Fix ServerTrustError crash. #4553
Conversation
* Update readme, add stale bot, add issue template, add pull request template * Update copy from Alamofire * Fix crash on nil serverTrust * Expose server trust error * add test for error throws * Fix nullability
Co-authored-by: Jon Shier <jon@jonshier.com>
This reverts commit 111352b. # Conflicts: # AFNetworking/AFURLSessionManager.m
|
@0xced Since you commented on the other PR, would you mind taking a look? @Kaspik @ElfSundae This combines your previous PRs. Please take a look when you get a chance to ensure it matches your expectation. |
| @@ -28,6 +28,12 @@ @interface AFHTTPSessionManagerTests : AFTestCase | |||
| @property (readwrite, nonatomic, strong) AFHTTPSessionManager *sessionManager; | |||
| @end | |||
|
|
|||
| @interface AFURLSessionManager (Testing) | |||
|
|
|||
| - (nonnull NSError *)serverTrustErrorForServerTrust:(SecTrustRef)serverTrust url:(NSURL *)url; | |||
There was a problem hiding this comment.
ServerTrust and url could have nullability too. :)
|
I think this may be a bit over-processing.
|
|
Unfortunately those are not API level guarantees, so they can't form the basis of our implementation. Both the I'll double check the nullability. |
|
Doesn't look like Edit: Appears you need to mark it explicitly for it to show up. |
* Replace instead of appending to the default header * Add tests for setting HTTP headers per request
|
Merging this for release, but still feel free to review, @0xced. |
* commit '77ef5fed64d98107acd177a90182163a20ba4567': (31 commits) Use low priority queue instead of background for SCNetworkReachabilityGetFlags() (AFNetworking#4587) Exempt "needs investigation" from stalebot. Only mark unlabeled issues as stale. Loop over only changed keypaths in request serializer (AFNetworking#4581) Disable 'Zombie Objects' diagnostics for tvOS scheme (AFNetworking#4572) Fix docblock for setAuthenticationChallengeHandler (AFNetworking#4574) Fix type in CHANGELOG. (AFNetworking#4562) Prepare 4.0.1 Release (AFNetworking#4555) Fix ServerTrustError crash. (AFNetworking#4553) Fix SPM usage with better publicHeadersPath. (AFNetworking#4554) Replace instead of appending to the default header (AFNetworking#4550) Fix nullability (AFNetworking#4551) Update CHANGELOG.md (AFNetworking#4537) Fix UIKit+AFNetworking.h (AFNetworking#4536) Remove unused UIImage+AFNetworking.h (AFNetworking#4535) Separate bundle identifier for watchOS target (AFNetworking#4533) Fix MobileCoreServices renamed warning, close #4520 (AFNetworking#4532) Add FOUNDATION_EXPORT for AFJSONObjectByRemovingKeysWithNullValues (AFNetworking#4529) (Infra) Make infra changes to cleanup project and simplify its maintenance (AFNetworking#4531) Improve podspec (AFNetworking#4528) ... # Conflicts: # Framework/AFNetworking.h
Issue Link 🔗
#4541
Goals ⚽
This PR builds on #4542 and #4552 to fix the crash seen when attempting to create an error for a
nilSecTrustRef. It combines both approaches:[challenge.protectionSpace.authenticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust]isYES.userInfodictionary, as even in theNSURLAuthenticationMethodServerTrustcase, the values can benil.Implementation Details 🚧
This PR makes the previous
convenience function into an internal method on
AFURLSessionManagerto enable testing and adds additional checking internally to ensure no
nilvalues are inserted into the dictionary.Testing Details 🔍
Tests were added for each permutation of parameters to the new method. To enable this, a
SecTrustcreation function was moved intoAFTestCaseto enable its use in other tests.