search

novastone-media / MQTT-Client-Framework

iOS, macOS, tvOS native ObjectiveC MQTT Client Framework
Other
1.84k stars 463 forks source link

What is the item type of MQTTWebsocketTransport' s property "pinnedCertificates"? #541

Closed ning-echonn closed 4 years ago

ning-echonn commented 4 years ago

Hi, I have a problem about MQTTWebsocketTransport : What is the item type of its property "pinnedCertificates"?

@property (strong, nonatomic) NSArray *pinnedCertificates;

Show my code:

NSString *cerPath = [[NSBundle mainBundle] pathForResource:@"ca" ofType:@"der"];
NSData *cerData = [NSData dataWithContentsOfFile:cerPath];

MQTTWebsocketTransport *transport = [[MQTTWebsocketTransport alloc] init];
transport.host = self.connectConfig.host;
transport.port = self.connectConfig.port;
transport.path = @"/mqtt";
transport.tls = self.connectConfig.tls;
transport.pinnedCertificates = @[cerData];
transport.allowUntrustedCertificates = YES;

it will crash, because the line 1518 of SRWebSocket.m show the error: EXC_BAD_ACCESS (code=1, address=0x7feaaec00000) 

     // SRWebSocket.m  
       NSArray *sslCerts = [_urlRequest SR_SSLPinnedCertificates];
        if (sslCerts) {
            SecTrustRef secTrust = (__bridge SecTrustRef)[aStream propertyForKey:(__bridge id)kCFStreamPropertySSLPeerTrust];
            if (secTrust) {
                NSInteger numCerts = SecTrustGetCertificateCount(secTrust);
                for (NSInteger i = 0; i < numCerts && !_pinnedCertFound; i++) {
                    SecCertificateRef cert = SecTrustGetCertificateAtIndex(secTrust, i);
                    NSData *certData = CFBridgingRelease(SecCertificateCopyData(cert));

                    for (id ref in sslCerts) {
                        SecCertificateRef trustedCert = (__bridge SecCertificateRef)ref;
                        NSData *trustedCertData = CFBridgingRelease(SecCertificateCopyData(trustedCert));  //   line  1518

                        if ([trustedCertData isEqualToData:certData]) {
                            _pinnedCertFound = YES;
                            break;
                        }
                    }
                }
            }

So, anyone tell me how to solve?

ning-echonn commented 4 years ago

Oh, I see.

NSString *cerPath = [[NSBundle mainBundle] pathForResource:@"ca" ofType:@"der"];
NSData *cerData = [NSData dataWithContentsOfFile:cerPath];
 CFDataRef certDataRef = (__bridge CFDataRef)certData;
                    SecCertificateRef certRef = SecCertificateCreateWithData(kCFAllocatorDefault, certDataRef);
id certificate = (__bridge id)certRef;
transport.pinnedCertificates = @[certificate];