kCFStreamPropertySSLSettings has a global effect?
kCFStreamPropertySSLSettings has a global effect?
- Subject: kCFStreamPropertySSLSettings has a global effect?
- From: Frederick Cheung <email@hidden>
- Date: Sun, 6 Aug 2006 12:42:42 +0100
I'm playing around with how I deal with bad certificates (expired
ones, host name mismatch etc...) in my app. I'm using CFHTTPStream to
access files over https.
The server I happen to be looking at right now has a host name
mismatch, and I've noticed the following strange behaviour in my app
(which implements a WebDAV client).
1) When I perform a GET request, I don't do any particular setup as
far as SSL is concerned. As expected I get an error
2)
In the part of my app that deals with webDAV itself (i.e. PROPFIND
requests and so on), as an experiment I've been specifying
kCFStreamSSLValidatesCertificateChain to be false. Doing so allows
requests to the server to be completed successfuly, despite the
server's wonky certificate (as expected).
3)However, if I do 2) first, then the request in 1) succeeds (and
seems to continue to do so until the app is restarted). It's as if
the SSL settings which I believed to be on a per-stream basis are
being reused.
I'm not using persistent connections.
Anyone have an idea as to how this could be happening?
Fred
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden