• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Why would CFReadStreamSetProperty return FALSE?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Why would CFReadStreamSetProperty return FALSE?


  • Subject: Why would CFReadStreamSetProperty return FALSE?
  • From: Martin Redington <email@hidden>
  • Date: Sun, 22 Jan 2006 16:23:10 +0000

I originally posted this to apple-cdsa, but it may be relevant to
macnetworkprog as well ...

============

I have tracked this down now. When I call CFReadStreamSetProperty to
set the kCFStreamPropertySSLSettings it returns FALSE - as its never
set, the stream is unencrypted. ditto CFWriteStreamSetProperty.

As described below, this only happens when I am running the connection
in a separate thread. When I set everything up in the main thread, it
all works fine.

I'm also using CFReadStreamSetProperty to set the
kCFStreamPropertySocketSecurityLevel entry, and that works fine.

I also knocked up a project with a test case for this. Unfortunately
it doesn't show the same problem.

Any hints on where to look next would be great.


On 1/16/06, Martin Redington <email@hidden> wrote:
> In my app, I can either open new connections on the main thread, or in
> a separate thread.
>
> I am using CFReadStreamSetProperty (and CFWriteStreamSetProperty) to
> set the security properties, with a kCFStreamPropertySSLSettings
> dictionary that looks like this:
>
> {
>     kCFStreamSSLAllowsAnyRoot = 1;
>     kCFStreamSSLAllowsExpiredCertificates = 1;
>     kCFStreamSSLAllowsExpiredRoots = 1;
>     kCFStreamSSLCertificates = (<NSCFType: 0x16de4a0>);
>     kCFStreamSSLIsServer = 0;
>     kCFStreamSSLLevel = kCFStreamSocketSecurityLevelNegotiatedSSL;
>     kCFStreamSSLPeerName = <null>;
>     kCFStreamSSLValidatesCertificateChain = 1;
> }
>
> The kCFStreamSSLCertificates entry is fine.
>
> (I am also setting the kCFStreamPropertySocketSecurityLevel property
> independently).
>
> When I open connections from my main thread, this all works fine.
> tcpdump shows me that the traffic is encrypted.
>
> When I run what is essentially the same code, but in a different
> thread, my data is sent in the clear (and the other end rejects my
> connection).
>
> Should this work, or are there some issue with CFNetwork and
> multithreading - I would assume not, and couldn't see anything in the
> docs.
>
> I have experienced no crashes or other problems at all with my
> multi-threading setup, Since I got it working, it has been very
> robust, and the unencrypted stream is the the only issue I'm seeing,
> so I don't think that its some issue with my code violating any of the
> constraints that multi-threading imposes (although that's not to say
> that it isn't).
>
> I should be able to run up a simple test case pretty easily, but I'd
> like to know if anyone else has seen this, or if I should have
> expected it ...
>
>    cheers,
>           Martin
>
 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden

  • Follow-Ups:
    • Re: Why would CFReadStreamSetProperty return FALSE?
      • From: Jeremy Wyld <email@hidden>
  • Prev by Date: Re: Efficient UDP processing
  • Next by Date: Re: Why would CFReadStreamSetProperty return FALSE?
  • Previous by thread: Re: Efficient UDP processing
  • Next by thread: Re: Why would CFReadStreamSetProperty return FALSE?
  • Index(es):
    • Date
    • Thread