fix checkTrustedChallenge [rollback] + host

Signed-off-by: marinofaggiana <marino@marinofaggiana.com>

iOSClient/AppDelegate.swift

@@ -297,7 +297,7 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
         NCCommunicationCommon.shared.writeLog("initialize Main")
         
         // Clear error certificate
-        CCUtility.clearCertificateError(account)
+        NCNetworking.shared.certificatesError.removeAll()
         
         // Registeration push notification
         NCPushNotification.shared().pushNotification()
@@ -543,25 +543,24 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
     }
     
     @objc private func checkErrorNetworking() {
-        
+                
         if account == "" { return }
-        
+        guard let currentHost = URL(string: self.urlBase)?.host else { return }
+        guard let pushNotificationServerProxyHost = URL(string: NCBrandOptions.shared.pushNotificationServerProxy)?.host else { return }
+                
         // check unauthorized server (401/403)
         if CCUtility.getPassword(account)!.count == 0 {
             openLogin(viewController: window?.rootViewController, selector: NCGlobal.shared.introLogin, openLoginWeb: true)
         }
         
-        // check certificate untrusted (-1202)
-        let currentHost = URL(string: self.urlBase)?.host
-        let pushNotificationServerProxyHost = URL(string: NCBrandOptions.shared.pushNotificationServerProxy)?.host
-        if let host = CCUtility.getCertificateError(account), host == currentHost || host == pushNotificationServerProxyHost {
+        // check certificate untrusted (-1202)        
+        if NCNetworking.shared.certificatesError.contains(currentHost) || NCNetworking.shared.certificatesError.contains(pushNotificationServerProxyHost) {
+            
+            let alertController = UIAlertController(title: NSLocalizedString("_ssl_certificate_changed_", comment: ""), message: NSLocalizedString("_server_is_trusted_", comment: ""), preferredStyle: .alert)
             
-            let title = String.localizedStringWithFormat(NSLocalizedString("_ssl_certificate_changed_", comment: ""), host)
-            let alertController = UIAlertController(title: title, message: NSLocalizedString("_server_is_trusted_", comment: ""), preferredStyle: .alert)
-                        
             alertController.addAction(UIAlertAction(title: NSLocalizedString("_yes_", comment: ""), style: .default, handler: { action in
                 NCNetworking.shared.writeCertificate(url: self.urlBase)
-                CCUtility.clearCertificateError(self.account)
+                NCNetworking.shared.certificatesError.removeAll()
                 self.startTimerErrorNetworking()
             }))
             
@@ -569,14 +568,27 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
                 self.startTimerErrorNetworking()
             }))
             
-            alertController.addAction(UIAlertAction(title: NSLocalizedString("_certificate_details_", comment: ""), style: .default, handler: { action in
-                if let navigationController = UIStoryboard(name: "NCViewCertificateDetails", bundle: nil).instantiateInitialViewController() as? UINavigationController {
-                    let viewController = navigationController.topViewController as! NCViewCertificateDetails
-                    viewController.delegate = self
-                    viewController.host = host
-                    self.window?.rootViewController?.present(navigationController, animated: true)
-                }
-            }))
+            if NCNetworking.shared.certificatesError.contains(currentHost) {
+                alertController.addAction(UIAlertAction(title: NSLocalizedString("_certificate_details_", comment: ""), style: .default, handler: { action in
+                    if let navigationController = UIStoryboard(name: "NCViewCertificateDetails", bundle: nil).instantiateInitialViewController() as? UINavigationController {
+                        let viewController = navigationController.topViewController as! NCViewCertificateDetails
+                        viewController.delegate = self
+                        viewController.host = currentHost
+                        self.window?.rootViewController?.present(navigationController, animated: true)
+                    }
+                }))
+            }
+            
+            if NCNetworking.shared.certificatesError.contains(pushNotificationServerProxyHost) {
+                alertController.addAction(UIAlertAction(title: NSLocalizedString("_certificate_details_", comment: ""), style: .default, handler: { action in
+                    if let navigationController = UIStoryboard(name: "NCViewCertificateDetails", bundle: nil).instantiateInitialViewController() as? UINavigationController {
+                        let viewController = navigationController.topViewController as! NCViewCertificateDetails
+                        viewController.delegate = self
+                        viewController.host = pushNotificationServerProxyHost
+                        self.window?.rootViewController?.present(navigationController, animated: true)
+                    }
+                }))
+            }
             
             window?.rootViewController?.present(alertController, animated: true, completion: {
                 self.timerErrorNetworking?.invalidate()
@@ -616,9 +628,9 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
         }
         NCManageDatabase.shared.clearDatabase(account: account, removeAccount: true)
         
+        NCNetworking.shared.certificatesError.removeAll()
         CCUtility.clearAllKeysEnd(toEnd: account)
         CCUtility.clearAllKeysPushNotification(account)
-        CCUtility.clearCertificateError(account)
         CCUtility.setPassword(account, password: nil)
         
         if wipe {

iOSClient/Login/NCLogin.swift

@@ -350,8 +350,10 @@ class NCLogin: UIViewController, UITextFieldDelegate, NCLoginQRCodeDelegate {
                 NCUtility.shared.removeAllSettings()
             }
             
-            CCUtility.clearCertificateError(account)
-            
+            if let host = URL(string: url)?.host {
+                NCNetworking.shared.certificatesError = NCNetworking.shared.certificatesError.filter(){$0 != "host"}
+            }
+                                    
             NCManageDatabase.shared.deleteAccount(account)
             NCManageDatabase.shared.addAccount(account, urlBase: url, user: user, password: password)
             

iOSClient/Login/NCLoginWeb.swift

@@ -270,8 +270,8 @@ extension NCLoginWeb: WKNavigationDelegate {
             NCUtility.shared.removeAllSettings()
         }
         
-        // Clear certificate error 
-        CCUtility.clearCertificateError(account)
+        // Clear certificate error
+        NCNetworking.shared.certificatesError.removeAll()
 
         // Add new account
         NCManageDatabase.shared.deleteAccount(account)

iOSClient/Networking/NCNetworking.swift

@@ -47,6 +47,8 @@ import Queuer
     var downloadRequest: [String: DownloadRequest] = [:]
     var uploadRequest: [String: UploadRequest] = [:]
     var uploadMetadataInBackground: [String: tableMetadata] = [:]
+    
+    var certificatesError: [String] = []
 
     @objc public let sessionMaximumConnectionsPerHost = 5
     @objc public let sessionIdentifierBackground: String = "com.nextcloud.session.upload.background"
@@ -216,11 +218,7 @@ import Queuer
                 }
                 
                 if !trusted && !trustedV2 {
-                    #if !EXTENSION
-                    DispatchQueue.main.async {
-                        CCUtility.setCertificateError((UIApplication.shared.delegate as! AppDelegate).account, host:host)
-                    }
-                    #endif
+                    NCNetworking.shared.certificatesError.append(host)
                 }
             }
         }

iOSClient/Networking/NCNetworkingE2EE.swift

@@ -328,7 +328,7 @@ import Alamofire
                             } else if errorCode == Int(CFNetworkErrors.cfurlErrorServerCertificateUntrusted.rawValue) {
                             
                                 if let host = URL(string: metadata.urlBase)?.host {
-                                    CCUtility.setCertificateError(metadata.account, host: host)
+                                    NCNetworking.shared.certificatesError.append(host)
                                 }
                                 NCManageDatabase.shared.setMetadataSession(ocId: metadata.ocId, session: nil, sessionError: errorDescription, sessionTaskIdentifier: 0, status: NCGlobal.shared.metadataStatusUploadError)
                                                     

iOSClient/Security/NCViewCertificateDetails.swift

@@ -42,7 +42,7 @@ class NCViewCertificateDetails: UIViewController  {
     private let directoryCertificate = CCUtility.getDirectoryCerificates()!
 
     public var delegate: NCViewCertificateDetailsDelegate?
-    public var host: String?
+    @objc public var host: String?
 
     // MARK: - View Life Cycle
 

iOSClient/Settings/CCManageAccount.m

@@ -149,6 +149,15 @@
         [row.cellConfig setObject:NCBrandColor.shared.label forKey:@"textLabel.textColor"];
         row.action.formSelector = @selector(certificateDetails:);
         [section addFormRow:row];
+        
+        row = [XLFormRowDescriptor formRowDescriptorWithTag:@"certificatePNDetails" rowType:XLFormRowDescriptorTypeButton title:NSLocalizedString(@"_certificate_pn_details_", nil)];
+        row.cellConfigAtConfigure[@"backgroundColor"] = NCBrandColor.shared.secondarySystemGroupedBackground;
+        [row.cellConfig setObject:[UIFont systemFontOfSize:15.0] forKey:@"textLabel.font"];
+        [row.cellConfig setObject:[[UIImage imageNamed:@"lock-question"] imageWithColor:NCBrandColor.shared.gray size:25] forKey:@"imageView.image"];
+        [row.cellConfig setObject:@(NSTextAlignmentLeft) forKey:@"textLabel.textAlignment"];
+        [row.cellConfig setObject:NCBrandColor.shared.label forKey:@"textLabel.textColor"];
+        row.action.formSelector = @selector(certificatePNDetails:);
+        [section addFormRow:row];
     }
     
     // Section : USER INFORMATION -------------------------------------------
@@ -501,8 +510,25 @@
     [self deselectFormRow:sender];
     
     UINavigationController *navigationController = [[UIStoryboard storyboardWithName:@"NCViewCertificateDetails" bundle:nil] instantiateInitialViewController];
+    NCViewCertificateDetails *viewController = (NCViewCertificateDetails *)navigationController.topViewController;
+
+    NSURL *url = [NSURL URLWithString:appDelegate.urlBase];
+    viewController.host = [url host];
         
     [self presentViewController:navigationController animated:YES completion:nil];
 }
 
+- (void)certificatePNDetails:(XLFormRowDescriptor *)sender
+{
+    [self deselectFormRow:sender];
+    
+    UINavigationController *navigationController = [[UIStoryboard storyboardWithName:@"NCViewCertificateDetails" bundle:nil] instantiateInitialViewController];
+    NCViewCertificateDetails *viewController = (NCViewCertificateDetails *)navigationController.topViewController;
+        
+    NSURL *url = [NSURL URLWithString: NCBrandOptions.shared.pushNotificationServerProxy];
+    viewController.host = [url host];
+
+    [self presentViewController:navigationController animated:YES completion:nil];
+}
+
 @end

iOSClient/Supporting Files/en.lproj/Localizable.strings

@@ -736,8 +736,8 @@
 "_unknow_response_server_"              = "Unexpected response from server";
 "_user_authentication_required_"        = "User authentication required";
 "_file_directory_locked_"               = "File or directory locked";
-"_ssl_certificate_untrusted_"           = "The certificate for %@ is invalid";
-"_ssl_certificate_changed_"             = "The certificate for %@ seems to have changed";
+"_ssl_certificate_untrusted_"           = "The certificate for this server is invalid";
+"_ssl_certificate_changed_"             = "The certificate for this server seems to have changed";
 "_internal_server_"                     = "Internal server error";
 "_file_already_exists_"                 = "Could not complete the operation, a file with the same name exists";
 "_file_folder_not_exists_"              = "The source file wasn't found at the specified path";
@@ -787,7 +787,8 @@
 "Passcodes didn't match. Try again." = "Passcodes didn't match. Try again.";
 "Delete"                    = "Delete";
 "Cancel"                    = "Cancel";
-"_certificate_details_"     = "Certificate details";
+"_certificate_details_"     = "Certificate Server details";
+"_certificate_pn_details_"  = "Certificate Push Notification details";
 "_save_as_scan_"            = "Save as scan";
 "_modify_"                  = "Modify";
 "_overwrite_original_"      = "Overwrite original";

iOSClient/Utility/CCUtility.h

@@ -146,10 +146,6 @@
 
 + (NSData *)getDatabaseEncryptionKey;
 
-+ (NSString *)getCertificateError:(NSString *)account;
-+ (void)setCertificateError:(NSString *)account host:(NSString *)host;
-+ (void)clearCertificateError:(NSString *)account;
-
 + (BOOL)getDisableLocalCacheAfterUpload;
 + (void)setDisableLocalCacheAfterUpload:(BOOL)disable;
 

iOSClient/Utility/CCUtility.m

@@ -550,35 +550,6 @@
     [UICKeyChainStore setData:data forKey:@"databaseEncryptionKey" service:NCGlobal.shared.serviceShareKeyChain];
 }
 
-+ (NSString *)getCertificateError:(NSString *)account
-{
-    NSString *key = [@"certificateError" stringByAppendingString:account];
-    return [UICKeyChainStore stringForKey:key service:NCGlobal.shared.serviceShareKeyChain];
-}
-
-+ (void)setCertificateError:(NSString *)account host:(NSString *)host
-{
-    // In background do not write the error
-#if !defined(EXTENSION)
-    UIApplicationState state = [[UIApplication sharedApplication] applicationState];
-    if (state == UIApplicationStateBackground || state == UIApplicationStateInactive) {
-        return;
-    }
-    NSString *key = [@"certificateError" stringByAppendingString:account];
-    
-    [UICKeyChainStore setString:host forKey:key service:NCGlobal.shared.serviceShareKeyChain];
-#else
-    return;
-#endif
-}
-
-+ (void)clearCertificateError:(NSString *)account
-{
-    NSString *key = [@"certificateError" stringByAppendingString:account];
-    
-    [UICKeyChainStore setString:nil forKey:key service:NCGlobal.shared.serviceShareKeyChain];
-}
-
 + (BOOL)getDisableLocalCacheAfterUpload
 {
     return [[UICKeyChainStore stringForKey:@"disableLocalCacheAfterUpload" service:NCGlobal.shared.serviceShareKeyChain] boolValue];