堆栈内存溢出
  简体   繁体   English

在iOS应用中唯一标识SSL握手

[英]Uniquely identify SSL Handshake in iOS app

 原文  2017-04-29 10:06:08       ios/ ssl

问题描述

According to https://stackoverflow.com/a/13373392/5945317 , the NSURLConnectionDelegate method 根据https://stackoverflow.com/a/13373392/5945317,NSURLConnectionDelegate方法 

- (void)connection:(NSURLConnection *)connection willSendRequestForAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge

identifies an SSL handshake. 标识SSL握手。

  1. is this the only method that gets called during an SSL handshake? 这是在SSL握手期间唯一被调用的方法吗?
  2. is this method called reliably on every SSL handshake (ie no false negatives) 是否在每次SSL握手时可靠地调用此方法(即无假否定)
  3. is this method only called during SSL handshake (ie no false positives) 在SSL握手期间调用此方法(即无误报)吗?

Esp. ESP。 regarding 3), I was surprised to see that it actually gets called again after about 2min, not as specified in other places (see link above) after 10mins. 关于3),我很惊讶地看到它实际上在大约2分钟后再次被调用,而不是在10分钟后在其他地方(参见上面的链接)指定的位置。

Thanks guys! 多谢你们!

2 个解决方案

解决方案1
 0  2017-05-10 13:22:40

After looking at the network layer and using simulator, i can report so much: 查看网络层并使用模拟器后,我可以报告很多:

  1. is this method called reliably on every SSL handshake (ie no false negatives) 是否在每次SSL握手时可靠地调用此方法(即无假否定)

it is only called on full handshakes ( https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_handshake ), not resumed handshakes ( https://en.wikipedia.org/wiki/Transport_Layer_Security#Resumed_TLS_handshake ) 仅在完整的握手( https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_handshake )上调用,而不会恢复握手( https://en.wikipedia.org/wiki/Transport_Layer_Security#Resumed_TLS_handshake

  1. is this method only called during SSL handshake (ie no false positives) 仅在SSL握手期间调用此方法(即无误报)吗?

empirically speaking, yes. 从经验上讲,是的。 Of course, i cannot guarantee it, but it seems very certain. 当然,我不能保证,但是似乎可以肯定。 The reason for it being called more often than expected was due to different endpoints (several IPs for the same domain, all starting its own TLS session). 之所以调用它的次数比预期的多,是因为端点不同(同一域的多个IP,都启动了自己的TLS会话)。

解决方案2
 0  2017-05-10 13:33:13

  1. I'm not sure what you mean by "only," but it is the NSURLConnectionDelegate method that is called at that point 我不确定“仅”的含义,但此时调用的是NSURLConnectionDelegate方法

  2. As Thomas noted, no. 正如Thomas所指出的,没有。

  3. No. It is called any time there is a authentication challenge. 否。只要有身份验证挑战,就可以调用它。 For example, for BasicAuth. 例如对于BasicAuth。

Note that NSURLSession is strongly recommended in current code over NSURLConnection . 请注意,在当前代码中,强烈建议通过NSURLConnection来使用NSURLSession (I believe all of NSURLConnection is now deprecated, though I haven't checked.) (我相信所有NSURLConnection现在都已弃用,尽管我没有检查过。)

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 iOS 应用 SSL 握手失败 - iOS app SSL handshake failed 在iOS中唯一标识设备 - Uniquely identify the device in iOS 如何在iOS中删除并重新安装的应用程序中唯一标识设备? - How to uniquely identify a device even the app deleted and reinstalled in iOS? 使用App Store收据唯一标识iOS iTunes帐户吗? - Uniquely identify iOS iTunes accounts using App Store receipts? 在iOS上唯一安全地标识用户 - Uniquely and safely identify a user on iOS 如何唯一地识别ios设备 - how to identify ios device uniquely iOS SSL握手失败 - iOS SSL handshake failed 以编程方式唯一地标识iOS 7及更高版本上的设备 - Uniquely identify programatically a device on iOS 7 and later iOS:从Storyboard中唯一标识ViewControllers - iOS: Uniquely identify ViewControllers from Storyboard 唯一标识多个用户的iOS设备 - Uniquely Identify iOS device over multiple users
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM