Gemini/GeminiProtocol/NWParameters+Gemini.swift

45 lines
1.6 KiB
Swift
Raw Normal View History

2020-07-12 23:09:37 -04:00
//
// NWParameters+Gemini.swift
// Gemini
//
// Created by Shadowfacts on 7/12/20.
//
import Network
extension NWParameters {
2021-09-28 20:20:08 -04:00
/// An NWParameters configured with the GeminiProtocol and appropriate TLS options.
/// This property always returns a new NWParameters instance.
2020-07-12 23:09:37 -04:00
static var gemini: NWParameters {
let tlsOptions = geminiTLSOptions
let tcpOptions = NWProtocolTCP.Options()
let parameters = NWParameters(tls: tlsOptions, tcp: tcpOptions)
let geminiOptions = NWProtocolFramer.Options(definition: GeminiProtocol.definition)
parameters.defaultProtocolStack.applicationProtocols.insert(geminiOptions, at: 0)
return parameters
}
private static var geminiTLSOptions: NWProtocolTLS.Options {
let options = NWProtocolTLS.Options()
sec_protocol_options_set_min_tls_protocol_version(options.securityProtocolOptions, .TLSv12)
// based on https://developer.apple.com/forums/thread/104018
sec_protocol_options_set_verify_block(options.securityProtocolOptions, { (sec_protocol_metadata, sec_trust, sec_protocol_verify_complete) in
let trust = sec_trust_copy_ref(sec_trust).takeRetainedValue()
var error: CFError?
if SecTrustEvaluateWithError(trust, &error) {
sec_protocol_verify_complete(true)
} else {
// todo: prompt user to trust cert on first use
sec_protocol_verify_complete(true)
}
}, .main)
return options
}
}