mirror of
https://github.com/moonlight-stream/moonlight-ios.git
synced 2026-02-16 10:31:02 +00:00
Assert only in the cert untrusted error path
This commit is contained in:
@@ -114,21 +114,24 @@ static const NSString* HTTPS_PORT = @"47984";
|
||||
[self executeRequestSynchronously:request];
|
||||
}
|
||||
}
|
||||
else if (_error && [_error code] == NSURLErrorServerCertificateUntrusted && request.fallbackRequest) {
|
||||
// This will fall back to HTTP on serverinfo queries to allow us to pair again
|
||||
// and get the server cert updated.
|
||||
Log(LOG_D, @"Attempting fallback request after certificate trust failure");
|
||||
request.request = request.fallbackRequest;
|
||||
request.fallbackError = 0;
|
||||
request.fallbackRequest = NULL;
|
||||
[self executeRequestSynchronously:request];
|
||||
else if (_error && [_error code] == NSURLErrorServerCertificateUntrusted) {
|
||||
// We must have a pinned cert for HTTPS. If we fail, it must be due to
|
||||
// a non-matching cert, not because we had no cert at all.
|
||||
assert(_serverCert != nil);
|
||||
|
||||
if (request.fallbackRequest) {
|
||||
// This will fall back to HTTP on serverinfo queries to allow us to pair again
|
||||
// and get the server cert updated.
|
||||
Log(LOG_D, @"Attempting fallback request after certificate trust failure");
|
||||
request.request = request.fallbackRequest;
|
||||
request.fallbackError = 0;
|
||||
request.fallbackRequest = NULL;
|
||||
[self executeRequestSynchronously:request];
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
- (NSURLRequest*) createRequestFromString:(NSString*) urlString timeout:(int)timeout {
|
||||
// Assert that we only issue HTTPS requests with a pinned cert
|
||||
assert([urlString hasPrefix:@"http://"] || _serverCert != nil);
|
||||
|
||||
NSURL* url = [[NSURL alloc] initWithString:urlString];
|
||||
NSMutableURLRequest* request = [NSMutableURLRequest requestWithURL:url];
|
||||
[request setTimeoutInterval:timeout];
|
||||
|
||||
Reference in New Issue
Block a user