Home Verkennen Help
Registreren Inloggen
XCAppCollection
/
AFNetworking
2
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Bladeren bron

Make tests pass again (#3993)

* Make tests pass again

* Fix macOS builds in Fastlane.
Jeff Kelley 8 jaren geleden
bovenliggende
4f3c694920
commit
ec5c955059
14 gewijzigde bestanden met toevoegingen van 59 en 164 verwijderingen
Zij-aan-zij weergave Toon Diff Stats
  1. 24 32
      AFNetworking.xcodeproj/project.pbxproj
  2. BIN
      Tests/Resources/HTTPBin.org/AddTrust_External_CA_Root.cer
  3. BIN
      Tests/Resources/HTTPBin.org/COMODO_RSA_Certification_Authority.cer
  4. BIN
      Tests/Resources/HTTPBin.org/COMODO_RSA_Domain_Validation_Secure_Server_CA.cer
  5. BIN
      Tests/Resources/HTTPBin.org/DST Root CA X3.cer
  6. BIN
      Tests/Resources/HTTPBin.org/HTTPBinOrgServerTrustChain/httpbin_0.cer
  7. BIN
      Tests/Resources/HTTPBin.org/HTTPBinOrgServerTrustChain/httpbin_1.cer
  8. BIN
      Tests/Resources/HTTPBin.org/HTTPBinOrgServerTrustChain/httpbin_2.cer
  9. BIN
      Tests/Resources/HTTPBin.org/HTTPBinOrgServerTrustChain/httpbin_3.cer
  10. BIN
      Tests/Resources/HTTPBin.org/Let's Encrypt Authority X3.cer
  11. BIN
      Tests/Resources/HTTPBin.org/httpbinorg_01192017.cer
  12. BIN
      Tests/Resources/HTTPBin.org/httpbinorg_08132017.cer
  13. 35 131
      Tests/Tests/AFSecurityPolicyTests.m
  14. 0 1
      fastlane/.env.default

+ 24 - 32
AFNetworking.xcodeproj/project.pbxproj
Bestand weergeven 

@@ -10,9 +10,15 @@
 
 		1BF9F9601C87832B00F1F35A /* AFImageResponseSerializerTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 1BF9F95F1C87832B00F1F35A /* AFImageResponseSerializerTests.m */; };
 
 		1BF9F9611C87843200F1F35A /* AFImageResponseSerializerTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 1BF9F95F1C87832B00F1F35A /* AFImageResponseSerializerTests.m */; };
 
 		1BF9F9621C87843300F1F35A /* AFImageResponseSerializerTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 1BF9F95F1C87832B00F1F35A /* AFImageResponseSerializerTests.m */; };
 
-		1FE783011C5857A100A73B7C /* httpbinorg_01192017.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1FE783001C58579D00A73B7C /* httpbinorg_01192017.cer */; };
 
-		1FE783021C5857A100A73B7C /* httpbinorg_01192017.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1FE783001C58579D00A73B7C /* httpbinorg_01192017.cer */; };
 
-		1FE783031C5857A200A73B7C /* httpbinorg_01192017.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1FE783001C58579D00A73B7C /* httpbinorg_01192017.cer */; };
 
+		1F6F7DF71F17051000C979D0 /* DST Root CA X3.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1F6F7DF61F1703A100C979D0 /* DST Root CA X3.cer */; };
 
+		1F6F7DF81F17051000C979D0 /* Let's Encrypt Authority X3.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1F6F7DF51F1703A100C979D0 /* Let's Encrypt Authority X3.cer */; };
 
+		1F6F7DF91F17051000C979D0 /* httpbinorg_08132017.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1F6F7DF41F1703A100C979D0 /* httpbinorg_08132017.cer */; };
 
+		1F6F7DFA1F17051000C979D0 /* DST Root CA X3.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1F6F7DF61F1703A100C979D0 /* DST Root CA X3.cer */; };
 
+		1F6F7DFB1F17051000C979D0 /* Let's Encrypt Authority X3.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1F6F7DF51F1703A100C979D0 /* Let's Encrypt Authority X3.cer */; };
 
+		1F6F7DFC1F17051000C979D0 /* httpbinorg_08132017.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1F6F7DF41F1703A100C979D0 /* httpbinorg_08132017.cer */; };
 
+		1F6F7DFD1F17051100C979D0 /* DST Root CA X3.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1F6F7DF61F1703A100C979D0 /* DST Root CA X3.cer */; };
 
+		1F6F7DFE1F17051100C979D0 /* Let's Encrypt Authority X3.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1F6F7DF51F1703A100C979D0 /* Let's Encrypt Authority X3.cer */; };
 
+		1F6F7DFF1F17051100C979D0 /* httpbinorg_08132017.cer in Resources */ = {isa = PBXBuildFile; fileRef = 1F6F7DF41F1703A100C979D0 /* httpbinorg_08132017.cer */; };
 
 		2960BAC31C1B2F1A00BA02F0 /* AFUIButtonTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 2960BAC21C1B2F1A00BA02F0 /* AFUIButtonTests.m */; };
 
 		297824A31BC2D69A0041C395 /* adn_0.cer in Resources */ = {isa = PBXBuildFile; fileRef = 297824A01BC2D69A0041C395 /* adn_0.cer */; };
 
 		297824A41BC2D69A0041C395 /* adn_0.cer in Resources */ = {isa = PBXBuildFile; fileRef = 297824A01BC2D69A0041C395 /* adn_0.cer */; };
 
@@ -54,9 +60,6 @@
 
 		2987B0D51BC40AE900179A4C /* adn_2.cer in Resources */ = {isa = PBXBuildFile; fileRef = 297824A21BC2D69A0041C395 /* adn_2.cer */; };
 
 		2987B0D61BC40AEC00179A4C /* ADNNetServerTrustChain in Resources */ = {isa = PBXBuildFile; fileRef = 298D7CDF1BC2CB5A00FD3B3E /* ADNNetServerTrustChain */; };
 
 		2987B0D71BC40AF000179A4C /* HTTPBinOrgServerTrustChain in Resources */ = {isa = PBXBuildFile; fileRef = 298D7CE21BC2CB7C00FD3B3E /* HTTPBinOrgServerTrustChain */; };
 
-		2987B0D81BC40AF300179A4C /* AddTrust_External_CA_Root.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C6E1BC2C88F00FD3B3E /* AddTrust_External_CA_Root.cer */; };
 
-		2987B0D91BC40AF300179A4C /* COMODO_RSA_Certification_Authority.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C6F1BC2C88F00FD3B3E /* COMODO_RSA_Certification_Authority.cer */; };
 
-		2987B0DA1BC40AF300179A4C /* COMODO_RSA_Domain_Validation_Secure_Server_CA.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C701BC2C88F00FD3B3E /* COMODO_RSA_Domain_Validation_Secure_Server_CA.cer */; };
 
 		2987B0DC1BC40AF600179A4C /* logo.png in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C771BC2C88F00FD3B3E /* logo.png */; };
 
 		2987B0DD1BC40AFB00179A4C /* AltName.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C791BC2C88F00FD3B3E /* AltName.cer */; };
 
 		2987B0DE1BC40AFB00179A4C /* foobar.com.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C7A1BC2C88F00FD3B3E /* foobar.com.cer */; };
 
@@ -80,12 +83,6 @@
 
 		298D7CBE1BC2CA9D00FD3B3E /* AltName.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C791BC2C88F00FD3B3E /* AltName.cer */; };
 
 		298D7CBF1BC2CA9D00FD3B3E /* foobar.com.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C7A1BC2C88F00FD3B3E /* foobar.com.cer */; };
 
 		298D7CC01BC2CA9D00FD3B3E /* NoDomains.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C7B1BC2C88F00FD3B3E /* NoDomains.cer */; };
 
-		298D7CC11BC2CAA100FD3B3E /* AddTrust_External_CA_Root.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C6E1BC2C88F00FD3B3E /* AddTrust_External_CA_Root.cer */; };
 
-		298D7CC21BC2CAA100FD3B3E /* COMODO_RSA_Certification_Authority.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C6F1BC2C88F00FD3B3E /* COMODO_RSA_Certification_Authority.cer */; };
 
-		298D7CC31BC2CAA100FD3B3E /* COMODO_RSA_Domain_Validation_Secure_Server_CA.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C701BC2C88F00FD3B3E /* COMODO_RSA_Domain_Validation_Secure_Server_CA.cer */; };
 
-		298D7CC51BC2CAA200FD3B3E /* AddTrust_External_CA_Root.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C6E1BC2C88F00FD3B3E /* AddTrust_External_CA_Root.cer */; };
 
-		298D7CC61BC2CAA200FD3B3E /* COMODO_RSA_Certification_Authority.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C6F1BC2C88F00FD3B3E /* COMODO_RSA_Certification_Authority.cer */; };
 
-		298D7CC71BC2CAA200FD3B3E /* COMODO_RSA_Domain_Validation_Secure_Server_CA.cer in Resources */ = {isa = PBXBuildFile; fileRef = 298D7C701BC2C88F00FD3B3E /* COMODO_RSA_Domain_Validation_Secure_Server_CA.cer */; };
 
 		298D7CD31BC2CAE800FD3B3E /* AFHTTPResponseSerializationTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 298D7C821BC2C88F00FD3B3E /* AFHTTPResponseSerializationTests.m */; };
 
 		298D7CD41BC2CAE900FD3B3E /* AFHTTPResponseSerializationTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 298D7C821BC2C88F00FD3B3E /* AFHTTPResponseSerializationTests.m */; };
 
 		298D7CD51BC2CAEC00FD3B3E /* AFHTTPSessionManagerTests.m in Sources */ = {isa = PBXBuildFile; fileRef = 298D7C831BC2C88F00FD3B3E /* AFHTTPSessionManagerTests.m */; };
 
@@ -228,7 +225,9 @@
 
 
 /* Begin PBXFileReference section */
 
 		1BF9F95F1C87832B00F1F35A /* AFImageResponseSerializerTests.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = AFImageResponseSerializerTests.m; sourceTree = "<group>"; };
 
-		1FE783001C58579D00A73B7C /* httpbinorg_01192017.cer */ = {isa = PBXFileReference; lastKnownFileType = file; path = httpbinorg_01192017.cer; sourceTree = "<group>"; };
 
+		1F6F7DF41F1703A100C979D0 /* httpbinorg_08132017.cer */ = {isa = PBXFileReference; lastKnownFileType = file; path = httpbinorg_08132017.cer; sourceTree = "<group>"; };
 
+		1F6F7DF51F1703A100C979D0 /* Let's Encrypt Authority X3.cer */ = {isa = PBXFileReference; lastKnownFileType = file; path = "Let's Encrypt Authority X3.cer"; sourceTree = "<group>"; };
 
+		1F6F7DF61F1703A100C979D0 /* DST Root CA X3.cer */ = {isa = PBXFileReference; lastKnownFileType = file; path = "DST Root CA X3.cer"; sourceTree = "<group>"; };
 
 		2960BAC21C1B2F1A00BA02F0 /* AFUIButtonTests.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = AFUIButtonTests.m; sourceTree = "<group>"; };
 
 		297824A01BC2D69A0041C395 /* adn_0.cer */ = {isa = PBXFileReference; lastKnownFileType = file; name = adn_0.cer; path = ADNNetServerTrustChain/adn_0.cer; sourceTree = "<group>"; };
 
 		297824A11BC2D69A0041C395 /* adn_1.cer */ = {isa = PBXFileReference; lastKnownFileType = file; name = adn_1.cer; path = ADNNetServerTrustChain/adn_1.cer; sourceTree = "<group>"; };
 
@@ -237,9 +236,6 @@
 
 		2987B0AE1BC408A200179A4C /* AFNetworking tvOS Tests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = "AFNetworking tvOS Tests.xctest"; sourceTree = BUILT_PRODUCTS_DIR; };
 
 		298D7C3B1BC2C79500FD3B3E /* AFNetworking iOS Tests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = "AFNetworking iOS Tests.xctest"; sourceTree = BUILT_PRODUCTS_DIR; };
 
 		298D7C4A1BC2C7B200FD3B3E /* AFNetworking Mac OS X Tests.xctest */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; includeInIndex = 0; path = "AFNetworking Mac OS X Tests.xctest"; sourceTree = BUILT_PRODUCTS_DIR; };
 
-		298D7C6E1BC2C88F00FD3B3E /* AddTrust_External_CA_Root.cer */ = {isa = PBXFileReference; lastKnownFileType = file; path = AddTrust_External_CA_Root.cer; sourceTree = "<group>"; };
 
-		298D7C6F1BC2C88F00FD3B3E /* COMODO_RSA_Certification_Authority.cer */ = {isa = PBXFileReference; lastKnownFileType = file; path = COMODO_RSA_Certification_Authority.cer; sourceTree = "<group>"; };
 
-		298D7C701BC2C88F00FD3B3E /* COMODO_RSA_Domain_Validation_Secure_Server_CA.cer */ = {isa = PBXFileReference; lastKnownFileType = file; path = COMODO_RSA_Domain_Validation_Secure_Server_CA.cer; sourceTree = "<group>"; };
 
 		298D7C771BC2C88F00FD3B3E /* logo.png */ = {isa = PBXFileReference; lastKnownFileType = image.png; path = logo.png; sourceTree = "<group>"; };
 
 		298D7C791BC2C88F00FD3B3E /* AltName.cer */ = {isa = PBXFileReference; lastKnownFileType = file; path = AltName.cer; sourceTree = "<group>"; };
 
 		298D7C7A1BC2C88F00FD3B3E /* foobar.com.cer */ = {isa = PBXFileReference; lastKnownFileType = file; path = foobar.com.cer; sourceTree = "<group>"; };
 
@@ -403,10 +399,9 @@
 
 			isa = PBXGroup;
 
 			children = (
 
 				298D7CE21BC2CB7C00FD3B3E /* HTTPBinOrgServerTrustChain */,
 
-				298D7C6E1BC2C88F00FD3B3E /* AddTrust_External_CA_Root.cer */,
 
-				298D7C6F1BC2C88F00FD3B3E /* COMODO_RSA_Certification_Authority.cer */,
 
-				298D7C701BC2C88F00FD3B3E /* COMODO_RSA_Domain_Validation_Secure_Server_CA.cer */,
 
-				1FE783001C58579D00A73B7C /* httpbinorg_01192017.cer */,
 
+				1F6F7DF61F1703A100C979D0 /* DST Root CA X3.cer */,
 
+				1F6F7DF51F1703A100C979D0 /* Let's Encrypt Authority X3.cer */,
 
+				1F6F7DF41F1703A100C979D0 /* httpbinorg_08132017.cer */,
 
 			);
 
 			path = HTTPBin.org;
 
 			sourceTree = "<group>";
 
@@ -838,22 +833,21 @@
 
 			files = (
 
 				2987B0DE1BC40AFB00179A4C /* foobar.com.cer in Resources */,
 
 				2987B0D61BC40AEC00179A4C /* ADNNetServerTrustChain in Resources */,
 
-				2987B0D91BC40AF300179A4C /* COMODO_RSA_Certification_Authority.cer in Resources */,
 
 				2987B0DF1BC40AFB00179A4C /* NoDomains.cer in Resources */,
 
 				2987B0D41BC40AE900179A4C /* adn_1.cer in Resources */,
 
+				1F6F7DFF1F17051100C979D0 /* httpbinorg_08132017.cer in Resources */,
 
 				2987B0DD1BC40AFB00179A4C /* AltName.cer in Resources */,
 
 				2987B0D71BC40AF000179A4C /* HTTPBinOrgServerTrustChain in Resources */,
 
 				2987B0D31BC40AE900179A4C /* adn_0.cer in Resources */,
 
 				2987B0DC1BC40AF600179A4C /* logo.png in Resources */,
 
-				2987B0D81BC40AF300179A4C /* AddTrust_External_CA_Root.cer in Resources */,
 
 				2987B0D51BC40AE900179A4C /* adn_2.cer in Resources */,
 
-				2987B0DA1BC40AF300179A4C /* COMODO_RSA_Domain_Validation_Secure_Server_CA.cer in Resources */,
 
 				5F4323D71BF63CB0003B8749 /* GoogleComServerTrustChainPath1 in Resources */,
 
+				1F6F7DFE1F17051100C979D0 /* Let's Encrypt Authority X3.cer in Resources */,
 
 				5F4323DB1BF63CBA003B8749 /* GoogleComServerTrustChainPath2 in Resources */,
 
 				5F4323BD1BF63741003B8749 /* Equifax_Secure_Certificate_Authority_Root.cer in Resources */,
 
 				5F4323DF1BF63CCC003B8749 /* GeoTrust_Global_CA_Root.cer in Resources */,
 
-				1FE783031C5857A200A73B7C /* httpbinorg_01192017.cer in Resources */,
 
 				5F4323C01BF63741003B8749 /* GeoTrust_Global_CA-cross.cer in Resources */,
 
+				1F6F7DFD1F17051100C979D0 /* DST Root CA X3.cer in Resources */,
 
 				5F4323CF1BF63741003B8749 /* GoogleInternetAuthorityG2.cer in Resources */,
 
 				5F4323C31BF63741003B8749 /* google.com.cer in Resources */,
 
 			);
 
@@ -863,24 +857,23 @@
 
 			isa = PBXResourcesBuildPhase;
 
 			buildActionMask = 2147483647;
 
 			files = (
 
-				298D7CC51BC2CAA200FD3B3E /* AddTrust_External_CA_Root.cer in Resources */,
 
 				298D7CBF1BC2CA9D00FD3B3E /* foobar.com.cer in Resources */,
 
 				298D7CBA1BC2CA9800FD3B3E /* logo.png in Resources */,
 
-				298D7CC61BC2CAA200FD3B3E /* COMODO_RSA_Certification_Authority.cer in Resources */,
 
 				297824A31BC2D69A0041C395 /* adn_0.cer in Resources */,
 
-				298D7CC71BC2CAA200FD3B3E /* COMODO_RSA_Domain_Validation_Secure_Server_CA.cer in Resources */,
 
 				298D7CE31BC2CB7C00FD3B3E /* HTTPBinOrgServerTrustChain in Resources */,
 
+				1F6F7DF91F17051000C979D0 /* httpbinorg_08132017.cer in Resources */,
 
 				297824A71BC2D69A0041C395 /* adn_2.cer in Resources */,
 
 				297824A51BC2D69A0041C395 /* adn_1.cer in Resources */,
 
 				298D7CC01BC2CA9D00FD3B3E /* NoDomains.cer in Resources */,
 
 				298D7CE01BC2CB5A00FD3B3E /* ADNNetServerTrustChain in Resources */,
 
 				298D7CBE1BC2CA9D00FD3B3E /* AltName.cer in Resources */,
 
 				5F4323D51BF63CB0003B8749 /* GoogleComServerTrustChainPath1 in Resources */,
 
+				1F6F7DF81F17051000C979D0 /* Let's Encrypt Authority X3.cer in Resources */,
 
 				5F4323D91BF63CBA003B8749 /* GoogleComServerTrustChainPath2 in Resources */,
 
 				5F4323BB1BF63741003B8749 /* Equifax_Secure_Certificate_Authority_Root.cer in Resources */,
 
 				5F4323DD1BF63CCC003B8749 /* GeoTrust_Global_CA_Root.cer in Resources */,
 
-				1FE783011C5857A100A73B7C /* httpbinorg_01192017.cer in Resources */,
 
 				5F4323BE1BF63741003B8749 /* GeoTrust_Global_CA-cross.cer in Resources */,
 
+				1F6F7DF71F17051000C979D0 /* DST Root CA X3.cer in Resources */,
 
 				5F4323CD1BF63741003B8749 /* GoogleInternetAuthorityG2.cer in Resources */,
 
 				5F4323C11BF63741003B8749 /* google.com.cer in Resources */,
 
 			);
 
@@ -890,24 +883,23 @@
 
 			isa = PBXResourcesBuildPhase;
 
 			buildActionMask = 2147483647;
 
 			files = (
 
-				298D7CC11BC2CAA100FD3B3E /* AddTrust_External_CA_Root.cer in Resources */,
 
 				298D7CBC1BC2CA9C00FD3B3E /* foobar.com.cer in Resources */,
 
 				298D7CB91BC2CA9800FD3B3E /* logo.png in Resources */,
 
-				298D7CC21BC2CAA100FD3B3E /* COMODO_RSA_Certification_Authority.cer in Resources */,
 
 				297824A41BC2D69A0041C395 /* adn_0.cer in Resources */,
 
-				298D7CC31BC2CAA100FD3B3E /* COMODO_RSA_Domain_Validation_Secure_Server_CA.cer in Resources */,
 
 				298D7CE41BC2CB7C00FD3B3E /* HTTPBinOrgServerTrustChain in Resources */,
 
+				1F6F7DFC1F17051000C979D0 /* httpbinorg_08132017.cer in Resources */,
 
 				297824A81BC2D69A0041C395 /* adn_2.cer in Resources */,
 
 				297824A61BC2D69A0041C395 /* adn_1.cer in Resources */,
 
 				298D7CBD1BC2CA9C00FD3B3E /* NoDomains.cer in Resources */,
 
 				298D7CE11BC2CB5A00FD3B3E /* ADNNetServerTrustChain in Resources */,
 
 				298D7CBB1BC2CA9C00FD3B3E /* AltName.cer in Resources */,
 
 				5F4323D61BF63CB0003B8749 /* GoogleComServerTrustChainPath1 in Resources */,
 
+				1F6F7DFB1F17051000C979D0 /* Let's Encrypt Authority X3.cer in Resources */,
 
 				5F4323DA1BF63CBA003B8749 /* GoogleComServerTrustChainPath2 in Resources */,
 
 				5F4323BC1BF63741003B8749 /* Equifax_Secure_Certificate_Authority_Root.cer in Resources */,
 
 				5F4323CE1BF63741003B8749 /* GoogleInternetAuthorityG2.cer in Resources */,
 
-				1FE783021C5857A100A73B7C /* httpbinorg_01192017.cer in Resources */,
 
 				5F4323DE1BF63CCC003B8749 /* GeoTrust_Global_CA_Root.cer in Resources */,
 
+				1F6F7DFA1F17051000C979D0 /* DST Root CA X3.cer in Resources */,
 
 				5F4323BF1BF63741003B8749 /* GeoTrust_Global_CA-cross.cer in Resources */,
 
 				5F4323C21BF63741003B8749 /* google.com.cer in Resources */,
 
 			);

BIN
Tests/Resources/HTTPBin.org/AddTrust_External_CA_Root.cer
Bestand weergeven


BIN
Tests/Resources/HTTPBin.org/COMODO_RSA_Certification_Authority.cer
Bestand weergeven


BIN
Tests/Resources/HTTPBin.org/COMODO_RSA_Domain_Validation_Secure_Server_CA.cer
Bestand weergeven


BIN
Tests/Resources/HTTPBin.org/DST Root CA X3.cer
Bestand weergeven


BIN
Tests/Resources/HTTPBin.org/HTTPBinOrgServerTrustChain/httpbin_0.cer
Bestand weergeven


BIN
Tests/Resources/HTTPBin.org/HTTPBinOrgServerTrustChain/httpbin_1.cer
Bestand weergeven


BIN
Tests/Resources/HTTPBin.org/HTTPBinOrgServerTrustChain/httpbin_2.cer
Bestand weergeven


BIN
Tests/Resources/HTTPBin.org/HTTPBinOrgServerTrustChain/httpbin_3.cer
Bestand weergeven


BIN
Tests/Resources/HTTPBin.org/Let's Encrypt Authority X3.cer
Bestand weergeven


BIN
Tests/Resources/HTTPBin.org/httpbinorg_01192017.cer
Bestand weergeven


BIN
Tests/Resources/HTTPBin.org/httpbinorg_08132017.cer
Bestand weergeven


+ 35 - 131
Tests/Tests/AFSecurityPolicyTests.m
Bestand weergeven 

@@ -57,68 +57,30 @@ static SecTrustRef AFUTADNNetServerTrust() {
 
     return AFUTTrustChainForCertsInDirectory(serverCertDirectoryPath);
 
 }
 
 
-//static SecTrustRef AFUTGoogleComServerTrustPath1() {
 
-//    NSString *bundlePath = [[NSBundle bundleForClass:[AFSecurityPolicyTests class]] resourcePath];
 
-//    NSString *serverCertDirectoryPath = [bundlePath stringByAppendingPathComponent:@"GoogleComServerTrustChainPath1"];
 
-//    
-//    return AFUTTrustChainForCertsInDirectory(serverCertDirectoryPath);
 
-//}
 
-//
 
-//static SecTrustRef AFUTGoogleComServerTrustPath2() {
 
-//    NSString *bundlePath = [[NSBundle bundleForClass:[AFSecurityPolicyTests class]] resourcePath];
 
-//    NSString *serverCertDirectoryPath = [bundlePath stringByAppendingPathComponent:@"GoogleComServerTrustChainPath2"];
 
-//
 
-//    return AFUTTrustChainForCertsInDirectory(serverCertDirectoryPath);
 
-//}
 
-
 
 static SecCertificateRef AFUTHTTPBinOrgCertificate() {
 
-    NSString *certPath = [[NSBundle bundleForClass:[AFSecurityPolicyTests class]] pathForResource:@"httpbinorg_01192017" ofType:@"cer"];
 
-    NSCAssert(certPath != nil, @"Path for certificate should not be nil");
 
-    NSData *certData = [NSData dataWithContentsOfFile:certPath];
 
-
 
-    return SecCertificateCreateWithData(NULL, (__bridge CFDataRef)(certData));
 
-}
 
-
 
-static SecCertificateRef AFUTCOMODORSADomainValidationSecureServerCertificate() {
 
-    NSString *certPath = [[NSBundle bundleForClass:[AFSecurityPolicyTests class]] pathForResource:@"COMODO_RSA_Domain_Validation_Secure_Server_CA" ofType:@"cer"];
 
+    NSString *certPath = [[NSBundle bundleForClass:[AFSecurityPolicyTests class]] pathForResource:@"httpbinorg_08132017" ofType:@"cer"];
 
     NSCAssert(certPath != nil, @"Path for certificate should not be nil");
 
     NSData *certData = [NSData dataWithContentsOfFile:certPath];
 
 
     return SecCertificateCreateWithData(NULL, (__bridge CFDataRef)(certData));
 
 }
 
 
-static SecCertificateRef AFUTCOMODORSACertificate() {
 
-    NSString *certPath = [[NSBundle bundleForClass:[AFSecurityPolicyTests class]] pathForResource:@"COMODO_RSA_Certification_Authority" ofType:@"cer"];
 
+static SecCertificateRef AFUTLetsEncryptAuthorityCertificate() {
 
+    NSString *certPath = [[NSBundle bundleForClass:NSClassFromString(@"AFSecurityPolicyTests")] pathForResource:@"Let's Encrypt Authority X3" ofType:@"cer"];
 
     NSCAssert(certPath != nil, @"Path for certificate should not be nil");
 
     NSData *certData = [NSData dataWithContentsOfFile:certPath];
 
-
 
+    
     return SecCertificateCreateWithData(NULL, (__bridge CFDataRef)(certData));
 
 }
 
 
-static SecCertificateRef AFUTAddTrustExternalRootCertificate() {
 
-    NSString *certPath = [[NSBundle bundleForClass:[AFSecurityPolicyTests class]] pathForResource:@"AddTrust_External_CA_Root" ofType:@"cer"];
 
+static SecCertificateRef AFUTDSTRootCertificate() {
 
+    NSString *certPath = [[NSBundle bundleForClass:NSClassFromString(@"AFSecurityPolicyTests")] pathForResource:@"DST Root CA X3" ofType:@"cer"];
 
     NSCAssert(certPath != nil, @"Path for certificate should not be nil");
 
     NSData *certData = [NSData dataWithContentsOfFile:certPath];
 
-
 
+    
     return SecCertificateCreateWithData(NULL, (__bridge CFDataRef)(certData));
 
 }
 
 
-//static SecCertificateRef AFUTGoogleComEquifaxSecureCARootCertificate() {
 
-//    NSString *certPath = [[NSBundle bundleForClass:[AFSecurityPolicyTests class]] pathForResource:@"Equifax_Secure_Certificate_Authority_Root" ofType:@"cer"];
 
-//    NSCAssert(certPath != nil, @"Path for certificate should not be nil");
 
-//    NSData *certData = [NSData dataWithContentsOfFile:certPath];
 
-//    
-//    return SecCertificateCreateWithData(NULL, (__bridge CFDataRef)(certData));
 
-//}
 
-//
 
-//static SecCertificateRef AFUTGoogleComGeoTrustGlobalCARootCertificate() {
 
-//    NSString *certPath = [[NSBundle bundleForClass:[AFSecurityPolicyTests class]] pathForResource:@"GeoTrust_Global_CA_Root" ofType:@"cer"];
 
-//    NSCAssert(certPath != nil, @"Path for certificate should not be nil");
 
-//    NSData *certData = [NSData dataWithContentsOfFile:certPath];
 
-//    
-//    return SecCertificateCreateWithData(NULL, (__bridge CFDataRef)(certData));
 
-//}
 
-
 
 static SecCertificateRef AFUTSelfSignedCertificateWithoutDomain() {
 
     NSString *certPath = [[NSBundle bundleForClass:[AFSecurityPolicyTests class]] pathForResource:@"NoDomains" ofType:@"cer"];
 
     NSCAssert(certPath != nil, @"Path for certificate should not be nil");
 
@@ -239,58 +201,48 @@ static SecTrustRef AFUTTrustWithCertificate(SecCertificateRef certificate) {
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow server trust");
 
 }
 
 
-- (void)testPolicyWithPublicKeyPinningAllowsHTTPBinOrgServerTrustWithHTTPBinOrgIntermediate1CertificatePinned {
 
+- (void)testPolicyWithPublicKeyPinningAllowsHTTPBinOrgServerTrustWithHTTPBinOrgIntermediateCertificatePinned {
 
     AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
 
-
 
-    SecCertificateRef certificate = AFUTCOMODORSADomainValidationSecureServerCertificate();
 
-    policy.pinnedCertificates = [NSSet setWithObject:(__bridge_transfer id)SecCertificateCopyData(certificate)];
 
-    XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow server trust");
 
-}
 
-
 
-- (void)testPolicyWithPublicKeyPinningAllowsHTTPBinOrgServerTrustWithHTTPBinOrgIntermediate2CertificatePinned {
 
-    AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
 
-
 
-    SecCertificateRef certificate = AFUTCOMODORSACertificate();
 
+    
+    SecCertificateRef certificate = AFUTLetsEncryptAuthorityCertificate();
 
     policy.pinnedCertificates = [NSSet setWithObject:(__bridge_transfer id)SecCertificateCopyData(certificate)];
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow server trust");
 
 }
 
 
 - (void)testPolicyWithPublicKeyPinningAllowsHTTPBinOrgServerTrustWithHTTPBinOrgRootCertificatePinned {
 
     AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
 
-
 
-    SecCertificateRef certificate = AFUTAddTrustExternalRootCertificate();
 
+    
+    SecCertificateRef certificate = AFUTDSTRootCertificate();
 
     policy.pinnedCertificates = [NSSet setWithObject:(__bridge_transfer id)SecCertificateCopyData(certificate)];
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow server trust");
 
 }
 
 
 - (void)testPolicyWithPublicKeyPinningAllowsHTTPBinOrgServerTrustWithEntireCertificateChainPinned {
 
     AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
 
-
 
+    
     SecCertificateRef httpBinCertificate = AFUTHTTPBinOrgCertificate();
 
-    SecCertificateRef intermedaite1Certificate = AFUTCOMODORSADomainValidationSecureServerCertificate();
 
-    SecCertificateRef intermedaite2Certificate = AFUTCOMODORSACertificate();
 
-    SecCertificateRef rootCertificate = AFUTAddTrustExternalRootCertificate();
 
+    SecCertificateRef intermediateCertificate = AFUTLetsEncryptAuthorityCertificate();
 
+    SecCertificateRef rootCertificate = AFUTDSTRootCertificate();
 
     [policy setPinnedCertificates:[NSSet setWithObjects:(__bridge_transfer NSData *)SecCertificateCopyData(httpBinCertificate),
 
-                                                        (__bridge_transfer NSData *)SecCertificateCopyData(intermedaite1Certificate),
 
-                                                        (__bridge_transfer NSData *)SecCertificateCopyData(intermedaite2Certificate),
 
-                                                        (__bridge_transfer NSData *)SecCertificateCopyData(rootCertificate), nil]];
 
+                                   (__bridge_transfer NSData *)SecCertificateCopyData(intermediateCertificate),
 
+                                   (__bridge_transfer NSData *)SecCertificateCopyData(rootCertificate), nil]];
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow HTTPBinOrg server trust because at least one of the pinned certificates is valid");
 
-
 
+    
 }
 
 
 - (void)testPolicyWithPublicKeyPinningAllowsHTTPBirnOrgServerTrustWithHTTPbinOrgPinnedCertificateAndAdditionalPinnedCertificates {
 
     AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
 
-
 
+    
     SecCertificateRef httpBinCertificate = AFUTHTTPBinOrgCertificate();
 
     SecCertificateRef selfSignedCertificate = AFUTSelfSignedCertificateWithCommonNameDomain();
 
     [policy setPinnedCertificates:[NSSet setWithObjects:(__bridge_transfer NSData *)SecCertificateCopyData(httpBinCertificate),
 
-                                                        (__bridge_transfer NSData *)SecCertificateCopyData(selfSignedCertificate), nil]];
 
+                                   (__bridge_transfer NSData *)SecCertificateCopyData(selfSignedCertificate), nil]];
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow HTTPBinOrg server trust because at least one of the pinned certificates is valid");
 
 }
 
 
 - (void)testPolicyWithPublicKeyPinningAllowsHTTPBinOrgServerTrustWithHTTPBinOrgLeafCertificatePinnedAndValidDomainName {
 
     AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];
 
-
 
+    
     SecCertificateRef certificate = AFUTHTTPBinOrgCertificate();
 
     policy.pinnedCertificates = [NSSet setWithObject:(__bridge_transfer id)SecCertificateCopyData(certificate)];
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:@"httpbin.org"], @"Policy should allow server trust");
 
@@ -361,96 +313,53 @@ static SecTrustRef AFUTTrustWithCertificate(SecCertificateRef certificate) {
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow server trust");
 
 }
 
 
-- (void)testPolicyWithCertificatePinningAllowsHTTPBinOrgServerTrustWithHTTPBinOrgIntermediate1CertificatePinned {
 
-    AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
 
-
 
-    SecCertificateRef certificate = AFUTCOMODORSADomainValidationSecureServerCertificate();
 
-    policy.pinnedCertificates = [NSSet setWithObject:(__bridge_transfer id)SecCertificateCopyData(certificate)];
 
-    XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow server trust");
 
-}
 
-
 
-- (void)testPolicyWithCertificatePinningAllowsHTTPBinOrgServerTrustWithHTTPBinOrgIntermediate2CertificatePinned {
 
+- (void)testPolicyWithCertificatePinningAllowsHTTPBinOrgServerTrustWithHTTPBinOrgIntermediateCertificatePinned {
 
     AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
 
-
 
-    SecCertificateRef certificate = AFUTCOMODORSACertificate();
 
+    
+    SecCertificateRef certificate = AFUTLetsEncryptAuthorityCertificate();
 
     policy.pinnedCertificates = [NSSet setWithObject:(__bridge_transfer id)SecCertificateCopyData(certificate)];
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow server trust");
 
 }
 
 
 - (void)testPolicyWithCertificatePinningAllowsHTTPBinOrgServerTrustWithHTTPBinOrgRootCertificatePinned {
 
     AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
 
-
 
-    SecCertificateRef certificate = AFUTAddTrustExternalRootCertificate();
 
+    
+    SecCertificateRef certificate = AFUTDSTRootCertificate();
 
     policy.pinnedCertificates = [NSSet setWithObject:(__bridge_transfer id)SecCertificateCopyData(certificate)];
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow server trust");
 
 }
 
 
 - (void)testPolicyWithCertificatePinningAllowsHTTPBinOrgServerTrustWithEntireCertificateChainPinned {
 
     AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
 
-
 
+    
     SecCertificateRef httpBinCertificate = AFUTHTTPBinOrgCertificate();
 
-    SecCertificateRef intermedaite1Certificate = AFUTCOMODORSADomainValidationSecureServerCertificate();
 
-    SecCertificateRef intermedaite2Certificate = AFUTCOMODORSACertificate();
 
-    SecCertificateRef rootCertificate = AFUTAddTrustExternalRootCertificate();
 
+    SecCertificateRef intermediateCertificate = AFUTLetsEncryptAuthorityCertificate();
 
+    SecCertificateRef rootCertificate = AFUTDSTRootCertificate();
 
     [policy setPinnedCertificates:[NSSet setWithObjects:(__bridge_transfer NSData *)SecCertificateCopyData(httpBinCertificate),
 
-                                                        (__bridge_transfer NSData *)SecCertificateCopyData(intermedaite1Certificate),
 
-                                                        (__bridge_transfer NSData *)SecCertificateCopyData(intermedaite2Certificate),
 
-                                                        (__bridge_transfer NSData *)SecCertificateCopyData(rootCertificate), nil]];
 
+                                   (__bridge_transfer NSData *)SecCertificateCopyData(intermediateCertificate),
 
+                                   (__bridge_transfer NSData *)SecCertificateCopyData(rootCertificate), nil]];
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow HTTPBinOrg server trust because at least one of the pinned certificates is valid");
 
-
 
+    
 }
 
 
 - (void)testPolicyWithCertificatePinningAllowsHTTPBirnOrgServerTrustWithHTTPbinOrgPinnedCertificateAndAdditionalPinnedCertificates {
 
     AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
 
-
 
+    
     SecCertificateRef httpBinCertificate = AFUTHTTPBinOrgCertificate();
 
     SecCertificateRef selfSignedCertificate = AFUTSelfSignedCertificateWithCommonNameDomain();
 
     [policy setPinnedCertificates:[NSSet setWithObjects:(__bridge_transfer NSData *)SecCertificateCopyData(httpBinCertificate),
 
-                                                        (__bridge_transfer NSData *)SecCertificateCopyData(selfSignedCertificate), nil]];
 
+                                   (__bridge_transfer NSData *)SecCertificateCopyData(selfSignedCertificate), nil]];
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:nil], @"Policy should allow HTTPBinOrg server trust because at least one of the pinned certificates is valid");
 
 }
 
 
 - (void)testPolicyWithCertificatePinningAllowsHTTPBinOrgServerTrustWithHTTPBinOrgLeafCertificatePinnedAndValidDomainName {
 
     AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
 
-
 
+    
     SecCertificateRef certificate = AFUTHTTPBinOrgCertificate();
 
     policy.pinnedCertificates = [NSSet setWithObject:(__bridge_transfer id)SecCertificateCopyData(certificate)];
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:@"httpbin.org"], @"Policy should allow server trust");
 
 }
 
 
-//- (void)testPolicyWithCertificatePinningAllowsGoogleComServerTrustIncompleteChainWithRootCertificatePinnedAndValidDomainName {
 
-//    //TODO THIS TEST HAS BEEN DISABLED UNTIL CERTS HAVE BEEN UPDATED.
 
-//    //Please see conversation here: https://github.com/AFNetworking/AFNetworking/pull/3159#issuecomment-178647437
 
-//    //
 
-//    // Fix certificate validation for servers providing incomplete chains (#3159) - test case
 
-//    //
 
-//    // google.com has two certification paths and both send incomplete certificate chains, i.e. don't include the Root CA
 
-//    // (this can be validated in https://www.ssllabs.com/ssltest/analyze.html?d=google.com)
 
-//    //
 
-//    // The two certification paths are:
 
-//    // - Path 1: *.google.com, Google Internet Authority G2 (with GeoTrust Global CA Root)
 
-//    // - Path 2: *.google.com, Google Internet Authority G2, GeoTrust Global CA (cross signed) (with Equifax Secure CA Root)
 
-//    //
 
-//    // The common goal of using certificate pinning is to prevent MiTM (man-in-the-middle) attacks, so the Root CA's should be pinned to protect the entire chains.
 
-//    // Since there's no Root CA being sent, when `-evaluateServerTrust:` invokes `AFCertificateTrustChainForServerTrust(serverTrust)`, the Root CA isn't present
 
-//    // Therefore, even though `AFServerTrustIsValid(serverTrust)` succeeds, the next validation fails since no pinned certificate matches the `pinnedCertificates`.
 
-//    // By fetching the `AFCertificateTrustChainForServerTrust(serverTrust)` *after* the `AFServerTrustIsValid(serverTrust)` validation, the complete chain is obtained and the Root CA's match.
 
-//    
-//    AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModeCertificate];
 
-//
 
-//    // certification path 1
 
-//    SecCertificateRef certificate = AFUTGoogleComGeoTrustGlobalCARootCertificate();
 
-//    policy.pinnedCertificates = [NSSet setWithObject:(__bridge_transfer id)SecCertificateCopyData(certificate)];
 
-//    
-//    XCTAssertTrue([policy evaluateServerTrust:AFUTGoogleComServerTrustPath1() forDomain:@"google.com"], @"Policy should allow server trust");
 
-//
 
-//    // certification path 2
 
-//    certificate = AFUTGoogleComEquifaxSecureCARootCertificate();
 
-//    policy.pinnedCertificates = [NSSet setWithObject:(__bridge_transfer id)SecCertificateCopyData(certificate)];
 
-//
 
-//    XCTAssertTrue([policy evaluateServerTrust:AFUTGoogleComServerTrustPath2() forDomain:@"google.com"], @"Policy should allow server trust");
 
-//}
 
-
 
 #pragma mark Negative Server Trust Evaluation Tests
 
 
 - (void)testPolicyWithCertificatePinningAndNoPinnedCertificatesDoesNotAllowHTTPBinOrgServerTrust {
 
@@ -494,11 +403,6 @@ static SecTrustRef AFUTTrustWithCertificate(SecCertificateRef certificate) {
 
     XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:@"invalid.org"], @"Policy should allow server trust because domain name validation is disabled");
 
 }
 
 
-- (void)testThatPolicyWithDomainNameValidationAllowsServerTrustWithValidWildcardDomainName {
 
-    AFSecurityPolicy *policy = [AFSecurityPolicy defaultPolicy];
 
-    XCTAssertTrue([policy evaluateServerTrust:AFUTHTTPBinOrgServerTrust() forDomain:@"test.httpbin.org"], @"Policy should allow server trust");
 
-}
 
-
 
 - (void)testThatPolicyWithDomainNameValidationAndSelfSignedCommonNameCertificateAllowsServerTrust {
 
     AFSecurityPolicy *policy = [AFSecurityPolicy policyWithPinningMode:AFSSLPinningModePublicKey];

+ 0 - 1
fastlane/.env.default
Bestand weergeven 

@@ -6,7 +6,6 @@ AF_CONFIGURATION=Release
 
 
 SCAN_WORKSPACE=$AF_WORKSPACE
 
 SCAN_SCHEME=$AF_IOS_FRAMEWORK_SCHEME
 
-SCAN_DEVICE="iPhone 7"
 
 SCAN_SDK=$AF_IOS_SDK
 
 SCAN_OUTPUT_DIRECTORY=fastlane/test-output