Re: using kCFStreamPropertySSLSettings for CFStreams on 10.4
Re: using kCFStreamPropertySSLSettings for CFStreams on 10.4
- Subject: Re: using kCFStreamPropertySSLSettings for CFStreams on 10.4
- From: Jeremy Wyld <email@hidden>
- Date: Fri, 22 Jul 2005 12:02:15 -0700
On Jul 22, 2005, at 10:48 AM, Greg Robbins wrote:
At 9:07 AM -0700 7/22/05, Jeremy Wyld wrote:
Once you set the property for SSL, the stream is only SSL. Could
it be that the protocol you are using is not yet ready for SSL?
As soon as the property is set, the stream is talking SSL from
that point onward.
If the other side isn't prepared for that situation and it's
sending bytes that are not part of the SSL stream, you'll get the
protocol error.
Since my CFReadStream code is used for SSL and unencrypted
connections, at what point can the code know that it is safe to set
the kCFStreamPropertySSLSettings property without causing the read
to fail?
Most protocols have an understood point in time when they go secure.
Some protocols have simply used a new well-known port, in which case
the SSL is on from the start. Other use a transmitted command (e.g.
"STARTTLS"). Does your protocol have such a thing? If so, that is
the point in time when you should set it. If it doesn't have one,
you may wish to add one.
You can always use SecureTransport directly. To use it, you
simply provide I/O functions and perform a few calls. It makes
SSL rather easy.
Are there any code samples showing use of SecureTransport calls
directly with CFStreams?
There are no samples using CFStreams, but there is one showing the
use of SecureTransport itself and everything it offers. Look for
SSLSample on the developer.apple.com.
jeremy
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden