Merge pull request #59 from 8W9aG/fix-https-not-working

Fix data loader rejecting all HTTPS traffic
spotify · Jan 29, 2016 · 124481e · 124481e
2 parents 467e86a + e6dbd29
commit 124481e
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 9 deletions.
diff --git a/SPTDataLoader/SPTDataLoaderService.m b/SPTDataLoader/SPTDataLoaderService.m
@@ -272,9 +272,15 @@ - (void)URLSession:(NSURLSession *)session
 didReceiveChallenge:(NSURLAuthenticationChallenge *)challenge
  completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential))completionHandler
 {
-    if (self.allCertificatesAllowed && completionHandler) {
+    if (!completionHandler) {
+        return;
+    }
+
+    if (self.allCertificatesAllowed) {
         SecTrustRef trust = challenge.protectionSpace.serverTrust;
         completionHandler(NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:trust]);
+    } else {
+        completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil);
     }
 }
 

diff --git a/SPTDataLoaderTests/SPTDataLoaderServiceTest.m b/SPTDataLoaderTests/SPTDataLoaderServiceTest.m
@@ -328,21 +328,20 @@ - (void)testAllowingAllCertificates
     NSURLSession *session = [NSURLSession new];
     NSURLSessionTask *task = [NSURLSessionTask new];
     NSURLAuthenticationChallenge *challenge = [NSURLAuthenticationChallenge new];
-    __block NSInteger completions = 0;
+    __block NSInteger nonNilCompletions = 0;
+    void(^NSURLSessionCompletionHandler)(NSURLSessionAuthChallengeDisposition, NSURLCredential *) = ^(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential) {
+        nonNilCompletions += credential != nil ? 1 : 0;
+    };
     [self.service URLSession:session
                         task:task
          didReceiveChallenge:challenge
-           completionHandler:^(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential) {
-               completions++;
-           }];
+           completionHandler:NSURLSessionCompletionHandler];
     self.service.allCertificatesAllowed = NO;
     [self.service URLSession:session
                         task:task
          didReceiveChallenge:challenge
-           completionHandler:^(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential) {
-               completions++;
-           }];
-    XCTAssertEqual(completions, 1, @"There should only be 1 completion once all certificates are not allowed");
+           completionHandler:NSURLSessionCompletionHandler];
+    XCTAssertEqual(nonNilCompletions, 1, @"There should only be 1 completion once all certificates are not allowed");
 }
 
 - (void)testPerformingCancelledRequest
@@ -367,4 +366,17 @@ - (void)testCancellingLoadsOnDealloc
     self.service = nil;
 }
 
+- (void)testDidReceiveChallengeWithEmptyCompletionHandlerDoesNotCrash
+{
+    NSURLSession *session = [NSURLSession new];
+    NSURLSessionTask *task = [NSURLSessionTask new];
+    NSURLAuthenticationChallenge *challenge = [NSURLAuthenticationChallenge new];
+    void(^NSURLSessionCompletionHandler)(NSURLSessionAuthChallengeDisposition, NSURLCredential *) = ^(NSURLSessionAuthChallengeDisposition disposition, NSURLCredential *credential) {};
+    NSURLSessionCompletionHandler = nil;
+    [self.service URLSession:session
+                        task:task
+         didReceiveChallenge:challenge
+           completionHandler:NSURLSessionCompletionHandler];
+}
+
 @end