Re: Client certificate extraction out of SSL/TLS Connection on server side
Re: Client certificate extraction out of SSL/TLS Connection on server side
- Subject: Re: Client certificate extraction out of SSL/TLS Connection on server side
- From: Ben Kennedy <email@hidden>
- Date: Thu, 15 May 2014 16:14:42 -0400
As a workaround, couldn't you just empirically determine the value of that constant (presuming it hasn't changed in five years and is not expected to change), and then define a new constant of your own accordingly?
b
Sent from my iPhone
> On May 15, 2014, at 1:06 PM, Jens Alfke <email@hidden> wrote:
>
> I went back and looked into some earlier code of mine that can do this (the MYNetwork framework, available on Github). The good news is that I know what stream property to set. The bad news is that it’s not in any public header, even though this omission has been known for five years or more. And the really bad news is that using the constant this way will invalidate your app from the iOS or Mac app store :(
>
> #if !TARGET_OS_IPHONE
> // You can't do client-side SSL auth using CFStream without this constant,
> // but it was accidentally not declared in a public header.
> // Unfortunately you can't use this on iPhone without Apple rejecting your app
> // for using "private API". :-(
> extern const CFStringRef _kCFStreamPropertySSLClientSideAuthentication; // in CFNetwork
> #endif
>
> —Jens
> _______________________________________________
>
> Cocoa-dev mailing list (email@hidden)
>
> Please do not post admin requests or moderator comments to the list.
> Contact the moderators at cocoa-dev-admins(at)lists.apple.com
>
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden