URLSession swizzling causing issue with TrustKit

[kashiftriffort]

Hello,

I am doing siwzzling of URLSessionConfiguration, added all methods like startLoading, stopLoading and others. I have also implemented URLSessionDataDelegate with all functions called. When I am using Trustkit with swizzling enabled from our side, it's not returning control to our app for SSL pinning. I have tried with multiple approach and third party libraries which do network swizzling, none of them are returning control to target app for TrustKit swizzling. Below is the code, I have written for our swizzling for did recevie challenge.

[[let protectionSpace = challenge.protectionSpace let sender = challenge.sender

if protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
  if let serverTrust = protectionSpace.serverTrust {
    let credential = URLCredential(trust: serverTrust)
    sender?.use(credential, for: challenge)
    completionHandler(.useCredential, credential)
    return
  }
}
if protectionSpace.authenticationMethod == NSURLAuthenticationMethodClientCertificate {
  completionHandler(.performDefaultHandling, nil);
  return
}

](url)](url)

[nabla-c0d3]

Hello, Unfortunately multiple layers of swizzling is not supported, due to how complex the application/code flow becomes. I would recommend disabling swizzling in TrustKit and calling TrustKit directly from your challenge handler.