Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
tree: 918c266e46
Fetching contributors…

Cannot retrieve contributors at this time

file 73 lines (57 sloc) 2.725 kb
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73
//
// TCPEndpoint.h
// MYNetwork
//
// Created by Jens Alfke on 5/14/08.
// Copyright 2008 Jens Alfke. All rights reserved.
//

#import <Foundation/Foundation.h>
#import <Security/SecBase.h>
#if TARGET_OS_IPHONE
#include <CFNetwork/CFSocketStream.h>
#else
#import <CoreServices/CoreServices.h>
#endif


// SSL properties:

/** This defines the SSL identity to be used by this endpoint.
The value is an NSArray (or CFArray) whose first item must be a SecIdentityRef;
optionally, it can also contain SecCertificateRefs for supporting certificates in the
validation chain. */
#define kTCPPropertySSLCertificates ((NSString*)kCFStreamSSLCertificates)

/** If set to YES, the connection will accept self-signed certificates from the peer,
or any certificate chain that terminates in an unrecognized root. */
#define kTCPPropertySSLAllowsAnyRoot ((NSString*)kCFStreamSSLAllowsAnyRoot)

/** This sets the hostname that the peer's certificate must have.
(The default value is the hostname, if any, that the connection was opened with.)
Setting a value of [NSNull null] completely disables host-name checking. */
#define kTCPPropertySSLPeerName ((NSString*)kCFStreamSSLPeerName)

/** Specifies whether the client (the peer that opened the connection) will use a certificate.
The value is a TCPAuthenticate enum value wrapped in an NSNumber. */
extern NSString* const kTCPPropertySSLClientSideAuthentication;

typedef enum {
kTCPNeverAuthenticate, /* skip client authentication */
kTCPAlwaysAuthenticate, /* require it */
kTCPTryAuthenticate /* try to authenticate, but not error if client has no cert */
} TCPAuthenticate; // these MUST have same values as SSLAuthenticate enum in SecureTransport.h!


/** Abstract base class of TCPConnection and TCPListener.
Mostly just manages the SSL properties. */
@interface TCPEndpoint : NSObject
{
    NSMutableDictionary *_sslProperties;
    id _delegate;
}

/** The desired security level. Use the security level constants from NSStream.h,
such as NSStreamSocketSecurityLevelNegotiatedSSL. */
@property (copy) NSString *securityLevel;

/** Detailed SSL settings. This is the same as CFStream's kCFStreamPropertySSLSettings
property. */
@property (copy) NSMutableDictionary *SSLProperties;

/** Shortcut to set a single SSL property. */
- (void) setSSLProperty: (id)value
                 forKey: (NSString*)key;

/** High-level setup for secure P2P connections. Uses the given identity for SSL,
requires peers to use SSL, turns off root checking and peer-name checking. */
- (void) setPeerToPeerIdentity: (SecIdentityRef)identity;

//protected:
- (void) tellDelegate: (SEL)selector withObject: (id)param;

@end
Something went wrong with that request. Please try again.