Jens Alfke  committed 08afb6e

Disable kTCPPropertySSLClientSideAuthentication on iPhone, because it uses a symbol that's not declared in a header, which causes Apple to reject the app for using private API.

  • Participants
  • Parent commits 2a140e2
  • Branches default

Comments (0)

Files changed (2)

File TCP/TCPEndpoint.h

     Setting a value of [NSNull null] completely disables host-name checking. */
 #define kTCPPropertySSLPeerName      ((NSString*)kCFStreamSSLPeerName)
+#if !TARGET_OS_IPHONE   /* not supported on iPhone, unfortunately */
 /** Specifies whether the client (the peer that opened the connection) will use a certificate.
     The value is a TCPAuthenticate enum value wrapped in an NSNumber. */
 extern NSString* const kTCPPropertySSLClientSideAuthentication;
 typedef enum {
 	kTCPNeverAuthenticate,			/* skip client authentication */

File TCP/TCPStream.m

 #import "Test.h"
+// You can't do client-side SSL auth using CFStream without this constant,
+// but it was accidentally not declared in a public header.
+// Unfortunately you can't use this on iPhone without Apple rejecting your app
+// for using "private API". :-(
 extern const CFStringRef _kCFStreamPropertySSLClientSideAuthentication; // in CFNetwork
 static NSError* fixStreamError( NSError *error );
     LogTo(TCPVerbose,@"%@ SSL settings := %@",self,p);
     [self setProperty: p forKey: kCFStreamPropertySSLSettings];
     id clientAuth = [p objectForKey: kTCPPropertySSLClientSideAuthentication];
     if( clientAuth )
         [self setProperty: clientAuth forKey: _kCFStreamPropertySSLClientSideAuthentication];
 - (NSArray*) peerSSLCerts