|
|
@@ -163,13 +163,13 @@ public enum ServerTrustPolicy {
|
|
|
|
|
|
switch self {
|
|
|
case let .PerformDefaultEvaluation(validateHost):
|
|
|
- let policy = validateHost ? SecPolicyCreateSSL(true, host as CFString) : SecPolicyCreateBasicX509()
|
|
|
+ let policy = SecPolicyCreateSSL(true, validateHost ? host as CFString : nil)
|
|
|
SecTrustSetPolicies(serverTrust, [policy])
|
|
|
|
|
|
serverTrustIsValid = trustIsValid(serverTrust)
|
|
|
case let .PinCertificates(pinnedCertificates, validateCertificateChain, validateHost):
|
|
|
if validateCertificateChain {
|
|
|
- let policy = validateHost ? SecPolicyCreateSSL(true, host as CFString) : SecPolicyCreateBasicX509()
|
|
|
+ let policy = SecPolicyCreateSSL(true, validateHost ? host as CFString : nil)
|
|
|
SecTrustSetPolicies(serverTrust, [policy])
|
|
|
|
|
|
SecTrustSetAnchorCertificates(serverTrust, pinnedCertificates)
|
|
|
@@ -200,7 +200,7 @@ public enum ServerTrustPolicy {
|
|
|
var certificateChainEvaluationPassed = true
|
|
|
|
|
|
if validateCertificateChain {
|
|
|
- let policy = validateHost ? SecPolicyCreateSSL(true, host as CFString) : SecPolicyCreateBasicX509()
|
|
|
+ let policy = SecPolicyCreateSSL(true, validateHost ? host as CFString : nil)
|
|
|
SecTrustSetPolicies(serverTrust, [policy])
|
|
|
|
|
|
certificateChainEvaluationPassed = trustIsValid(serverTrust)
|
Christian Noon