* Added MYBonjourBrowser and MYBonjourService.

* Added MYPortMapper. * Added -[TCPEndpoint setPeerToPeerIdentity:]. * Created a static-library target.
snej · Apr 22, 2009 · f52ac9c · f52ac9c
1 parent 10a33d6
commit f52ac9c
Show file tree

Hide file tree

Showing 35 changed files with 1,718 additions and 377 deletions.
diff --git a/BLIP/BLIP.h b/BLIP/BLIP.h
@@ -3,7 +3,7 @@
 //  MYNetwork
 //
 //  Created by Jens Alfke on 5/24/08.
-//  Copyright 2008 __MyCompanyName__. All rights reserved.
+//  Copyright 2008 Jens Alfke. All rights reserved.
 //
 
 #import "BLIPConnection.h"

diff --git a/BLIP/BLIPConnection.h b/BLIP/BLIPConnection.h
@@ -19,6 +19,7 @@
     Most of the API is inherited from TCPConnection. */
 @interface BLIPConnection : TCPConnection
 {
+    @private
     BLIPDispatcher *_dispatcher;
     BOOL _blipClosing;
 }

diff --git a/BLIP/BLIPDispatcher.h b/BLIP/BLIPDispatcher.h
@@ -25,6 +25,7 @@
     request based on property values. */
 @interface BLIPDispatcher : NSObject 
 {
+    @private
     NSMutableArray *_predicates, *_targets;
     BLIPDispatcher *_parent;
 }

diff --git a/BLIP/BLIPMessage.h b/BLIP/BLIPMessage.h
@@ -36,6 +36,7 @@ NSError *BLIPMakeError( int errorCode, NSString *message, ... ) __attribute__ ((
 /** Abstract superclass for <a href=".#blipdesc">BLIP</a> requests and responses. */
 @interface BLIPMessage : NSObject 
 {
+    @protected
     BLIPConnection *_connection;
     UInt16 _flags;
     UInt32 _number;

diff --git a/BLIP/BLIPProperties.h b/BLIP/BLIPProperties.h
@@ -45,6 +45,7 @@
 /** Mutable subclass of BLIPProperties, used for creating new instances. */
 @interface BLIPMutableProperties : BLIPProperties
 {
+    @private
     NSMutableDictionary *_properties;
 }
 

diff --git a/BLIP/BLIPProperties.m b/BLIP/BLIPProperties.m
@@ -69,7 +69,7 @@ + (BLIPProperties*) propertiesWithEncodedData: (NSData*)data usedLength: (ssize_
     else
         props = [BLIPProperties properties];
 
-    *usedLength = props ?length :-1;
+    *usedLength = props ?(ssize_t)length :-1;
     return props;
 }
 
@@ -132,7 +132,7 @@ - (id) initWithBytes: (const char*)bytes length: (size_t)length
             goto fail;
 
         // The data consists of consecutive NUL-terminated strings, alternating key/value:
-        unsigned capacity = 0;
+        int capacity = 0;
         const char *end = bytes+length;
         for( const char *str=bytes; str < end; str += strlen(str)+1, _nStrings++ ) {
             if( _nStrings >= capacity ) {
@@ -285,7 +285,7 @@ - (NSUInteger) count        {return _properties.count;}
 static void appendStr( NSMutableData *data, NSString *str ) {
     const char *utf8 = [str UTF8String];
     size_t size = strlen(utf8)+1;
-    for( int i=0; i<kNAbbreviations; i++ )
+    for( unsigned i=0; i<kNAbbreviations; i++ )
         if( memcmp(utf8,kAbbreviations[i],size)==0 ) {
             const UInt8 abbrev[2] = {i+1,0};
             [data appendBytes: &abbrev length: 2];
@@ -345,7 +345,7 @@ - (void) setAllProperties: (NSDictionary*)properties
 
     props = [BLIPProperties properties];
     CAssert(props);
-    CAssertEq(props.count,0);
+    CAssertEq(props.count,0U);
     Log(@"Empty properties:\n%@", props.allProperties);
     NSData *data = props.encodedData;
     Log(@"As data: %@", data);
@@ -359,7 +359,7 @@ - (void) setAllProperties: (NSDictionary*)properties
 
     ssize_t used;
     props = [BLIPProperties propertiesWithEncodedData: data usedLength: &used];
-    CAssertEq(used,data.length);
+    CAssertEq(used,(ssize_t)data.length);
     CAssertEqual(props,mprops);
 
     [mprops setValue: @"Jens" ofProperty: @"First-Name"];
@@ -377,7 +377,7 @@ - (void) setAllProperties: (NSDictionary*)properties
         CAssertEq(used,0);
     }
     props = [BLIPProperties propertiesWithEncodedData: data usedLength: &used];
-    CAssertEq(used,data.length);
+    CAssertEq(used,(ssize_t)data.length);
     Log(@"Read back in:\n%@",props.allProperties);
     CAssertEqual(props,mprops);
 

diff --git a/BLIP/BLIPReader.h b/BLIP/BLIPReader.h
@@ -14,6 +14,7 @@
 /** INTERNAL class that reads BLIP frames from the socket. */
 @interface BLIPReader : TCPReader
 {
+    @private
     BLIPFrameHeader _curHeader;
     UInt32 _curBytesRead;
     NSMutableData *_curBody;

diff --git a/BLIP/BLIPTest.m b/BLIP/BLIPTest.m
@@ -19,10 +19,13 @@
 #import "Logging.h"
 #import "Test.h"
 
-#define HAVE_KEYCHAIN_FRAMEWORK 0
-#if HAVE_KEYCHAIN_FRAMEWORK
-#import <Keychain/Keychain.h>
-#endif
+#import <Security/Security.h>
+#import <SecurityInterface/SFChooseIdentityPanel.h>
+
+@interface TCPEndpoint ()
++ (NSString*) describeCert: (SecCertificateRef)cert;
++ (NSString*) describeIdentity: (SecIdentityRef)identity;
+@end
 
 
 #define kListenerHost               @"localhost"
@@ -31,20 +34,41 @@
 #define kNBatchedMessages           20
 #define kUseCompression             YES
 #define kUrgentEvery                4
-#define kClientRequiresSSL          NO
-#define kClientUsesSSLCert          NO
-#define kListenerRequiresSSL        NO
-#define kListenerRequiresClientCert NO
 #define kListenerCloseAfter         50
 #define kClientAcceptCloseRequest   YES
 
+#define kListenerUsesSSL            YES     // Does the listener (server) use an SSL connection?
+#define kListenerRequiresClientCert YES     // Does the listener require clients to have an SSL cert?
+#define kClientRequiresSSL          YES     // Does the client require the listener to use SSL?
+#define kClientUsesSSLCert          YES     // Does the client use an SSL cert?
+
+
+static SecIdentityRef ChooseIdentity( NSString *prompt ) {
+    NSMutableArray *identities = [NSMutableArray array];
+    SecKeychainRef kc;
+    SecKeychainCopyDefault(&kc);
+    SecIdentitySearchRef search;
+    SecIdentitySearchCreate(kc, CSSM_KEYUSE_ANY, &search);
+    SecIdentityRef identity;
+    while (SecIdentitySearchCopyNext(search, &identity) == noErr)
+        [identities addObject: (id)identity];
+    Log(@"Found %u identities -- prompting '%@'", identities.count, prompt);
+    if (identities.count > 0) {
+        SFChooseIdentityPanel *panel = [SFChooseIdentityPanel sharedChooseIdentityPanel];
+        if ([panel runModalForIdentities: identities message: prompt] == NSOKButton) {
+            Log(@"Using SSL identity: %@", panel.identity);
+            return panel.identity;
+        }
+    }
+    return NULL;
+}
 
 static SecIdentityRef GetClientIdentity(void) {
-    return NULL;    // Make this return a valid identity to test client-side certs
+    return ChooseIdentity(@"Choose an identity for the BLIP Client Test:");
 }
 
 static SecIdentityRef GetListenerIdentity(void) {
-    return NULL;    // Make this return a valid identity to test client-side certs
+    return ChooseIdentity(@"Choose an identity for the BLIP Listener Test:");
 }
 
 
@@ -75,15 +99,11 @@ - (id) init
             [self release];
             return nil;
         }
-        if( kClientRequiresSSL ) {
-            _conn.SSLProperties = $mdict({kTCPPropertySSLAllowsAnyRoot, $true});
-            if( kClientUsesSSLCert ) {
-                SecIdentityRef clientIdentity = GetClientIdentity();
-                if( clientIdentity ) {
-                    [_conn setSSLProperty: $array((id)clientIdentity)
-                                   forKey: kTCPPropertySSLCertificates];
-                }
-            }
+        if( kClientUsesSSLCert ) {
+            [_conn setPeerToPeerIdentity: GetClientIdentity()];
+        } else if( kClientRequiresSSL ) {
+            _conn.SSLProperties = $mdict({kTCPPropertySSLAllowsAnyRoot, $true},
+                                        {(id)kCFStreamSSLPeerName, [NSNull null]});
         }
         _conn.delegate = self;
         Log(@"** Opening connection...");
@@ -148,22 +168,20 @@ - (void) connectionDidOpen: (TCPConnection*)connection
 }
 - (BOOL) connection: (TCPConnection*)connection authorizeSSLPeer: (SecCertificateRef)peerCert
 {
-#if HAVE_KEYCHAIN_FRAMEWORK
-    Certificate *cert = peerCert ?[Certificate certificateWithCertificateRef: peerCert] :nil;
-    Log(@"** %@ authorizeSSLPeer: %@",self,cert);
-#else
-    Log(@"** %@ authorizeSSLPeer: %@",self,peerCert);
-#endif
+    Log(@"** %@ authorizeSSLPeer: %@",self, [TCPEndpoint describeCert:peerCert]);
     return peerCert != nil;
 }
 - (void) connection: (TCPConnection*)connection failedToOpen: (NSError*)error
 {
-    Log(@"** %@ failedToOpen: %@",connection,error);
+    Warn(@"** %@ failedToOpen: %@",connection,error);
     CFRunLoopStop(CFRunLoopGetCurrent());
 }
 - (void) connectionDidClose: (TCPConnection*)connection
 {
-    Log(@"** %@ didClose",connection);
+    if (connection.error)
+        Warn(@"** %@ didClose: %@", connection,connection.error);
+    else
+        Log(@"** %@ didClose", connection);
     setObj(&_conn,nil);
     [NSObject cancelPreviousPerformRequestsWithTarget: self];
     CFRunLoopStop(CFRunLoopGetCurrent());
@@ -188,7 +206,7 @@ - (void) connection: (BLIPConnection*)connection receivedResponse: (BLIPResponse
         const UInt8 *bytes = body.bytes;
         for( size_t i=0; i<size; i++ )
             AssertEq(bytes[i],i % 256);
-        AssertEq(size,sizeObj.intValue);
+        AssertEq(size,sizeObj.unsignedIntValue);
     }
     Assert(sizeObj);
     [_pending removeObjectForKey: $object(response.number)];
@@ -207,9 +225,7 @@ - (BOOL) connectionReceivedCloseRequest: (BLIPConnection*)connection
 
 
 TestCase(BLIPConnection) {
-#if HAVE_KEYCHAIN_FRAMEWORK
-    [Keychain setUserInteractionAllowed: YES];
-#endif
+    SecKeychainSetUserInteractionAllowed(true);
     BLIPConnectionTester *tester = [[BLIPConnectionTester alloc] init];
     CAssert(tester);
 
@@ -244,12 +260,11 @@ - (id) init
         _listener.delegate = self;
         _listener.pickAvailablePort = YES;
         _listener.bonjourServiceType = @"_bliptest._tcp";
-        if( kListenerRequiresSSL ) {
-            SecIdentityRef listenerIdentity = GetListenerIdentity();
-            Assert(listenerIdentity);
-            _listener.SSLProperties = $mdict({kTCPPropertySSLCertificates, $array((id)listenerIdentity)},
-                                             {kTCPPropertySSLAllowsAnyRoot,$true},
-                            {kTCPPropertySSLClientSideAuthentication, $object(kTCPTryAuthenticate)});
+        if( kListenerUsesSSL ) {
+            [_listener setPeerToPeerIdentity: GetListenerIdentity()];
+            if (!kListenerRequiresClientCert)
+                [_listener setSSLProperty: $object(kTCPTryAuthenticate) 
+                                   forKey: kTCPPropertySSLClientSideAuthentication];
         }
         Assert( [_listener open] );
         Log(@"%@ is listening...",self);
@@ -293,12 +308,7 @@ - (void) connectionDidOpen: (TCPConnection*)connection
 }
 - (BOOL) connection: (TCPConnection*)connection authorizeSSLPeer: (SecCertificateRef)peerCert
 {
-#if HAVE_KEYCHAIN_FRAMEWORK
-    Certificate *cert = peerCert ?[Certificate certificateWithCertificateRef: peerCert] :nil;
-    Log(@"** %@ authorizeSSLPeer: %@",connection,cert);
-#else
-    Log(@"** %@ authorizeSSLPeer: %@",self,peerCert);
-#endif
+    Log(@"** %@ authorizeSSLPeer: %@",self, [TCPEndpoint describeCert:peerCert]);
     return peerCert != nil || ! kListenerRequiresClientCert;
 }
 - (void) connection: (TCPConnection*)connection failedToOpen: (NSError*)error
@@ -307,7 +317,10 @@ - (void) connection: (TCPConnection*)connection failedToOpen: (NSError*)error
 }
 - (void) connectionDidClose: (TCPConnection*)connection
 {
-    Log(@"** %@ didClose",connection);
+    if (connection.error)
+        Warn(@"** %@ didClose: %@", connection,connection.error);
+    else
+        Log(@"** %@ didClose", connection);
     [connection release];
 }
 - (void) connection: (BLIPConnection*)connection receivedRequest: (BLIPRequest*)request
@@ -322,7 +335,7 @@ - (void) connection: (BLIPConnection*)connection receivedRequest: (BLIPRequest*)
 
     AssertEqual([request valueOfProperty: @"Content-Type"], @"application/octet-stream");
     Assert([request valueOfProperty: @"User-Agent"] != nil);
-    AssertEq([[request valueOfProperty: @"Size"] intValue], size);
+    AssertEq((size_t)[[request valueOfProperty: @"Size"] intValue], size);
 
     [request respondWithData: body contentType: request.contentType];
 
@@ -351,9 +364,7 @@ - (void) connection: (BLIPConnection*)connection closeRequestFailedWithError: (N
     EnableLogTo(BLIP,YES);
     EnableLogTo(PortMapper,YES);
     EnableLogTo(Bonjour,YES);
-#if HAVE_KEYCHAIN_FRAMEWORK
-    [Keychain setUserInteractionAllowed: YES];
-#endif
+    SecKeychainSetUserInteractionAllowed(true);
     BLIPTestListener *listener = [[BLIPTestListener alloc] init];
 
     [[NSRunLoop currentRunLoop] run];

diff --git a/BLIP/BLIPWriter.h b/BLIP/BLIPWriter.h
@@ -10,8 +10,10 @@
 @class BLIPRequest, BLIPResponse, BLIPMessage;
 
 
+/** INTERNAL class that sends BLIP frames over the socket. */
 @interface BLIPWriter : TCPWriter
 {
+    @private
     NSMutableArray *_outBox;
     UInt32 _numRequestsSent;
 }

diff --git a/BLIP/Demo/BLIP Echo Client-Info.plist b/BLIP/Demo/BLIP Echo Client-Info.plist
@@ -7,7 +7,7 @@
 	<key>CFBundleExecutable</key>
 	<string>${EXECUTABLE_NAME}</string>
 	<key>CFBundleIdentifier</key>
-	<string>com.yourcompany.${PRODUCT_NAME:identifier}</string>
+	<string>com.mooseyard.BLIPEchoClient</string>
 	<key>CFBundleInfoDictionaryVersion</key>
 	<string>6.0</string>
 	<key>CFBundlePackageType</key>

diff --git a/BLIP/Demo/BLIPEchoClient.h b/BLIP/Demo/BLIPEchoClient.h
@@ -9,23 +9,24 @@
 //
 
 #import <Cocoa/Cocoa.h>
-@class BLIPConnection;
+#import "BLIPConnection.h"
+@class MYBonjourBrowser;
 
 
-@interface BLIPEchoClient : NSObject
+@interface BLIPEchoClient : NSObject <BLIPConnectionDelegate>
 {
     IBOutlet NSTextField * inputField;
     IBOutlet NSTextField * responseField;
     IBOutlet NSTableView * serverTableView;
 
-    NSNetServiceBrowser * _serviceBrowser;
-    NSMutableArray * _serviceList;
-
+    MYBonjourBrowser * _serviceBrowser;
     BLIPConnection *_connection;
 }
 
-@property (readonly) NSMutableArray *serviceList;
+@property (readonly) MYBonjourBrowser *serviceBrowser;
+@property (readonly) NSArray *serviceList;
 
+- (IBAction)serverClicked:(id)sender;
 - (IBAction)sendText:(id)sender;
 
 @end