChain = NO;
policy.allowInvalidCertificates = YES; //The certificate is not signed by a CA in the iOS trust store.
policy.validatesCertificateChain = NO; //Looking at AFNetworking's implementation of chain checking, we don't need to pin all certs in chain. https://github.com/AFNetworking/AFNetworking/blob/104ce04105098466ea0ea4e337af554d7b9df195/AFNetworking/AFSecurityPolicy.m#L281 Trust to the trusted cert is already vertified before by AFServerTrustIsValid();
NSString *certPath = [NSBundle.mainBundle pathForResource:@"textsecure" ofType:@"cer"];
NSData *certData = [NSData dataWithContentsOfFile:certPath];
SecCertificateRef cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)(certData));