First, `OWSHttpHeaders(httpHeaders:)` completely ignored its argument.
This doesn’t actually seem to have led to any bugs in practice; one time
the caller appears to have worked around the bug by adding the headers
again, and another time the caller relied on `allHTTPHeaderFields`
ignoring unrelated values.
Second, `URLRequest` has both `addValue` and `setValue` methods for its
headers. The former will construct a comma-separated list if the header
is already set, and the latter will replace it if it’s already set. (If
the header hasn’t been set, the two are equivalent, which is why call
sites weren’t broken even though they used the wrong method.) This was
broken only in multi-part uploads, but it was broken for "User-Agent"
and "Accept-Language", both of which are non-critical.
Third, `URLRequest`’s `allHTTPHeaderFields` doesn’t behave the way you
might expect. There’s a unit test which demonstrates some of the weird
behaviors, but any fields that aren’t present in the assigned value
aren’t touched. It seems as though most code was written as if calling
this method would fully replace *all* the HTTP headers. (The
`replace(…)` and `removeAllHeaders` methods have been removed because
they didn’t do what you’d think, and they weren’t necessary.)
Also:
* Remove Obj-C support from OWSHttpHeaders
* Move & simplify tests for HTTP Retry-After header
* Remove unused `asConnectionFailureError` method
added mainnet 3.0.0 MobileCoin enclave measurements, and updated flow of attestation measurements to attestations so hardening advisories match the measurements that need them.
Change license to AGPL
This commit:
- Updates the `LICENSE` file
- Start every file with something like:
// Copyright YEAR_FIRST_PUBLISHED Signal Messenger, LLC
// SPDX-License-Identifier: AGPL-3.0-only
---
First, I removed existing license headers with this Ruby 3.1.2 script:
require 'set'
EXTENSIONS_TO_CHECK = Set['.h', '.hpp', '.cpp', '.m', '.mm', '.pch', '.swift']
same = 0
different = 0
all_files = `git ls-files`.lines.map { |line| line.strip }
all_files.each do |relative_path|
if relative_path == 'Pods'
next
end
unless EXTENSIONS_TO_CHECK.include? File.extname(relative_path)
next
end
path = File.expand_path(relative_path)
contents = File.read(path)
new_contents = contents.sub(/\/\/\n\/\/ Copyright .*\n\/\/\n\n/, '')
if contents == new_contents
same += 1
else
different += 1
end
File.write(path, new_contents)
end
puts "updated #{different} file(s), left #{same} untouched"
I'm sure this script could be improved, but it worked well enough.
Then, I created `Scripts/lint/lint-license-headers` and ran it to auto-
fix a lot of files. This changed the mode of some files, but I think
that's actually desirable. For example,
`SignalServiceKit/src/Util/AppContext.m` previously had a mode of
`0755/-rwxr-xr-x`, and it's now `0644/-rw-r--r--`.
Then I fixed some stragglers and updated the precommit script.
See [a similar change in the Desktop app][0].
[0]: 8bfaf598af
* update MobileCoin to release v1.2.x, add new 1.2.x testNet enclave
values, migrate deprecated function calls to new alternatives.
* Add new top-level error to convertMCError
use staging for now
* Add mainnet enclave values, revert production/staging environment change from testing. Add comment about libmobilecoin static libraries needing to be built on signal build machine.
* add 2.x series enclave measurements
* Add intel hardening advisory for the new 2.x series of enclaves. This hardening advisory being added has no effect on the 1.2.x enclaves, but is required for the 2.x enclaves.
* Remove commented enclave measurements, change Logger.error to Logger.warn (some failed requests is expected for long-living connections), Add in new testNet enclave measurements
* Update to LibMobileCoin v1.2.2
Co-authored-by: Nora Trapp <nora@signal.org>
This fixes 10 of our Xcode warnings:
- `MessageReactionPicker.swift` was declaring a variable and not using
it, leading to "Immutable value 'emoji' was never used". I simply
removed it.
- `Stripe.swift` had a bunch of unnecessary `public`s, which caused
"'public' modifier is redundant for static property declared in a
public extension".
- `SubscriptionManager.swift` had an unnecessary `try`, causing "No
calls to throwing functions occur within 'try' expression".
- `CallService.swift:696` was calling a function and not using its
result, so I annotated that function with `@discardableResult`.
- `MobileCoinAPI+Configuration.swift` declared a variable with `var`
that should've used `let`.
Nothing major here, but wanted to find ones that were easy to fix.
Promise chain in the HttpRequester did not handle connection errors
correctly. It was mapping all errors in the catch block to "No response"
or the equivalent of "request failed and it does not have a status code"
whereas in reality the errors in that catch block did have a status code
and should be passed into the completion handler for re-attestation or
similar. Fix checks for a valid status code from the error object in the
catch block and if present passes it to the completion handler as a
.success, otherwise, return a connection error sans the statusCode.
