Fixes scheme detection logic and NPE

10 years ago · ba37a3e525
parent ccf39971ef
commit ba37a3e525
3 changed files with 43 additions and 8 deletions
--- a/gRPC.podspec
+++ b/gRPC.podspec
@ -24,9 +24,9 @@ Pod::Spec.new do |s|

  s.subspec 'C-Core' do |cs|
    cs.summary  = 'Core gRPC library, written in C'
-  	cs.authors = { 'Craig Tiller'   => 'ctiller@google.com',
-  		           'David Klempner' => 'klempner@google.com',
-  		           'Nicolas Noble'  => 'nnoble@google.com',
+    cs.authors = { 'Craig Tiller'   => 'ctiller@google.com',
+                   'David Klempner' => 'klempner@google.com',
+                   'Nicolas Noble'  => 'nnoble@google.com',
                   'Vijay Pai'      => 'vpai@google.com',
                   'Yang Gao'       => 'yangg@google.com' }

@ -63,4 +63,7 @@ Pod::Spec.new do |s|
  CMD

  s.xcconfig = { 'HEADER_SEARCH_PATHS' => '"$(PODS_ROOT)/Headers/Public/gRPC/include"' }
+
+  # Certificates, to be able to establish TLS connections:
+  s.resource_bundles = { 'gRPC' => ['etc/roots.pem'] }
 end
--- a/src/objective-c/GRPCClient/private/GRPCChannel.m
+++ b/src/objective-c/GRPCClient/private/GRPCChannel.m
@ -50,11 +50,14 @@
 }

 - (instancetype)initWithHost:(NSString *)host {
+  if (![host containsString:@"://"]) {
+    host = [@"https://" stringByAppendingString:host];
+  }
  NSURL *hostURL = [NSURL URLWithString:host];
  if (!hostURL) {
    [NSException raise:NSInvalidArgumentException format:@"Invalid URL: %@", host];
  }
-  if (!hostURL.scheme || [hostURL.scheme isEqualToString:@"https"]) {
+  if ([hostURL.scheme isEqualToString:@"https"]) {
    return [[GRPCSecureChannel alloc] initWithHost:host];
  }
  if ([hostURL.scheme isEqualToString:@"http"]) {
@ -73,8 +76,12 @@
 }

 - (void)dealloc {
-  // TODO(jcanizales): Be sure to add a test with a server that closes the connection prematurely,
-  // as in the past that made this call to crash.
-  grpc_channel_destroy(_unmanagedChannel);
+  // _unmanagedChannel is NULL when deallocating an object of the base class (because the
+  // initializer returns a different object).
+  if (_unmanagedChannel) {
+    // TODO(jcanizales): Be sure to add a test with a server that closes the connection prematurely,
+    // as in the past that made this call to crash.
+    grpc_channel_destroy(_unmanagedChannel);
+  }
 }
@end
--- a/src/objective-c/GRPCClient/private/GRPCSecureChannel.m
+++ b/src/objective-c/GRPCClient/private/GRPCSecureChannel.m
@ -35,11 +35,36 @@

 #import <grpc/grpc_security.h>

+static const char *kCertificates =
+"# Issuer: CN=GTE CyberTrust Global Root O=GTE Corporation OU=GTE CyberTrust Solutions, Inc.\n"
+"# Subject: CN=GTE CyberTrust Global Root O=GTE Corporation OU=GTE CyberTrust Solutions, Inc.\n"
+"# Label: \"GTE CyberTrust Global Root\"\n"
+"# Serial: 421\n"
+"# MD5 Fingerprint: ca:3d:d3:68:f1:03:5c:d0:32:fa:b8:2b:59:e8:5a:db\n"
+"# SHA1 Fingerprint: 97:81:79:50:d8:1c:96:70:cc:34:d8:09:cf:79:44:31:36:7e:f4:74\n"
+"# SHA256 Fingerprint: a5:31:25:18:8d:21:10:aa:96:4b:02:c7:b7:c6:da:32:03:17:08:94:e5:fb:71:ff:fb:66:67:d5:e6:81:0a:36\n"
+"-----BEGIN CERTIFICATE-----\n"
+"MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFgYD\n"
+"VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv\n"
+"bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv\n"
+"b3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEzMjM1OTAwWjB1MQswCQYDVQQGEwJV\n"
+"UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU\n"
+"cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds\n"
+"b2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6HrH\n"
+"iM3dFw4usJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTS\n"
+"r41tiGeA5u2ylc9yMcqlHHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X4\n"
+"04Wqk2kmhXBIgD8SFcd5tB8FLztimQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAG3r\n"
+"GwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMWM4ETCJ57NE7fQMh017l9\n"
+"3PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OFNMQkpw0P\n"
+"lZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/\n"
+"-----END CERTIFICATE-----\n";
+
+
@implementation GRPCSecureChannel

 - (instancetype)initWithHost:(NSString *)host {
  // TODO(jcanizales): Get the certificates here.
-  grpc_credentials *credentials = grpc_ssl_credentials_create(NULL, NULL);
+  grpc_credentials *credentials = grpc_ssl_credentials_create(kCertificates, NULL);
  return (self = [super initWithChannel:grpc_secure_channel_create(credentials,
                                                                   host.UTF8String,
                                                                   NULL)]);