Hi All. Our conferencing application opens and maintains few stream-pairs for Video/Audio/Other-media to our proprietary server.
We create them via ::CFStreamCreatePairWithSocketToHost() and use them mainly in the - (void)stream:(NSStream *)aStream handleEvent:(NSStreamEvent)eventCode stream event handler. We also use a few posix calls (setsockopt) to configure the underlying native sockets (CFSocketNativeHandle)of these stream pairs (to set socket type, to set TCP_NODELAY on audio and so on). Our Server/Client protocol is proprietary, over TCP (not UDP). Up till now both our SSL-3 handshake and message encryption were implemented with proprietary code. We have many clients on many platforms, and old Windows servers, with old nonstandard implementation of SSL, and we had to keep compatibility. Now, with the introduction of ATS we move to TLS 1.2 and want to go standard. Our server side already implements a subset of the standard sufficient for that. I was even able to connect and handshake using a lightly-tweaked version of our existing networking code. However - I do not understand if I still need to encrypt the messages myself, or whether ::CFWriteStreamWrite() (or its bridged [_outputStream write:maxLength:] counterpart) should do it for me, when running with ATS around? and If I need to do the encryption myself, What Cocoa/Cocoa-touch APIs do I need to call to do this, in order to use the ATS recommended encryption? We’re not using NSURLSession, because we’re not HTTPS, and I see no clue as for how to implement the actual writing/reading from the sockets with ATS required encryption. I could not find any sample code with CFNetwork only APIs that implements ATS connections over TCP I feel like I’m missing something big here. Any explanations or directions will be greatly appreciated. Thanks. ---------------- Motti Shneor. _______________________________________________ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
