In my app, I can either open new connections on the main thread, or in
a separate thread.
I am using CFReadStreamSetProperty (and CFWriteStreamSetProperty) to
set the security properties, with a kCFStreamPropertySSLSettings
dictionary that looks like this:
{
kCFStreamSSLAllowsAnyRoot = 1;
kCFStreamSSLAllowsExpiredCertificates = 1;
kCFStreamSSLAllowsExpiredRoots = 1;
kCFStreamSSLCertificates = (<NSCFType: 0x16de4a0>);
kCFStreamSSLIsServer = 0;
kCFStreamSSLLevel = kCFStreamSocketSecurityLevelNegotiatedSSL;
kCFStreamSSLPeerName = <null>;
kCFStreamSSLValidatesCertificateChain = 1;
}
The kCFStreamSSLCertificates entry is fine.
(I am also setting the kCFStreamPropertySocketSecurityLevel property
independently).
When I open connections from my main thread, this all works fine.
tcpdump shows me that the traffic is encrypted.
When I run what is essentially the same code, but in a different
thread, my data is sent in the clear (and the other end rejects my
connection).
Should this work, or are there some issue with CFNetwork and
multithreading - I would assume not, and couldn't see anything in the
docs.
I have experienced no crashes or other problems at all with my
multi-threading setup, Since I got it working, it has been very
robust, and the unencrypted stream is the the only issue I'm seeing,
so I don't think that its some issue with my code violating any of the
constraints that multi-threading imposes (although that's not to say
that it isn't).
I should be able to run up a simple test case pretty easily, but I'd
like to know if anyone else has seen this, or if I should have
expected it ...
cheers,
Martin
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/apple-cdsa/email@hidden
This email sent to email@hidden
