From 674fc168780f60ba1a6d2e8ea6bd3b420a18cada Mon Sep 17 00:00:00 2001 From: John Holdsworth Date: Sun, 9 Jul 2017 18:59:33 +0100 Subject: [PATCH 1/5] For https: to work on Android --- Foundation/NSURLSession/http/EasyHandle.swift | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/Foundation/NSURLSession/http/EasyHandle.swift b/Foundation/NSURLSession/http/EasyHandle.swift index 5df8891d72..01c620a454 100644 --- a/Foundation/NSURLSession/http/EasyHandle.swift +++ b/Foundation/NSURLSession/http/EasyHandle.swift @@ -168,6 +168,20 @@ extension _EasyHandle { let protocols = (CFURLSessionProtocolHTTP | CFURLSessionProtocolHTTPS) try! CFURLSession_easy_setopt_long(rawHandle, CFURLSessionOptionPROTOCOLS, protocols).asError() try! CFURLSession_easy_setopt_long(rawHandle, CFURLSessionOptionREDIR_PROTOCOLS, protocols).asError() + #if os(Android) + // See https://curl.haxx.se/docs/sslcerts.html + // For SSL to work you need "cacert.pem" to be accessable + // at the path pointed to by the URLSessionCAInfo env var. + // Downloadable here: https://curl.haxx.se/ca/cacert.pem + if let caInfo = getenv("URLSessionCAInfo") { + if String(cString: caInfo) == "UNSAFE_NOVERIFY" { + try! CFURLSession_easy_setopt_int(rawHandle, CFURLSessionOptionSSL_VERIFYPEER, 0).asError() + } + else { + try! CFURLSession_easy_setopt_ptr(rawHandle, CFURLSessionOptionCAINFO, caInfo).asError() + } + } + #endif //TODO: Added in libcurl 7.45.0 //TODO: Set default protocol for schemeless URLs //CURLOPT_DEFAULT_PROTOCOL available only in libcurl 7.45.0 From 0c3a45f6f1b58401f48fc860693b30cfd0f84ade Mon Sep 17 00:00:00 2001 From: John Holdsworth Date: Sun, 9 Jul 2017 19:13:31 +0100 Subject: [PATCH 2/5] For debug logging on Android --- Foundation/NSURLSession/http/EasyHandle.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Foundation/NSURLSession/http/EasyHandle.swift b/Foundation/NSURLSession/http/EasyHandle.swift index 01c620a454..836508a179 100644 --- a/Foundation/NSURLSession/http/EasyHandle.swift +++ b/Foundation/NSURLSession/http/EasyHandle.swift @@ -282,7 +282,7 @@ fileprivate func printLibcurlDebug(handle: CFURLSessionEasyHandle, type: CInt, d fileprivate func printLibcurlDebug(type: CFURLSessionInfo, data: String, task: URLSessionTask) { // libcurl sends is data with trailing CRLF which inserts lots of newlines into our output. - print("[\(task.taskIdentifier)] \(type.debugHeader) \(data.mapControlToPictures)") + NSLog("[\(task.taskIdentifier)] \(type.debugHeader) \(data.mapControlToPictures)") } fileprivate extension String { From 712f2702f7da92a23066c6de41e675c9945e303a Mon Sep 17 00:00:00 2001 From: John Holdsworth Date: Sun, 9 Jul 2017 23:31:47 +0100 Subject: [PATCH 3/5] UNSAFE_SSL_NOVERIFY --- Foundation/NSURLSession/http/EasyHandle.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Foundation/NSURLSession/http/EasyHandle.swift b/Foundation/NSURLSession/http/EasyHandle.swift index 836508a179..f2f4418dae 100644 --- a/Foundation/NSURLSession/http/EasyHandle.swift +++ b/Foundation/NSURLSession/http/EasyHandle.swift @@ -174,7 +174,7 @@ extension _EasyHandle { // at the path pointed to by the URLSessionCAInfo env var. // Downloadable here: https://curl.haxx.se/ca/cacert.pem if let caInfo = getenv("URLSessionCAInfo") { - if String(cString: caInfo) == "UNSAFE_NOVERIFY" { + if String(cString: caInfo) == "UNSAFE_SSL_NOVERIFY" { try! CFURLSession_easy_setopt_int(rawHandle, CFURLSessionOptionSSL_VERIFYPEER, 0).asError() } else { From 9655700460f721b228a9f6eef951a15c3ba93c87 Mon Sep 17 00:00:00 2001 From: John Holdsworth Date: Mon, 10 Jul 2017 22:09:24 +0100 Subject: [PATCH 4/5] Use setter rather than environment --- Foundation/NSURLSession/http/EasyHandle.swift | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/Foundation/NSURLSession/http/EasyHandle.swift b/Foundation/NSURLSession/http/EasyHandle.swift index f2f4418dae..4f2a36028f 100644 --- a/Foundation/NSURLSession/http/EasyHandle.swift +++ b/Foundation/NSURLSession/http/EasyHandle.swift @@ -57,6 +57,9 @@ internal final class _EasyHandle { fileprivate var pauseState: _PauseState = [] internal var fileLength: Int64 = 0 internal var timeoutTimer: _TimeoutSource! + #if os(Android) + static fileprivate var _CAInfoFile: UnsafeMutablePointer? + #endif init(delegate: _EasyHandleDelegate) { self.delegate = delegate @@ -173,7 +176,7 @@ extension _EasyHandle { // For SSL to work you need "cacert.pem" to be accessable // at the path pointed to by the URLSessionCAInfo env var. // Downloadable here: https://curl.haxx.se/ca/cacert.pem - if let caInfo = getenv("URLSessionCAInfo") { + if let caInfo = _EasyHandle._CAInfoFile { if String(cString: caInfo) == "UNSAFE_SSL_NOVERIFY" { try! CFURLSession_easy_setopt_int(rawHandle, CFURLSessionOptionSSL_VERIFYPEER, 0).asError() } @@ -629,6 +632,19 @@ extension _EasyHandle._CurlStringList { } } +#if os(Android) +extension URLSession { + + public static func setCAInfoFile( _ _CAInfoFile: String ) { + free(_EasyHandle._CAInfoFile) + _CAInfoFile.withCString { + _EasyHandle._CAInfoFile = strdup($0) + } + } + +} +#endif + extension CFURLSessionEasyCode : Equatable { public static func ==(lhs: CFURLSessionEasyCode, rhs: CFURLSessionEasyCode) -> Bool { return lhs.value == rhs.value From 589035387d49eea3624fe364737589499d7b8184 Mon Sep 17 00:00:00 2001 From: John Holdsworth Date: Mon, 10 Jul 2017 22:21:37 +0100 Subject: [PATCH 5/5] Use setter rather than environment - lint --- Foundation/NSURLSession/http/EasyHandle.swift | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Foundation/NSURLSession/http/EasyHandle.swift b/Foundation/NSURLSession/http/EasyHandle.swift index 4f2a36028f..4da41b53d5 100644 --- a/Foundation/NSURLSession/http/EasyHandle.swift +++ b/Foundation/NSURLSession/http/EasyHandle.swift @@ -635,7 +635,7 @@ extension _EasyHandle._CurlStringList { #if os(Android) extension URLSession { - public static func setCAInfoFile( _ _CAInfoFile: String ) { + public static func setCAInfoFile(_ _CAInfoFile: String) { free(_EasyHandle._CAInfoFile) _CAInfoFile.withCString { _EasyHandle._CAInfoFile = strdup($0)