Using asynchronous validation for authenticity of certificates

mParticle · Nov 9, 2015 · c7331b6 · c7331b6
1 parent 5ee1c42
commit c7331b6
Show file tree

Hide file tree

Showing 5 changed files with 27 additions and 24 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # mParticle CHANGELOG
 
+## 5.1.2
+
+* Using asynchronous validation for authenticity of certificates
+
 ## 5.1.1
 
 * Each commerce event action is dealt with in an action-by-action basis for Kahuna

diff --git a/Pod/Classes/Event/EventTypeName.cpp b/Pod/Classes/Event/EventTypeName.cpp
@@ -21,8 +21,8 @@
 
 namespace mParticle {
     const vector<string> EventTypeName::names = {"Unknown", "Navigation", "Location", "Search", "Transaction", "UserContent", "UserPreference", "Social", "Other", "Media", // 0-9
-                                                 "AddToCart", "RemoveFromCart", "Checkout", "CheckoutOption", "Click", "ViewDetail", "Purchase", "Refund", "PromotionView", "PromotionClick", // 10-19
-                                                 "AddToWishlist", "RemoveFromWishlist", "Impression"}; // 20-22
+                                                 "ProductAddToCart", "ProductRemoveFromCart", "ProductCheckout", "ProductCheckoutOption", "ProductClick", "ProductViewDetail", "ProductPurchase", "ProductRefund", // 10-17
+                                                 "PromotionView", "PromotionClick", "ProductAddToWishlist", "ProductRemoveFromWishlist", "ProductImpression"}; // 18-22
 
     const size_t EventTypeName::count = EventTypeName::names.size();
 

diff --git a/Pod/Classes/MPConstants.m b/Pod/Classes/MPConstants.m
@@ -21,7 +21,7 @@
 NSUInteger kMPNumberOfMessageTypes = 17;
 
 // mParticle SDK Version
-NSString *const kMParticleSDKVersion = @"5.1.0";
+NSString *const kMParticleSDKVersion = @"5.1.2";
 
 // Session Upload Settings
 NSString *const kMPSessionHistoryValue = @"sh";

diff --git a/Pod/Classes/Network/MPConnector.m b/Pod/Classes/Network/MPConnector.m
@@ -112,23 +112,20 @@ - (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task didRece
     NSString *protocol = [protectionSpace protocol];
     __block SecTrustRef serverTrust = [protectionSpace serverTrust];
 
-    BOOL trustChallenge = NO;
-
     if ([autheticationMethod isEqualToString:NSURLAuthenticationMethodServerTrust] &&
         [host rangeOfString:@"mparticle.com"].location != NSNotFound &&
         [protocol isEqualToString:kMPURLScheme] &&
         [protectionSpace receivesCredentialSecurely] &&
         serverTrust)
     {
-        SecTrustResultType trustResult;
-        OSStatus status = SecTrustEvaluate(serverTrust, &trustResult);
-
-        if (status == errSecSuccess) {
+        SecTrustCallback evaluateResult = ^(SecTrustRef _Nonnull trustRef, SecTrustResultType trustResult) {
+            BOOL trustChallenge = NO;
+
             if (trustResult == kSecTrustResultUnspecified || trustResult == kSecTrustResultProceed) {
-                CFIndex certificateCount = SecTrustGetCertificateCount(serverTrust);
+                CFIndex certificateCount = SecTrustGetCertificateCount(trustRef);
 
                 for (CFIndex certIdx = 1; certIdx < certificateCount; ++certIdx) {
-                    SecCertificateRef certificate = SecTrustGetCertificateAtIndex(serverTrust, certIdx);
+                    SecCertificateRef certificate = SecTrustGetCertificateAtIndex(trustRef, certIdx);
                     CFDataRef certificateDataRef = SecCertificateCopyData(certificate);
 
                     if (certificateDataRef != NULL) {
@@ -147,19 +144,21 @@ - (void)URLSession:(NSURLSession *)session task:(NSURLSessionTask *)task didRece
                     }
                 }
             }
-        }
-    }
-
-    if (trustChallenge) {
-        NSURLCredential *urlCredential = [NSURLCredential credentialForTrust:serverTrust];
-        completionHandler(NSURLSessionAuthChallengeUseCredential, urlCredential);
-    } else {
-        if (_active) {
-            _active = NO;
-            [self cleariVars];
-        }
+
+            if (trustChallenge) {
+                NSURLCredential *urlCredential = [NSURLCredential credentialForTrust:trustRef];
+                completionHandler(NSURLSessionAuthChallengeUseCredential, urlCredential);
+            } else {
+                if (_active) {
+                    _active = NO;
+                    [self cleariVars];
+                }
+
+                completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil);
+            }
+        };
 
-        completionHandler(NSURLSessionAuthChallengeCancelAuthenticationChallenge, nil);
+        SecTrustEvaluateAsync(serverTrust, dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_DEFAULT, 0), evaluateResult);
     }
 }
 

diff --git a/mParticle-iOS-SDK.podspec b/mParticle-iOS-SDK.podspec
@@ -1,6 +1,6 @@
 Pod::Spec.new do |s|
     s.name             = "mParticle-iOS-SDK"
-    s.version          = "5.1.1"
+    s.version          = "5.1.2"
     s.summary          = "mParticle iOS SDK."
 
     s.description      = <<-DESC