mirror of
https://github.com/oxen-io/session-ios.git
synced 2023-12-13 21:30:14 +01:00
Code cleanup.
- Clarification about pinning strategy. - Removing unused code in TSRecipient.
This commit is contained in:
parent
ee62cbdf23
commit
a2f20de411
4 changed files with 3 additions and 38 deletions
|
@ -20,12 +20,6 @@
|
|||
|
||||
- (void)removeDevices:(NSSet *)set;
|
||||
|
||||
#pragma mark Fingerprint verification
|
||||
|
||||
- (BOOL)hasVerifiedFingerprint;
|
||||
|
||||
- (void)setFingerPrintVerified:(BOOL)verified transaction:(YapDatabaseReadTransaction*)transaction;
|
||||
|
||||
@property (nonatomic, readonly) NSString *relay;
|
||||
|
||||
@end
|
||||
|
|
|
@ -12,7 +12,6 @@
|
|||
@interface TSRecipient ()
|
||||
|
||||
@property (nonatomic, retain) NSMutableSet *devices;
|
||||
@property (nonatomic, copy) NSData *verifiedKey;
|
||||
|
||||
@end
|
||||
|
||||
|
@ -27,7 +26,6 @@
|
|||
|
||||
if (self) {
|
||||
_devices = [NSMutableSet setWithObject:[NSNumber numberWithInt:1]];
|
||||
_verifiedKey = nil;
|
||||
_relay = relay;
|
||||
}
|
||||
|
||||
|
@ -50,31 +48,4 @@
|
|||
[_devices minusSet:set];
|
||||
}
|
||||
|
||||
#pragma mark Fingerprint verification
|
||||
|
||||
- (BOOL)hasVerifiedFingerprint{
|
||||
if (self.verifiedKey) {
|
||||
BOOL equalsStoredValue = [self.verifiedKey isEqualToData:[[TSStorageManager sharedManager] identityKeyForRecipientId:self.uniqueId]];
|
||||
|
||||
if (equalsStoredValue) {
|
||||
return YES;
|
||||
} else{
|
||||
self.verifiedKey = nil;
|
||||
return NO;
|
||||
}
|
||||
|
||||
} else{
|
||||
return NO;
|
||||
}
|
||||
}
|
||||
|
||||
- (void)setFingerPrintVerified:(BOOL)verified transaction:(YapDatabaseReadTransaction*)transaction{
|
||||
if (verified) {
|
||||
self.verifiedKey = [[TSStorageManager sharedManager] identityKeyForRecipientId:self.uniqueId];
|
||||
} else{
|
||||
self.verifiedKey = nil;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@end
|
||||
|
|
|
@ -301,7 +301,7 @@
|
|||
TSContactThread *cThread = [TSContactThread getOrCreateThreadWithContactId:message.source
|
||||
transaction:transaction
|
||||
pushSignal:message];
|
||||
[cThread saveWithTransaction:transaction];
|
||||
|
||||
incomingMessage = [[TSIncomingMessage alloc] initWithTimestamp:timeStamp
|
||||
inThread:cThread
|
||||
messageBody:body
|
||||
|
|
|
@ -40,8 +40,8 @@
|
|||
self.operationManager = [[AFHTTPSessionManager alloc] initWithBaseURL:[[NSURL alloc] initWithString:textSecureServerURL] sessionConfiguration:sessionConf];
|
||||
AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
|
||||
policy.allowInvalidCertificates = YES;
|
||||
policy.validatesDomainName = NO;
|
||||
policy.validatesCertificateChain = NO;
|
||||
policy.allowInvalidCertificates = YES; //The certificate is not signed by a CA in the iOS trust store.
|
||||
policy.validatesCertificateChain = NO; //Looking at AFNetworking's implementation of chain checking, we don't need to pin all certs in chain. https://github.com/AFNetworking/AFNetworking/blob/104ce04105098466ea0ea4e337af554d7b9df195/AFNetworking/AFSecurityPolicy.m#L281 Trust to the trusted cert is already vertified before by AFServerTrustIsValid();
|
||||
NSString *certPath = [NSBundle.mainBundle pathForResource:@"textsecure" ofType:@"cer"];
|
||||
NSData *certData = [NSData dataWithContentsOfFile:certPath];
|
||||
SecCertificateRef cert = SecCertificateCreateWithData(NULL, (__bridge CFDataRef)(certData));
|
||||
|
|
Loading…
Reference in a new issue