• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Need some guidance regarding ATS using CFNetwork APIs
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Need some guidance regarding ATS using CFNetwork APIs

  • Subject: Need some guidance regarding ATS using CFNetwork APIs
  • From: Motti Shneor <email@hidden>
  • Date: Sun, 30 Aug 2015 23:29:50 +0300
Hi All.

Our conferencing application opens and maintains few stream-pairs for Video/Audio/Other-media to our proprietary server.

We create them via ::CFStreamCreatePairWithSocketToHost() and use them mainly in the - (void)stream:(NSStream *)aStream handleEvent:(NSStreamEvent)eventCode stream event handler.

We also use a few posix calls (setsockopt) to configure the underlying native sockets (CFSocketNativeHandle)of these stream pairs (to set socket type, to set TCP_NODELAY on audio and so on).

Our Server/Client protocol is proprietary, over TCP (not UDP).

Up till now both our SSL-3 handshake and message encryption were implemented with proprietary code. We have many clients on many platforms, and old Windows servers, with old nonstandard implementation of SSL, and we had to keep compatibility. Now, with the introduction of ATS we move to TLS 1.2 and want to go standard. Our server side already implements a subset of the standard sufficient for that. I was even able to connect and handshake using a lightly-tweaked version of our existing networking code.

However - I do not understand if I still need to encrypt the messages myself, or whether ::CFWriteStreamWrite() (or its bridged [_outputStream write:maxLength:] counterpart) should do it for me, when running with ATS around? and If I need to do the encryption myself, What Cocoa/Cocoa-touch APIs do I need to call to do this, in order to use the ATS recommended encryption?

We’re not using NSURLSession, because we’re not HTTPS, and I see no clue as for how to implement the actual writing/reading from the sockets with ATS required encryption. I could not find any sample code with CFNetwork only APIs that implements ATS connections over TCP

I feel like I’m missing something big here. Any explanations or directions will be greatly appreciated.

Thanks.
----------------
Motti Shneor.



 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Need some guidance regarding ATS using CFNetwork APIs
      • From: Jens Alfke <email@hidden>
  • Prev by Date: Re: NSPOSIXErrorDomain code 2 "No such file or directory" from NSURLSession background download task?
  • Next by Date: Re: Need some guidance regarding ATS using CFNetwork APIs
  • Previous by thread: Re: NSPOSIXErrorDomain code 2 "No such file or directory" from NSURLSession background download task?
  • Next by thread: Re: Need some guidance regarding ATS using CFNetwork APIs
  • Index(es):
    • Date
    • Thread