let5see/clawdbot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: unblock mac node bridge TLS

Browse Source
This commit is contained in:
Peter Steinberger
2026-01-16 05:50:51 +00:00
parent b7fcc8584f
commit 3bc9c330eb
2 changed files with 10 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
apps/macos/Sources/Clawdbot/NodeMode/MacNodeBridgeTLS.swift
View File

@@ -40,11 +40,10 @@ func makeMacNodeTLSOptions(_ params: MacNodeBridgeTLSParams?) -> NWProtocolTLS.O
sec_protocol_options_set_verify_block( sec_protocol_options_set_verify_block(
options.securityProtocolOptions, options.securityProtocolOptions,
{ _, trust, complete in { _, trust, complete in
guard let trust else { let trustRef = sec_trust_copy_ref(trust).takeRetainedValue()
complete(false) if let chain = SecTrustCopyCertificateChain(trustRef) as? [SecCertificate],
return let cert = chain.first
} {
if let cert = SecTrustGetCertificateAtIndex(trust, 0) {
let data = SecCertificateCopyData(cert) as Data let data = SecCertificateCopyData(cert) as Data
let fingerprint = sha256Hex(data) let fingerprint = sha256Hex(data)
if let expected { if let expected {
@@ -57,7 +56,7 @@ func makeMacNodeTLSOptions(_ params: MacNodeBridgeTLSParams?) -> NWProtocolTLS.O
return return
} }
} }
let ok = SecTrustEvaluateWithError(trust, nil) let ok = SecTrustEvaluateWithError(trustRef, nil)
complete(ok) complete(ok)
}, },
DispatchQueue(label: "com.clawdbot.macos.bridge.tls.verify")) DispatchQueue(label: "com.clawdbot.macos.bridge.tls.verify"))

10
apps/macos/Sources/Clawdbot/NodeMode/MacNodeModeCoordinator.swift
View File

@@ -463,7 +463,7 @@ final class MacNodeModeCoordinator {
} }
} }
private static func targetFromResult(_ result: NWBrowser.Result) -> BridgeTarget? { nonisolated private static func targetFromResult(_ result: NWBrowser.Result) -> BridgeTarget? {
let endpoint = result.endpoint let endpoint = result.endpoint
guard case .service = endpoint else { return nil } guard case .service = endpoint else { return nil }
let stableID = BridgeEndpointID.stableID(endpoint) let stableID = BridgeEndpointID.stableID(endpoint)
@@ -477,7 +477,7 @@ final class MacNodeModeCoordinator {
return BridgeTarget(endpoint: endpoint, stableID: stableID, tls: tlsParams) return BridgeTarget(endpoint: endpoint, stableID: stableID, tls: tlsParams)
} }
private static func resolveDiscoveredTLSParams( nonisolated private static func resolveDiscoveredTLSParams(
stableID: String, stableID: String,
tlsEnabled: Bool, tlsEnabled: Bool,
tlsFingerprintSha256: String?) -> MacNodeBridgeTLSParams? tlsFingerprintSha256: String?) -> MacNodeBridgeTLSParams?
@@ -503,7 +503,7 @@ final class MacNodeModeCoordinator {
return nil return nil
} }
private static func resolveManualTLSParams(stableID: String) -> MacNodeBridgeTLSParams? { nonisolated private static func resolveManualTLSParams(stableID: String) -> MacNodeBridgeTLSParams? {
if let stored = MacNodeBridgeTLSStore.loadFingerprint(stableID: stableID) { if let stored = MacNodeBridgeTLSStore.loadFingerprint(stableID: stableID) {
return MacNodeBridgeTLSParams( return MacNodeBridgeTLSParams(
required: true, required: true,
@@ -519,12 +519,12 @@ final class MacNodeModeCoordinator {
storeKey: stableID) storeKey: stableID)
} }
private static func txtValue(_ dict: [String: String], key: String) -> String? { nonisolated private static func txtValue(_ dict: [String: String], key: String) -> String? {
let raw = dict[key]?.trimmingCharacters(in: .whitespacesAndNewlines) ?? "" let raw = dict[key]?.trimmingCharacters(in: .whitespacesAndNewlines) ?? ""
return raw.isEmpty ? nil : raw return raw.isEmpty ? nil : raw
} }
private static func txtBoolValue(_ dict: [String: String], key: String) -> Bool { nonisolated private static func txtBoolValue(_ dict: [String: String], key: String) -> Bool {
guard let raw = self.txtValue(dict, key: key)?.lowercased() else { return false } guard let raw = self.txtValue(dict, key: key)?.lowercased() else { return false }
return raw == "1" || raw == "true" || raw == "yes" return raw == "1" || raw == "true" || raw == "yes"
} }