i'm trying set tls connection sni. problem first property setting call returns 1 indicating accepted. following 2 return 0, means didn't go through. reasoning be?
at point have add own cert trusted, far understand, done after opening streams, shouldn't cause here.
also, kcfstreamsocketsecuritylevelnegotiatedssl support tls1.2 there no constants choose directly?
var tempinputstream: unmanaged<cfreadstream>? var tempoutputstream: unmanaged<cfwritestream>? cfstreamcreatepairwithsockettohost(nil, address cfstringref, port, &tempinputstream, &tempoutputstream) let cfinputstream: cfreadstream = tempinputstream!.takeretainedvalue() let cfoutputstream: cfwritestream = tempoutputstream!.takeretainedvalue() //setting properties print(cfreadstreamsetproperty(cfinputstream, kcfstreampropertysocketsecuritylevel, kcfstreamsocketsecuritylevelnegotiatedssl)) print(cfreadstreamsetproperty(cfinputstream, kcfstreamsslvalidatescertificatechain, kcfbooleanfalse)) print(cfreadstreamsetproperty(cfinputstream, kcfstreamsslpeername, "peer.address")) let inputstream: nsinputstream = cfinputstream let outputstream: nsoutputstream = cfoutputstream inputstream.delegate = self inputstream.delegate = self inputstream.scheduleinrunloop(nsrunloop.currentrunloop(), formode: nsdefaultrunloopmode) outputstream.scheduleinrunloop(nsrunloop.currentrunloop(), formode: nsdefaultrunloopmode) inputstream.open() outputstream.open()
kcfstreamsslvalidatescertificatechain , kcfstreamsslpeername not stream properties. ssl settings properties. need collect them dictionary , assign kcfstreampropertysslsettings:
let ssl = [ string(kcfstreamsslvalidatescertificatechain): kcfbooleanfalse, // use "false" here string(kcfstreamsslpeername): "peer.address" ] print(cfreadstreamsetproperty(cfinputstream, kcfstreampropertysslsettings, ssl)) 
Comments
Post a Comment