TCP/TCPEndpoint.h
author Dan Preston <danpreston@codechemistry.com>
Tue May 05 14:46:42 2009 -0700 (2009-05-05)
changeset 36 5165944a89b3
parent 8 6f539dd9921c
permissions -rw-r--r--
Fixed a double release in a garbage collected environment.
     1 //
     2 //  TCPEndpoint.h
     3 //  MYNetwork
     4 //
     5 //  Created by Jens Alfke on 5/14/08.
     6 //  Copyright 2008 Jens Alfke. All rights reserved.
     7 //
     8 
     9 #import <Foundation/Foundation.h>
    10 #import <Security/SecBase.h>
    11 #if TARGET_OS_IPHONE
    12 #include <CFNetwork/CFSocketStream.h>
    13 #else
    14 #import <CoreServices/CoreServices.h>
    15 #endif
    16 
    17 
    18 // SSL properties:
    19 
    20 /** This defines the SSL identity to be used by this endpoint.
    21     The value is an NSArray (or CFArray) whose first item must be a SecIdentityRef;
    22     optionally, it can also contain SecCertificateRefs for supporting certificates in the
    23     validation chain. */
    24 #define kTCPPropertySSLCertificates  ((NSString*)kCFStreamSSLCertificates)
    25 
    26 /** If set to YES, the connection will accept self-signed certificates from the peer,
    27     or any certificate chain that terminates in an unrecognized root. */
    28 #define kTCPPropertySSLAllowsAnyRoot ((NSString*)kCFStreamSSLAllowsAnyRoot)
    29 
    30 /** This sets the hostname that the peer's certificate must have.
    31     (The default value is the hostname, if any, that the connection was opened with.)
    32     Setting a value of [NSNull null] completely disables host-name checking. */
    33 #define kTCPPropertySSLPeerName      ((NSString*)kCFStreamSSLPeerName)
    34 
    35 /** Specifies whether the client (the peer that opened the connection) will use a certificate.
    36     The value is a TCPAuthenticate enum value wrapped in an NSNumber. */
    37 extern NSString* const kTCPPropertySSLClientSideAuthentication;
    38 
    39 typedef enum {
    40 	kTCPNeverAuthenticate,			/* skip client authentication */
    41 	kTCPAlwaysAuthenticate,         /* require it */
    42 	kTCPTryAuthenticate             /* try to authenticate, but not error if client has no cert */
    43 } TCPAuthenticate; // these MUST have same values as SSLAuthenticate enum in SecureTransport.h!
    44 
    45 
    46 /** Abstract base class of TCPConnection and TCPListener.
    47     Mostly just manages the SSL properties. */
    48 @interface TCPEndpoint : NSObject
    49 {
    50     NSMutableDictionary *_sslProperties;
    51     id _delegate;
    52 }
    53 
    54 /** The desired security level. Use the security level constants from NSStream.h,
    55     such as NSStreamSocketSecurityLevelNegotiatedSSL. */
    56 @property (copy) NSString *securityLevel;
    57 
    58 /** Detailed SSL settings. This is the same as CFStream's kCFStreamPropertySSLSettings
    59     property. */
    60 @property (copy) NSMutableDictionary *SSLProperties;
    61 
    62 /** Shortcut to set a single SSL property. */
    63 - (void) setSSLProperty: (id)value 
    64                  forKey: (NSString*)key;
    65 
    66 /** High-level setup for secure P2P connections. Uses the given identity for SSL,
    67     requires peers to use SSL, turns off root checking and peer-name checking. */
    68 - (void) setPeerToPeerIdentity: (SecIdentityRef)identity;
    69 
    70 //protected:
    71 - (void) tellDelegate: (SEL)selector withObject: (id)param;
    72 
    73 @end