keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Revert "Revert temporary changes."

Browse Source 
This reverts commit 97eb405a9e.
pull/1/head
Matthew Chen 7 years ago
parent 594c9aacfe
commit 54d025e110
6 changed files with 56 additions and 33 deletions
Show Stats Download Patch File Download Diff File

5
Signal/Signal-Info.plist
Unescape Escape View File

@ -128,5 +128,10 @@
</array> </array>
<key>UIViewControllerBasedStatusBarAppearance</key> <key>UIViewControllerBasedStatusBarAppearance</key>
<true/> <true/>
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
</dict> </dict>
</plist> </plist>

4
Signal/src/AppDelegate.m
Unescape Escape View File

@ -1108,6 +1108,10 @@ static NSTimeInterval launchStartedAt;
// Resume lazy restore. // Resume lazy restore.
[OWSBackupLazyRestoreJob runAsync]; [OWSBackupLazyRestoreJob runAsync];
#endif #endif
if ([TSAccountManager isRegistered]) {
[[ContactDiscoveryService sharedService] testService];
}
} }
- (void)registrationStateDidChange - (void)registrationStateDidChange

BIN
SignalServiceKit/Resources/Certificates/acton-ca.cer
View File

Binary file not shown.

BIN
SignalServiceKit/Resources/Certificates/cacert.cer
View File

Binary file not shown.

59
SignalServiceKit/src/Security/OWSHTTPSecurityPolicy.m
Unescape Escape View File

@ -20,16 +20,22 @@
self = [[super class] defaultPolicy]; self = [[super class] defaultPolicy];
if (self) { if (self) {
self.pinnedCertificates = [NSSet setWithArray:@[ // self.pinnedCertificates = [NSSet setWithArray:@[
[self certificateDataForService:@"textsecure"], // [self certificateDataForService:@"cacert"],
]]; // ]];
// self.pinnedCertificates = [NSSet setWithArray:@[
// [self certificateDataForService:@"acton-ca"],
// ]];
//
self.allowInvalidCertificates = YES;
} }
return self; return self;
} }
- (NSArray *)certs { - (NSArray *)certs {
return @[ (__bridge id)[self certificateForService:@"textsecure"] ]; return @[ (__bridge id)[self certificateForService:@"cacert"] ];
// return @[ (__bridge id)[self certificateForService:@"acton-ca"] ];
} }
- (NSData *)certificateDataForService:(NSString *)service { - (NSData *)certificateDataForService:(NSString *)service {
@ -52,28 +58,29 @@
- (BOOL)evaluateServerTrust:(SecTrustRef)serverTrust forDomain:(NSString *)domain { - (BOOL)evaluateServerTrust:(SecTrustRef)serverTrust forDomain:(NSString *)domain {
NSMutableArray *policies = [NSMutableArray array]; // NSMutableArray *policies = [NSMutableArray array];
[policies addObject:(__bridge_transfer id)SecPolicyCreateSSL(true, (__bridge CFStringRef)domain)]; // [policies addObject:(__bridge_transfer id)SecPolicyCreateSSL(true, (__bridge CFStringRef)domain)];
//
if (SecTrustSetPolicies(serverTrust, (__bridge CFArrayRef)policies) != errSecSuccess) { // if (SecTrustSetPolicies(serverTrust, (__bridge CFArrayRef)policies) != errSecSuccess) {
DDLogError(@"The trust policy couldn't be set."); // DDLogError(@"The trust policy couldn't be set.");
return NO; // return NO;
} // }
//
NSMutableArray *pinnedCertificates = [NSMutableArray array]; // NSMutableArray *pinnedCertificates = [NSMutableArray array];
for (NSData *certificateData in self.pinnedCertificates) { // for (NSData *certificateData in self.pinnedCertificates) {
[pinnedCertificates // [pinnedCertificates
addObject:(__bridge_transfer id)SecCertificateCreateWithData(NULL, (__bridge CFDataRef)certificateData)]; // addObject:(__bridge_transfer id)SecCertificateCreateWithData(NULL, (__bridge
} // CFDataRef)certificateData)];
// }
if (SecTrustSetAnchorCertificates(serverTrust, (__bridge CFArrayRef)pinnedCertificates) != errSecSuccess) { //
DDLogError(@"The anchor certificates couldn't be set."); // if (SecTrustSetAnchorCertificates(serverTrust, (__bridge CFArrayRef)pinnedCertificates) != errSecSuccess) {
return NO; // DDLogError(@"The anchor certificates couldn't be set.");
} // return NO;
// }
if (!AFServerTrustIsValid(serverTrust)) { //
return NO; // if (!AFServerTrustIsValid(serverTrust)) {
} // return NO;
// }
return YES; return YES;
} }

19
SignalServiceKit/src/TSConstants.h
Unescape Escape View File

@ -29,12 +29,12 @@ typedef NS_ENUM(NSInteger, TSWhisperMessageType) {
//#ifndef DEBUG //#ifndef DEBUG
// Production // Production
#define textSecureWebSocketAPI @"wss://textsecure-service.whispersystems.org/v1/websocket/" //#define textSecureWebSocketAPI @"wss://textsecure-service.whispersystems.org/v1/websocket/"
#define textSecureServerURL @"https://textsecure-service.whispersystems.org/" //#define textSecureServerURL @"https://textsecure-service.whispersystems.org/"
#define textSecureCDNServerURL @"https://cdn.signal.org" //#define textSecureCDNServerURL @"https://cdn.signal.org"
// Use same reflector for service and CDN //// Use same reflector for service and CDN
#define textSecureServiceReflectorHost @"textsecure-service-reflected.whispersystems.org" //#define textSecureServiceReflectorHost @"textsecure-service-reflected.whispersystems.org"
#define textSecureCDNReflectorHost @"textsecure-service-reflected.whispersystems.org" //#define textSecureCDNReflectorHost @"textsecure-service-reflected.whispersystems.org"
//#else //#else
// //
@ -47,6 +47,13 @@ typedef NS_ENUM(NSInteger, TSWhisperMessageType) {
// //
//#endif //#endif
// Testing
#define textSecureWebSocketAPI @"wss://messaging.acton-signal.org/v1/websocket/"
#define textSecureServerURL @"https://messaging.acton-signal.org/"
#define textSecureCDNServerURL @"https://cdn-staging.signal.org"
#define textSecureServiceReflectorHost @"meek-signal-service-staging.appspot.com";
#define textSecureCDNReflectorHost @"meek-signal-cdn-staging.appspot.com";
#define textSecureAccountsAPI @"v1/accounts" #define textSecureAccountsAPI @"v1/accounts"
#define textSecureAttributesAPI @"/attributes/" #define textSecureAttributesAPI @"/attributes/"

Write Preview
Loading…
Cancel
Save