I have client and server code that use CFStream to communicate over TCP using SSL. My unit tests start both a server and a client in-process and open connections between them. These have begun to fail intermittently in weird ways on iOS 9. (This is in the simulator running on OS X 10.11, btw.)
What I’m seeing is that, although I only open one client connection, i.e. one call to CFStreamCreatePairWithSocketToHost, the server receives up to _three_ incoming TCP connections. In a successful run, two of those will immediately fail with an SSL error -9806 (errSSLClosedAbort) and CFNetwork will log the message "CFNetwork SSLHandshake failed (-9806)”; and then the third connection succeeds and can transfer data. In a failed run, I only see the first two failed connections, and then the client-side CFStream fails with an error "Domain=NSPOSIXErrorDomain Code=61 'Connection refused’”. Another clue is that if I change the hostname from “jens.local” to “localhost”, this behavior goes away — only one TCP connection is made, which always succeeds. My best guess is that CFStream is resolving the mDNS hostname and then simultaneously trying to connect to all the resolved addresses (one loopback, one IPv4, one IPv6?) Then when one connection opens it aborts the others. That would explain the three incoming connections and the two SSL handshake errors. But it doesn’t explain why half of the time only two connections are made and the CFStream gives up and returns an error to the client. Any ideas about what’s going on? I’m unsure whether this behavior is new to iOS 9, or whether I’m only seeing it now because I’ve had to enable SSL to abide by ATS. And I’m unsure whether I’m seeing a CFNetwork bug or whether something in my code is causing the failure. —Jens _______________________________________________ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
