Networking

RSS for tag

Explore the networking protocols and technologies used by the device to connect to Wi-Fi networks, Bluetooth devices, and cellular data services.

Networking Documentation

Post

Replies

Boosts

Views

Activity

Issue with app not waking up intermittently due to Pushkit (VOIP)
I am developing a VoIP service. Usually, when receiving a VoIP Push, Callkit is exposed immediately after receiving the message and the app is designed to be used. However, there is an extremely intermittent phenomenon (not well reproduced) where the app does not wake up even when receiving a VoIP Push. And after a long time, the app wakes up and Callkit is activated. (A long time after receiving the call…) Has anyone experienced the above phenomenon? I wonder if there are any reported parts depending on the OS version. (I have identified that it does not occur in the 17.x version, but it is difficult to guarantee because it occurs extremely intermittently) The app is not running in the background, but... Could this be happening if there are a lot of pending operations in the background? I need help urgently
2
0
50
21h
Content Filter Providers in unsupervised and unmanaged iOS devices
I'm looking at implementing an iOS app that has includes a Content Filter Provider to block access to certain domains when accessed on the device. This uses NEFilterManager, NEFilterDataProvider and NEFilterControlProvider to handle configuration and manage the network flows and block as necessary. My question is can you deploy this in an iOS 18+ app on the App Store to devices which are unmanaged, unsupervised and don't use Screen Time APIs? Although not 100% clear, this technote seems to say it is not possible: https://developer.apple.com/documentation/Technotes/tn3134-network-extension-provider-deployment Testing this on a Developer device and build works successfully without any MDM profiles installed. A similar approach using the same APIs also works on macOS once user permissions have been given. If it can't work on unsupervised, unmanaged iOS devices, is possible for the user to first manually install a MDM profile which includes the required 'Content Filter' details and then have it work? If not, how would you filter iOS network traffic on an unmanaged, unsupervised device? Is it necessary to use a VPN or DNS approach instead (which may be a lot less privacy compliant)?
3
0
131
1d
Can NETunnelProviderManager.protocolConfiguration be changed on the fly?
I am learning about layer 3 VPN implementations for MacOS, and am slowly making my way through docs and tutorials. I noticed that part of creating an instance of NETunnelProviderManager on the app side of the project requires the specification of protocolConfiguration via an instance of NETunnelProviderProtocol. One of the arguments for this class is serverAdress, which to my understanding, tells the OS where to route traffic towards at the end of the day. My question: many VPNs these days allow the option to specify the location for which you want your traffic to be routed through. I imagine this would necessitate changing this serverAddress field in the backend. However, setting this option (on a commercially available VPN) doesn't typically prompt the OS notification that you get when initially installing a VPN configuration for the first time. How is this functionality achieved? I could see one possible solution being that most VPN providers route through a main service beforehand (so the first IP in the chain never has to change), though I could see this being problematic for a number of other reasons. Assuming you have a valid NETunnelProviderManager object called manager, is this valid? self.manager?.protocolConfiguration?.serverAddress = "somewhereElse" Even if it compiles, will the traffic be properly re-routed? My understanding of the flow right now is that in order to "lock in" a new configuration, or modify it, you need to call manager.saveToPreferences, which triggers the OS notification I mentioned earlier.
1
0
135
2d
[networkextesion] dnsproxy
hello I am testing the use of network extension. When we use dnsproxy to proxy DNS requests, we will send you a message that the udp pcbcount of your system continues to increase. For example for ((i=1; i<=99999; i++));do echo "Attempt $i:" dig google.com done when the dig command is used continuously, the dig command will show the following errors when pcbcount reaches a certain number. isc_socket_bind: address not available Can you help us determine what the problem might be? thank you
1
0
70
4d
Best Way To Determine If Host Is Not Reachable in NWConnection
I have an app that is communicating with a non-HTTP server over TCP/IP. Most everything is working, but I was testing some error conditions and the first one I tried was turning the server off and then trying to send it a message. I'm using code that uses NWConnection and involves an async method that includes a withCheckedContinuation. Inside this code are checks for errors in the closures, etc. You've seen the example code posted here in the forums. But none of the error code ever gets invoked. I also have a state handler to check the state of the TCP connection. What I see when I send the request is: connection goes to .preparing state nothing happens for about 45 seconds I then get two errors: inline-code nw_endpoint_flow_failed_with_error [C4.1.1 192.168.86.44:3040 in_progress channel-flow (satisfied (Path is satisfied), viable, interface: en0[802.11], ipv4, dns, uses wifi)] already failing, returning inline-code nw_endpoint_flow_failed_with_error [C4.1.1 192.168.86.44:3040 cancelled channel-flow ((null))] already failing, returning then the connection state goes to .waiting and nothing else happens. I would really like to capture the errors I see in the Xcode console, but I don't know how to catch them. Anyone have any ideas? Is there a better way to send the first message (or a ping or whatever) to a non-HTTP server and see if it is there? Thanks, Robert
3
0
122
4d
CentralManager won't connect to device for watchOS, but will for iOS?
Hi there, I'm having an issue hoping someone could help. We have an iOS app that uses CoreBluetooth to connect to peripherals using the central manager. The app works great - However, when using the same exact central manager for our watchos app, it will attempt to connect, but I never get a callback for either didConnect or didFailToConnect. The watch can connect successfully to other BLE devices, so the watch itself is capable of BLE connectivity. Here's a list of thing's I've tried (unsuccessfully): 1) Added every bluetooth-related entitlement to info.plist Privacy - Bluetooth Always Usage Description Privacy - Bluetooth Peripheral Usage Description Background Modes: App communicates using CoreBluetooth, App shares data using CoreBluetooth 2) Checked for Single-Connection Limits Verified that the iPhone was fully disconnected from the peripheral to ensure the device wasn’t limited to one connection. Attempted to connect on watchOS alone (with iPhone turned off) 3) Tried various options for CBCentralManager, scanForPeripherals, and connect I went through all the keys for various options and tried just setting them, they had no effect CBCentralManagerOptionShowPowerAlertKey, CBConnectPeripheralOptionEnableTransportBridgingKey Item 2 4) Tried .registerForConnectionEvents() 5) Set peripheral's delegate to the central in the didDiscover, stored it in a variable to ensure a strong reference to it I get no warnings either. The last time I ran into something like this, I found out the watchOS blocks TCP sockets. If I print out the CBPeripheralState a few seconds after trying to connect, it shows its stuck on CBPeripheralStateConnecting. Any advice or direction is greatly appreciated Below is the code and various print outs (day 2 into debugging, so it's not pretty) class WatchBLEManager:NSObject,CBCentralManagerDelegate, ObservableObject{ var centralManager: CBCentralManager? @Published var devices : [String:AtomBLEDevice] = [:] private var scanningDevice:AtomBLEDevice? var bleStatus:WatchBLEStatus = .blePoweredOff func startBLE() { centralManager = CBCentralManager(delegate: self, queue: nil,options: [CBCentralManagerOptionShowPowerAlertKey: true]) self.centralManager?.delegate = self } func startScan() { self.centralManager?.scanForPeripherals(withServices: [],options: [CBCentralManagerScanOptionAllowDuplicatesKey : true]) self.centralManager?.delegate = self } func stopScan() { print("stopping scan") self.centralManager?.stopScan() filterName = "" scanningDevice = nil } func centralManagerDidUpdateState(_ central: CBCentralManager) { switch (central.state) { //... other states omitted case .poweredOff: bleStatus = .blePoweredOff // bleStateDelegate?.didBlePoweredOff() for device in devices.values{ device.isConnected = false } print("BLE is Powered Off") case .poweredOn: bleStatus = .blePoweredOn // bleStateDelegate?.didBlePoweredOn() startScan() centralManager?.registerForConnectionEvents() print("Central supports extended scan and connect: ", CBCentralManager.supports(.extendedScanAndConnect)) print("powered on") @unknown default: print("BLE is Unknown") } } private let connectionQueue = DispatchQueue(label: "com.atom.connectionQueue") var connectingTo: String? = nil var peripheral: CBPeripheral? = nil func centralManager(_ central: CBCentralManager, didDiscover peripheral: CBPeripheral, advertisementData: [String : Any], rssi RSSI: NSNumber) { guard let localName = advertisementData[CBAdvertisementDataLocalNameKey] as? String else { return} if localName.contains("Atom") { print("\nConnecting to \(localName)") print("\tAdvertising data: \(advertisementData)") print("\tANCS Authorized: ",peripheral.ancsAuthorized) print("\tServices", peripheral.services, "\n") self.peripheral = peripheral self.peripheral?.delegate = self // central.registerForConnectionEvents() // central.delegate = self peripheral.delegate = self DispatchQueue.main.async { // central.connect(peripheral) self.centralManager?.connect(peripheral, options: [ CBConnectPeripheralOptionEnableTransportBridgingKey: true]) } DispatchQueue.main.asyncAfter(deadline: .now() + 5.0) { print("\tState", String(describing: peripheral.state)) print("Connected Peripherals: \(self.centralManager?.retrieveConnectedPeripherals(withServices: []))") } } } // Never gets called for watchos func centralManager(_ central: CBCentralManager, didConnect peripheral: CBPeripheral) { print("Connected to peripheral: \(peripheral.identifier)") if let atomDevice = getAtomBLEDevice(peripheral: peripheral) { //atomDevice.setPeripheral(perpipheral: <#T##CBPeripheral?#>) atomDevice.isConnected = true atomDevice.isConnecting = false //delegate?.didConnected(atomBLE: atomDevice!) atomDevice.startDiscoveringService() //atomDevice?.delegate?.didConnected(atomBLE: atomDevice!) print("Connected: \(peripheral.name)") } else { print("no matching atom device found for didConnect") print("connected peripheral :",peripheral.identifier.uuidString) } } func centralManager(_ central: CBCentralManager, connectionEventDidOccur event: CBConnectionEvent, for peripheral: CBPeripheral) { print("Connection event: \(event)") } func centralManager(_ central: CBCentralManager, didFailToConnect peripheral: CBPeripheral, error: (any Error)?) { print("Failed to connect: \(error?.localizedDescription)") } func centralManager(_ central: CBCentralManager, didDisconnectPeripheral peripheral: CBPeripheral, error: Error?) { let atomDevice = getAtomBLEDevice(peripheral: peripheral) atomDevice?.isConnected = false print("Peripheral disconnected:\(peripheral.name)") } func clearData() { filterName = "" for device in devices.values{ disconnect(atomBLEDevice: device) device.perpipheral?.delegate = nil } devices = [:] scanningDevice = nil // delegate = nil centralManager = nil } } extension WatchBLEManager: CBPeripheralDelegate { }```
1
0
105
4d
OAuth login from NEPacketTunnelProvider
How can NEPacketTunnelProvider launch the companion application, or notify user to launch the application? I have built an iOS VPN that uses credentials stored in the keychain, and it works as expected. Now I'm trying to add OAuth login support. Everything works fine at first. I login from the companion application, store tokens in the keychain, then launch the VPN from either System Settings or the companion application. However, when the OAuth refresh tokens expire, or the OAuth IdP otherwise requires login, I can't perform the OAuth login from the NEPacketTunnelProvider. Login must happen from the companion application, which likely isn't running. I need the NEPacketTunnelProvider to either launch the companion application directly or to notify the user to do so. Searching and reading docs yields: You can't perform OAuth login from within the NEPacketTunnelProvider because it requires user interaction There is no way to guarantee that the companion application is running on iOS (otherwise one would use NEVPNStatusDidChange) You can't launch the companion application from NEPacketTunnelProvider using a custom URL because of security concerns You might be able to launch the companion application from a system extension... Some sources say you still can't guarantee that the system extension is loaded whenever the NEPacketTunnelProvider needs it anyway. Of course, any of these conclusions could be wrong. At this point I'm not sure where to begin. Is there another approach that could be initiated by the NEPacketTunnelProvider (push notifications, system notifications, smoke signals)? Any help would be appreciated. Thanks, Bill Welch
1
0
124
4d
Download speed Issue with Per-App VPN Using WireGuard Protocol
DESCRIPTION OF PROBLEM We have developed an app and server based on the WireGuard protocol. While we have successfully implemented device-wide VPN, we are now working on enabling per-app VPN functionality. The per-app VPN payload is successfully delivered, and the designated app can read the configuration and establish a connection to the VPN server. However, we are experiencing extremely slow download data rates, measuring only in bytes. Steps Taken: Created an app-layer payload. Configured NETestAppMapping in the app’s Info.plist, using the VPNUUID defined in the payload for the Chrome app. Despite these configurations, data transfer remains significantly slow. We would appreciate any insights into potential causes or recommendations to resolve this performance issue. Thank you for your assistance.
3
0
205
5d
How to Confirm Wi-Fi Connection Success in App Clip Without Access Wi-Fi Information Entitlement?
My app helps users connect to Wi-Fi networks, and I have requested the Access Wi-Fi information entitlement. This allows the app to retrieve the current Wi-Fi information to ensure the user’s connection is successful. Now, we are trying to implement an App Clip that enables users to connect to a specific Wi-Fi network through a QR code scan or NFC in certain scenarios. In the App Clip, I’ve requested the Hotspot entitlement, which allows the app to use the hotspot manager to configure Wi-Fi networks. However, since I cannot access the current Wi-Fi information in the App Clip, I’m unable to confirm whether the connection was successful.
2
0
160
5d
Unable to use CoreWLAN under root permission
I am working on developing a client to complete 8021.x wireless authentication by python. According to the CoreWLAN Documentation scanForNetworks(withName:), I'm going to use scanForNetworksWithName_error_ and associateToEnterpriseNetwork_identity_username_password_error_ provided in CoreWLAN. And I wrote a script to have a try. import os import pwd from CoreWLAN import CWWiFiClient from Foundation import NSString def get_real_user(): sudo_user = os.environ.get('SUDO_USER') if sudo_user: return sudo_user return os.environ.get('USER', 'root') def run_as_user(username): if os.geteuid() == 0: uid = pwd.getpwnam(username).pw_uid gid = pwd.getpwnam(username).pw_gid os.setuid(uid) def connect_to_enterprise_network(ssid, username, password): try: real_user = get_real_user() if os.geteuid() == 0: run_as_user(real_user) client = CWWiFiClient.sharedWiFiClient() interface = client.interface() if not interface: print("no interface") return False print("scaning...") error = None scan_result, error = interface.scanForNetworksWithName_error_(ssid, None) if error: print(f"scan fialed: {error.localizedDescription()}") return False target_network = None for network in scan_result.allObjects(): if network.ssid() == ssid: target_network = network break if not target_network: print("no target network") return False success, error = interface.associateToEnterpriseNetwork_identity_username_password_error_( target_network, None, NSString.stringWithString_(username), NSString.stringWithString_(password), None ) if not success: print(f"connect failed: {error.localizedDescription() if error else 'unknown error'}") return False print("connect successfully") return True except Exception as e: print(f"exception: {str(e)}") return False if __name__ == "__main__": ssid = "ssid" username = "username" password = "password" success = connect_to_enterprise_network(ssid, username, password) However, I can only execute this script normally under non-root permissions. When I switch to root and execute it, the variable "scan_result.allObjects()" will be an object without any ssid and bssid. Finally the function prints "no target network" and returned. &lt;CWNetwork: 0x107104080&gt; [ssid=(null), bssid=(null), security=WPA2 Enterprise, rssi=-52, channel=&lt;CWChannel: 0x11e8a1fd0&gt; [channelNumber=44(5GHz), channelWidth={20MHz}], ibss=0] Compared with the value without sudo: [&lt;CWNetwork: 0x144650580&gt; [ssid=ssid, bssid=&lt;redacted&gt;, security=WPA2 Enterprise, rssi=-55, channel=&lt;CWChannel: 0x1247040d0&gt; [channelNumber=149(5GHz), channelWidth={20MHz}], ibss=0]] My python code will be included in an app that must be executed as a root user, so this issue can't be ignored and waiting for your help. THANKS!
2
0
164
6d
NEHotspotConfigurationManager joinAccessoryHotspot not working when using ssidPrefix
When using ssidPrefix in the descriptor and completing the AccessorySetupKit setup, I attempt to connect to the accessory's Wi-Fi hotspot using NEHotspotConfigurationManager joinAccessoryHotspot. The connection fails with the following error: Error Domain=NEHotspotConfigurationErrorDomain Code=1 "invalid SSID." UserInfo={NSLocalizedDescription=invalid SSID.} I'm using a prefix that is at least 3 characters. If I provide ssid instead of ssidPrefix it connects successfully.
2
0
147
6d
Apps made through .net maui don't work with local networks.
Apps made through .net maui don't work with local networks. I'm using the .net 8 framework, and I followed the app to the ios system through .net Maui after connecting it to the computer through a data cable. When I open the app, I get a request to access the local network and I agree to it. But still my app is not accessible. I have asserted it correctly inside info.plist. How can I fix this issue
2
0
127
6d
URLSession works for request but not NWConnection
I am trying to convert a simple URLSession request in Swift to using NWConnection. This is because I want to make the request using a Proxy that requires Authentication. I posted this SO Question about using a proxy with URLSession. Unfortunately no one answered it but I found a fix by using NWConnection instead. Working Request func updateOrderStatus(completion: @escaping (Bool) -&gt; Void) { let orderLink = "https://shop.ccs.com/51913883831/orders/f3ef2745f2b06c6b410e2aa8a6135847" guard let url = URL(string: orderLink) else { completion(true) return } let cookieStorage = HTTPCookieStorage.shared let config = URLSessionConfiguration.default config.httpCookieStorage = cookieStorage config.httpCookieAcceptPolicy = .always let session = URLSession(configuration: config) var request = URLRequest(url: url) request.httpMethod = "GET" request.setValue("text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", forHTTPHeaderField: "Accept") request.setValue("none", forHTTPHeaderField: "Sec-Fetch-Site") request.setValue("navigate", forHTTPHeaderField: "Sec-Fetch-Mode") request.setValue("Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0.1 Safari/605.1.15", forHTTPHeaderField: "User-Agent") request.setValue("en-US,en;q=0.9", forHTTPHeaderField: "Accept-Language") request.setValue("gzip, deflate, br", forHTTPHeaderField: "Accept-Encoding") request.setValue("document", forHTTPHeaderField: "Sec-Fetch-Dest") request.setValue("u=0, i", forHTTPHeaderField: "Priority") // make the request } Attempted Conversion func updateOrderStatusProxy(completion: @escaping (Bool) -&gt; Void) { let orderLink = "https://shop.ccs.com/51913883831/orders/f3ef2745f2b06c6b410e2aa8a6135847" guard let url = URL(string: orderLink) else { completion(true) return } let proxy = "resi.wealthproxies.com:8000:akzaidan:x0if46jo-country-US-session-7cz6bpzy-duration-60" let proxyDetails = proxy.split(separator: ":").map(String.init) guard proxyDetails.count == 4, let port = UInt16(proxyDetails[1]) else { print("Invalid proxy format") completion(false) return } let proxyEndpoint = NWEndpoint.hostPort(host: .init(proxyDetails[0]), port: NWEndpoint.Port(integerLiteral: port)) let proxyConfig = ProxyConfiguration(httpCONNECTProxy: proxyEndpoint, tlsOptions: nil) proxyConfig.applyCredential(username: proxyDetails[2], password: proxyDetails[3]) let parameters = NWParameters.tcp let privacyContext = NWParameters.PrivacyContext(description: "ProxyConfig") privacyContext.proxyConfigurations = [proxyConfig] parameters.setPrivacyContext(privacyContext) let host = url.host ?? "" let path = url.path.isEmpty ? "/" : url.path let query = url.query ?? "" let fullPath = query.isEmpty ? path : "\(path)?\(query)" let connection = NWConnection( to: .hostPort( host: .init(host), port: .init(integerLiteral: UInt16(url.port ?? 80)) ), using: parameters ) connection.stateUpdateHandler = { state in switch state { case .ready: print("Connected to proxy: \(proxyDetails[0])") let httpRequest = """ GET \(fullPath) HTTP/1.1\r Host: \(host)\r Connection: close\r Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0.1 Safari/605.1.15\r Accept-Language: en-US,en;q=0.9\r Accept-Encoding: gzip, deflate, br\r Sec-Fetch-Dest: document\r Sec-Fetch-Mode: navigate\r Sec-Fetch-Site: none\r Priority: u=0, i\r \r """ connection.send(content: httpRequest.data(using: .utf8), completion: .contentProcessed({ error in if let error = error { print("Failed to send request: \(error)") completion(false) return } // Read data until the connection is complete self.readAllData(connection: connection) { finalData, readError in if let readError = readError { print("Failed to receive response: \(readError)") completion(false) return } guard let data = finalData else { print("No data received or unable to read data.") completion(false) return } if let body = String(data: data, encoding: .utf8) { print("Received \(data.count) bytes") print("\n\nBody is \(body)") completion(true) } else { print("Unable to decode response body.") completion(false) } } })) case .failed(let error): print("Connection failed for proxy \(proxyDetails[0]): \(error)") completion(false) case .cancelled: print("Connection cancelled for proxy \(proxyDetails[0])") completion(false) case .waiting(let error): print("Connection waiting for proxy \(proxyDetails[0]): \(error)") completion(false) default: break } } connection.start(queue: .global()) } private func readAllData(connection: NWConnection, accumulatedData: Data = Data(), completion: @escaping (Data?, Error?) -&gt; Void) { connection.receive(minimumIncompleteLength: 1, maximumLength: 65536) { data, context, isComplete, error in if let error = error { completion(nil, error) return } // Append newly received data to what's been accumulated so far let newAccumulatedData = accumulatedData + (data ?? Data()) if isComplete { // If isComplete is true, the server closed the connection or ended the stream completion(newAccumulatedData, nil) } else { // Still more data to read, so keep calling receive self.readAllData(connection: connection, accumulatedData: newAccumulatedData, completion: completion) } } }
1
0
144
1w
wifi connect fail
Dear Apple: We encountered a problem when using the Wi-Fi connection feature. When calling the Wi-Fi connection interface NEHotspotConfigurationManager applyConfiguration, it fails probabilistically. After analyzing the air interface packets, it appears that the Apple device did not send the auth message. How should we locate this issue? Are there any points to pay attention to when calling the Wi-Fi connection interface? Thanks
2
0
177
1w
Behavior of Pending Receive Callbacks on Canceled NWConnection (UDP) Registered to Custom Serial Dispatch Queue
Hi Everyone, I’m working on a communication system for my app using NWConnection with the UDP protocol. The connection is registered to a custom serial dispatch queue. However, I’m trying to understand what the behavior will be in a scenario where the connection is canceled while there are still pending receive operations in progress. Scenario Overview: The sender is transmitting n = 100 packets to the receiver, out of which 40 packets have already been sent (i.e., delivered to the Receiver). The receiver has posted m = 20 pending receive operations, where each receive operation is responsible for handling one packet. The receiver has already successfully processed x = 10 packets. At the time of cancellation, the receiver’s buffer still holds m = 20 packets that are pending for processing, and k = 10 pending receive callbacks are in the dispatch queue, waiting to be executed. At same time when the 10th packet was processed another thread triggers .cancel() on this accepted NWConnection (on the receiver side), I need to understand the impact on the pending receive operations and their associated callbacks. My Questions: What happens to the k = 10 pending receive callbacks that are in the dispatch queue waiting to be triggered when the connection is canceled? Will these callbacks complete successfully and process the data? Or, because the connection is canceled, will they complete with failure? What happens to the remaining pending receive operations that were initiated but have not yet been scheduled in the dispatch queue? For the pending receive operations that were already initiated (i.e., the network stack is waiting to receive the data, but the callback hasn’t been scheduled yet), will they fail immediately when the connection is canceled? Or is there any chance that the framework might still process these receives before the cancellation fully takes effect?
1
0
170
1w
Input required on choice of HTTPS server stack on Apple Platforms for programmatic integration
We have a requirement to create a production quality application that also acts as HTTPS server for certain communication. The preference is for the server to support HTTP/1.1, HTTP/2 and HTTP/3 communication asynchronously, though not mandatory to support all the HTTP versions. Wanted to get the guidance, on which stack should be used, that is most reliable and that gives the maximum long term compatibility, sustainability and reliability. What is the recommended 'in-built' or 'available by default' stack on Apple Platform ? For HTTPS on HTTP/1.1 with synchronous mode operations ? For HTTPS on HTTP/1.1 with asynchronous mode operations ? For HTTPS on HTTP/2 with synchronous mode operations ? For HTTPS on HTTP/2 with asynchronous mode operations ? For HTTPS on HTTP/3 with asynchronous mode operations ? For HTTPS on HTTP/1.1 + HTTP/2 with synchronous mode operations ? For HTTPS on HTTP/1.1 + HTTP/2 with asynchronous mode operations ? For HTTPS on HTTP/1.1 + HTTP/2 + HTTP/3 with asynchronous mode operations ? What the generally recommended server stack that a typical application uses whether 'in-built' or 'available by default on Apple ' or 'not-available by default on Apple' stack. From the available stacks , we tried to evaluate the below stacks: https://opensource.apple.com/projects/swiftnio/ : We understand that while it’s not preinstalled as part of Apple's OSes, it is an official Swift package supported by Apple and can easily be added to your project. At the moment it supports HTTP/1.1 and HTTP/2. The link https://github.com/apple/swift-nio/issues/1730says that HTTP/3 will get added in the future. Is there any other HTTPS stack (built-in or third-party) that is recommended to the used on Apple's platform ? Our application is expected to be working on macOS, iOS, iPadOS, tvOS and watchOS. We understand that macOS also includes Apache HTTPD server. As our application is not primarily a Web Server (and also supports other protocols both in client and server mode), it looks integrating HTTPS directly into the application using a lightweight HTTP library with SSL/TLS support is a better option, in place of Apache HTTPD. From the document we know that swift-nio uses BoringSSL (swift-nio-ssl) which is prepackaged along with the swift-nio library, and it does not use the default Secure Transport. What is the reason being not using Secure Transport ? Now does it become the responsibility of the application using swift-nio to take care of updating BoringSSL with the patches.
1
0
135
1w