mirror of
https://github.com/oxen-io/session-ios.git
synced 2023-12-13 21:30:14 +01:00
Code cleanup.
- Clarification about pinning strategy. - Removing unused code in TSRecipient.
This commit is contained in:
parent
ee62cbdf23
commit
a2f20de411
4 changed files with 3 additions and 38 deletions
|
@ -20,12 +20,6 @@
|
||||||
|
|
||||||
- (void)removeDevices:(NSSet *)set;
|
- (void)removeDevices:(NSSet *)set;
|
||||||
|
|
||||||
#pragma mark Fingerprint verification
|
|
||||||
|
|
||||||
- (BOOL)hasVerifiedFingerprint;
|
|
||||||
|
|
||||||
- (void)setFingerPrintVerified:(BOOL)verified transaction:(YapDatabaseReadTransaction*)transaction;
|
|
||||||
|
|
||||||
@property (nonatomic, readonly) NSString *relay;
|
@property (nonatomic, readonly) NSString *relay;
|
||||||
|
|
||||||
@end
|
@end
|
||||||
|
|
|
@ -12,7 +12,6 @@
|
||||||
@interface TSRecipient ()
|
@interface TSRecipient ()
|
||||||
|
|
||||||
@property (nonatomic, retain) NSMutableSet *devices;
|
@property (nonatomic, retain) NSMutableSet *devices;
|
||||||
@property (nonatomic, copy) NSData *verifiedKey;
|
|
||||||
|
|
||||||
@end
|
@end
|
||||||
|
|
||||||
|
@ -27,7 +26,6 @@
|
||||||
|
|
||||||
if (self) {
|
if (self) {
|
||||||
_devices = [NSMutableSet setWithObject:[NSNumber numberWithInt:1]];
|
_devices = [NSMutableSet setWithObject:[NSNumber numberWithInt:1]];
|
||||||
_verifiedKey = nil;
|
|
||||||
_relay = relay;
|
_relay = relay;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -50,31 +48,4 @@
|
||||||
[_devices minusSet:set];
|
[_devices minusSet:set];
|
||||||
}
|
}
|
||||||
|
|
||||||
#pragma mark Fingerprint verification
|
|
||||||
|
|
||||||
- (BOOL)hasVerifiedFingerprint{
|
|
||||||
if (self.verifiedKey) {
|
|
||||||
BOOL equalsStoredValue = [self.verifiedKey isEqualToData:[[TSStorageManager sharedManager] identityKeyForRecipientId:self.uniqueId]];
|
|
||||||
|
|
||||||
if (equalsStoredValue) {
|
|
||||||
return YES;
|
|
||||||
} else{
|
|
||||||
self.verifiedKey = nil;
|
|
||||||
return NO;
|
|
||||||
}
|
|
||||||
|
|
||||||
} else{
|
|
||||||
return NO;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
- (void)setFingerPrintVerified:(BOOL)verified transaction:(YapDatabaseReadTransaction*)transaction{
|
|
||||||
if (verified) {
|
|
||||||
self.verifiedKey = [[TSStorageManager sharedManager] identityKeyForRecipientId:self.uniqueId];
|
|
||||||
} else{
|
|
||||||
self.verifiedKey = nil;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
@end
|
@end
|
||||||
|
|
|
@ -301,7 +301,7 @@
|
||||||
TSContactThread *cThread = [TSContactThread getOrCreateThreadWithContactId:message.source
|
TSContactThread *cThread = [TSContactThread getOrCreateThreadWithContactId:message.source
|
||||||
transaction:transaction
|
transaction:transaction
|
||||||
pushSignal:message];
|
pushSignal:message];
|
||||||
[cThread saveWithTransaction:transaction];
|
|
||||||
incomingMessage = [[TSIncomingMessage alloc] initWithTimestamp:timeStamp
|
incomingMessage = [[TSIncomingMessage alloc] initWithTimestamp:timeStamp
|
||||||
inThread:cThread
|
inThread:cThread
|
||||||
messageBody:body
|
messageBody:body
|
||||||
|
|
|
@ -40,8 +40,8 @@
|
||||||
self.operationManager = [[AFHTTPSessionManager alloc] initWithBaseURL:[[NSURL alloc] initWithString:textSecureServerURL] sessionConfiguration:sessionConf];
|
self.operationManager = [[AFHTTPSessionManager alloc] initWithBaseURL:[[NSURL alloc] initWithString:textSecureServerURL] sessionConfiguration:sessionConf];
|
||||||
AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
|
AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
|
||||||
policy.allowInvalidCertificates = YES;
|
policy.allowInvalidCertificates = YES;
|
||||||
policy.validatesDomainName = NO;
|
policy.allowInvalidCertificates = YES; //The certificate is not signed by a CA in the iOS trust store.
|
||||||
policy.validatesCertificateChain = NO;
|
policy.validatesCertificateChain = NO; //Looking at AFNetworking's implementation of chain checking, we don't need to pin all certs in chain. https://github.com/AFNetworking/AFNetworking/blob/104ce04105098466ea0ea4e337af554d7b9df195/AFNetworking/AFSecurityPolicy.m#L281 Trust to the trusted cert is already vertified before by AFServerTrustIsValid();
|
||||||
NSString *certPath = [NSBundle.mainBundle pathForResource:@"textsecure" ofType:@"cer"];
|
NSString *certPath = [NSBundle.mainBundle pathForResource:@"textsecure" ofType:@"cer"];
|
||||||
NSData *certData = [NSData dataWithContentsOfFile:certPath];
|
NSData *certData = [NSData dataWithContentsOfFile:certPath];
|
||||||
SecCertificateRef cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)(certData));
|
SecCertificateRef cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)(certData));
|
||||||
|
|
Loading…
Reference in a new issue