signalapp/SocketRocket
signalapp/SocketRocket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: signalapp:master
Branches Tags
signalapp:master
signalapp:mkirk/handle-sec-err
signalapp:mkirk/sec-error
signalapp:pluggable-security-policies
signalapp:specify-ruby-2.2-to-fix-ci
signalapp:signal-ios
signalapp:lewis/rxswift
signalapp:lewis/dispatch-awesome
signalapp:gh-pages
signalapp:0.5.1
signalapp:0.5.0
signalapp:0.4.2
signalapp:0.4.1
signalapp:0.4
signalapp:v0.3.1-beta2
signalapp:v0.3.1-beta1
signalapp:v0.3.0-beta1
signalapp:saved-gh-pages
signalapp:v0.2.0
...
pull from: signalapp:mkirk/handle-sec-err
Branches Tags
signalapp:mkirk/handle-sec-err
signalapp:mkirk/sec-error
signalapp:master
signalapp:pluggable-security-policies
signalapp:specify-ruby-2.2-to-fix-ci
signalapp:signal-ios
signalapp:lewis/rxswift
signalapp:lewis/dispatch-awesome
signalapp:gh-pages
signalapp:0.5.1
signalapp:0.5.0
signalapp:0.4.2
signalapp:0.4.1
signalapp:0.4
signalapp:v0.3.1-beta2
signalapp:v0.3.1-beta1
signalapp:v0.3.0-beta1
signalapp:saved-gh-pages
signalapp:v0.2.0

3 Commits
master ... mkirk/hand

Author SHA1 Message Date
Michael Kirk
9f9563a83c Handle failure in random generation 2018-08-02 17:58:52 -06:00
Michael Kirk
7b6bec45b3 Consider random-data-generation as failing if data couldn't be allocated. 
Also, per docs, compare to the more readable `errSecSuccess` constant rather
than 0.
 2018-08-02 17:54:36 -06:00
Michael Kirk
d5b519fa14 Remove unused code 
In d3beb35574 creating the connection message was
extracted into the SRHTTPConnectMessageCreate function; However, generating the
secKey was pulled *outside* of that extracted method and passed in as a
parameter.  It looks like in the extraction process the now redundant
and unused key generation code was left in the extracted function.
 2018-08-02 17:51:07 -06:00
3 changed files with 9 additions and 13 deletions
Show Stats Expand all files Collapse all files

6
SocketRocket/Internal/Utilities/SRHTTPConnectMessage.m
View File

@ -35,12 +35,6 @@ CFHTTPMessageRef SRHTTPConnectMessageCreate(NSURLRequest *request,
// Set host first so it defaults
CFHTTPMessageSetHeaderFieldValue(message, CFSTR("Host"), (__bridge CFStringRef)_SRHTTPConnectMessageHost(url));
NSMutableData *keyBytes = [[NSMutableData alloc] initWithLength:16];
int result = SecRandomCopyBytes(kSecRandomDefault, keyBytes.length, keyBytes.mutableBytes);
if (result != 0) {
//TODO: (nlutsenko) Check if there was an error.
}
// Apply cookies if any have been provided
if (cookies) {
NSDictionary<NSString *, NSString *> *messageCookies = [NSHTTPCookie requestHeaderFieldsWithCookies:cookies];

8
SocketRocket/Internal/Utilities/SRRandom.m
View File

@ -15,9 +15,13 @@ NS_ASSUME_NONNULL_BEGIN
NSData *SRRandomData(NSUInteger length)
{
NSMutableData *data = [NSMutableData dataWithLength:length];
NSMutableData *_Nullable data = [NSMutableData dataWithLength:length];
if (data == nil) {
[NSException raise:NSInternalInconsistencyException format:@"Failed to allocate random data"];
}
int result = SecRandomCopyBytes(kSecRandomDefault, data.length, data.mutableBytes);
if (result != 0) {
if (result != errSecSuccess) {
[NSException raise:NSInternalInconsistencyException format:@"Failed to generate random bytes with OSStatus: %d", result];
}
return data;

8
SocketRocket/SRWebSocket.m
View File

@ -1380,12 +1380,10 @@ static const size_t SRFrameHeaderOverhead = 32;
const uint8_t *unmaskedPayloadBuffer = (uint8_t *)data.bytes;
uint8_t *maskKey = frameBuffer + frameBufferSize;
size_t randomBytesSize = sizeof(uint32_t);
int result = SecRandomCopyBytes(kSecRandomDefault, randomBytesSize, maskKey);
if (result != 0) {
//TODO: (nlutsenko) Check if there was an error.
}
NSData *randomData = SRRandomData(randomBytesSize);
[randomData getBytes:maskKey range:NSMakeRange(0, randomBytesSize)];
frameBufferSize += randomBytesSize;
// Copy and unmask the buffer