Skip to content
This repository was archived by the owner on Mar 7, 2026. It is now read-only.

Commit 83c3a3a

Browse files
authored
Fix another bug causing 'cannot connect to 127.0.0.1'
1 parent 087aeda commit 83c3a3a

File tree

1 file changed

+38
-35
lines changed

1 file changed

+38
-35
lines changed

Sources/prostore/install/installApp.swift

Lines changed: 38 additions & 35 deletions
Original file line numberDiff line numberDiff line change
@@ -397,49 +397,52 @@ public func installApp(from ipaURL: URL) throws {
397397
}
398398
}
399399

400-
// 6) Start local server. If PKCS#12 exists at Documents/SSL/localhost.p12, try to use it for TLS.
401-
let sslDir = documents.appendingPathComponent("SSL", isDirectory: true)
402-
var tlsIdentity: sec_identity_t? = nil
403-
var tlsEnabled = false
404-
let p12URL = sslDir.appendingPathComponent("localhost.p12")
405-
406-
if fm.fileExists(atPath: p12URL.path) {
407-
if let pData = try? Data(contentsOf: p12URL) {
408-
// PKCS#12 has no password; pass empty string
409-
let options: CFDictionary = [kSecImportExportPassphrase as String: ""] as CFDictionary
410-
var items: CFArray? = nil
411-
let status = SecPKCS12Import(pData as CFData, options, &items)
412-
413-
if status == errSecSuccess,
414-
let arr = items as? [[String: Any]],
415-
let first = arr.first {
416-
417-
// The import dictionary values are Any; safely cast to SecIdentity
418-
if let identityAny = first[kSecImportItemIdentity as String] {
419-
let identityRef = identityAny as! SecIdentity
420-
// Convert to sec_identity_t for sec_protocol_options_set_local_identity()
421-
if let secId = sec_identity_create(identityRef) {
422-
tlsIdentity = secId
423-
tlsEnabled = true
424-
print("TLS identity loaded from PKCS#12 — TLS enabled.")
425-
// NOTE: Do NOT free sec_identity_t here; leave it for the listener while running.
400+
// 6) Start local server. If PKCS#12 exists at Documents/SSL/localhost.p12, try to use it for TLS.
401+
let sslDir = documents.appendingPathComponent("SSL", isDirectory: true)
402+
var tlsIdentity: sec_identity_t? = nil
403+
var tlsEnabled = false
404+
let p12URL = sslDir.appendingPathComponent("localhost.p12")
405+
406+
// REMOVED DUPLICATE: let fm = FileManager.default - fm is already declared at function start
407+
408+
if fm.fileExists(atPath: p12URL.path) {
409+
if let pData = try? Data(contentsOf: p12URL) {
410+
// PKCS#12 has no password; pass empty string
411+
let options: CFDictionary = [kSecImportExportPassphrase as String: ""] as CFDictionary
412+
var items: CFArray? = nil
413+
let status = SecPKCS12Import(pData as CFData, options, &items)
414+
415+
if status == errSecSuccess,
416+
let arr = items as? [[String: Any]],
417+
let first = arr.first {
418+
419+
// The import dictionary values are Any; safely cast to SecIdentity
420+
if let identityAny = first[kSecImportItemIdentity as String] {
421+
// FIXED: Use forced cast instead of conditional cast
422+
let identityRef = identityAny as! SecIdentity
423+
// Convert to sec_identity_t for sec_protocol_options_set_local_identity()
424+
if let secId = sec_identity_create(identityRef) {
425+
tlsIdentity = secId
426+
tlsEnabled = true
427+
print("TLS identity loaded from PKCS#12 — TLS enabled.")
428+
// NOTE: Do NOT free sec_identity_t here; leave it for the listener while running.
429+
} else {
430+
print("sec_identity_create failed; falling back to HTTP")
431+
}
426432
} else {
427-
print("sec_identity_create failed; falling back to HTTP")
433+
// No identity entry in the import result
434+
print("PKCS#12 import produced no SecIdentity. Will start HTTP only.")
428435
}
436+
429437
} else {
430-
// No identity entry in the import result
431-
print("PKCS#12 import produced no SecIdentity. Will start HTTP only.")
438+
print("PKCS12 import failed (status \(status)). Will start HTTP only.")
432439
}
433-
434440
} else {
435-
print("PKCS12 import failed (status \(status)). Will start HTTP only.")
441+
print("Failed to read PKCS#12 file at \(p12URL.path); starting HTTP only.")
436442
}
437443
} else {
438-
print("Failed to read PKCS#12 file at \(p12URL.path); starting HTTP only.")
444+
print("No PKCS#12 found at \(p12URL.path); starting HTTP only.")
439445
}
440-
} else {
441-
print("No PKCS#12 found at \(p12URL.path); starting HTTP only.")
442-
}
443446

444447
// Now we can write files and start server with chosen protocol (https if tlsEnabled)
445448
// We'll pick port 7404 by default.

0 commit comments

Comments
 (0)