зеркало из https://github.com/github/AFNetworking.git
Merge pull request #1100 from dstnbrkr/remove-conditional-compilation
Remove conditional compilation (_AFNETWORKING_PIN_SSL_CERTIFICATES_)
This commit is contained in:
Коммит
ce9f3e44a4
|
@ -18,8 +18,6 @@ Pod::Spec.new do |s|
|
|||
s.prefix_header_contents = <<-EOS
|
||||
#import <Availability.h>
|
||||
|
||||
#define _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
|
||||
#if __IPHONE_OS_VERSION_MIN_REQUIRED
|
||||
#import <SystemConfiguration/SystemConfiguration.h>
|
||||
#import <MobileCoreServices/MobileCoreServices.h>
|
||||
|
|
|
@ -141,9 +141,7 @@ typedef enum {
|
|||
/**
|
||||
Default SSL pinning mode for each `AFHTTPRequestOperation` created by `HTTPRequestOperationWithRequest:success:failure:`.
|
||||
*/
|
||||
#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
@property (nonatomic, assign) AFURLConnectionOperationSSLPinningMode defaultSSLPinningMode;
|
||||
#endif
|
||||
|
||||
/**
|
||||
Whether each `AFHTTPRequestOperation` created by `HTTPRequestOperationWithRequest:success:failure:` should accept an invalid SSL certificate.
|
||||
|
|
|
@ -212,9 +212,7 @@ NSArray * AFQueryStringPairsFromKeyAndValue(NSString *key, id value) {
|
|||
@synthesize networkReachabilityStatus = _networkReachabilityStatus;
|
||||
@synthesize networkReachabilityStatusBlock = _networkReachabilityStatusBlock;
|
||||
#endif
|
||||
#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
@synthesize defaultSSLPinningMode = _defaultSSLPinningMode;
|
||||
#endif
|
||||
@synthesize allowsInvalidSSLCertificate = _allowsInvalidSSLCertificate;
|
||||
|
||||
+ (instancetype)clientWithBaseURL:(NSURL *)url {
|
||||
|
@ -556,9 +554,7 @@ static void AFNetworkReachabilityReleaseCallback(const void *info) {
|
|||
[operation setCompletionBlockWithSuccess:success failure:failure];
|
||||
|
||||
operation.credential = self.defaultCredential;
|
||||
#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
operation.SSLPinningMode = self.defaultSSLPinningMode;
|
||||
#endif
|
||||
operation.allowsInvalidSSLCertificate = self.allowsInvalidSSLCertificate;
|
||||
|
||||
return operation;
|
||||
|
|
|
@ -45,16 +45,8 @@
|
|||
- `connection:willCacheResponse:`
|
||||
- `connectionShouldUseCredentialStorage:`
|
||||
- `connection:needNewBodyStream:`
|
||||
|
||||
When _AFNETWORKING_PIN_SSL_CERTIFICATES_ is defined, the following authentication delegate method is implemented:
|
||||
|
||||
- `connection:willSendRequestForAuthenticationChallenge:`
|
||||
|
||||
Otherwise, the following authentication delegate methods are implemented:
|
||||
|
||||
- `connection:canAuthenticateAgainstProtectionSpace:`
|
||||
- `connection:didReceiveAuthenticationChallenge:`
|
||||
|
||||
If any of these methods are overridden in a subclass, they _must_ call the `super` implementation first.
|
||||
|
||||
## Class Constructors
|
||||
|
@ -73,7 +65,7 @@
|
|||
|
||||
SSL with certificate pinning is strongly recommended for any application that transmits sensitive information to an external webservice.
|
||||
|
||||
When `_AFNETWORKING_PIN_SSL_CERTIFICATES_` is defined and the Security framework is linked, connections will be validated on all matching certificates with a `.cer` extension in the bundle root.
|
||||
When `defaultSSLPinningMode` is defined on `AFHTTPClient` and the Security framework is linked, connections will be validated on all matching certificates with a `.cer` extension in the bundle root.
|
||||
|
||||
## NSCoding & NSCopying Conformance
|
||||
|
||||
|
@ -91,13 +83,11 @@
|
|||
- Operation copies do not include `completionBlock`. `completionBlock` often strongly captures a reference to `self`, which would otherwise have the unintuitive side-effect of pointing to the _original_ operation when copied.
|
||||
*/
|
||||
|
||||
#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
typedef enum {
|
||||
AFSSLPinningModeNone,
|
||||
AFSSLPinningModePublicKey,
|
||||
AFSSLPinningModeCertificate,
|
||||
} AFURLConnectionOperationSSLPinningMode;
|
||||
#endif
|
||||
|
||||
@interface AFURLConnectionOperation : NSOperation <NSURLConnectionDelegate,
|
||||
#if (defined(__IPHONE_OS_VERSION_MIN_REQUIRED) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 50000) || \
|
||||
|
@ -183,11 +173,9 @@ NSCoding, NSCopying>
|
|||
/**
|
||||
The pinning mode which will be used for SSL connections. `AFSSLPinningModePublicKey` by default.
|
||||
|
||||
To enable SSL Pinning, `#define _AFNETWORKING_PIN_SSL_CERTIFICATES_` in `Prefix.pch`. Also, make sure that the Security framework is linked with the binary. See the "SSL Pinning" section in the `AFURLConnectionOperation`" header for more information.
|
||||
SSL Pinning requires that the Security framework is linked with the binary. See the "SSL Pinning" section in the `AFURLConnectionOperation`" header for more information.
|
||||
*/
|
||||
#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
@property (nonatomic, assign) AFURLConnectionOperationSSLPinningMode SSLPinningMode;
|
||||
#endif
|
||||
|
||||
///------------------------
|
||||
/// @name Accessing Streams
|
||||
|
@ -289,7 +277,6 @@ NSCoding, NSCopying>
|
|||
/// @name Setting NSURLConnection Delegate Callbacks
|
||||
///-------------------------------------------------
|
||||
|
||||
#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
/**
|
||||
Sets a block to be executed when the connection will authenticate a challenge in order to download its request, as handled by the `NSURLConnectionDelegate` method `connection:willSendRequestForAuthenticationChallenge:`.
|
||||
|
||||
|
@ -299,28 +286,6 @@ NSCoding, NSCopying>
|
|||
*/
|
||||
- (void)setWillSendRequestForAuthenticationChallengeBlock:(void (^)(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge))block;
|
||||
|
||||
#else
|
||||
|
||||
/**
|
||||
Sets a block to be executed to determine whether the connection should be able to respond to a protection space's form of authentication, as handled by the `NSURLConnectionDelegate` method `connection:canAuthenticateAgainstProtectionSpace:`.
|
||||
|
||||
If `allowsInvalidSSLCertificate` is set to YES, `connection:canAuthenticateAgainstProtectionSpace:` will accept invalid SSL certificates, returning `YES` if the protection space authentication method is `NSURLAuthenticationMethodServerTrust`.
|
||||
|
||||
@param block A block object to be executed to determine whether the connection should be able to respond to a protection space's form of authentication. The block has a `BOOL` return type and takes two arguments: the URL connection object, and the protection space to authenticate against.
|
||||
*/
|
||||
- (void)setAuthenticationAgainstProtectionSpaceBlock:(BOOL (^)(NSURLConnection *connection, NSURLProtectionSpace *protectionSpace))block;
|
||||
|
||||
/**
|
||||
Sets a block to be executed when the connection must authenticate a challenge in order to download its request, as handled by the `NSURLConnectionDelegate` method `connection:didReceiveAuthenticationChallenge:`.
|
||||
|
||||
@param block A block object to be executed when the connection must authenticate a challenge in order to download its request. The block has no return type and takes two arguments: the URL connection object, and the challenge that must be authenticated.
|
||||
|
||||
If `allowsInvalidSSLCertificate` is set to YES, `connection:didReceiveAuthenticationChallenge:` will attempt to have the challenge sender use credentials with invalid SSL certificates.
|
||||
*/
|
||||
- (void)setAuthenticationChallengeBlock:(void (^)(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge))block;
|
||||
|
||||
#endif
|
||||
|
||||
/**
|
||||
Sets a block to be executed when the server redirects the request from one URL to another URL, or when the request URL changed by the `NSURLProtocol` subclass handling the request in order to standardize its format, as handled by the `NSURLConnectionDelegate` method `connection:willSendRequest:redirectResponse:`.
|
||||
|
||||
|
|
|
@ -56,9 +56,6 @@ NSString * const AFNetworkingOperationDidStartNotification = @"com.alamofire.net
|
|||
NSString * const AFNetworkingOperationDidFinishNotification = @"com.alamofire.networking.operation.finish";
|
||||
|
||||
typedef void (^AFURLConnectionOperationProgressBlock)(NSUInteger bytes, long long totalBytes, long long totalBytesExpected);
|
||||
#ifndef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
typedef BOOL (^AFURLConnectionOperationAuthenticationAgainstProtectionSpaceBlock)(NSURLConnection *connection, NSURLProtectionSpace *protectionSpace);
|
||||
#endif
|
||||
typedef void (^AFURLConnectionOperationAuthenticationChallengeBlock)(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge);
|
||||
typedef NSCachedURLResponse * (^AFURLConnectionOperationCacheResponseBlock)(NSURLConnection *connection, NSCachedURLResponse *cachedResponse);
|
||||
typedef NSURLRequest * (^AFURLConnectionOperationRedirectResponseBlock)(NSURLConnection *connection, NSURLRequest *request, NSURLResponse *redirectResponse);
|
||||
|
@ -142,9 +139,6 @@ static BOOL AFSecKeyIsEqualToKey(SecKeyRef key1, SecKeyRef key2) {
|
|||
@property (readwrite, nonatomic, assign) AFBackgroundTaskIdentifier backgroundTaskIdentifier;
|
||||
@property (readwrite, nonatomic, copy) AFURLConnectionOperationProgressBlock uploadProgress;
|
||||
@property (readwrite, nonatomic, copy) AFURLConnectionOperationProgressBlock downloadProgress;
|
||||
#ifndef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
@property (readwrite, nonatomic, copy) AFURLConnectionOperationAuthenticationAgainstProtectionSpaceBlock authenticationAgainstProtectionSpace;
|
||||
#endif
|
||||
@property (readwrite, nonatomic, copy) AFURLConnectionOperationAuthenticationChallengeBlock authenticationChallenge;
|
||||
@property (readwrite, nonatomic, copy) AFURLConnectionOperationCacheResponseBlock cacheResponse;
|
||||
@property (readwrite, nonatomic, copy) AFURLConnectionOperationRedirectResponseBlock redirectResponse;
|
||||
|
@ -170,18 +164,13 @@ static BOOL AFSecKeyIsEqualToKey(SecKeyRef key1, SecKeyRef key2) {
|
|||
@dynamic inputStream;
|
||||
@synthesize outputStream = _outputStream;
|
||||
@synthesize credential = _credential;
|
||||
#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
@synthesize SSLPinningMode = _SSLPinningMode;
|
||||
#endif
|
||||
@synthesize shouldUseCredentialStorage = _shouldUseCredentialStorage;
|
||||
@synthesize userInfo = _userInfo;
|
||||
@synthesize backgroundTaskIdentifier = _backgroundTaskIdentifier;
|
||||
@synthesize uploadProgress = _uploadProgress;
|
||||
@synthesize downloadProgress = _downloadProgress;
|
||||
@synthesize authenticationChallenge = _authenticationChallenge;
|
||||
#ifndef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
@synthesize authenticationAgainstProtectionSpace = _authenticationAgainstProtectionSpace;
|
||||
#endif
|
||||
@synthesize cacheResponse = _cacheResponse;
|
||||
@synthesize redirectResponse = _redirectResponse;
|
||||
@synthesize lock = _lock;
|
||||
|
@ -207,7 +196,6 @@ static BOOL AFSecKeyIsEqualToKey(SecKeyRef key1, SecKeyRef key2) {
|
|||
return _networkRequestThread;
|
||||
}
|
||||
|
||||
#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
+ (NSArray *)pinnedCertificates {
|
||||
static NSArray *_pinnedCertificates = nil;
|
||||
static dispatch_once_t onceToken;
|
||||
|
@ -265,7 +253,6 @@ static BOOL AFSecKeyIsEqualToKey(SecKeyRef key1, SecKeyRef key2) {
|
|||
|
||||
return _pinnedPublicKeys;
|
||||
}
|
||||
#endif
|
||||
|
||||
- (id)initWithRequest:(NSURLRequest *)urlRequest {
|
||||
NSParameterAssert(urlRequest);
|
||||
|
@ -394,24 +381,10 @@ static BOOL AFSecKeyIsEqualToKey(SecKeyRef key1, SecKeyRef key2) {
|
|||
self.downloadProgress = block;
|
||||
}
|
||||
|
||||
#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
|
||||
- (void)setWillSendRequestForAuthenticationChallengeBlock:(void (^)(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge))block {
|
||||
self.authenticationChallenge = block;
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
- (void)setAuthenticationAgainstProtectionSpaceBlock:(BOOL (^)(NSURLConnection *, NSURLProtectionSpace *))block {
|
||||
self.authenticationAgainstProtectionSpace = block;
|
||||
}
|
||||
|
||||
- (void)setAuthenticationChallengeBlock:(void (^)(NSURLConnection *connection, NSURLAuthenticationChallenge *challenge))block {
|
||||
self.authenticationChallenge = block;
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
- (void)setCacheResponseBlock:(NSCachedURLResponse * (^)(NSURLConnection *connection, NSCachedURLResponse *cachedResponse))block {
|
||||
self.cacheResponse = block;
|
||||
}
|
||||
|
@ -593,8 +566,6 @@ static BOOL AFSecKeyIsEqualToKey(SecKeyRef key1, SecKeyRef key2) {
|
|||
|
||||
#pragma mark - NSURLConnectionDelegate
|
||||
|
||||
#ifdef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
|
||||
- (void)connection:(NSURLConnection *)connection
|
||||
willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
|
||||
{
|
||||
|
@ -698,52 +669,6 @@ willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challe
|
|||
}
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
- (BOOL)connection:(NSURLConnection *)connection
|
||||
canAuthenticateAgainstProtectionSpace:(NSURLProtectionSpace *)protectionSpace
|
||||
{
|
||||
if (self.allowsInvalidSSLCertificate &&
|
||||
[protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
|
||||
return YES;
|
||||
}
|
||||
|
||||
if (self.authenticationAgainstProtectionSpace) {
|
||||
return self.authenticationAgainstProtectionSpace(connection, protectionSpace);
|
||||
} else if ([protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust] || [protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodClientCertificate]) {
|
||||
return NO;
|
||||
} else {
|
||||
return YES;
|
||||
}
|
||||
}
|
||||
|
||||
- (void)connection:(NSURLConnection *)connection
|
||||
didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge
|
||||
{
|
||||
|
||||
if (self.allowsInvalidSSLCertificate
|
||||
&& [challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]) {
|
||||
[challenge.sender useCredential:[NSURLCredential credentialForTrust:challenge.protectionSpace.serverTrust] forAuthenticationChallenge:challenge];
|
||||
return;
|
||||
}
|
||||
|
||||
if (self.authenticationChallenge) {
|
||||
self.authenticationChallenge(connection, challenge);
|
||||
} else {
|
||||
if ([challenge previousFailureCount] == 0) {
|
||||
if (self.credential) {
|
||||
[[challenge sender] useCredential:self.credential forAuthenticationChallenge:challenge];
|
||||
} else {
|
||||
[[challenge sender] continueWithoutCredentialForAuthenticationChallenge:challenge];
|
||||
}
|
||||
} else {
|
||||
[[challenge sender] continueWithoutCredentialForAuthenticationChallenge:challenge];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
- (BOOL)connectionShouldUseCredentialStorage:(NSURLConnection __unused *)connection {
|
||||
return self.shouldUseCredentialStorage;
|
||||
}
|
||||
|
@ -896,9 +821,6 @@ didReceiveResponse:(NSURLResponse *)response
|
|||
|
||||
operation.uploadProgress = self.uploadProgress;
|
||||
operation.downloadProgress = self.downloadProgress;
|
||||
#ifndef _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
operation.authenticationAgainstProtectionSpace = self.authenticationAgainstProtectionSpace;
|
||||
#endif
|
||||
operation.authenticationChallenge = self.authenticationChallenge;
|
||||
operation.cacheResponse = self.cacheResponse;
|
||||
operation.redirectResponse = self.redirectResponse;
|
||||
|
|
|
@ -7,6 +7,7 @@
|
|||
objects = {
|
||||
|
||||
/* Begin PBXBuildFile section */
|
||||
B304CCE8177D58DD00F4FC85 /* adn.cer in Resources */ = {isa = PBXBuildFile; fileRef = B304CCE7177D58DD00F4FC85 /* adn.cer */; };
|
||||
F8129C001591061B009BFE23 /* Cocoa.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = F8129BFF1591061B009BFE23 /* Cocoa.framework */; };
|
||||
F8129C321591073C009BFE23 /* AFAppDotNetAPIClient.m in Sources */ = {isa = PBXBuildFile; fileRef = F8129C251591073C009BFE23 /* AFAppDotNetAPIClient.m */; };
|
||||
F8129C341591073C009BFE23 /* Post.m in Sources */ = {isa = PBXBuildFile; fileRef = F8129C2B1591073C009BFE23 /* Post.m */; };
|
||||
|
@ -27,6 +28,7 @@
|
|||
/* End PBXBuildFile section */
|
||||
|
||||
/* Begin PBXFileReference section */
|
||||
B304CCE7177D58DD00F4FC85 /* adn.cer */ = {isa = PBXFileReference; lastKnownFileType = file; path = adn.cer; sourceTree = SOURCE_ROOT; };
|
||||
F8129BFB1591061B009BFE23 /* AFNetworking Example.app */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = "AFNetworking Example.app"; sourceTree = BUILT_PRODUCTS_DIR; };
|
||||
F8129BFF1591061B009BFE23 /* Cocoa.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Cocoa.framework; path = System/Library/Frameworks/Cocoa.framework; sourceTree = SDKROOT; };
|
||||
F8129C021591061B009BFE23 /* AppKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = AppKit.framework; path = System/Library/Frameworks/AppKit.framework; sourceTree = SDKROOT; };
|
||||
|
@ -139,6 +141,7 @@
|
|||
F8129C061591061B009BFE23 /* Supporting Files */ = {
|
||||
isa = PBXGroup;
|
||||
children = (
|
||||
B304CCE7177D58DD00F4FC85 /* adn.cer */,
|
||||
F8129C6E15910B15009BFE23 /* main.m */,
|
||||
F8129C7015910B3E009BFE23 /* MainMenu.xib */,
|
||||
);
|
||||
|
@ -238,6 +241,7 @@
|
|||
buildActionMask = 2147483647;
|
||||
files = (
|
||||
F8129C7115910B3E009BFE23 /* MainMenu.xib in Resources */,
|
||||
B304CCE8177D58DD00F4FC85 /* adn.cer in Resources */,
|
||||
);
|
||||
runOnlyForDeploymentPostprocessing = 0;
|
||||
};
|
||||
|
|
|
@ -1,7 +1,5 @@
|
|||
#import <Availability.h>
|
||||
|
||||
#define _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
|
||||
#if __IPHONE_OS_VERSION_MIN_REQUIRED
|
||||
#ifndef __IPHONE_3_0
|
||||
#warning "This project uses features only available in iPhone SDK 3.0 and later."
|
||||
|
|
|
@ -2,8 +2,6 @@
|
|||
// Prefix header for all source files of the 'AFNetworking' target in the 'AFNetworking' project
|
||||
//
|
||||
|
||||
#define _AFNETWORKING_PIN_SSL_CERTIFICATES_
|
||||
|
||||
#ifdef __OBJC__
|
||||
#import <Foundation/Foundation.h>
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче