I would like to find out programmatically if the user is using a proxy in iOS. Is there a way to detect it with the new api's (ios 7 or 8)?
Also, Is it possible to find out if the user has proxy unknowingly?
you can simply find the proxy in the CFDictionaryRef response.
CFDictionaryRef dicRef = CFNetworkCopySystemProxySettings();
if proxy is enable then you can parse it like this.
const CFStringRef proxyCFstr = (const CFStringRef)CFDictionaryGetValue(dicRef,
(const void*)kCFNetworkProxiesHTTPProxy);
based on this you can make detect if proxy is enabled or not.
By default NSStream based sockets do not detect the System proxy settings, which is very inconvenient if you are trying to debug your NSStream based SSL traffic in Charles Proxy for example. To set the proxy setting for the streams I simply use:
NSInputStream *inStream;
NSOutputStream *outStream;
//...assign the streams...
NSDictionary *proxySettings = CFBridgingRelease(CFNetworkCopySystemProxySettings());
[inStream setProperty:proxySettings forKey:NSStreamSOCKSProxyConfigurationKey];
[outStream setProperty:proxySettings forKey:NSStreamSOCKSProxyConfigurationKey];
Related
I need to get the device IP of the WiFi interface.
According to several StackOverflow threads, we could assume that "en0" corresponds to the Wi-Fi interface name :
https://stackoverflow.com/a/30754194/12866797
However, this feels like some kind of convention, not a standard.
Is there any consistent/standard way to retrieve the WiFi interface or the device WiFi IP address, using the iOS SDK ?
It would be nice if the API is available starting from iOS 11 but I won't be picky.
My best attempt was to use NWPathMonitor (iOS 12+) and monitor network changes corresponding to WiFi interfaces (NWInterface.InterfaceType.wifi) :
- (void) MonitorWifiInterface
{
m_pathMonitor = nw_path_monitor_create_with_type(nw_interface_type_wifi);
nw_path_monitor_set_update_handler(m_pathMonitor, ^(nw_path_t _Nonnull path) {
NSLog(#"[NetInterfaceUtilies] Network path changed");
nw_path_enumerate_interfaces(path, ^ bool (nw_interface_t _Nonnull itf)
{
NSLog(#"[NetInterfaceUtilies] Name : %s , Index : %u", nw_interface_get_name(itf), nw_interface_get_index(itf));
return true; // In order to continue the enumeration
});
});
nw_path_monitor_start(m_pathMonitor);
}
But I am not happy with it for the following reasons :
NWPathMonitor is supposed to be used for monitoring network changes : I haven't managed to get network information whenever I wanted, but only when WiFi has been set on/off.
I only managed to get the network interface name. But I can combine this data with the network interfaces retrieved with getifaddrs() in order to deduce the correct interface and IP : it's a step forward ?
It's "only" available starting from iOS 12.
I am trying to disable some ciphers (weak) such as single DES, single DES 40 bit etc.
I've tried using this bit of code from How does one set SSL ciphers when using CFSocket/CFStream in Cocoa? and from mailing list message CFNetwork SSL and long blocking delays but I need access to socket data to get the CFDataRef.
Here is the code that I tried to insert in the handshake method in AFURLConnectionOperation class:
- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge (NSURLAuthenticationChallenge *)challenge{
CFReadStreamRef stream = [sock getCFReadStream];
CFDataRef data = CFReadStreamCopyProperty(stream, kCFStreamPropertySocketSSLContext);
// Extract the SSLContextRef from the CFData
SSLContextRef sslContext;
CFDataGetBytes(data, CFRangeMake(0, sizeof(SSLContextRef)), &sslContext);
// Get all enabled ciphers
size_t numCiphers;
SSLGetNumberEnabledCiphers(sslContext,&numCiphers);
SSLCipherSuite ciphers[numCiphers];
SSLGetEnabledCiphers(sslContext,ciphers,&numCiphers);
// Create a new cipher array with only non-DH ciphers, and set it
SSLCipherSuite finalCiphers[numCiphers];
int numFinalCiphers = 0;
for(int i=0; i<numCiphers; i++) {
SSLCipherSuite suite = ciphers[i];
if(!cipherSuiteUsesDH(suite)) {
finalCiphers[numFinalCiphers] = suite;
numFinalCiphers++;
}
}
SSLSetEnabledCiphers(sslContext,finalCiphers,numFinalCiphers);
}
Any and all help would be appreciated.
EDIT: Unfortunately this is an existing project and it still uses version 1 of AFNetworking.
Using SSLSetEnabledCiphers with AFNetworking to disable weak ciphers
OK, this one piqued my interest because its something I do in other languages, but not Cocoa/CocoaTouch. Its been on my TODO list for some time. The answer is you can't do it when working with the high level objects like NSURLConnection.
I could not find a way to bridge the gap between NSURLConnection and friends and the low level stuff needed to set the cipher suits. If you are interested, the "highest" the low level stuff goes is CFSocketStream. So the job is to get NSURLConnection to work with a CFSocketStream (or access the CFSocketStream in the NSURLConnection).
I also mirrored your question on Apple's Network Programming mailing list, and both Jens and Quinn confirmed it (Quinn provided the info on CFSocketStream). See Configure socket used by NSURLConnection?.
Also, in case you did not realize it, attempting to modify the properties in -connection:didReceiveAuthenticationChallenge: is too late. By the time you get the authentication challenge, the handshake is already in progress (i.e., the ClientHello has already been sent).
If you do manage to find a hack to do it, then please post it.
I am using compiled version of rtmp-dump from github in my iOS project. Following is the code to connect to the server.
rtmp = RTMP_Alloc();
RTMP_Init(rtmp);
NSString *url = #"rtmp://192.168.0.119:1935/red5/sw231/";
char *strUrl = (char *)[url cStringUsingEncoding:NSASCIIStringEncoding];
RTMP_SetupURL(rtmp, strUrl);
RTMP_Connect(rtmp, NULL);
Since the proper documentation of rtmp-dump OR lib-rtmp is not available I want to know the methods that I can use for the following functionalities.
I want to send an array of values while connecting. My query is by what method of rtmp-dump can I send values to the server when connecting?
How can I call certain methods of the server and pass parameters to the server?
How can I receive response from the server? As well as how can I implement client-side method invocation through rtmp-dump?
How can I explicitly provide the name of the stream which I want to play or listen to after connecting?
By using RTMP_Close(), will I be able to disconnect the connection?
I know this post was asked 12 months ago but this may be usefull.
Download this and see the examples of usage of librtmp. I don't know why this library has no documentation but following that examples can help you a bit.
I'm looking for a way to scan available Wi-Fi access points (hotspots) from my IOS-app.
All that I need is a list of active at the moment hotspot names, where a device is able to connect to.
Like Safari shows a list of Wi-Fi hotspots when we start or activate it.
I'd like to publish the app on App Store, so I can't use any kind of Private API's (right?).
And unfortunatelly CoreWLAN.framework is unavailable for IOS (right?).
So, is it possible to achieve my target? Can I collect available access points names (SSID) some way?
There is no Public APIs at the moment that you can use to get a list of available Wi-Fi access points. As you're planning to publish on the App Store, Private APIs are not an option.
The closest thing you can achieve is getting your currently connected Wi-Fi name and details which can be achievied with CaptiveNetwork with the SystemConfiguration.framework.
+ (NSString *)currentSSID
{
NSString *ssid;
NSArray *interfaces = (__bridge_transfer id)CNCopySupportedInterfaces();
for (NSString *interfaceName in interfaces) {
NSDictionary *informations = (__bridge_transfer id)CNCopyCurrentNetworkInfo((__bridge CFStringRef)interfaceName);
if (informations[#"SSID"]) {
ssid = informations[#"SSID"];
}
}
return ssid;
}
I need to compress data sent over a secure channel in my iOS app and I was wondering if I could use TLS compression for the same. I am unable to figure out if Apple's TLS implementation, Secure Transport, supports the same.
Does anyone else know if TLS compression is supported in iOS or not?
I was trying to determine if Apple implementation of SSL/TLS did support compression, but I have to say that I am afraid it does not.
At first I was hopeful that having a errSSLPeerDecompressFail error code, there has to be a way to enable the compression. But I could not find it.
The first obvious reason that Apple doesn’t support compression is several wire captures I did from my device (6.1) opening secure sockets in different ports. In all of them the Client Hello packet reported only one compression method: null.
Then I looked at the last available code for libsecurity_ssl available from Apple. This is the implementation from Mac OS X 10.7.5, but something tells me that the iOS one will be very similar, if not the same, but surely it will not be more powerful than the Mac OS X one.
You can find in the file sslHandshakeHello.c, lines 186-187 (SSLProcessServerHello):
if (*p++ != 0) /* Compression */
return unimpErr;
That error code sounds a lot like “if the server sends another compression but null (0), we don’t implement that, so fail”.
Again, the same file, line 325 (SSLEncodeClientHello):
*p++ = 0; /* null compression */
And nothing else around (DEFLATE is the method 1, according to RFC 3749).
Below, lines 469, 476 and 482-483 (SSLProcessClientHello):
compressionCount = *(charPtr++);
...
/* Ignore list; we're doing null */
...
/* skip compression list */
charPtr += compressionCount;
I think it is pretty clear that this implementation only handles the null compression: it is the only one sent in the Client Hello, the only one understood in the Server Hello, and the compression methods are ignored when the Client Hello is received (null must be implemented and offered by every client).
So I think both you and me have to implement an application level compression. Good luck.