Skip to content

Commit

Permalink
Merge pull request #349 from giullo/Fix-SSL-Pinning-Crash
Browse files Browse the repository at this point in the history 
SecTrust object now is conditionally unwrapped
  • Loading branch information
@daltoniam
daltoniam authored Jun 29, 2017
2 parents fa85b9c + 8623fe8 commit 08edd54
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions Source/WebSocket.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -455,9 +455,12 @@ open class WebSocket : NSObject, StreamDelegate {
guard !sOperation.isCancelled, let s = self else { return }
// Do the pinning now if needed
if let sec = s.security, !s.certValidated {
let trust = outStream.property(forKey: kCFStreamPropertySSLPeerTrust as Stream.PropertyKey) as! SecTrust
let domain = outStream.property(forKey: kCFStreamSSLPeerName as Stream.PropertyKey) as? String
s.certValidated = sec.isValid(trust, domain: domain)
if let possibleTrust = outStream.property(forKey: kCFStreamPropertySSLPeerTrust as Stream.PropertyKey) {
let domain = outStream.property(forKey: kCFStreamSSLPeerName as Stream.PropertyKey) as? String
s.certValidated = sec.isValid(possibleTrust as! SecTrust, domain: domain)
} else {
s.certValidated = false
}
if !s.certValidated {
WebSocket.sharedWorkQueue.async {
let errCode = InternalErrorCode.invalidSSLError.rawValue
Expand Down

0 comments on commit 08edd54

Please sign in to comment.