Disables SSLPinning on Alamofire

omerturhan commented 4 years ago

Wormholy overriding certificate pinning options while using with Alamofire. I'm using the example code block to pin certificates. While Wormholy enabled, it is not working correctly.


var serverTrustPolicies: [String: ServerTrustPolicy] = [:] 
let trustPolicy = ServerTrustPolicy.pinCertificates(
    certificates: ServerTrustPolicy.certificates(),
    validateCertificateChain: true,
    validateHost: true)

serverTrustPolicies["xxxxx.com"] = trustPolicy

let configuration = URLSessionConfiguration.default

let serverTrustPolicyManager = ServerTrustPolicyManager(policies: serverTrustPolicies)

let sessionManager = SessionManager(
    configuration: configuration,
    serverTrustPolicyManager: serverTrustPolicyManager
)

return sessionManager

pmusolino commented 4 years ago

Hi there. I'm so sorry for the late reply, I had completely lost this issue.

We should investigate further to understand why this happens since I don't know all the dynamics under Alamofire. This is the first time that I see this problem.

Unihilator commented 4 years ago

Hi guys. It's not about Alamofire. Wormholy basically doesn't allow to call urlSession(_:didReceive:completionHandler:) delegate method which handles session level challenges. You can reproduce it by simply implement session delegate with the method above. Looking into the issue.

mateuszdetko commented 3 years ago

Any update? I have the same issue.

quifago commented 2 years ago

any update?

pmusolino commented 2 years ago

I still have to look at this issue in detail but if you have time, feel free to contribute ;)

pmusolino / Wormholy

Disables SSLPinning on Alamofire #62