evie/AFNetworking
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #1450 from mdornseif/pinningNoKeyWarning_1.x

Browse source 
1.x: Assert that no impossible pinning configuration exists
This commit is contained in:
Mattt Thompson 2013-10-10 19:29:40 -07:00
commit ebe5c7af31
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
AFNetworking/AFURLConnectionOperation.m
View file

@ -623,7 +623,8 @@ willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challe
switch (self.SSLPinningMode) { switch (self.SSLPinningMode) {
case AFSSLPinningModePublicKey: { case AFSSLPinningModePublicKey: {
NSArray *pinnedPublicKeys = [self.class pinnedPublicKeys]; NSArray *pinnedPublicKeys = [self.class pinnedPublicKeys];
NSAssert([pinnedPublicKeys count] > 0, @"AFSSLPinningModePublicKey needs at least one key file in the application bundle");
for (id publicKey in trustChain) { for (id publicKey in trustChain) {
for (id pinnedPublicKey in pinnedPublicKeys) { for (id pinnedPublicKey in pinnedPublicKeys) {
if (AFSecKeyIsEqualToKey((__bridge SecKeyRef)publicKey, (__bridge SecKeyRef)pinnedPublicKey)) { if (AFSecKeyIsEqualToKey((__bridge SecKeyRef)publicKey, (__bridge SecKeyRef)pinnedPublicKey)) {
@ -639,6 +640,7 @@ willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challe
break; break;
} }
case AFSSLPinningModeCertificate: { case AFSSLPinningModeCertificate: {
NSAssert([[self.class pinnedCertificates] count] > 0, @"AFSSLPinningModeCertificate needs at least one certificate file in the application bundle");
for (id serverCertificateData in trustChain) { for (id serverCertificateData in trustChain) {
if ([[self.class pinnedCertificates] containsObject:serverCertificateData]) { if ([[self.class pinnedCertificates] containsObject:serverCertificateData]) {
NSURLCredential *credential = [NSURLCredential credentialForTrust:serverTrust]; NSURLCredential *credential = [NSURLCredential credentialForTrust:serverTrust];