Why would CFReadStreamSetProperty return FALSE?
Why would CFReadStreamSetProperty return FALSE?
- Subject: Why would CFReadStreamSetProperty return FALSE?
- From: Martin Redington <email@hidden>
- Date: Sun, 22 Jan 2006 16:23:10 +0000
I originally posted this to apple-cdsa, but it may be relevant to
macnetworkprog as well ...
============
I have tracked this down now. When I call CFReadStreamSetProperty to
set the kCFStreamPropertySSLSettings it returns FALSE - as its never
set, the stream is unencrypted. ditto CFWriteStreamSetProperty.
As described below, this only happens when I am running the connection
in a separate thread. When I set everything up in the main thread, it
all works fine.
I'm also using CFReadStreamSetProperty to set the
kCFStreamPropertySocketSecurityLevel entry, and that works fine.
I also knocked up a project with a test case for this. Unfortunately
it doesn't show the same problem.
Any hints on where to look next would be great.
On 1/16/06, Martin Redington <email@hidden> wrote:
> In my app, I can either open new connections on the main thread, or in
> a separate thread.
>
> I am using CFReadStreamSetProperty (and CFWriteStreamSetProperty) to
> set the security properties, with a kCFStreamPropertySSLSettings
> dictionary that looks like this:
>
> {
> kCFStreamSSLAllowsAnyRoot = 1;
> kCFStreamSSLAllowsExpiredCertificates = 1;
> kCFStreamSSLAllowsExpiredRoots = 1;
> kCFStreamSSLCertificates = (<NSCFType: 0x16de4a0>);
> kCFStreamSSLIsServer = 0;
> kCFStreamSSLLevel = kCFStreamSocketSecurityLevelNegotiatedSSL;
> kCFStreamSSLPeerName = <null>;
> kCFStreamSSLValidatesCertificateChain = 1;
> }
>
> The kCFStreamSSLCertificates entry is fine.
>
> (I am also setting the kCFStreamPropertySocketSecurityLevel property
> independently).
>
> When I open connections from my main thread, this all works fine.
> tcpdump shows me that the traffic is encrypted.
>
> When I run what is essentially the same code, but in a different
> thread, my data is sent in the clear (and the other end rejects my
> connection).
>
> Should this work, or are there some issue with CFNetwork and
> multithreading - I would assume not, and couldn't see anything in the
> docs.
>
> I have experienced no crashes or other problems at all with my
> multi-threading setup, Since I got it working, it has been very
> robust, and the unencrypted stream is the the only issue I'm seeing,
> so I don't think that its some issue with my code violating any of the
> constraints that multi-threading imposes (although that's not to say
> that it isn't).
>
> I should be able to run up a simple test case pretty easily, but I'd
> like to know if anyone else has seen this, or if I should have
> expected it ...
>
> cheers,
> Martin
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden