SSLPinning: return `.rejectProtectionSpace` instead of `.cancelAuthenticationChallenge` to prevent URLError.cancelled

1 files changed, 5 insertions, 12 deletions

diff --git a/ios/MullvadVPN/REST/SSLPinningURLSessionDelegate.swift b/ios/MullvadVPN/REST/SSLPinningURLSessionDelegate.swift
index d62e34d7cf..232f3bb2a1 100644
--- a/ios/MullvadVPN/REST/SSLPinningURLSessionDelegate.swift
+++ b/ios/MullvadVPN/REST/SSLPinningURLSessionDelegate.swift
@@ -22,22 +22,15 @@ class SSLPinningURLSessionDelegate: NSObject, URLSessionDelegate {
     // MARK: - URLSessionDelegate
 
     func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) {
-        let evaluation: (disposition: URLSession.AuthChallengeDisposition, credential: URLCredential?)
-
-        if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust {
-            if let serverTrust = challenge.protectionSpace.serverTrust, self.verifyServerTrust(serverTrust) {
-                evaluation = (.useCredential, URLCredential(trust: serverTrust))
-            } else {
-                evaluation = (.cancelAuthenticationChallenge, nil)
-            }
+        if challenge.protectionSpace.authenticationMethod == NSURLAuthenticationMethodServerTrust,
+           let serverTrust = challenge.protectionSpace.serverTrust,
+           verifyServerTrust(serverTrust) {
+            completionHandler(.useCredential, URLCredential(trust: serverTrust))
         } else {
-            evaluation = (.rejectProtectionSpace, nil)
+            completionHandler(.rejectProtectionSpace, nil)
         }
-
-        completionHandler(evaluation.disposition, evaluation.credential)
     }
 
-
     // MARK: - Private
 
     private func verifyServerTrust(_ serverTrust: SecTrust) -> Bool {