ios - App freezes when didReceiveChallenge method called -

-

i attempting connect api using self-signed certificate testing.

  -(nsdata*)getdatafrompostrequestwithheaders:(nsdictionary*)headers      withpostdata:(nsdata*)postdata fromurl:(nsstring*)urlstring     {     __block nsdata* responsedata;      nslog(@"url %@", urlstring);     nsmutableurlrequest *request = [nsmutableurlrequest requestwithurl:[nsurl urlwithstring:urlstring]                                                            cachepolicy:nsurlrequestuseprotocolcachepolicy                                                        timeoutinterval:10.0];     [request sethttpmethod:@"post"];     [request sethttpbody:postdata];     [request setallhttpheaderfields:headers];      nsurlsessionconfiguration *config = [nsurlsessionconfiguration defaultsessionconfiguration];    // [config sethttpadditionalheaders:headers];     nsurlsession *session = [nsurlsession sessionwithconfiguration:config delegate:self delegatequeue:nil];     nslog(@"%@", @"nsurlsession started successfully");     // i.e. no not need have queue of sessions running in parallel currently.    nsurlsessiondatatask *datatask = [session datataskwithrequest:request                                                 completionhandler:^(nsdata *data, nsurlresponse *response, nserror *error)                                             {                                                 nslog(@"%@", @"completionhandler called successfully");                                                     if (error) {                                                         nslog(@"error whilst executing post request: %@", error);                                                     } else {                                                         nshttpurlresponse *httpresponse = (nshttpurlresponse *) response;                                                         nslog(@"http response request %@", httpresponse);                                                         responsedata = data;                                                     }                                                 }];     [datatask resume];      return responsedata; }

this didreceivechallenge() method:

-(void)urlsession:(nsurlsession *)session didreceivechallenge:(nsurlauthenticationchallenge *)challenge completionhandler:(void (^)(nsurlsessionauthchallengedisposition, nsurlcredential *))completionhandler {     nslog(@"%@", @"didreceivechallenge method of nsurlsessiondelegate called successfully");    if ([challenge.protectionspace.authenticationmethod isequaltostring:nsurlauthenticationmethodservertrust])     {         if ([challenge.protectionspace.host isequaltostring:@"https://dongu.ravenlabs.co.uk"])         {             nsurlcredential *credential = [nsurlcredential credentialfortrust:challenge.protectionspace.servertrust];             completionhandler(nsurlsessionauthchallengeusecredential, credential); // i.e. if domain, yes can trust it.         }     } }

the first 1 called within login method so:

-(nsstring*)loginuserandretrievesessionid:(nsstring*)username withpassword:(nsstring*)password {     __block nsdictionary *responsedict;    nsdictionary *loginheaders = @{ @"content-type": @"application/json",                                @"accept": @"application/json",                                @"cache-control": @"no-cache",                                };     nsdictionary *parameters = @{ @"login": username,                                   @"password": password };      nsdata *postdata = [nsjsonserialization datawithjsonobject:parameters options:0 error:nil];     nsstring *urlstring = [dongu_api_base_url stringbyappendingstring:@"/session/"];     nsdata *responsedata = [self getdatafrompostrequestwithheaders:loginheaders withpostdata:postdata fromurl:urlstring];     if (responsedata)     {     responsedict = [self getdictionaryfromresponsedata:responsedata];     }     nslog(@"%@", @"end of login method reached.");     return [responsedict objectforkey:@"session-token"];  }

whenever didreceivechallenge called, app freezes completely. there way around this? i've tried using gcd calling login method, , no joy. there way around this?

you must call provided completion handler every time method called, or else connection make no further progress. if don't know do particular challenge, call ...performdefaulthandling.

additionally, please aware way you're disabling certificate validation very, unsafe. @ bare minimum, should comparing provided public key known-valid public key stored in app somewhere, , if matches should tell os use credential. otherwise, run risk of code accidentally ending in shipping app, , losing benefits of tls.


Comments

Post a Comment

Popular posts from this blog

html - Styling progress bar with inline style -

-
i trying set progress bar color red using inline style. need in way because have access <body> part of document. style need apply: progress { color: red } progress::-moz-progress-bar { background: red;} progress::-webkit-progress-value { background: red; } progress[aria-valuenow]:before { background: red; } i tried <progress style="background: red;"> incorrect effect, progress bar color turns blue red background. guide right direction desired style? thank in advance. here live example: https://jsfiddle.net/z36d3f6l/
Read more

java - Oracle Sql developer error: could not install some modules -

-
i have downloaded fresh copy of sqldeveloper ( sqldeveloper-4.1.3.20.78-no-jre ) oracle website. when unzip , lauch gui, keep getting following error message: warning - not install modules: dynamic module config - no module providing capability org.netbeans.netbinox found. my system: windows 7 32 bit hp probook. jdk 1.6 , 1.7, 1.8 available in java/jdk subdirectory. netbeans 8.0.2 installed finally got way out after dirty hours. extracted sqldeveloper zip in nested directory. i.e: e://a/b/c/sqldeveloper. starting sqldeveloper gui above directory threw erros. solution: go in c:\users**username**\appdata\roaming : delete sql developer , sqldeveloper folders extract sql developer zip in new non nested directory. i.e: e:// start , should work now reference: https://community.oracle.com/thread/3870680?start=0&tstart=0
Read more

How to use autoclose brackets in Jupyter notebook? -

-
this may sound silly question, how make use of autoclose brackets in jupyter notebook? example, when type print( jupyter notebook auto-closes brakets print() and places cursor inside. type argument, say print(1 + 1) now cursor between second 1 , right bracket ) . key navigate right of ) ? of course can press end or → or ) achieve this, not seem save time, purpose of brackets autoclose suppose? thanks in advance.
Read more