diff --git a/Classes/BuschJaegerConfiguration.m b/Classes/BuschJaegerConfiguration.m index 292cdbf58..0e33e889d 100644 --- a/Classes/BuschJaegerConfiguration.m +++ b/Classes/BuschJaegerConfiguration.m @@ -197,15 +197,17 @@ - (BOOL)downloadCertificates:(id)delegate { if(network.tlsCertificate && [network.tlsCertificate length] > 0) { - NSURL *url = [NSURL URLWithString:network.tlsCertificate]; - if(url != nil) { - NSURLRequest *request = [NSURLRequest requestWithURL:url cachePolicy:NSURLRequestReloadIgnoringLocalAndRemoteCacheData timeoutInterval:5]; - if(request != nil) { + NSURL *pemUrl = [NSURL URLWithString:network.tlsCertificate]; + NSURL *derUrl = [NSURL URLWithString:network.derCertificate]; + if(pemUrl != nil && derUrl != nil) { + NSURLRequest *pemRequest = [NSURLRequest requestWithURL:pemUrl cachePolicy:NSURLRequestReloadIgnoringLocalAndRemoteCacheData timeoutInterval:5]; + NSURLRequest *derRequest = [NSURLRequest requestWithURL:pemUrl cachePolicy:NSURLRequestReloadIgnoringLocalAndRemoteCacheData timeoutInterval:5]; + if(pemRequest != nil && derRequest != nil) { dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, (unsigned long)NULL), ^(void) { NSURLResponse *response = nil; NSError *error = nil; NSData *data = nil; - data = [NSURLConnection sendSynchronousRequest:request returningResponse:&response error:&error delegate:self]; + data = [NSURLConnection sendSynchronousRequest:pemRequest returningResponse:&response error:&error delegate:self]; if(data == nil) { dispatch_async(dispatch_get_main_queue(), ^{ [delegate buschJaegerConfigurationError:[error localizedDescription]]; @@ -213,24 +215,52 @@ } else { NSHTTPURLResponse *urlResponse = (NSHTTPURLResponse*) response; if(urlResponse.statusCode == 200) { - if([data writeToFile:[LinphoneManager documentFile:kLinphonePEMPath] atomically:TRUE]) { - [self reloadCertificates]; - dispatch_async(dispatch_get_main_queue(), ^{ - [delegate buschJaegerConfigurationSuccess]; - }); - } else { + if(![data writeToFile:[LinphoneManager documentFile:kLinphonePEMPath] atomically:TRUE]) { [self reset]; dispatch_async(dispatch_get_main_queue(), ^{ [delegate buschJaegerConfigurationError:NSLocalizedString(@"Unknown issue when saving configuration", nil)]; }); + return; } } else { [self reset]; dispatch_async(dispatch_get_main_queue(), ^{ [delegate buschJaegerConfigurationError:[NSString stringWithFormat:@"Request not succeed (Status code:%d)", urlResponse.statusCode]]; }); + return; } } + + error = nil; + data = nil; + data = [NSURLConnection sendSynchronousRequest:derRequest returningResponse:&response error:&error delegate:self]; + if(data == nil) { + dispatch_async(dispatch_get_main_queue(), ^{ + [delegate buschJaegerConfigurationError:[error localizedDescription]]; + }); + } else { + NSHTTPURLResponse *urlResponse = (NSHTTPURLResponse*) response; + if(urlResponse.statusCode == 200) { + if(![data writeToFile:[LinphoneManager documentFile:kLinphoneDERPath] atomically:TRUE]) { + [self reset]; + dispatch_async(dispatch_get_main_queue(), ^{ + [delegate buschJaegerConfigurationError:NSLocalizedString(@"Unknown issue when saving configuration", nil)]; + }); + return; + } + } else { + [self reset]; + dispatch_async(dispatch_get_main_queue(), ^{ + [delegate buschJaegerConfigurationError:[NSString stringWithFormat:@"Request not succeed (Status code:%d)", urlResponse.statusCode]]; + }); + return; + } + } + + [self reloadCertificates]; + dispatch_async(dispatch_get_main_queue(), ^{ + [delegate buschJaegerConfigurationSuccess]; + }); }); return TRUE; } @@ -248,6 +278,8 @@ } - (void)reloadCertificates { + [[LinphoneManager instance] destroyLibLinphone]; + [[LinphoneManager instance] startLibLinphone]; [self unloadCertificates]; [self loadCertificates]; } @@ -258,7 +290,7 @@ CFRelease(certificates); certificates = NULL; } - NSData *data = [NSData dataWithContentsOfFile:[LinphoneManager documentFile:kLinphonePEMPath]]; + NSData *data = [NSData dataWithContentsOfFile:[LinphoneManager documentFile:kLinphoneDERPath]]; if(data != NULL) { SecCertificateRef rootcert = SecCertificateCreateWithData(kCFAllocatorDefault, (CFDataRef)data); if(rootcert) { @@ -481,7 +513,7 @@ NSArray *anchors = (NSArray*)certificates; SecTrustSetAnchorCertificates(trust, (CFArrayRef)anchors); SecTrustSetAnchorCertificatesOnly(trust, YES); - + SecPolicyCreateBasicX509() SecTrustResultType result = kSecTrustResultInvalid; OSStatus sanityChesk = SecTrustEvaluate(trust, &result); diff --git a/Classes/LinphoneManager.h b/Classes/LinphoneManager.h index a1907d7f4..2e3c1afff 100644 --- a/Classes/LinphoneManager.h +++ b/Classes/LinphoneManager.h @@ -44,6 +44,7 @@ extern NSString *const kLinphoneMainViewChange; extern NSString *const kLinphoneConfigurationUpdate; extern NSString *const kLinphoneConfigurationPath; extern NSString *const kLinphonePEMPath; +extern NSString *const kLinphoneDERPath; /**/ extern NSString *const kLinphoneAddressBookUpdate; extern NSString *const kLinphoneLogsUpdate; diff --git a/Classes/LinphoneManager.m b/Classes/LinphoneManager.m index 3a918a6cf..15564c72b 100644 --- a/Classes/LinphoneManager.m +++ b/Classes/LinphoneManager.m @@ -53,7 +53,8 @@ NSString *const kLinphoneRegistrationUpdate = @"LinphoneRegistrationUpdate"; /* MODIFICATION: Add buschjaeger configuration event */ NSString *const kLinphoneConfigurationUpdate = @"LinphoneConfigurationUpdate"; NSString *const kLinphoneConfigurationPath = @"buschjaeger.ini"; -NSString *const kLinphonePEMPath = @"certificates"; +NSString *const kLinphonePEMPath = @"cert.pem"; +NSString *const kLinphoneDERPath = @"cert.der"; /**/ NSString *const kLinphoneAddressBookUpdate = @"LinphoneAddressBookUpdate"; NSString *const kLinphoneMainViewChange = @"LinphoneMainViewChange"; @@ -656,7 +657,10 @@ static LinphoneCoreVTable linphonec_vtable = { NSString* factoryConfig = [LinphoneManager bundleFile:[LinphoneManager runningOnIpad]?@"linphonerc-factory~ipad":@"linphonerc-factory"]; NSString *confiFileName = [LinphoneManager documentFile:@".linphonerc"]; NSString *zrtpSecretsFileName = [LinphoneManager documentFile:@"zrtp_secrets"]; + /* MODIFICATION: Change ROOTCA const char* lRootCa = [[LinphoneManager bundleFile:@"rootca.pem"] cStringUsingEncoding:[NSString defaultCStringEncoding]]; + */ + connectivity = none; signal(SIGPIPE, SIG_IGN); //log management @@ -688,7 +692,7 @@ static LinphoneCoreVTable linphonec_vtable = { fastAddressBook = [[FastAddressBook alloc] init]; */ - linphone_core_set_root_ca(theLinphoneCore, lRootCa); + linphone_core_set_root_ca(theLinphoneCore, [[LinphoneManager documentFile:kLinphonePEMPath] UTF8String]); // Set audio assets const char* lRing = [[LinphoneManager bundleFile:@"ring.wav"] cStringUsingEncoding:[NSString defaultCStringEncoding]]; linphone_core_set_ring(theLinphoneCore, lRing); @@ -1161,8 +1165,6 @@ static void audioRouteChangeListenerCallback ( linphone_core_disable_logs(); } - NSBundle* myBundle = [NSBundle mainBundle]; - /* unregister before modifying any settings */ { LinphoneProxyConfig* proxyCfg; @@ -1182,14 +1184,15 @@ static void audioRouteChangeListenerCallback ( } } } - + /* MODIFICATION: Change ROOTCA const char* lRootCa = [[myBundle pathForResource:@"rootca"ofType:@"pem"] cStringUsingEncoding:[NSString defaultCStringEncoding]]; - linphone_core_set_root_ca(theLinphoneCore, lRootCa); + */ + linphone_core_set_root_ca(theLinphoneCore, [[LinphoneManager documentFile:kLinphonePEMPath] UTF8String]); NSString* transport = [[NSUserDefaults standardUserDefaults] stringForKey:@"transport_preference"]; LCSipTransports transportValue; - if (transport!=nil) { + if (transport != nil) { if (linphone_core_get_sip_transports(theLinphoneCore, &transportValue)) { [LinphoneLogger logc:LinphoneLoggerError format:"cannot get current transport"]; } diff --git a/Classes/Model/Network.h b/Classes/Model/Network.h index 767f92691..a5ca471aa 100644 --- a/Classes/Model/Network.h +++ b/Classes/Model/Network.h @@ -27,6 +27,7 @@ @property (copy) NSString* localHistory; @property (copy) NSString* globalHistory; @property (copy) NSString* tlsCertificate; +@property (copy) NSString* derCertificate; - (NSString*)write; + (id)parse:(NSString*)section array:(NSArray*)array; diff --git a/Classes/Model/Network.m b/Classes/Model/Network.m index ed4a231d1..cab3f105e 100644 --- a/Classes/Model/Network.m +++ b/Classes/Model/Network.m @@ -29,6 +29,7 @@ @synthesize localHistory; @synthesize globalHistory; @synthesize tlsCertificate; +@synthesize derCertificate; /* domain=abb @@ -40,7 +41,9 @@ global-history=http://welcome.dyndns.org:8080/history.ini - tls-certificate=http://192.168.1.1:8080/cert.pem + tls-certificate=http://192.168.1.1:8080/cert.pem + + der-certificate=http://192.168.1.1:8080/cert.der */ - (void)dealloc { @@ -63,6 +66,7 @@ [str appendString:[NSString stringWithFormat:@"local-history=%@\n", localHistory]]; [str appendString:[NSString stringWithFormat:@"global-history=%@\n", globalHistory]]; [str appendString:[NSString stringWithFormat:@"tls-certificate=%@\n", tlsCertificate]]; + [str appendString:[NSString stringWithFormat:@"der-certificate=%@\n", derCertificate]]; return str; } @@ -85,6 +89,8 @@ net.globalHistory = param; } else if((param = [BuschJaegerConfiguration getRegexValue:@"^tls-certificate=(.*)$" data:entry]) != nil) { net.tlsCertificate = param; + } else if((param = [BuschJaegerConfiguration getRegexValue:@"^der-certificate=(.*)$" data:entry]) != nil) { + net.derCertificate = param; } else if([[entry stringByTrimmingCharactersInSet:[NSCharacterSet whitespaceCharacterSet]] length] != 0){ [LinphoneLogger log:LinphoneLoggerWarning format:@"Unknown entry in %@ section: %@", section, entry]; }