TCP套接字流和带有Swift的SSL
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了TCP套接字流和带有Swift的SSL相关的知识,希望对你有一定的参考价值。
我正在一个需要连接到套接字的简单客户端上工作。此套接字需要SSL ...我正在尝试配置客户端以支持SSL,但出现此错误:
CFNetwork SSLHandshake failed (-9807)
这是我编写的用于配置套接字的代码。您看到任何奇怪/错误的东西吗?另外...服务器正在本地主机上运行,目前我正在模拟器上运行ios应用...可能是问题吗?
class MySocket:NSObject
var inputStream: InputStream!
var outputStream: OutputStream!
func setupStream()
var readStream: Unmanaged<CFReadStream>?
var writeStream: Unmanaged<CFWriteStream>?
CFStreamCreatePairWithSocketToHost(kCFAllocatorDefault,
"127.0.0.1" as CFString,
80,
&readStream,
&writeStream)
inputStream = readStream!.takeRetainedValue()
outputStream = writeStream!.takeRetainedValue()
inputStream.delegate = self
inputStream.schedule(in: .current, forMode: .common)
outputStream.schedule(in: .current, forMode: .common)
// SETTING SSL HERE
inputStream.setProperty(kCFStreamSocketSecurityLevelNegotiatedSSL, forKey: Stream.PropertyKey.socketSecurityLevelKey)
outputStream.setProperty(kCFStreamSocketSecurityLevelNegotiatedSSL, forKey: Stream.PropertyKey.socketSecurityLevelKey)
// END SSL SETUP
inputStream.open()
outputStream.open()
答案
我一直在检查库SocketRocket,以检查您的代码。该库是在Objective-C中实现的,但是您可以将其用作参考。
在该库中,在更新安全流选项的代码中,我注意到它仅更新outputStream的kCFStreamSocketSecurityLevelNegotiatedSSL。
- (void)_updateSecureStreamOptions
if (_secure)
NSMutableDictionary *SSLOptions = [[NSMutableDictionary alloc] init];
/*ONLY FOR OUTPUT STREAM*/
[_outputStream setProperty:(__bridge id)kCFStreamSocketSecurityLevelNegotiatedSSL forKey:(__bridge id)kCFStreamPropertySocketSecurityLevel];
// If we're using pinned certs, don't validate the certificate chain
if ([_urlRequest SR_SSLPinnedCertificates].count)
[SSLOptions setValue:@NO forKey:(__bridge id)kCFStreamSSLValidatesCertificateChain];
#if DEBUG
self.allowsUntrustedSSLCertificates = YES;
#endif
if (self.allowsUntrustedSSLCertificates)
[SSLOptions setValue:@NO forKey:(__bridge id)kCFStreamSSLValidatesCertificateChain];
SRFastLog(@"Allowing connection to any root cert");
[_outputStream setProperty:SSLOptions
forKey:(__bridge id)kCFStreamPropertySSLSettings];
_inputStream.delegate = self;
_outputStream.delegate = self;
[self setupNetworkServiceType:_urlRequest.networkServiceType];
我希望这会有所帮助。
以上是关于TCP套接字流和带有Swift的SSL的主要内容,如果未能解决你的问题,请参考以下文章
如何接受boost :: asio :: ssl :: stream 作为boost :: asio :: ip :: tcp :: socket类型的参数