From: Rolf Bjarne Kvinge <rolf@xamarin.com>
Date: Thu, 5 Oct 2017 09:46:45 +0000 (+0200)
Subject: [appletls] Trust SecTrustResult.Proceed as well. Fixes #58411.
X-Git-Url: http://wien.tomnetworks.com/gitweb/?p=mono.git;a=commitdiff_plain;h=74a87af7f580c59f524f79508e4ad32ccff0870a

[appletls] Trust SecTrustResult.Proceed as well. Fixes #58411.

Apple states clearly in their documentation about SecTrustResult.Proceed [1]:

    The user explicitly chose to trust a certificate in the chain (usually by
    clicking a button in a certificate trust panel).

    Your app should trust the chain.

This fixes bug #[58411][2], where SecTrustEvaluate returns
SecTrustResult.Proceed starting with iOS 11.

[1]: https://developer.apple.com/documentation/security/1394363-sectrustevaluate
[2]: https://bugzilla.xamarin.com/show_bug.cgi?id=58411
---

diff --git a/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs b/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs
index 710433ef071..073f1608004 100644
--- a/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs
+++ b/mcs/class/System/Mono.AppleTls/AppleCertificateHelper.cs
@@ -149,7 +149,7 @@ namespace Mono.AppleTls
 				}
 
 				var result = trust.Evaluate ();
-				if (result == SecTrustResult.Unspecified)
+				if (result == SecTrustResult.Unspecified || result == SecTrustResult.Proceed)
 					return true;
 
 				errors |= MonoSslPolicyErrors.RemoteCertificateChainErrors;