keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'charlesmchen/censorship-circumvention-2'

Browse Source
pull/1/head
Matthew Chen 9 years ago
parent 52762a1be9 5b87af9bc6
commit a9340b06fd
5 changed files with 83 additions and 13 deletions
Show Stats Download Patch File Download Diff File

2
src/Network/OWSCensorshipConfiguration.h
Unescape Escape View File

@ -7,7 +7,7 @@ NS_ASSUME_NONNULL_BEGIN
@interface OWSCensorshipConfiguration : NSObject @interface OWSCensorshipConfiguration : NSObject
- (NSString *)frontingHost; - (NSString *)frontingHost:(NSString *)e164PhonNumber;
- (NSString *)reflectorHost; - (NSString *)reflectorHost;
- (BOOL)isCensoredPhoneNumber:(NSString *)e164PhonNumber; - (BOOL)isCensoredPhoneNumber:(NSString *)e164PhonNumber;

54
src/Network/OWSCensorshipConfiguration.m
Unescape Escape View File

@ -3,17 +3,33 @@
#import "OWSCensorshipConfiguration.h" #import "OWSCensorshipConfiguration.h"
#import "TSStorageManager.h" #import "TSStorageManager.h"
#import "Asserts.h"
NS_ASSUME_NONNULL_BEGIN NS_ASSUME_NONNULL_BEGIN
NSString *const OWSCensorshipConfigurationFrontingHost = @"https://google.com";
NSString *const OWSCensorshipConfigurationReflectorHost = @"signal-reflector-meek.appspot.com"; NSString *const OWSCensorshipConfigurationReflectorHost = @"signal-reflector-meek.appspot.com";
@implementation OWSCensorshipConfiguration @implementation OWSCensorshipConfiguration
- (NSString *)frontingHost - (NSString *)frontingHost:(NSString *)e164PhonNumber
{ {
return OWSCensorshipConfigurationFrontingHost; OWSAssert(e164PhonNumber.length > 0);
NSString *domain = nil;
for (NSString *countryCode in self.censoredCountryCodes) {
if ([e164PhonNumber hasPrefix:countryCode]) {
domain = self.censoredCountryCodes[countryCode];
}
}
// Fronting should only be used for countries specified in censoredCountryCodes,
// all of which have a domain specified.
OWSAssert(domain);
if (!domain) {
domain = @"google.com";
}
return [@"https://" stringByAppendingString:domain];
} }
- (NSString *)reflectorHost - (NSString *)reflectorHost
@ -21,13 +37,33 @@ NSString *const OWSCensorshipConfigurationReflectorHost = @"signal-reflector-mee
return OWSCensorshipConfigurationReflectorHost; return OWSCensorshipConfigurationReflectorHost;
} }
- (NSArray<NSString *> *)censoredCountryCodes - (NSDictionary<NSString *, NSString *> *)censoredCountryCodes
{ {
// Reports of censorship in: // The set of countries for which domain fronting should be used.
// Egypt //
// UAE // For each country, we should add the appropriate google domain,
return @[@"+20", // per: https://en.wikipedia.org/wiki/List_of_Google_domains
@"+971"]; //
// If we ever use any non-google domains for domain fronting,
// remember to:
//
// a) Add the appropriate pinning certificate(s) in
// SignalServiceKit.podspec.
// b) Update reflectorHost accordingly.
return @{
// Egypt
@"+20": @"google.com.eg",
// Cuba
@"+53": @"google.com.cu",
// Oman
@"+968": @"google.com.om",
// UAE
@"+971": @"google.ae",
// Iran
//
// There does not appear to be a specific Google domain for Iran.
@"+98": @"google.com",
};
} }
- (BOOL)isCensoredPhoneNumber:(NSString *)e164PhonNumber - (BOOL)isCensoredPhoneNumber:(NSString *)e164PhonNumber

9
src/Network/OWSSignalService.m
Unescape Escape View File

@ -1,12 +1,14 @@
// Created by Michael Kirk on 12/20/16. // Created by Michael Kirk on 12/20/16.
// Copyright © 2016 Open Whisper Systems. All rights reserved. // Copyright © 2016 Open Whisper Systems. All rights reserved.
#import <AFNetworking/AFHTTPSessionManager.h>
#import "OWSSignalService.h" #import "OWSSignalService.h"
#import "OWSCensorshipConfiguration.h" #import "OWSCensorshipConfiguration.h"
#import "OWSHTTPSecurityPolicy.h" #import "OWSHTTPSecurityPolicy.h"
#import "TSConstants.h" #import "TSConstants.h"
#import "TSAccountManager.h" #import "TSAccountManager.h"
#import <AFNetworking/AFHTTPSessionManager.h> #import "Asserts.h"
NS_ASSUME_NONNULL_BEGIN NS_ASSUME_NONNULL_BEGIN
@ -69,8 +71,11 @@ NS_ASSUME_NONNULL_BEGIN
- (AFHTTPSessionManager *)reflectorHTTPSessionManager - (AFHTTPSessionManager *)reflectorHTTPSessionManager
{ {
NSString *localNumber = [TSAccountManager localNumber];
OWSAssert(localNumber.length > 0);
// Target fronting domain // Target fronting domain
NSURL *baseURL = [[NSURL alloc] initWithString:self.censorshipConfiguration.frontingHost]; NSURL *baseURL = [[NSURL alloc] initWithString:[self.censorshipConfiguration frontingHost:localNumber]];
NSURLSessionConfiguration *sessionConf = NSURLSessionConfiguration.ephemeralSessionConfiguration; NSURLSessionConfiguration *sessionConf = NSURLSessionConfiguration.ephemeralSessionConfiguration;
AFHTTPSessionManager *sessionManager = AFHTTPSessionManager *sessionManager =
[[AFHTTPSessionManager alloc] initWithBaseURL:baseURL sessionConfiguration:sessionConf]; [[AFHTTPSessionManager alloc] initWithBaseURL:baseURL sessionConfiguration:sessionConf];

30
src/Util/Asserts.h
Unescape Escape View File

@ -0,0 +1,30 @@
//
// Asserts.h
//
// Copyright (c) 2016 Open Whisper Systems. All rights reserved.
//
#import <Foundation/Foundation.h>
#ifndef OWSAssert
#ifdef DEBUG
#define USE_ASSERTS
#define CONVERT_TO_STRING(X) #X
#define CONVERT_EXPR_TO_STRING(X) CONVERT_TO_STRING(X)
#define OWSAssert(X) \
if (!(X)) { \
NSLog(@"Assertion failed: %s", CONVERT_EXPR_TO_STRING(X)); \
NSAssert(0, @"Assertion failed: %s", CONVERT_EXPR_TO_STRING(X)); \
}
#else
#define OWSAssert(X)
#endif
#endif

1
src/Util/Cryptography.m
Unescape Escape View File

@ -10,7 +10,6 @@
#import <CommonCrypto/CommonHMAC.h> #import <CommonCrypto/CommonHMAC.h>
#import "Cryptography.h" #import "Cryptography.h"
#import "NSData+Base64.h" #import "NSData+Base64.h"
#define HMAC256_KEY_LENGTH 32 #define HMAC256_KEY_LENGTH 32

Write Preview
Loading…
Cancel
Save