fix checkTrustedChallenge [rollback] + host

Signed-off-by: marinofaggiana <marino@marinofaggiana.com>

iOSClient/AppDelegate.swift

@@ -297,7 +297,7 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
         NCCommunicationCommon.shared.writeLog("initialize Main")
         
         // Clear error certificate
-        NCNetworking.shared.certificatesError.removeAll()
+        NCNetworking.shared.certificatesError = nil
         
         // Registeration push notification
         NCPushNotification.shared().pushNotification()
@@ -550,7 +550,6 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
                 
         if account == "" { return }
         guard let currentHost = URL(string: self.urlBase)?.host else { return }
-        guard let pushNotificationServerProxyHost = URL(string: NCBrandOptions.shared.pushNotificationServerProxy)?.host else { return }
                 
         // check unauthorized server (401/403)
         if CCUtility.getPassword(account)!.count == 0 {
@@ -558,15 +557,12 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
         }
         
         // check certificate untrusted (-1202)        
-        if NCNetworking.shared.certificatesError.contains(currentHost) || NCNetworking.shared.certificatesError.contains(pushNotificationServerProxyHost) {
+        if NCNetworking.shared.certificatesError == currentHost {
             
-            let directoryCertificate = CCUtility.getDirectoryCerificates()!
-            let certificateHostSavedPath = directoryCertificate + "/" + currentHost + ".der"
-            let certificatePushNotificationServerProxySavedPath = directoryCertificate + "/" + pushNotificationServerProxyHost + ".der"
+            let certificateHostSavedPath = CCUtility.getDirectoryCerificates()! + "/" + currentHost + ".der"
             var title = NSLocalizedString("_ssl_certificate_changed_", comment: "")
             
-            if (NCNetworking.shared.certificatesError.contains(currentHost) && !FileManager.default.fileExists(atPath: certificateHostSavedPath)) || (NCNetworking.shared.certificatesError.contains(pushNotificationServerProxyHost) && !FileManager.default.fileExists(atPath: certificatePushNotificationServerProxySavedPath)) {
-                
+            if !FileManager.default.fileExists(atPath: certificateHostSavedPath) {
                 title = NSLocalizedString("_connect_server_anyway_", comment: "")
             }
             
@@ -574,44 +570,25 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
             
             alertController.addAction(UIAlertAction(title: NSLocalizedString("_yes_", comment: ""), style: .default, handler: { action in
                 
-                if NCNetworking.shared.certificatesError.contains(currentHost) {
-                    NCNetworking.shared.writeCertificate(host: currentHost)
-                }
-                if NCNetworking.shared.certificatesError.contains(pushNotificationServerProxyHost) {
-                    NCNetworking.shared.writeCertificate(host: pushNotificationServerProxyHost)
-                }
-                
-                NCNetworking.shared.certificatesError.removeAll()
+                NCNetworking.shared.writeCertificate(host: currentHost)
+                NCNetworking.shared.certificatesError = nil
                 self.startTimerErrorNetworking()
             }))
             
             alertController.addAction(UIAlertAction(title: NSLocalizedString("_no_", comment: ""), style: .default, handler: { action in
                 
-                NCNetworking.shared.certificatesError.removeAll()
+                NCNetworking.shared.certificatesError = nil
                 self.startTimerErrorNetworking()
             }))
             
-            if NCNetworking.shared.certificatesError.contains(currentHost) {
-                alertController.addAction(UIAlertAction(title: NSLocalizedString("_certificate_details_", comment: ""), style: .default, handler: { action in
-                    if let navigationController = UIStoryboard(name: "NCViewCertificateDetails", bundle: nil).instantiateInitialViewController() as? UINavigationController {
-                        let viewController = navigationController.topViewController as! NCViewCertificateDetails
-                        viewController.delegate = self
-                        viewController.host = currentHost
-                        self.window?.rootViewController?.present(navigationController, animated: true)
-                    }
-                }))
-            }
-            
-            if NCNetworking.shared.certificatesError.contains(pushNotificationServerProxyHost) {
-                alertController.addAction(UIAlertAction(title: NSLocalizedString("_certificate_pn_details_", comment: ""), style: .default, handler: { action in
-                    if let navigationController = UIStoryboard(name: "NCViewCertificateDetails", bundle: nil).instantiateInitialViewController() as? UINavigationController {
-                        let viewController = navigationController.topViewController as! NCViewCertificateDetails
-                        viewController.delegate = self
-                        viewController.host = pushNotificationServerProxyHost
-                        self.window?.rootViewController?.present(navigationController, animated: true)
-                    }
-                }))
-            }
+            alertController.addAction(UIAlertAction(title: NSLocalizedString("_certificate_details_", comment: ""), style: .default, handler: { action in
+                if let navigationController = UIStoryboard(name: "NCViewCertificateDetails", bundle: nil).instantiateInitialViewController() as? UINavigationController {
+                    let viewController = navigationController.topViewController as! NCViewCertificateDetails
+                    viewController.delegate = self
+                    viewController.host = currentHost
+                    self.window?.rootViewController?.present(navigationController, animated: true)
+                }
+            }))
             
             window?.rootViewController?.present(alertController, animated: true, completion: {
                 self.timerErrorNetworking?.invalidate()
@@ -651,7 +628,7 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
         }
         NCManageDatabase.shared.clearDatabase(account: account, removeAccount: true)
         
-        NCNetworking.shared.certificatesError.removeAll()
+        NCNetworking.shared.certificatesError = nil
         CCUtility.clearAllKeysEnd(toEnd: account)
         CCUtility.clearAllKeysPushNotification(account)
         CCUtility.setPassword(account, password: nil)

iOSClient/Login/NCLogin.swift

@@ -228,34 +228,26 @@ class NCLogin: UIViewController, UITextFieldDelegate, NCLoginQRCodeDelegate {
                     // Login Flow V2
                     if errorCode == 0 && NCBrandOptions.shared.use_loginflowv2 && token != nil && endpoint != nil && login != nil {
                         
-                        NCNetworking.shared.checkPushNotificationServerProxyCertificateUntrusted(viewController: self, completion: { errorCode in
-                            if errorCode == 0 {
-                                if let loginWeb = UIStoryboard(name: "NCLogin", bundle: nil).instantiateViewController(withIdentifier: "NCLoginWeb") as? NCLoginWeb {
-                                    
-                                    loginWeb.urlBase = url
-                                    loginWeb.loginFlowV2Available = true
-                                    loginWeb.loginFlowV2Token = token!
-                                    loginWeb.loginFlowV2Endpoint = endpoint!
-                                    loginWeb.loginFlowV2Login = login!
-                                    
-                                    self.navigationController?.pushViewController(loginWeb, animated: true)
-                                }
-                            }
-                        })
+                        if let loginWeb = UIStoryboard(name: "NCLogin", bundle: nil).instantiateViewController(withIdentifier: "NCLoginWeb") as? NCLoginWeb {
+                            
+                            loginWeb.urlBase = url
+                            loginWeb.loginFlowV2Available = true
+                            loginWeb.loginFlowV2Token = token!
+                            loginWeb.loginFlowV2Endpoint = endpoint!
+                            loginWeb.loginFlowV2Login = login!
+                            
+                            self.navigationController?.pushViewController(loginWeb, animated: true)
+                        }
                         
                     // Login Flow
                     } else if versionMajor >= NCGlobal.shared.nextcloudVersion12 {
                         
-                        NCNetworking.shared.checkPushNotificationServerProxyCertificateUntrusted(viewController: self, completion: { errorCode in
-                            if errorCode == 0 {
-                                if let loginWeb = UIStoryboard(name: "NCLogin", bundle: nil).instantiateViewController(withIdentifier: "NCLoginWeb") as? NCLoginWeb {
-                                    
-                                    loginWeb.urlBase = url
+                        if let loginWeb = UIStoryboard(name: "NCLogin", bundle: nil).instantiateViewController(withIdentifier: "NCLoginWeb") as? NCLoginWeb {
+                            
+                            loginWeb.urlBase = url
 
-                                    self.navigationController?.pushViewController(loginWeb, animated: true)
-                                }
-                            }
-                        })
+                            self.navigationController?.pushViewController(loginWeb, animated: true)
+                        }
                         
                     // NO Login flow available
                     } else if versionMajor < NCGlobal.shared.nextcloudVersion12 {
@@ -285,7 +277,11 @@ class NCLogin: UIViewController, UITextFieldDelegate, NCLoginQRCodeDelegate {
                     alertController.addAction(UIAlertAction(title: NSLocalizedString("_no_", comment: ""), style: .default, handler: { action in }))
                     
                     alertController.addAction(UIAlertAction(title: NSLocalizedString("_certificate_details_", comment: ""), style: .default, handler: { action in
-                        if let navigationController = UIStoryboard(name: "NCViewCertificateDetails", bundle: nil).instantiateInitialViewController() {
+                        if let navigationController = UIStoryboard(name: "NCViewCertificateDetails", bundle: nil).instantiateInitialViewController() as? UINavigationController {
+                            let viewController = navigationController.topViewController as! NCViewCertificateDetails
+                            if let host = URL(string: url)?.host {
+                                viewController.host = host
+                            }
                             self.present(navigationController, animated: true)
                         }
                     }))
@@ -328,12 +324,8 @@ class NCLogin: UIViewController, UITextFieldDelegate, NCLoginQRCodeDelegate {
                 
                 NCCommunication.shared.checkServer(serverUrl: serverUrl) { (errorCode, errorDescription) in
                 
-                    NCNetworking.shared.checkPushNotificationServerProxyCertificateUntrusted(viewController: self, completion: { errorCode in
-                        if errorCode == 0 {
-                            self.loginButton.isEnabled = true
-                            self.standardLogin(url: urlBase, user: user, password: password, errorCode: errorCode, errorDescription: errorDescription)
-                        }
-                    })
+                    self.loginButton.isEnabled = true
+                    self.standardLogin(url: urlBase, user: user, password: password, errorCode: errorCode, errorDescription: errorDescription)
                 }
             }
         }
@@ -354,7 +346,7 @@ class NCLogin: UIViewController, UITextFieldDelegate, NCLoginQRCodeDelegate {
             }
                
             // Clear certificate error
-            NCNetworking.shared.certificatesError.removeAll()
+            NCNetworking.shared.certificatesError = nil
             
             NCManageDatabase.shared.deleteAccount(account)
             NCManageDatabase.shared.addAccount(account, urlBase: url, user: user, password: password)

iOSClient/Login/NCLoginWeb.swift

@@ -271,7 +271,7 @@ extension NCLoginWeb: WKNavigationDelegate {
         }
         
         // Clear certificate error
-        NCNetworking.shared.certificatesError.removeAll()
+        NCNetworking.shared.certificatesError = nil
 
         // Add new account
         NCManageDatabase.shared.deleteAccount(account)

iOSClient/Networking/NCNetworking.swift

@@ -48,7 +48,7 @@ import Queuer
     var uploadRequest: [String: UploadRequest] = [:]
     var uploadMetadataInBackground: [String: tableMetadata] = [:]
     
-    var certificatesError: [String] = []
+    var certificatesError: String?
 
     @objc public let sessionMaximumConnectionsPerHost = 5
     @objc public let sessionIdentifierBackground: String = "com.nextcloud.session.upload.background"
@@ -163,6 +163,7 @@ import Queuer
         let protectionSpace: URLProtectionSpace = challenge.protectionSpace
         let directoryCertificate = CCUtility.getDirectoryCerificates()!
         let host = challenge.protectionSpace.host
+        let pushNotificationServerProxyHost = URL(string: NCBrandOptions.shared.pushNotificationServerProxy)?.host
             
         print("SSL host: \(host)")
         
@@ -190,7 +191,10 @@ import Queuer
             }
         }
         
-        NCNetworking.shared.certificatesError.append(host)
+        if host != pushNotificationServerProxyHost {
+            NCNetworking.shared.certificatesError = host
+        }
+        
         return false
     }
     

iOSClient/Networking/NCNetworkingE2EE.swift

@@ -328,7 +328,7 @@ import Alamofire
                             } else if errorCode == Int(CFNetworkErrors.cfurlErrorServerCertificateUntrusted.rawValue) {
                             
                                 if let host = URL(string: metadata.urlBase)?.host {
-                                    NCNetworking.shared.certificatesError.append(host)
+                                    NCNetworking.shared.certificatesError = host
                                 }
                                 NCManageDatabase.shared.setMetadataSession(ocId: metadata.ocId, session: nil, sessionError: errorDescription, sessionTaskIdentifier: 0, status: NCGlobal.shared.metadataStatusUploadError)