* The BLIPConnection receivedRequest: delegate method now returns BOOL. If the method returns NO (or if the method isn't implemented in the delegate), that means it didn't handle the message at all; an error will be returned to the sender.
* If the connection closes unexpectedly due to an error, then the auto-generated responses to pending requests will contain that error. This makes it easier to display a meaningful error message in the handler for the request.
5 // Created by Jens Alfke on 5/14/08.
6 // Copyright 2008 Jens Alfke. All rights reserved.
9 #import <Foundation/Foundation.h>
10 #import <Security/SecBase.h>
12 #include <CFNetwork/CFSocketStream.h>
14 #import <CoreServices/CoreServices.h>
20 /** This defines the SSL identity to be used by this endpoint.
21 The value is an NSArray (or CFArray) whose first item must be a SecIdentityRef;
22 optionally, it can also contain SecCertificateRefs for supporting certificates in the
24 #define kTCPPropertySSLCertificates ((NSString*)kCFStreamSSLCertificates)
26 /** If set to YES, the connection will accept self-signed certificates from the peer,
27 or any certificate chain that terminates in an unrecognized root. */
28 #define kTCPPropertySSLAllowsAnyRoot ((NSString*)kCFStreamSSLAllowsAnyRoot)
30 /** This sets the hostname that the peer's certificate must have.
31 (The default value is the hostname, if any, that the connection was opened with.)
32 Setting a value of [NSNull null] completely disables host-name checking. */
33 #define kTCPPropertySSLPeerName ((NSString*)kCFStreamSSLPeerName)
35 /** Specifies whether the client (the peer that opened the connection) will use a certificate.
36 The value is a TCPAuthenticate enum value wrapped in an NSNumber. */
37 extern NSString* const kTCPPropertySSLClientSideAuthentication;
40 kTCPNeverAuthenticate, /* skip client authentication */
41 kTCPAlwaysAuthenticate, /* require it */
42 kTCPTryAuthenticate /* try to authenticate, but not error if client has no cert */
43 } TCPAuthenticate; // these MUST have same values as SSLAuthenticate enum in SecureTransport.h!
46 /** Abstract base class of TCPConnection and TCPListener.
47 Mostly just manages the SSL properties. */
48 @interface TCPEndpoint : NSObject
50 NSMutableDictionary *_sslProperties;
54 /** The desired security level. Use the security level constants from NSStream.h,
55 such as NSStreamSocketSecurityLevelNegotiatedSSL. */
56 @property (copy) NSString *securityLevel;
58 /** Detailed SSL settings. This is the same as CFStream's kCFStreamPropertySSLSettings
60 @property (copy) NSMutableDictionary *SSLProperties;
62 /** Shortcut to set a single SSL property. */
63 - (void) setSSLProperty: (id)value
64 forKey: (NSString*)key;
66 /** High-level setup for secure P2P connections. Uses the given identity for SSL,
67 requires peers to use SSL, turns off root checking and peer-name checking. */
68 - (void) setPeerToPeerIdentity: (SecIdentityRef)identity;
71 - (void) tellDelegate: (SEL)selector withObject: (id)param;