SNI (Server Name Indication) on OS X or iOS - NSURLSession CFNetwork

Question

I need to implement SNI (Server Name Indication) on client side for iOS and OS X. I tried google about this but I was unable to find anything useful (only some instruction for openSSL). Nothing related to NSURLSession or CFNetwork.

I need solution when using both NSURLSession or CFNetwork (CFStreamCreatePairWithSocketToHost - this is used in Socket Rocket).

Is it automatically supported by Apple framework? Or do I need add some extra code to enforce it? Or maybe it is completely unsupported?

If it is supported by Safari then take a look on WebKit how they do it. This is a tip, not a solution. — Marek H, Oct 06 '15 at 16:07
thanks, this is some starting point. I will also use wireshark with my application to see if it is supported out of the box. — Marek R, Oct 06 '15 at 18:07
I've checked my application with wireshark and it looks like that SNI is always active for free when using `CFNetwork`. — Marek R, Oct 07 '15 at 19:28

score 0 · Answer 1 · answered May 14 '18 at 15:05

0

SNI is supported on iOS. If you specify the kCFStreamSSLPeerName value in kCFReadStreamPropertySSLSettings of your CFReadStream, it will be used as the server name during the TLS handshake.

answered May 14 '18 at 15:05

Antonio

404
4
12

SNI (Server Name Indication) on OS X or iOS - NSURLSession CFNetwork

1 Answers1