From 5e6486b8d4f8c4634b42f078605cf52e3762047e Mon Sep 17 00:00:00 2001
From: Ben Meadors <thebentern@tuta.io>
Date: Sat, 19 Apr 2025 07:06:56 -0500
Subject: [PATCH] Update Meshtastic/Helpers/Mqtt/MqttClientProxyManager.swift

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 .../Helpers/Mqtt/MqttClientProxyManager.swift  | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/Meshtastic/Helpers/Mqtt/MqttClientProxyManager.swift b/Meshtastic/Helpers/Mqtt/MqttClientProxyManager.swift
index 1fa45f2e..450dbc52 100644
--- a/Meshtastic/Helpers/Mqtt/MqttClientProxyManager.swift
+++ b/Meshtastic/Helpers/Mqtt/MqttClientProxyManager.swift
@@ -131,8 +131,24 @@ extension MqttClientProxyManager: CocoaMQTTDelegate {
 		}
 	}
 	func mqtt(_ mqtt: CocoaMQTT, didReceive trust: SecTrust, completionHandler: @escaping (Bool) -> Void) {
-			completionHandler(true)
+		var isValid = false
+		#if canImport(Security)
+		if #available(macOS 10.15, iOS 13.0, *) {
+			isValid = SecTrustEvaluateWithError(trust, nil)
+		} else {
+			var result: SecTrustResultType = .invalid
+			let status = SecTrustEvaluate(trust, &result)
+			isValid = (status == errSecSuccess) && (result == .unspecified || result == .proceed)
 		}
+		#endif
+		if isValid {
+			Logger.mqtt.info("📲 [MQTT Client Proxy] TLS validation succeeded.")
+			completionHandler(true)
+		} else {
+			Logger.mqtt.error("📲 [MQTT Client Proxy] TLS validation failed.")
+			completionHandler(false)
+		}
+	}
 	func mqttDidDisconnect(_ mqtt: CocoaMQTT, withError err: Error?) {
 		Logger.mqtt.debug("📲 [MQTT Client Proxy] disconnected: \(err?.localizedDescription ?? "", privacy: .public)")
 		if let error = err {