Re: iOS https request via cellular?
On 21 Mar 2019, at 13:45, Howard Shere wrote: > I will file an enhancement request. Thanks. > But that won’t happen for a while … Agreed. > I only need a few simple requests. I should be able to find the right > interface, bind to a socket and send my requests that way… Correct. I’ve done this before and it works just fine. My main piece of advice is that it’s much better if you use Network framework for this. You run into two problems doing this with BSD Sockets: * You have to do the DNS resolution and connect as separate steps, and it’s hard to that properly in the general case. * You have to reliably identify the WWAN interface, and there’s no supported way to do that on iOS. With Network framework you can use connect-by-name support while explicitly requiring WWAN. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: iOS https request via cellular?
On 20 Mar 2019, at 20:08, Howard Shere wrote: > I am working on something for a cellular carrier... Fair enough. My recommendation here is that you file an enhancement request for this feature, explaining why your HTTP request needs to run over WWAN. <https://developer.apple.com/bug-reporting/> Please post your bug number, just for the record. There really isn’t a great workaround here. If you only need to deal with very simple requests, you can build a bone-headed HTTP 1.1 client on top of Network framework (or other, older APIs), which lets your force WWAN. If you need a full-featured HTTP client, the only option I can see is to write (or acquire) your own HTTP library )-: Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: iOS https request via cellular?
On 20 Mar 2019, at 14:25, Howard Shere wrote: > I was hoping for a way to use URLRequest to do this Not at the `NSURLSession` level. Why do you need this? I’ve seen requests like this before, and I’m curious whether your use case is the same as the others I’ve seen (most commonly it’s for folks working for or with a cellular carrier, who need to make sure the request goes out over WWAN as part of some sort of authentication mechanism). Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: NSURLDelegate: Differences between access by hostname or IP
On 25 Feb 2019, at 13:53, Alexander von Below wrote: > What could possibly be the difference between accessing the service via > hostname or via ip? You’re most likely being affected by App Transport Security (ATS). On iOS 10 (and its cohort) and later, ATS is always disabled for IP address connections. Thus, if you make a connection to an IP address, ATS won’t block it and you’ll get a server trust authentication challenge. If you do nothing in response to that challenge, the connection will fail because the server’s certificate doesn’t pass default HTTPS server trust evaluation. However, if you override that challenge and tell the system to allow the connection, it will go through. OTOH, if you make a connection to a DNS name, ATS will block that because the certificate used by the server doesn’t meet ATS’s strict security requirements. It’s possible that you could use an `NSExceptionDomains` entry to disable ATS for the DNS name used by your server. Once you do that, you can catch the server trust authentication challenge and override trust evaluation as discussed above. However, this may not be possible depending on the exact DNS name format used by your server. See the “NSAppTransportSecurity” section of the “Information Property List Key Reference” for details. <https://developer.apple.com/library/content/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Waking up AWDL
On 25 Feb 2019, at 10:30, Neil Alexander wrote: > what is the best way to make an appeal for the AWDL interface to be scoped > for use from within a Network Extension in future versions of macOS/iOS? You should definitely file an enhancement request for that. <https://developer.apple.com/bug-reporting/> Please reply back your bug number, just for the record. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Waking up AWDL
On 22 Feb 2019, at 19:14, Neil Alexander wrote: > Would this impact us if we wanted eventually to distribute the app? That depends on what you mean by “impact”. I suspect you’re asking whether App Review will reject your app, and I can’t speak to that. DTS and App Review are separate organisations, so I can’t make definitive statements about App Review’s policies or procedures. Speaking from a DTS perspective, we /strongly/ encourage folks to stick to public APIs when shipping products to customers (and have done so since long before App Review even existed!). Apple works hard to maintain release-to-release binary compatibility for public APIs. We offer no such guarantees for private stuff. If some core functionality in your product is based on private stuff, it could go away without warning and without any migration path, and such an event would leave your customers high and dry. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Waking up AWDL
On 22 Feb 2019, at 15:16, Neil Alexander wrote: > accept/initiate TCP connections over awdl0 using sockets that have > SO_RECV_ANYIF sockopt set Oh, there’s one thing I want to clarify for those reading along at home… `SO_RECV_ANYIF` is not public API. It’s easy to find this option in the Darwin open source for the kernel (xnu), but it’s not in the macOS SDK. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Waking up AWDL
On 22 Feb 2019, at 15:51, Neil Alexander wrote: > Our main problem here is that we aren't using Swift or Objective-C, so trying > to use NWListener and NetService are out Network framework presents as two separate API, one in Swift and one in vanilla C. I’m not familiar with Go’s ability to call other languages. Is calling vanillia C APIs hard? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Waking up AWDL
On 22 Feb 2019, at 15:16, Neil Alexander wrote: > I am assuming that there is some low-level syscall/ioctl or similar that > causes AWDL to "wake up", as I figure that the NetService/Multipeer > Connectivity APIs have some method for doing this. That’s correct. However, the special sauce required to make this work was not part of our public SDKs, at least the last time I checked. Historically the only way to accept incoming TCP connections over peer-to-peer Wi-Fi was via `NSNetServiceListenForConnections`. On modern systems you should also be able to do it via `NWListener`. That’s a step in the right direction — `NWListener` at least supports UDP — but it doesn’t get you all the way because Network framework currently does not support multicast. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: I need some feedback
On 18 Jan 2019, at 17:33, Howard Shere wrote: > The code is currently using CommonCrypto … CommonCrypto will do a good job of each specific crypto algorithm, but network security depends on how you assemble those algorithms into a protocol. That’s very hard to do correctly, even by security experts, which is why we’re currently on version 1.3 of TLS. Implementing TLS for a peer-to-peer product like this one is not without its challenges, but it’s still much easier than designed your own on-the-wire security protocol. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: I need some feedback
On 16 Jan 2019, at 20:32, Howard Shere wrote: > We can’t entirely stream from the files because we need to encrypt the data. H. I have various points on that front: * The networking APIs don’t generally support a “send this file to this connection” primitive, so you have to read the file and write it to the connection using the CPU. While doing that you can apply your encryption. * Encryption on modern CPUs is pretty darned fast, so I don’t think that will slow you down significantly. * Assuming you’re using an Apple API for that (like CommonCrypto, as mentioned by Yarshure). * After profiling you may want to introduce some buffering system to pipeline the read, the crypto, and the write. If you do that, make sure you limit the size of that buffer. Finally, a question: Is there a reason you’re doing your own encryption rather than using TLS? Creating your own on-the-wire crypto is very tricky, and it’s something best left to the experts. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: I need some feedback
On 10 Jan 2019, at 15:42, Howard Shere wrote: > Lots of files. That’s likely to be the most interesting part of this. Transferring a single large file over Wi-Fi is pretty straightforward: Open a TCP connection and pour bytes down it. That’ll be fast and work well in a wide variety of network environments. You may be able to do better with a custom transport protocol in some specific environments, but it’s hard to do better than TCP in general. If you go down this path it’s a good idea to start the transfer with a header (including, at a minimum, the expected length) and end the transfer with a checksum. IMPORTANT: You need an end-to-end checksum because, when transferring /large/ amounts of data, the probability of an error not being detected by the TCP checksum starts to rise. The header will also allow you to support resumable transfers, which is always a good idea on iOS. The specific API you use for this doesn’t really matter than much. If you had a minimum deployment target of iOS 12 I’d recommend `NWConnection` but, as you have to support older systems, using `NSStream` is fine. If you have multiple files to transfer then things get substantially more complex. Ideally you’d want to transfer all the files over the same TCP connection. The thing you want to avoid is an archive-transfer-unarchive approach, because the time taken for the [un]archiving could be significant. That means the sender needs to stream off the file system and on to the network, and the receiver needs to do the reverse. This isn’t too hard but the devil is in the details. For example, supporting resumable transfers with multiple files is going to be tricky. You could probably find an industry-standard protocol that meets your needs, but that’s not always a win. A lot of the time standard protocols tend to be more complex than necessary, and they’re only an advantage if you can find a library that implements the protocol, and that brings its own complexities. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: I need some feedback
On 10 Jan 2019, at 15:40, Howard Shere wrote: > Primarily images and videos. Just one file? Or lots of files? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: I need some feedback
On 10 Jan 2019, at 14:48, Howard Shere wrote: > I am interested in finding the fastest possible way to transfer large amounts > of data between 2 iOS devices. Also, what does the connectivity look like? On the same Wi-Fi? Both on the Internet? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: I need some feedback
On 10 Jan 2019, at 14:48, Howard Shere wrote: > amounts of data Define large? I’m not look for an exact number, just an expected order of magnitude. Also, what’s you minimum deployment target? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: URLSession GET request with http body
On 13 Nov 2018, at 01:37, Howard Shere wrote: > I was hoping their was some other way to make this work with URLSession. > > … > > https://forums.developer.apple.com/thread/67143 I’ll respond on that DevForums thread later today. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: slow wifi with bluetooth enabled?
On 7 Nov 2018, at 18:43, Howard Shere wrote: > Anyone have any idea why wifi throughput would be significantly slower with > bluetooth enabled? Wi-Fi and Bluetooth share radio spectrum, so coexistence problems are inevitable. The mechanics of how that works are very low level. Third-party developers have virtually no control over this stuff and precious little insight into it. If performance is particularly bad in some specific scenario my recommendation is that you file a bug about that. Make sure to enable additional Wi-Fi logging and then trigger a sysdiagnose log and attach that to your bug. You can find more information about both of these steps on our Bug Reporting > Profiles and Logs. <https://developer.apple.com/bug-reporting/profiles-and-logs/> In terms of APIs, I have two suggestions: * If you use Bonjour make sure to not leave active requests running for longer than necessary. You can leave a registration running indefinitely, but you should try to structure your UI such that you’re not running a browse indefinitely. And if you’re doing the resolve step manually — it’s best to avoid this in general, but there are situations where it can be necessary — make sure to cancel the resolve before you start transferring. * Optimise your on-the-wire traffic. There’s two parts to this: - You can try to transfer less data overall, using compression and so on. - If you have a custom protocol then you can change that protocol to make better use of the network. In my experience a challenging network environment shows up bad protocol design, that is, on a well-behaved network, like the typical home Wi-Fi, both good and bad protocols work OK, but if you put those protocols on a poor network then you start to see a big difference between the two. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: WebDownloadDelegate delegate methods called on non-main thread
On 3 Nov 2018, at 00:30, Nick Beadman wrote: > the WebKit folks duped it to a radar which I thought was odd, maybe it isn’t. There’s not how I read that bug report. If I go to: <https://bugs.webkit.org/show_bug.cgi?id=190918> I see the 2018-10-26 entry is from “Radar WebKit Bug Importer”, which implies that it got imported into Radar by an automated system. > I don’t see anything in the WebKit API that says that the WebPolicyDelegate > callbacks will be called on the main thread. I think that’s implied. WebKit is all about running a view, and all views are main thread only. > I have mitigated this by adding assets that will cause my code to crash > immediately if I tell WebKit to download on anything other than the main > thread. That’s a good idea. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Network.framework and client/server?
On 3 Nov 2018, at 00:06, Carl Hoefs wrote: > So... the connection handler block makes each new connection in a new thread > on the designated dispatch queue? If so, then that should work. It's just a > bit unclear. The first part of this sentence is correct: The connection handler is called to tell you about new connections. The second half is not. Network framework is fully async, so there’s no strong connection between connections and threads. Rather, before you start an object (like a listener or a connection) you must set its dispatch queue and the framework places all callbacks associated with that object on that queue. Dispatch then assigns threads to run the callbacks from those queues like it would any other queue. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: In airplane mode, socket writes unexpectedly don't fail
On 30 Oct 2018, at 23:40, Jens Alfke wrote: > My knowledge of TCP tells me that if you write to a socket, but no ACK packet > is received within ~15 seconds, the socket will be closed with an error (I > think ECONNRESET?) I can’t speak to how Xamarin works, but if it’s a simple wrapper around BSD Sockets then the expected behaviour here is that the kernel will maintain the TCP connection, retrying indefinitely. BSD Sockets was designed for a world where computers used wired connections that were manually configured, and thus the kernel does not automatically close a connection just because its source address has been lost. High-level APIs, like CFSocketStream, actively monitor the connection to see if the source address goes invalid. > I’m uncomfortable with this, since I know Reachability can be unreliable and > this usage doesn’t go along with the best practices It is, alas, a mistake to apply your high-level intuition to this low-level problem. In this case there’s a specific reachability API you should be using, namely `SCNetworkReachabilityCreateWithAddressPair`. Once the socket has connected you should get the local and peer address (`getsockname` and `getpeername`) and feed that into `SCNetworkReachabilityCreateWithAddressPair`. I recommend that you debounce this signal. That is, closing the connection only if reachability indicates a problem for a second or so. Without this debounce you can end up closing the connection in situations where it might have recovered. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: WebDownloadDelegate delegate methods called on non-main thread
On 29 Oct 2018, at 22:34, Nick Beadman wrote: > Thought I would add it here to see if anyone has any ideas. Ideas on what? To my mind: * This is clearly a bug. Even if this behaviour change was intended, it’s still a binary compatibility regression. * As both you and Jens Alfke noted, working around isn’t hard. * If you’re looking for comments on when this might get fixed, I don’t think you’re going to get much joy here on MacNetworkProg. This is a WebKit issue and the WebKit folks don’t lurk here as far as I know. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Doing request rate limiting with NSURLSession
On 10 Oct 2018, at 17:56, Sebastien Boisvert wrote: > but I don’t see how that’s relevant to limiting the rate of requests Essentially my question boils down to: * Do you want to limit the time between requests? * Or limit the rate that you issue requests? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Doing request rate limiting with NSURLSession
On 9 Oct 2018, at 20:01, Sebastien Boisvert wrote: > I have a need to limit the rate at which requests are made to a service to a > specific limit, let's say max 32/sec, evenly distributed, so a minimum delay > of 1/32 sec between requests. If a request takes longer than 1/32 sec to complete, what should happen? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Adding the com.apple.security.network.client entitlement
On 1 Oct 2018, at 13:58, Carl Hoefs wrote: > I've tried running the program from within Xcode, as a standalone > command-line invocation, and as a Launch Agent, and even using sudo. I’m not sure what’s going on in your environment but CoreWLAN is working for me. I tested it both from an app and from a command-line tool: * The app was sandboxed, and thus needed the `com.apple.security.network.client` entitlement. * The tool was not sandboxed and thus has no networking entitlements (remember that on macOS the App Sandbox is an /app/ sandbox, and is only appropriate for apps and app extensions). In both case the executable was signed with my Developer ID. My tests shown the same behaviour on 10.13.6 and 10.14, that is: * A sandboxed app needs the `com.apple.security.network.client` entitlement. * A non-sandboxed app does not. * Likewise for a command-line tool. I’ve included a copy of my command-line tool’s code below, so you can try this for yourself. I built it with Xcode 10.0 and ran it on macOS 10.14. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware --- import Foundation import CoreWLAN class Main : NSObject, CWEventDelegate { let client: CWWiFiClient = CWWiFiClient.shared() func start() throws { self.client.delegate = self try self.client.startMonitoringEvent(with: .powerDidChange) } func powerStateDidChangeForWiFiInterface(withName interfaceName: String) { guard let interface = client.interface(withName: interfaceName) else { NSLog("tool power no interface, name: %@", interfaceName) return } let isPowerOn = interface.powerOn() NSLog("tool power, name: %@, on: %@", interfaceName, isPowerOn ? "yes" : "no") } } func mainThrowing() throws { NSLog("tool start") let m = Main() try withExtendedLifetime(m) { try m.start() dispatchMain() } } func main() { do { try mainThrowing() } catch { NSLog("tool failed, error: %@", "\(error)") } } main() exit(EXIT_SUCCESS) --- ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Adding the com.apple.security.network.client entitlement
On 29 Sep 2018, at 20:05, Carl Hoefs wrote: > This isn't a sandboxed app, just a LaunchAgent daemon process, running at > user login. Try putting the same code into a small test project to see if it works there. That’ll tell you whether this is completely broken on 10.14? Or whether it’s something specific to your execution context. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: A problem with big delays between 2 SCDynamicStore state events
On 12 Sep 2018, at 16:58, Stéphane Sudre wrote: > Has there been some changes (other than a bug/regression) that could explain > the huge increase and that this is the expected behavior? If, during this 90 second delay, you poll the network configuration, what do you see? We’ve never really specified how long it takes for the network configuration to stabilise but there’s always been the possibility of a very long delay. For example, with IPv4 link-local addresses [1] we wait for DHCP to time out before we even start to set the process of getting a link-local address. However, 90 seconds is clearly an annoyingly long time to wait. Is this a regression relatively to 10.13.6? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware [1] RFC 3927 “Dynamic Configuration of IPv4 Link-Local Addresses” <http://www.ietf.org/rfc/rfc3927.txt> ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Connecting to Racoon IKEv2? (Now: StrongSwan)
On 18 Jul 2018, at 10:22, Alexander von Below wrote: > However, when trying to connect, I get "Failed to find the VPN app for plugin > type com.apple.neplugin.IKEv2“ Have you tried creating the configuration manually, via System Preferences > Network? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: SSL and old macOS versions
On 17 Jul 2018, at 21:44, James Walker wrote: > As a matter of fact, I am usually building with the 10.8 SDK. Yikes! > So maybe that would explain why SSL doesn't work on OS 10.9 and 10.10, but > why does it start working again in 10.11 and later? My best guess is that we removed the ‘linked on or later’ check on modern systems because it was only ever there as a compatibility crutch. Why are you building with the 10.8 SDK? I understand that it can take time to move forward to new tools, but 10.9 is five years old now. The longer you stay on the old SDKs, the further off the beaten path you end up, and this is just one example of the various land mines waiting for you out there. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: SSL and old macOS versions
On 16 Jul 2018, at 23:49, Daniel Jalkut wrote: > is the app in question compiled under an older SDK? I’d also like to know the answer to this. If you are building with older tools then you could try creating a small test project with the latest Xcode to see how that behaves. On 16 Jul 2018, at 22:46, James Walker wrote: > _kCFStreamErrorCodeKey=-9806 `errSSLClosedAbort` indicates that the server gracefully closed the connection. It’s hard to tell why it did that, but the next step is to use a packet trace to see how far things got during the handshake progress. If this is a TLS version problem you’ll see the client send a Client Hello with a max TLS version of 1.0, to which the server will respond by closing the connection. See QA1176 “Getting a Packet Trace” for more about packet traces. <https://developer.apple.com/library/mac/#qa/qa1176/_index.html> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Connecting to Racoon IKEv2?
On 16 Jul 2018, at 15:48, Alexander von Below wrote: > For a test, we set up a racoon IKEv2 IPSec Server on Linux … I’ve never set it up myself, but most of the folks I’ve worked with use StrongSwan. <https://en.wikipedia.org/wiki/StrongSwan> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: NSURLRequestNetworkServiceType - priority order?
On 20 Jun 2018, at 21:37, Sebastien Boisvert wrote: > The docs describe the various types along with their enumerations, however > nowhere does it state what their actual priority really is Which is because there is no simple mapping from these values to priority, which in turn is because these values get applied at multiple layers within the system and the network infrastructure. You should pick a value that best matches the /semantics/ of your requests. For more background on this see WWDC 2016 Session 714 “Networking for the Modern Internet”. <https://developer.apple.com/videos/play/wwdc2016/714/> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How different is networking on simulator vs device?
On 15 Jun 2018, at 18:16, Jens Alfke wrote: > at what level does the simulator connect to the host Mac? That’d be option (a), that is, it connects at the system call level. This has two important consequences: * You can’t test code that affects the TCP/IP, like Network Extension providers * You don’t get the user-space TCP/IP stack that’s present on iOS 11 and later Outside of the TCP/IP stack there are other differences: * Wi-Fi level code, like `NEHotspotHelper` and `NEHotspotConfigurationManager`, can only be tested on a real device. * HTTPS trust evaluation is done inside an iOS-style security daemon but there are places where that behaves differently than a real device (for example, when dealing with revocation). Having said that, my experience is that for run of the mill apps that use `NSURLSession`, testing on the simulator is very effective. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Does a background NSURLSesssion not populate the provided NSURLCache?
On 22 May 2018, at 20:52, Sebastien Boisvert <sebastienboisv...@yahoo.com> wrote: > Do background sessions ignore the cache (with regards to populating it)? Probably. While I’ve never explicitly investigated this, the background session architecture, where the actual networking is done inside a system process, isn’t compatible with custom caching. Note that the ‘will cache response’ delegate callback takes a data task, and data tasks have only limited support in background sessions. Specifically, you can run a data task in a background session but it will fail if your app gets suspended [1]. Honestly, it’s quite rare to use a data task in a background session. Which brings me to: > I have a need to make several requests for (small) resources … Background sessions are optimised for a small number of large requests, making me suspect you’d be better off using a standard session. Why are you using a background session here? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware [1] This is on iOS 8 and later. In the original iOS 7 implementation, data tasks were simply not supported in background sessions. ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Send UDP packet to listening mediastreamsegmenter
On 6 Mar 2018, at 12:32, Pierre Pasquet <pierrep...@icloud.com> wrote: > Is there any interesting / relevant documentation / technical note that would > expose how I could send my audio data to the listening HLS server? Are you asking how to send UDP packets to that port? Or how to format your audio data such that server will do something useful with those packets? If it’s the former then you’re in the right place. A good place to start would be the UDPEcho sample code. <https://developer.apple.com/library/content/samplecode/UDPEcho/> If it’s the latter then you might have more luck asking your question in a place where media folks hang out. The only suggestion I have is the “HTTP Live Streaming” area of DevForums, but maybe someone else will have a better idea. <https://forums.developer.apple.com/community/media/http-live-streaming> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Networking Feedback Feb 2018
Greetings I’m soliciting feedback about the networking APIs on Apple’s various platforms. The focus here is on commonly-used user-space networking APIs; think `NSURLSession`, `NSStream` and BSD Sockets, not VPN, NKEs, Wi-Fi management, and so on. For details, please see my “Networking Feedback Feb 2018” post on DevForums. <https://forums.developer.apple.com/thread/97662> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Using cell connection from iPhone app
On 16 Jan 2018, at 20:50, Carl Hoefs <newsli...@autonomy.caltech.edu> wrote: > Okay, I’ve been looking around for a temporary stop-gap measure for the time > of being, and I think getaddrinfo() may work. Make sure you try each of the addresses returned by `getaddrinfo`, not just the first. There are situations where earlier addresses won’t work but later addresses will. If you’re able to ‘cut the head’ off your BSD Sockets code — that is, replace the code that does the DNS lookup and the code that does the initial connect with one connect-by-name function — you can use `CFSocketStream` to do that connect and then extract the file descriptor from the stream pair and pass that along to your BSD Sockets code. I discussed this idea in detail on the following DevForums thread. <https://forums.developer.apple.com/message/187122#187122> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: LDAP on iOS
On 5 Dec 2017, at 20:57, Fritz Anderson <fri...@manoverboard.org> wrote: > Does iOS natively support LDAP? Is there a trustworthy library to do so? It’s not clear whether you’re asking for system integration or an API. With regards system integration, your starting point should be the “Configuration Profile Reference”, which specifically offers an LDAP payload (`com.apple.ldap.account`). <https://developer.apple.com/library/content/featuredarticles/iPhoneConfigurationProfileRef/Introduction/Introduction.html#//apple_ref/doc/uid/TP40010206-CH1-SW4> I’m not sure what that’ll actually do. System integration isn’t really my thing. You might have better luck asking this question over in the Apple Support Communities, run by AppleCare, and specifically the “in Business and Education” topic areas, where you’re more likely to find folks with LDAP experience. <https://discussions.apple.com/> In terms of API, the iOS SDK has no specific LDAP API, although I suspect that you’ll be able to ‘see’ LDAP stuff via the Contacts framework once you have the system integration sorted out. If, however, you want to run LDAP queries directly, the standard API for that is OpenLDAP. That’s available in the macOS SDK but not the iOS SDK, although I suspect it wouldn’t be too hard to get it building and running on iOS. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: ATS fails for one subdomain, succeeds for another
On 5 Dec 2017, at 14:35, Daniel Jalkut <jal...@red-sweater.com> wrote: > Do you have any insights about logic the system uses when deciding whether to > cache the information, and at which level of the frameworks it’s done? Gosh, this stuff has got complex in recent years. Last I checked: * Yes, this is all done by CFNetwork * Specifically, HSTS cache info is managed by `nsurlstoraged` * It’s stored in a file (`HSTS.plist`?) in the Caches directory * It’s subject to security partitioning, so there’s a different store per user and that’s further separated for sandboxed apps IMPORTANT: All of the above are implementation details and thus subject to change. > Do you think it might be a bug, or at least an opportunity for improvement, > that the system is not caching my HSTS-compliant target (sub)domain? To offer an educated opinion on that I’d have to look into your exact issue in detail, and that’d take more time that I have available for mailing list work (although you could always open a DTS tech support incident for this). <https://developer.apple.com/support/technical/> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: ATS fails for one subdomain, succeeds for another
On 4 Dec 2017, at 20:44, Daniel Jalkut <jal...@red-sweater.com> wrote: > What else would explain this? There’s two common reasons for this: A. A cached HTTP-to-HTTPS redirect B. HSTS <https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security> I think you’ve ruled out A, so the most likely cause is B. And there’s two parts to that: B.1. Some sites are on the HSTS preload list. <https://hstspreload.org> B.2. For those not on the list, if the client ever sees the HSTS header it can cache that knowledge outside of the standard `NSURLCache`. I suspect B.2. is what’s going on here. That is, the HSTS entry has rewritten your HTTP URL to HTTPS before it hits the wire, and thus it’s never blocked by ATS. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: 'Global' NSURLCache?
On 29 Nov 2017, at 03:48, sebastienboisv...@yahoo.com wrote: > I've set this up for our app that uses a group container, where the main app > and a helper app both use the same custom NSURLCache, and it does work Yay! > Is there a way to specify what headers are significant when requesting a > cached response from a NSURLCache? No. I had a complex spiel regarding workarounds (I plonked it at the end of this email, just so it’s not lost) but I figured I should check that the `User-Agent` string is the problem here. And I’m not sure it is. Consider this code: --- let url = URL(string: "http://example.com;)! var req1 = URLRequest(url: url) req1.setValue("agent1", forHTTPHeaderField: "User-Agent") var req2 = URLRequest(url: url) req2.setValue("agent2", forHTTPHeaderField: "User-Agent") let res1 = HTTPURLResponse(url: url, statusCode: 200, httpVersion: "HTTP/1.1", headerFields: [ "Date": "Wed, 29 Nov 2017 08:33:15 GMT", "Server": "Apache", "Last-Modified": "Mon, 11 Mar 2013 21:44:16 GMT", "ETag": "\"606-4d7ad13106c00\"", "Accept-Ranges": "bytes", "Content-Length": "18", "Connection": "close", "Content-Type": "text/html", ])! let cres1 = CachedURLResponse(response: res1, data: "Hello Cruel World!".data(using: .utf8)!) URLCache.shared.storeCachedResponse(cres1, for: req1) let cres2 = URLCache.shared.cachedResponse(for: req2) ------- `cres2` comes back as non-nil, even though `req2` has a different `User-Agent` header than the `req1` that was used to store the response. So, are you sure that the `User-Agent` string is the problem here? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware --- The most obvious solution here is to have both the app and the helper set the same `User-Agent` string. That seems reasonable given that one is embedded within the other. Why not do that? If you have to keep these separate then there other games you can play. For example, you could: 1. Implement `-URLSession:dataTask:willCacheResponse:completionHandler:` and normalise the `User-Agent` string in the cached response. 2. Initially try to fetch the request from the cache with the normalised `User-Agent` string and the `NSURLRequestReturnCacheDataDontLoad` cache policy. If it loads, you’ll then have to check the age yourself. If it doesn’t load, or its too old, you can issue a new load request with the default cache policy. --- ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: 'Global' NSURLCache?
Three points to clarify: * On 28 Oct 2017, at 03:11, sebastienboisv...@yahoo.com wrote: > From my understanding given the docs, there doesn't seem to be a way to have > a 'global' NSURLCache that can be truly shared between two separate > applications. There’s no mention of the platform you’re working. While I suspect you’re referring to macOS, it’d be nice to confirm that. * If you are working on the Mac, are you targeting Mac App Store or Developer ID? * You wrote: > I'd like to understand the reasoning behind making NSHTTPStorage globally > available to all apps vs. NSURLCache being per-app only. `NSHTTPStorage` isn’t a system class. You mean `NSHTTPCookieStorage`, right? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Is this list still alive?
On 25 Jul 2017, at 09:33, Alexander von Below <be...@mac.com> wrote: > Subject: Is this list still alive? Yes, although the Core OS > Networking topic area on DevForums is a lot busier. <https://forums.developer.apple.com/community/core-os/networking> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Using NSURLSessionStreamTask for WebSockets
On 14 Mar 2017, at 22:36, Jens Alfke <j...@mooseyard.com> wrote: > I assume this is one of those headers that the client can’t control. :( Right. We actually list these headers in the docs these days. <https://developer.apple.com/reference/foundation/nsmutableurlrequest> > Is this something that could be fixed in the future, or is it considered a > non-feature for NSURLSession to allow HTTP connection upgrades? Yes. Enabling easier WebSocket client implementation was definitely a goal of the `.becomeStream` disposition, so it’s disappointing that it doesn’t work in practice. Please file a bug about this, including the info you posted later down on this thread, then post the bug number here, just for the record. <https://developer.apple.com/bug-reporting/> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Not getting an NSStreamEventHasBytesAvailable message
On 10 Feb 2017, at 04:34, Jens Alfke <j...@mooseyard.com> wrote: > Also, the examples in Apple’s “Stream Programming Guide” only issue a single > read call in response to a bytes-available event. That’s the correct approach. Repeatedly calling `-read:maxLength:` inside your `.hasBytesAvailable` handler can cause various odd problems, not least of which is the starvation of other streams scheduled on the same run loop. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: anyone have any work arounds for Error 57 : "Socket is not connected" since iOS 10
On 7 Feb 2017, at 23:11, Howard Shere <howard.sh...@synchronoss.com> wrote: > Subject: anyone have any work arounds for Error 57 : "Socket is not > connected" since iOS 10 57 is a BSD Sockets error, `ENOTCONN`, so you’re unlikely to see it being returned by a high-level HTTP[S] API. I suspect the high-level API is giving you `NSURLErrorNetworkConnectionLost`, in which case you can find my advice in QA1941 “Handling “The network connection was lost”. <https://developer.apple.com/library/content/qa/qa1941/_index.html> It’s very likely that iOS 10 and friends have a bug that’s causing this to occur more frequently than before; that’s still being investigated under the aegis of , the bug mentioned in that DevForums thread, and others. If you see this more frequently on iOS 10 than iOS 9, you should definitely file your own bug about that. If you can include a packet trace [1] and a CFNetwork diagnostics log [2], that’d be grand. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware [1] QA1176 “Getting a Packet Trace” <https://developer.apple.com/library/mac/#qa/qa1176/_index.html> [2] QA1887 “CFNetwork Diagnostic Logging“ <https://developer.apple.com/library/ios/qa/qa1887/_index.html> ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Still interested in (NS)URLSessionStreamTask
On 7 Feb 2017, at 20:40, Daryle Walker <dary...@mac.com> wrote: > Do session tasks still use resume …? Yes. > If resume is used, how would you open a connection in implicit-SSL mode? I’m not sure what you mean by “implicit-SSL mode” but: * If you’re working with a protocol that assumes TLS (like HTTPS), call `startSecureConnection()` before doing any I/O on the stream * If you’re working with a protocol that uses STARTTLS, there’s comments in that explain how `startSecureConnection()` interacts with pending I/O. Pasted in below is a simple example of how to use this API. There’s a few lines that you can uncomment to test TLS. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware --- @IBAction func startStopAction(_ sender: Any) { if let stream = self.stream { self.stop(stream: stream) } else { self.start() } } lazy var session: URLSession = { let config = URLSessionConfiguration.default return URLSession(configuration: config, delegate: self, delegateQueue: OperationQueue.main) }() var stream: URLSessionStreamTask? = nil func start() { NSLog("start") // let stream = self.session.streamTask(withHostName: "imap.mail.me.com", port: 993) let stream = self.session.streamTask(withHostName: "sully.local.", port: 12345) self.stream = stream stream.resume() // stream.startSecureConnection() self.startRead(stream: stream) let hello = "a001 NOOP\r\n".data(using: .utf8)! stream.write(hello, timeout: 60.0) { (error) in if let error = error { NSLog("write error") } else { NSLog("write complete") } } } func startRead(stream: URLSessionStreamTask) { stream.readData(ofMinLength: 1, maxLength: 2048, timeout: 60.0) { (data, eof, error) in if let error = error { NSLog("read error") } if let data = data { NSLog("read data %@", data as NSData) } NSLog("read eof %@", eof ? "true" : "false") if error == nil && !eof { self.startRead(stream: stream) } } } func stop(stream: URLSessionStreamTask) { NSLog("stop") stream.closeRead() stream.closeWrite() self.stream = nil } --- ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Test, Please Ignore
Greetings Those Who Ignored the Subject Line To reward you for your dedication, here’s your HHGTTG quote [1] for the day: > He only had the two arms and the one head and he called himself Phil Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware [1] It was going to be a George Orwell quote, but that’s just too depressing. ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: _kCFStreamPropertyReadTimeout
On 20 Jan 2017, at 19:09, Jens Alfke <j...@mooseyard.com> wrote: > We need to implement a timeout for some (Mac/iOS) code that reads from a > socket via a CFReadStream Are you using CFSocketStream is sync/blocking mode? That’s supported, but quite unusual (most folks use CFSocketStream async via the NSStream delegate mechanism or the CFStream client callback). This matters because, for example, `SO_RCVTIMEO` is only relevant in blocking mode. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: URLSession on iOS 10
On 14 Dec 2016, at 08:55, Rick Mann <rm...@latencyzero.com> wrote: > Also, there's still the problem of timeouts starting from the time the task > is started, rather than from when the task actually starts downloading. At > least, I think that's still there. Any idea of its status? That bug, , is still under consideration but I don’t have any more detailed information to share. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: URLSession on iOS 10
On 14 Dec 2016, at 08:19, Rick Mann <rm...@latencyzero.com> wrote: > And after all that, my bug is closed as a duplicate of a newer bug: > > "Engineering has determined that your bug report (29280854) is a duplicate of > another issue (29517144) and will be closed." Just FYI, isn’t fixed in the most recent software updates (iOS 10.2 and friends) but is well on in way to being fixed in a future software update. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Is it possible to modify the default NSURLSessionConfiguration?
On 28 Jun 2016, at 19:09, Jens Alfke <j...@mooseyard.com> wrote: > Is it possible to modify the properties of the configuration object returned > by [NSURLSessionConfiguration defaultSessionConfiguration]? No. > I’m assuming that the method returns a new instance every time … Correct. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: packet-tunnel-provider on OSX platform
On 20 Apr 2016, at 07:52, Kevin Yu <kevi...@draytek.com> wrote: > I still saw the error message on console say that my plug-ins must be > sandboxed, is it normal? No. You should check the entitlements of both your plug-in and your host app. Don’t check your .entitlements file, but the entitlements of the built binaries. The following DevForums post explains how to do this. <https://forums.developer.apple.com/message/75928#75928> Keep in mind that Network Extensions providers are only supported for Mac App Store apps, so your app’s entitlements should look Mac App Store-ish (for example, the app and extension should have appropriate "com.apple.application-identifier” and "com.apple.developer.team-identifier” entitlements). Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: creating non-default vpn configurations for IPSEC/L2TP
On 19 Apr 2016, at 00:19, Jean-Pierre, Stevenson <stevenson.jean-pie...@sage.com> wrote: > I've been looking through the SCNetworkConfiguration Reference but I have > been unable to find a method to add additional configurations to IPSEC/L2TP > VPN connections. Right. There’s a bit of a disconnect between the original System Configuration framework architecture and the VPN stuff that was layered on top of that. Part of that disconnect is that VPN configurations are not surfaced via System Configuration framework. The resolution to this is the Network Extension framework, which is the recommended way to set up VPN configurations on platforms where it’s available. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: NSURLSessionStreamTask
On 15 Apr 2016, at 02:40, Daryle Walker <dary...@mac.com> wrote: > Anyone (from Apple) want to share here? What are you interested in specifically? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: NSNetService advertises non-local IPv6 address in local domain
On 28 Mar 2016, at 02:48, Jeff Johnson <publicpost...@lapcatsoftware.com> wrote: > Is that supposed to happen? Yes. Think of the analogous case with IPv4: if you register a service in "local.", you want the service registered with your standard IPv4 address. > And is there any way to stop it? Definitely not at the NSNetService layer. At the DNS-SD layer () you have a lot more flexibility. For example, you could register your own A record (DNSServiceRegisterRecord) and then register your service with that name as its host (the `host` parameter to DNSServiceRegister). I've never tried this myself but I can't see why it wouldn't work. A good place to start with DNS-SD is the DNSSDObjects sample code, which gives some examples of how to wrap DNS-SD in an Objective-C shell that'll be more familiar to folks coming from NSNetService. <https://developer.apple.com/library/mac/#samplecode/DNSSDObjects/> Overall, however, I think you'd be better off nagging the folks with the broken client to fix their connection code. IPv6 is becoming increasingly common [1] so fixing this on the server side seems like heading in the wrong direction. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware [1] Especially in the light of "Supporting IPv6 in iOS 9". <https://developer.apple.com/news/?id=08282015a>. ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Whatever happened to Network Link Conditioner on iOS?
On 11 Mar 2016, at 18:50, Jens Alfke <j...@mooseyard.com> wrote: > However, I can’t find this anymore. The Settings > Developer menu (under which you'll find Network Link Conditioner and a variety of other options) should show up when the iOS device switches to 'developer mode', which it does when you plug it in to a Mac with Xcode and it goes through the dance required for the iOS device to show up in Xcode > Windows > Devices. If the iOS device is showing up in Devices window but doesn't show Settings > Developer, that's a bug IMO. The first thing I'd try is a restart of all parties involved. FWIW I've not seen this problem myself. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: packet-tunnel-provider on OSX platform
On 3 Mar 2016, at 01:35, Kevin Yu <kevi...@draytek.com> wrote: > Any suggestion? The most common problems I see in this space are: * code signing issues — You have to make sure that both your app and your provider extension are signed with the special Network Extension entitlements, and both are covered by a provisioning profile that whitelists those entitlements. See the following DevForums post for details. <https://forums.developer.apple.com/message/75928#75928> * extension registration — Registration problems are more common on OS X than iOS because the app install process is more free form. You can confirm that the extension is registered with the following command: $ pluginkit -m -p com.apple.networkextension.packet-tunnel This should produce output that shows your extension. To get a feeling for the output you should expect to see, you can run the command for some other extension point. For example, to see share extensions: $ pluginkit -m -p com.apple.share-services If your extension isn't registered, you should do two things: - Install your app on a fresh machine (I use a VM for this, rolling back to a snapshot for each debugging iteration) to see that it works in general. A lot of the time problems like this only occur on your development machine, where you're continually creating and launching new versions of the app. - On your development machine you can force the extension to register using: $ pluginkit -a /path/to/extension Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: What does NSURLCredentialPersistenceForSession mean, exactly?
On 23 Feb 2016, at 16:54, Jens Alfke <j...@mooseyard.com> wrote: > How recent is that? I think your best option here is to suck it and see. Not the best advice, I know, but it's the best I can do in the time I have available for mailing lists )-: I will note that the NSURLSessionTaskAdditions category on NSHTTPCookieStorage was added in iOS 8. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: What does NSURLCredentialPersistenceForSession mean, exactly?
On 23 Feb 2016, at 15:57, Jens Alfke <j...@mooseyard.com> wrote: > I thought this wasn’t possible anymore, since CFNetwork is implemented in C? > I.e, I thought CFNetwork just made C calls to that > `NSHTTPCookieStorageInternal` thing and bypassed the Obj-C API. That situation is, well, fluid. Historically this stuff was all in Objective-C, so subclassing worked just fine. The introduction of the CFNetwork underpinnings made subclassing a risky proposition. Recently more of the underpinnings are actually in Objective-C, or explicitly support subclassing properly, so this is getting better again. > If it really is subclassable, it looks like a subclass has to reimplement the > entire API by overriding and not calling `super`, correct? Right. I have another bug on file requesting that this be made easier . Since filing that, however, I've found that it is easier than I originally thought, at least in the specific case of providing an alternative cookie store for NSURLSession. IIRC you just need to override the 'task' methods: -storeCookies:forTask: -getCookiesForTask:completionHandler: None of the other methods get called; I recommend you implement them as no-ops, just in case. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: CFNetwork is not adding Authorization: headers proactively
On 22 Feb 2016, at 19:57, Wim Lewis <w...@omnigroup.com> wrote: > The other thing that a well-written client can do in that case is make use of > the "Expect: continue" header to allow the server to accept or reject the > request (or request authorization) before the large POST/PUT body is sent. I > don't know offhand if there's a way to get CFNetwork to do that. IIRC CFNetwork supports this; all you have to do is add the right header to your request. [request setValue:@"100-continue" forHTTPHeaderField:@"Expect"]; Note that it's "100-continue", not "continue". Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: What does NSURLCredentialPersistenceForSession mean, exactly?
On 19 Feb 2016, at 21:18, Jens Alfke <j...@mooseyard.com> wrote: > which makes me wonder why NSURLSessionConfiguration has a > URLCredentialStorage property, since there’s no way to create another object > to point that property at. Same goes for the HTTPCookieStorage property. Three points: * Historically, all of these objects were just plain Objective-C objects so it was reasonable to create your own subclasses. That has become problematic since the core code was moved to CFNetwork, where you have to deal with the interaction between Cocoa and CF code. * NSURLSessionConfiguration lets you set them to nil. * On the latest OS release it /is/ possible to create a cookie store elsewhere via +[NSHTTPCookieStorage sharedCookieStorageForGroupContainerIdentifier:]. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: CFNetwork is not adding Authorization: headers proactively
On 18 Feb 2016, at 19:32, Jens Alfke <j...@mooseyard.com> wrote: > I discovered yesterday that the networking layer of our library, which talks > to a REST API, is sending every request twice when the server uses HTTP Basic > auth. You should file a bug about this. <https://developer.apple.com/bug-reporting/> It'd be great if you could include a test project that reproduces it, along with a CFNetwork diagnostics log [1]. Please post the bug number. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware [1] QA1887 "CFNetwork Diagnostic Logging" <https://developer.apple.com/library/mac/qa/qa1887/_index.html> ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: CNCopySupportedInterfaces broken in iOS 9.2.1
On 21 Jan 2016, at 19:17, Carl Hoefs <newsli...@autonomy.caltech.edu> wrote: > We're breathing again, thanks a lot! Excellent news. Did you manage to capture a backup of a broken device? Does restoring it also restore the problem? I've been chatting with the captive network engineering team here about this issue and we have no idea what could cause this and why resetting the network settings might fix it, so we'd still really like to see a bug report about this. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: NSURLSession delegate, Kerberos, and NSURLAuthenticationMethodNegotiate
On 8 Dec 2015, at 20:18, Wim Lewis <w...@omnigroup.com> wrote: > I'm trying to figure out what the right behavior of an NSURLSession delegate > is to support Kerberos authentication. What platform are you working on? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Canceling and then retrying a bunch of tasks
On 9 Dec 2015, at 09:49, Rick Mann <rm...@latencyzero.com> wrote: > The docs say "If you call the invalidateAndCancel method, the session calls > this delegate method immediately." So, it's no different. IMO the docs are misleading here. There's two things to keep in mind: * If you start a task in a session, it will always run to completion, meaning that you'll eventually get a -URLSession:task:didCompleteWithError: callback. * -URLSession:didBecomeInvalidWithError: is always the last delegate callback you receive for a given session. These two facts mean that, if you -invalidateAndCancel a session with multiple outstanding tasks, the tasks will all complete (with NSURLErrorDomain / NSURLErrorCancelled) and then you'll get the didBecomeInvalidWithError callback. If this wasn't clearly explained by the documentation, please do file a bug about that. <https://developer.apple.com/bug-reporting/> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Canceling and then retrying a bunch of tasks
On 8 Dec 2015, at 22:32, Rick Mann <rm...@latencyzero.com> wrote: > All because NSURLSession has no mechanism to determine if it's finished with > everything. But it does have that, namely the -URLSession:didBecomeInvalidWithError: delegate callback. You should just have all the failed tasks record that they've failed and have -URLSession:didBecomeInvalidWithError: start tasks for the failed ones. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Canceling and then retrying a bunch of tasks
On 9 Dec 2015, at 11:54, Quinn The Eskimo! <eski...@apple.com> wrote: > On 9 Dec 2015, at 11:49, Rick Mann <rm...@latencyzero.com> wrote: > >> Is this also true when using completion blocks? > > Yes. Sorry, that's too succinct. To expand… My understanding is that task completion is always signalled—by calling the delegate (-URLSession:task:didCompleteWithError:) or the completion block depending on how the task was started—before -URLSession:didBecomeInvalidWithError: is called, which is always the last delegate callback. I just confirmed that understanding by running a test project (on iOS 9.2). Furthermore, my understanding is that NSURLSession has always behaved this way, although I'm not in a position to test it on previous systems or other platforms. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Canceling and then retrying a bunch of tasks
On 9 Dec 2015, at 11:49, Rick Mann <rm...@latencyzero.com> wrote: > Is this also true when using completion blocks? Yes. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Canceling and then retrying a bunch of tasks
On 8 Dec 2015, at 01:58, Rick Mann <rm...@latencyzero.com> wrote: > Also, I presume this only works if the queue is a serial queue, but the docs > say it doesn't have to be such. You really want your NSURLSession delegate queue to be a serial queue. It's going to be very hard to maintain coherent state otherwise. Moreover, your delegate queue work should be fast, so serialisation isn't a problem. If you need to do real work in this context, that work itself should be farmed off to a separate thread/queue/NSOperation. On 8 Dec 2015, at 03:52, Rick Mann <rm...@latencyzero.com> wrote: > And, the answer is no. My completion block gets called MANY more times after > I invalidate and cancel the session. I'm confused by this. Are you looking to invalidate the session or not? If you don't mind invalidating the session (-invalidateAndCancel), you should be able to kick off the new work your -URLSession:didBecomeInvalidWithError: delegate callback, which is the last callback you'll get for this session and which will arrive after all your task cancellation callbacks have run. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to use NWTCPConnectionAuthenticationDelegate for self signed certificate
On 7 Dec 2015, at 05:40, Kevin Yu <kevi...@draytek.com> wrote: > if I try to debug network extension, when I use “Attach to Process by PID or > Names…”, nothing shows on the console, even container app did not show > message either. Indeed. Message routing is set up when you launch the app, so you won't see messages in Xcode if you attach. You will, however, see them in the /device/ system log, which you can to via the Xcode Organizer. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to use NWTCPConnectionAuthenticationDelegate for self signed certificate
On 3 Dec 2015, at 02:00, Kevin Yu <kevi...@draytek.com> wrote: > After checked the result of SecTrustCopyProperties, it shows Root certificate > is not trusted. Since it is a self-signed certificate, how can I change the > SecPolicy’s ValidRoot to false in order to bypass the checking? You can apply a custom anchor to a trust object using SecTrustSetAnchorCertificates. That should work with a self-signed certificate, that is, you pass the same certificate to SecTrustCreateWithCertificates and SecTrustSetAnchorCertificates. However, I generally recommend against using self-signed certificates. It's better, IMO, to always use a certificate issued by a CA. If you need one during testing, you can set up your own CA. Technote 2326 "Creating Certificates for TLS Testing" describes how. <https://developer.apple.com/library/mac/technotes/tn2326/_index.html> If you install the CA's root on your device, the trust object should evaluate successfully without any special intervention on your part. > Another issue is when debug the network extension, I can’t print message out > to the Xcode console, the only way I can do is setup breakpoint and check the > value of variables manually. any other good way to debug network extension > code? Have you tried NSLog? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Problem with connection via Proxy using CFNetwork in TCP stream
On 3 Dec 2015, at 12:38, Motti Shneor <su...@bezeqint.net> wrote: > We are looking for ways to use the machinery already in the OS for > establishing our secure connection (tunnel) with the server, then continue > with our proprietary protocol. Have you thought about WebSockets? It doesn't seem like much of a leap to move your server on to WebSockets, at which point your client is much more HTTP-like, and hence much more compatible with weird environments. > 1. Is there a way to start the negotiation and open the connection to the > server using CFHTTPStream, then “rewrap” the bsd socket with a CFSocketStream > and continue on? No. CFHTTPStream can handle arbitrary data streams, both up and down, but it does that via the chunked transfer encoding, which won't help you. OTOH, NSURLSession supports something like this. See NSURLSessionResponseBecomeStream. This won't work for a pure binary protocol, but it'd work well if you were on a WebSocket base. > 2. Otherwise - is there a lower-level API we can employ for just the Proxy > authentication and negotiation ? You can use CFHTTPMessage, but it's not without its quirks. Specifically, it doesn't support the more complex authentication schemes because a critical API, _CFHTTPMessageSetResponseURL, is not public. You can search the list archives for the backstory to that. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Problem with connection via Proxy using CFNetwork in TCP stream
On 2 Dec 2015, at 17:12, Jens Alfke <j...@mooseyard.com> wrote: > Although they should allow the use of the Upgrade: header to let a connection > begin as HTTP and then switch to a different TCP-based protocol. (This is how > WebSocket connections are established.) Right. If you switch to WebSocket then this should be feasible (although you'll have to write your own WebSocket code 'cause we don't have an API for it)-: However, if you're implementing a custom protocol on top of TLS on top of TCP then I don't think there's any reliably way to get through an HTTP proxy. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to use NWTCPConnectionAuthenticationDelegate for self signed certificate
On 2 Dec 2015, at 02:14, Kevin Yu <kevi...@draytek.com> wrote: > I’ve tried with no luck What does "no luck" mean? Were you unable to create the trust object? Or did its evaluation fail? > here’s my code, any suggestion? The first step is to /not/ ignore the errors you get back from Security framework rotuines like SecTrustCreateWithCertificates and SecTrustEvaluate. Next, if trust evaluation is failing, you can print the result of SecTrustCopyProperties and SecTrustCopyResult to get an understanding as to why it's failing. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Problem with connection via Proxy using CFNetwork in TCP stream
On 2 Dec 2015, at 07:41, Yulia Bensman <ybens...@interwise.com> wrote: > I am on Mac OS (10.10.5 if it matters), and I am trying to use HTTP/HTTPS > proxy. That won't work. This isn't a limitation of the system, but rather a limitation of the on-the-wire protocol. HTTP proxies don't allow support arbitrary TCP connections [1]. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware [1] Technically this is possible, via the CONNECT method, but most proxies only support that in the context of HTTPS. ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: What happens when an NSURLSessionTask is canceled?
On 2 Dec 2015, at 03:45, Rick Mann <rm...@latencyzero.com> wrote: > What happens when an NSURLSessionTask is canceled? Does its callback or > delegate get called with an error indicating it was canceled? Yes. This is clearly documented. Oh wait, it's not. That sucks. My apologies. Let's try again... This is clearly described by a comment in the : -cancel returns immediately, but marks a task as being canceled. The task will signal -URLSession:task:didCompleteWithError: with an error value of { NSURLErrorDomain, NSURLErrorCancelled }. In some cases, the task may signal other work before it acknowledges the cancelation. -cancel may be sent to a task that has been suspended. I've filed a bug to get the docs in sync with the headers . Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Problem with connection via Proxy using CFNetwork in TCP stream
On 1 Dec 2015, at 16:57, Yulia Bensman <ybens...@interwise.com> wrote: > In this stream, I want to communicate using our proprietary protocol, based > on TCP and SSL. What platform are you on? This matters because iOS only supports HTTP proxies, and we don't support tunnelling a generic TCP stream through an HTTP proxy. OTOH, OS X supports SOCKS proxies, which will do this. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to use NWTCPConnectionAuthenticationDelegate for self signed certificate
On 1 Dec 2015, at 07:46, Kevin Yu <kevi...@draytek.com> wrote: > I think we can use the NWTCPConnectionAuthenticationDelegate and it’s > function evaluateTrustForConnection() to do the trick, however, I did not > found how to write this function in order to create a SecTrustRef and send > out via completion handler. The intent is that you create a trust object by calling SecTrustCreateWithCertificates. This takes two input parameters: * certificates -- You get this from peerCertificateChain parameter of -evaluateTrustForConnection:peerCertificateChain:completionHandler:. * policies -- For TLS you'd usually create this by calling SecPolicyCreateSSL. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: network configuration change notification
On 25 Nov 2015, at 18:47, Michael Brian Bentley <bent...@crenelle.com> wrote: > With the switch to NEHotspotHelper, I wonder if the following still works to > indicate a network configuration change occurred? "com.apple.system.config.network_change" is actually defined as a symbolic constant, kNotifySCNetworkChange from , so you should use that rather than a hard-coded string because it makes it clear that you're using public API. Beyond that, I'm not sure why you're concerned that NEHotspotHelper might impact on this. I fully expect this notification to work as well as it ever did. What behaviour are you keying off this notification? In most cases there's a better approach. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Obtaining SSID string in iOS 9
On 12 Nov 2015, at 19:04, Carl Hoefs <newsli...@autonomy.caltech.edu> wrote: > In iOS 9, the above has been deprecated in favor the new NEHotspotHelper > class. My app doesn't want/need to be a 'hotspot helper', I just would like > to obtain the current network's SSID string, if any. Using NEHotspotHelper > seems like tremendous overkill (plus having to register the app as a 'hotspot > helper') just to do this. Is there a simpler way? There's a long backstory to this. For details, see this (seven page!) DevForums thread. <https://forums.developer.apple.com/thread/11807> As per the 'Correct Answer' in that thread, if you're not building a hotspot management API: * there's little point requesting NEHotspotHelper access * you should file a bug describing your requirements <https://developer.apple.com/bug-reporting/> Please post your bug number, just for the record. Finally, if you're developing an in-house app then you might want to look at your MDM options. AFAIK MDM does not currently let you get at the SSID but it does let you get at a lot of other sensitive information that's not available via the SDK. A bug requesting MDM support for returning this value might get more traction. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Integrating NSOutputStream and NSOperation
On 11 Nov 2015, at 11:46, Motti Shneor <su...@bezeqint.net> wrote: > I have an NSOutputStream created and scheduled on some pre-created NSTrhead’s > NSRunloop (a.k.a mySocketThread). > > … > > I have special difficulty with operation cancellation. I can (of course) > cancel scheduled messages that didn’t start, but I cannot (server protocol) > send half-messages to my server - hence I can only abort a cancelled > operation if stream error or end occurred (again - I can only know this via > stream events). In this situation I'd introduce a lay of abstraction between your stream and your operations. That is, have all the code that's managing your stream run on the run loop, where it's serialised and life is sane. That code would be responsible for all the framing and unframing of messages, presenting an abstraction that's entirely message based. Then have your NSOperation code talk to that via some sort of inter-thread messaging. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: What causes a UDP listener to stop listening?
On 2 Oct 2015, at 16:28, Michael Brian Bentley <bent...@crenelle.com> wrote: > iOS. So, does the app shut down this socket when the app becomes eligible for suspension (typically when moving into the background) and bring it back when the app becomes ineligible for suspension? Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: What causes a UDP listener to stop listening?
On 2 Oct 2015, at 00:28, Michael Brian Bentley <bent...@crenelle.com> wrote: > Just a general question: what causes a UDP listener to be listing for > broadcasts at 255.255.255.255, be working for a while (could be hours) and > then just stop listening? What platform are you working on? The one non-obvious reason for problems like this is socket resource reclaim on iOS, as described in Technote 2277 "Networking and Multitasking". <https://developer.apple.com/library/ios/#technotes/tn2277/_index.html> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Spike in SSL handshake failures since iOS9 rollout
On 18 Sep 2015, at 17:36, Imran Patel <aes...@gmail.com> wrote: > We see connections being disconnected by the > client after socket establishment and before SSL can proceed. This sounds suspiciously like an issue that Jens raised earlier this month. <http://lists.apple.com/archives/macnetworkprog/2015/Sep/msg7.html> It's possible that tweaks to iOS's connect-by-name feature are triggering this change in behaviour. Regardless of whether you can reproduce it, I still recommend that you file a bug about it (including a server-side packet trace). <https://developer.apple.com/bug-reporting/> Please post your bug number, just for the record. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Need advice about [NSInputStream read:maxLength:] performance.
On 17 Sep 2015, at 10:24, Motti Shneor <su...@bezeqint.net> wrote: > Is there a specific penalty to NSStream’s method read:maxLength: ? Yes. In the case of a socket stream, -read:maxLength: is equivalent to the BSD-level system call, so you do a round trip into the kernel each time you call it. Whether that's a problem depends on a lot of factors. For example, if message sizes are small, these kernel calls are likely to add up to a significant performance impact. OTOH, if message sizes are large, the kernel calls may end up swamped by the cost of copying > Last, several guys mentioned GCDAsyncSocket. What is it? an open-source thing? It's an open source thing. You can also use Dispatch I/O directly or in concert with NSStream (use NSStream to do the stream setup, there extract the socket from the stream, close the streams, and then use Dispatch I/O for the I/O path). When dealing with network performance I have a bunch of suggestions: * Fundamentally any users-space networking is limited by BSD Sockets, which requires at least one copy from the in-kernel socket buffer to your buffer in user-space. This is typically done by or one of its equivalents. The only real optimisation you can do at the system call boundary is to use to implement a 'scatter' read. That may or may not be a win depending on how you structure things. * If you control the on-the-wire protocol, you may be able to get significant benefits by changing that. For example: - Protocols, like HTTP/1.x, which require parsing line-delimited headers, are a pain to optimise. - A lot of the time networking performance isn't limited by CPU time or bandwidth but by poorly designed protocols that result in the performance being dependent on the network latency. Again, HTTP/1.x is a major offender here. In my experience, the *really* big wins in network performance generally come from fixing problems like this. * You want to design your I/O structure to meet the needs of your client (that is, the code that's consuming the data you're reading). For example, if your media engine expects you to give it data in the large malloc'd buffers, that's should be a major consideration in the design of your I/O structure. Alternatively, if you can change how you supply data to your media engine, you could potentially avoid a bunch of overhead. dispatch_data_t (which can be bridged to NSData) can really help here because it supports: - non-contiguous data, allowing you to join two buffers - subdata creation without copies, to allow you to efficiently split two buffers - data flowing through multiple layers without copying As a concrete example of this, consider an I/O subsystem that does this: 1. reads the data into a malloc'd block 2. creates a dispatch_data from that (dispatch_data_create) 3. parser the data 4. when it finds a message, creates a subdata to represent the message (dispatch_data_create_subrange) and passes that to the media engine 5. if there's data left at the end, saves that so that subsequent reads can join it to data from the next read (dispatch_data_create_concat) You've done no copies (except the one required by BSD Sockets) and yet you're passing the data up to the client in a nice sequence of dispatch_data_t's. Those may be discontiguous, but it's up to the client as to whether they want to efficiently deal with discontiguous data or gather the data into one contiguous buffer. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Need advice about [NSInputStream read:maxLength:] performance.
On 11 Sep 2015, at 02:12, Adam Kaplan <adk...@gmail.com> wrote: > It’s amazing how many times we solve this same problem over-and-over. It’s so > difficult because every case is slightly nuanced :( Indeed. Some folks are even working in different languages. <https://forums.developer.apple.com/thread/16414> My take on this is that, as a networking geek, it's very easy to go down the performance rabbit hole here (where you'll find Robert Monaghan, apparently :-). Most of the folks struggling with this issue are dealing with trivial amounts of data, which is why I almost always push them towards the simplest possible NSMutableData solution. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: backgrounding a udp socket
On 11 Sep 2015, at 00:32, Michael Brian Bentley <bent...@crenelle.com> wrote: > Is it possible to set up a udp socket via a background task using > > -beginBackgroundTaskWithName:expirationHandler: > > (or something like it) such that we're able to continue receiving datagrams > while the app is backgrounded? The advice from Technote 2277 "Networking and Multitasking" still applies. <https://developer.apple.com/library/ios/#technotes/tn2277/_index.html> iOS has no special support for UDP networking in the background, so the only way to do this is to prevent your app from suspending (-beginBackgroundTaskWithName:xxx is one way to do that). There's good news and bad news on that front: * The good news is that, if you prevent your app from suspending, there's no difference between networking in the background vs the foreground. * The bad news is that the system puts strict limits on how long you can run in the background (to preserve device standby time). Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Problem with several TLS (CFStream) connections to the same address/port
On 7 Sep 2015, at 17:13, Yulia Bensman <ybens...@interwise.com> wrote: > But when I am opening the second socket and sending ClientHello, the > sessionID contains the 32-bytes token, sent by server in ServerHello to the > first socket. So it behaves like it wants to re-negotiate. Not "re-negotiate" but rather "resume the previous session". And yes, this is expected behaviour. The server should either support resume or not support resume. In the latter case it should send back a new session ID, not just fail the handshake. Ideally you should fix this on the server. Session resume is a standard part of TLS and kinda important when it comes to performance. However, if you can't fix the server, you can work around this on the client by setting the "peer ID". To do this: 1. get the Secure Transport context from the stream before you open it [1] 2. call SSLSetPeerID on that to set a unique peer ID The peer ID is used as the TLS session cache key, so if it's unique then no session reuse is possible. Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware [1] Use kCFStreamPropertySSLContext, as shown by the TLSTool sample code. <https://developer.apple.com/library/mac/samplecode/SC1236/> ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Need some guidance regarding ATS using CFNetwork APIs
On 31 Aug 2015, at 00:03, Jens Alfke <j...@mooseyard.com> wrote: > CFSocketStream.h declares all the necessary constants, with doc-comments, and > I know Apple’s documentation explains in detail how to do all this, though I > don’t have any URLs handy. Or, if sample code is your thing, take a look at the TLSTool sample code. <https://developer.apple.com/library/mac/samplecode/SC1236/> Share and Enjoy -- Quinn "The Eskimo!"<http://www.apple.com/developer/> Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: NSPOSIXErrorDomain code 2 No such file or directory from NSURLSession background download task?
On 24 Aug 2015, at 22:46, Rick Mann rm...@latencyzero.com wrote: What does this error mean? It's very worrisome. It's very likely that this is a symptom of the container path change problem that I discussed in the Testing Background Session Code post I referenced yesterday. Share and Enjoy -- Quinn The Eskimo!http://www.apple.com/developer/ Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Restoring context with NSURLSession background tasks
On 22 Aug 2015, at 00:33, Rick Mann rm...@latencyzero.com wrote: I'm finding the background task support to be lacking, in that there's a fair bit of context that's associated with my file downloads that I'm having to find a way to persist. I wonder if there's an easier way. I'm going to answer with a bunch of references to DevForums posts: A. downloading 'thousands of small files' -- This is a really bad idea, especially on iOS. https://forums.developer.apple.com/thread/14854 https://forums.developer.apple.com/thread/14853 B. state tracking -- On the following thread you'll find a couple of posts explaining how I did this. https://forums.developer.apple.com/thread/11554 Share and Enjoy -- Quinn The Eskimo!http://www.apple.com/developer/ Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Supported TLS version for CFNetwork in various Mac OS X
On 4 Aug 2015, at 19:17, Yulia Bensman ybens...@interwise.com wrote: But I am still not sure, since first of all I am not sure if CFNetwork in Mac OS X and in iOS are progressing in parallel. In general that's the case but, in the specific case of TLS, OS X lagged behind iOS for a few releases. TLS 1.2 support for OS X was introduced in OS X 10.9. So, prior to 10.9 you get TLS 1.0 and in 10.9 and later you get TLS 1.2. I've filed a bug to get OS X info added to TN2287 rdar://problem/22148615. Share and Enjoy -- Quinn The Eskimo!http://www.apple.com/developer/ Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: How to keep HTTP responses with Content-Encoding from being decoded?
On 4 Aug 2015, at 20:26, Jens Alfke j...@mooseyard.com wrote: Is there any way to disable NSURLConnection from automatically decoding a gzip-encoded HTTP response? No. If you have control over the server, you could configure it to send the data as compressed content type rather than using a compressed content coding. Share and Enjoy -- Quinn The Eskimo!http://www.apple.com/developer/ Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: CNCopySupportedInterfaces returns NULL in ios 9b4
On 5 Aug 2015, at 02:25, Rick Mann rm...@latencyzero.com wrote: I see it's deprecated in iOS9, but should still work, right? You should read my posts to the following thread on DevForums. https://forums.developer.apple.com/thread/11807 I'll update that thread as this situation evolves. Share and Enjoy -- Quinn The Eskimo!http://www.apple.com/developer/ Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Does CFHTTPMessageAddAuthentication support digest auth?
On 13 Jul 2015, at 23:20, Jens Alfke j...@mooseyard.com wrote: Does CFHTTPStream just go into passthru mode at that point? On the read side, yes. The problem is the write side. Remember that, when you want to stream data to a CFHTTPStream, you give it a read stream and it reads data from that stream and writes it to TCP connection. The issue is that it applies chunked transfer encoding to the data, as you'd expect for an HTTP request body of unknown length. Alas, this is not helpful when implementing a WebSocket. Share and Enjoy -- Quinn The Eskimo!http://www.apple.com/developer/ Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Monitor inbound/outbound network statistics for particular device
On 8 Jun 2015, at 13:35, Fabian Jäger fabian.jae...@chungwasoft.com wrote: I would like to print some statistics and would need the byte/s information… You can get /very/ simple interface statistics via x-man-page://3/getifaddrs. Share and Enjoy -- Quinn The Eskimo!http://www.apple.com/developer/ Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Proper use of SCNetworkReachability?
On 8 Jun 2015, at 16:03, Rick Mann rm...@latencyzero.com wrote: So, the biggest problem has to do with network timeouts. Indeed, timeouts are a problem, but mostly that's because folks come in with the assumption that timing out is the right thing to do. In a lot of cases it isn't. If the operation is user-visible, you should not implement a timeout. Rather, you should show status/progress and let the user cancel and retry the operation when they see fit. Historically I framed this as the 'kicked out the Ethernet cable' [1] problem: 1. user is using your app 2. user accidentally kicks out the Ethernet cable 3. things stop working 4. user rummages around under their desk and eventually figures out the problem 5. user comes up from their desk to discover that your app has timed out 6. user must manually retry Without the timeout the connection would have gone through as soon as connectivity was restored. With the timeout, you force the user through an unnecessary extra step. The only place where timeouts make sense IMO is when the operation is completely 'headless'. Share and Enjoy -- Quinn The Eskimo!http://www.apple.com/developer/ Apple Developer Relations, Developer Technical Support, Core OS/Hardware [1] These days I should problem recast this as the Wi-Fi / WWAN dead zone problem (-: ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Class Documentation of Network Extension and VPN
Fabian On 15 Jun 2015, at 09:42, Fabian Jäger fabian.jae...@chungwasoft.com wrote: can anybody tell me where I can find class documentation for the new Network Extension and VPN API? There are currently no high-level docs for the new Network Extension framework facilities. The best place to get started is the WWDC presentation (Session 717 What's New in Network Extension and VPN). https://developer.apple.com/videos/ Share and Enjoy -- Quinn The Eskimo!http://www.apple.com/developer/ Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Checking for success/failure in NSURLSession completion handlers
On 30 Mar 2015, at 07:54, Daryle Walker dary...@mac.com wrote: Am I supposed to check for success by seeing whether or not “error” is nil, or if whether or not “location” (and/or “response”) is NOT nil? In block-based APIs like this, it's generally best to check for error being nil. Unlike some older APIs, NSURLSession’s method arguments that are block pointers do not have those inner functions’ parameters and/or return values fully explained. The URL Loading System Programming Guide does not explain what’s expected of those blocks either. File a bug? Please do. https://developer.apple.com/bug-reporting/ Please post your bug number, just for the record. Share and Enjoy -- Quinn The Eskimo!http://www.apple.com/developer/ Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com
Re: Questions about uploading files via background NSURLSession
On 3 Feb 2015, at 20:47, Quinn The Eskimo! eski...@apple.com wrote: Starting with iOS 8 and OS X 10.10, yes. NSURLSessionTask has a priority property that lets you hint as to which tasks should run first. Oh boy, I got that wrong )-: It turns out that this description of the priority property is completely incorrect. Rather, this property is used to control the relative priority of requests when using a multiplexed connection (think SPDY). Moreover, it's currently ignored by background sessions. Sorry about the mixup. Share and Enjoy -- Quinn The Eskimo!http://www.apple.com/developer/ Apple Developer Relations, Developer Technical Support, Core OS/Hardware ___ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/macnetworkprog/archive%40mail-archive.com This email sent to arch...@mail-archive.com