Archived Forum Post
Index of archived forum posts
Question:
Archived Forum PostQuestion:
I just downloaded the library for iOS 6 and now I cannot connect to a SSL socket (port 8443) anymore using exactly the same code as before:
CkoSocket *socket = [[[CkoSocket alloc] init] autorelease];
BOOL success;
success = [socket UnlockComponent: @"MY_KEY"];
if (success != YES) {
return NO;
}
BOOL ssl;
ssl = YES;
int maxWaitMillisec;
maxWaitMillisec = 20000;
// The SSL server hostname may be an IP address, a domain name,
// or "localhost".
NSString *sslServerHost;
sslServerHost = [self getDefaultServerUrl];
int sslServerPort;
sslServerPort = 8443;
// Connect to the SSL server:
success = [socket Connect: sslServerHost port: [NSNumber numberWithInt: sslServerPort] ssl: ssl maxWaitMs: [NSNumber numberWithInt: maxWaitMillisec]];
if (success != YES) {
return NO;
}
The old library could connect so "success" had the value "YES". Using the new library, the value is "NO". Did I miss anything important in the release notes or could this be a bug?
Make sure to post the lastErrorText (retrieve it after a method call that fails). That will be the first thing Matt will ask when he is online.
http://www.chilkatsoft.com/refdoc/objcCkoSocketDoc.html#prop037
Thanks - could have thought of that by myself... :)
Here is the log:
ChilkatLog:
Connect_Socket:
DllDate: Sep 13 2012
UnlockPrefix: DIFHROSocket
Username: iPhone-Christian:mobile
Architecture: Little Endian; 32-bit
Language: IOS Objective-C
VerboseLogging: 0
objectId: 1
hostname: https://MyHost
port: 8443
ssl: 1
maxWaitMs: 20000
ConnectTimeoutMs_1: 20000
calling ConnectSocket2
IPV6 enabled connect with NO heartbeat.
connectingTo: MyHost
socketErrno: 0
socketError: Undefined error: 0
gethostbyname_arg: https://MyHost
socketErrno: 0
socketError: Undefined error: 0
gethostbyname_arg: httpsMyHost
GetHostByNameHB_ipv4: Elapsed time: 4 millisec
Cannot get host by name..
hostname: https://MyHost
Failed.
--Connect_Socket
--ChilkatLog
Please note, that I replaced the real hostname in the log with "MyHost" due to personal reasons. If requrired, I can provide the real hostname in a private message. I tested this using 2 different hostnames and got the same result.
The problem happens on the device (mobile network 3G) as well as on the simulator (Wifi connection) when using the latest library.
Thanks for any hints...
I never used CkoSocket, but you could try to enter an IP address (just to check if it is the GetHostByName causing this issue).
Good luck.
Using the IP address results in the following log:
ChilkatLog:
Connect_Socket:
DllDate: Sep 13 2012
UnlockPrefix: DIFHROSocket
Username: iPhone-Christian:mobile
Architecture: Little Endian; 32-bit
Language: IOS Objective-C
VerboseLogging: 0
objectId: 1
hostname: https://MyIP
port: 8443
ssl: 1
maxWaitMs: 20000
ConnectTimeoutMs_1: 20000
calling ConnectSocket2
IPV6 enabled connect with NO heartbeat.
This is an IPV4 numeric address...
AddrInfoList:
AddrInfo:
ai_flags: 0
ai_family: 2
ai_socktype: 1
ai_protocol: 6
ai_addrlen: 16
ai_canonname: (NULL)
--AddrInfo
--AddrInfoList
Connect using IPV4.
ipAddress1: MyIP
Info: Socket operation in progress..
myIP_3: 10.76.45.181
myPort_3: 52014
connect successful (2)
clientHelloMajorMinorVersion: 3.1
buildClientHello:
majorVersion: 3
minorVersion: 1
numRandomBytes: 32
sessionIdSize: 0
numCipherSuites: 10
numCompressionMethods: 1
--buildClientHello
handshakeMessageType: ServerHello
handshakeMessageLen: 0x46
processHandshakeMessage:
MessageType: ServerHello
Processing ServerHello...
ServerHello:
MajorVersion: 3
MinorVersion: 1
SessionIdLen: 32
CipherSuite: RSA_WITH_AES_128_CBC_SHA
CipherSuite: 00,2f
CompressionMethod: 0
Queueing ServerHello message.
ServerHello is OK.
--ServerHello
--processHandshakeMessage
handshakeMessageType: Certificate
handshakeMessageLen: 0x12df
processHandshakeMessage:
MessageType: Certificate
ProcessCertificates:
Certificate:
derSize: 1484
certSubjectCN: MyHost
certSerial: 5275D610F5AF49316555E1D8B5406501
certIssuerCN: VeriSign Class 3 Secure Server CA - G3
--Certificate
Certificate:
derSize: 1520
certSubjectCN: VeriSign Class 3 Secure Server CA - G3
certSerial: 6ECC7AA5A7032009B8CEBCF4E952D491
certIssuerCN: VeriSign Class 3 Public Primary Certification Authority - G5
--Certificate
Certificate:
derSize: 1236
certSubjectCN: VeriSign Class 3 Public Primary Certification Authority - G5
certSerial: 250CE8E030612E9F2B89F7054D7CF8FD
certIssuerCN:
--Certificate
Certificate:
derSize: 576
certSubjectCN:
certSerial: 3C9131CB1FF6D01B0E9AB8D044BF12BE
certIssuerCN:
--Certificate
NumCertificates: 4
Queueing Certificates message...
--ProcessCertificates
--processHandshakeMessage
handshakeMessageType: ServerHelloDone
handshakeMessageLen: 0x0
processHandshakeMessage:
MessageType: ServerHelloDone
Queueing HelloDone message.
--processHandshakeMessage
HandshakeQueue:
MessageType: ServerHello
MessageType: Certificate
MessageType: ServerHelloDone
--HandshakeQueue
Dequeued ServerHello message.
Dequeued Certificate message.
DequeuedMessageType: ServerHelloDone
OK to ServerHelloDone!
No client certificate required by the server.
Encrypted pre-master secret with server certificate RSA public key is OK.
Sending ClientKeyExchange...
Sent ClientKeyExchange message.
Sending ChangeCipherSpec...
Sent ChangeCipherSpec message.
Derived keys.
Installed new outgoing security params.
Sending FINISHED message..
algorithm: aes
keyLength: 128
Sent FINISHED message..
TlsAlert:
level: fatal
descrip: handshake failure
--TlsAlert
Failed to read incoming handshake messages. (3)
Client handshake failed. (3)
Failed.
--Connect_Socket
--ChilkatLog
GetHostByName seems to be at least a part of the problem - now the handshake fails according to the log.
I will leave this to Matt, he should be online in one or two hours ;-)
Oh, please enclose those lastErrors with html <pre> and </pre> tags - a bit more readable.
Thanks Gert! I'll have a look to see if there's something wrong with the iOS 6 build.
The initial problem is that "https://MyHost" is not a hostname, it is a URL. The hostname should be either a domain name, or an IP address. It should not be a URL.
I tested the same on iOS6 but did not reproduce the problem. If you are able to provide the IP address, I'll be happy to try connecting to it.
PS> Also, there were numerous existing Chilkat customers all needing iOS6 builds, and I haven't received any problem reports from them...
Matt,
Are you just suggesting to Chris he should use MyHost instead of https//MyHost
(or 1.2.3.4 instead of https://1.2.3.4)
Thank you for the clarification. I just retested it using the domain name instead of the complete URL (although this was working in the previous version of the library) and the result is:
ChilkatLog:
Connect_Socket:
DllDate: Sep 13 2012
UnlockPrefix: DIFHROSocket
Username: iPhone-Christian:mobile
Architecture: Little Endian; 32-bit
Language: IOS Objective-C
VerboseLogging: 0
objectId: 1
hostname: MyHost
port: 8443
ssl: 1
maxWaitMs: 20000
ConnectTimeoutMs_1: 20000
calling ConnectSocket2
IPV6 enabled connect with NO heartbeat.
connectingTo: MyHost
GetHostByNameHB_ipv4: Elapsed time: 3 millisec
Info: Socket operation in progress..
myIP_1: 192.168.1.19
myPort_1: 52608
connect successful (1)
clientHelloMajorMinorVersion: 3.1
buildClientHello:
majorVersion: 3
minorVersion: 1
numRandomBytes: 32
sessionIdSize: 0
numCipherSuites: 10
numCompressionMethods: 1
--buildClientHello
handshakeMessageType: ServerHello
handshakeMessageLen: 0x46
processHandshakeMessage:
MessageType: ServerHello
Processing ServerHello...
ServerHello:
MajorVersion: 3
MinorVersion: 1
SessionIdLen: 32
CipherSuite: RSA_WITH_AES_128_CBC_SHA
CipherSuite: 00,2f
CompressionMethod: 0
Queueing ServerHello message.
ServerHello is OK.
--ServerHello
--processHandshakeMessage
handshakeMessageType: Certificate
handshakeMessageLen: 0x12df
processHandshakeMessage:
MessageType: Certificate
ProcessCertificates:
Certificate:
derSize: 1484
certSubjectCN: MyHost
certSerial: 5275D610F5AF49316555E1D8B5406501
certIssuerCN: VeriSign Class 3 Secure Server CA - G3
--Certificate
Certificate:
derSize: 1520
certSubjectCN: VeriSign Class 3 Secure Server CA - G3
certSerial: 6ECC7AA5A7032009B8CEBCF4E952D491
certIssuerCN: VeriSign Class 3 Public Primary Certification Authority - G5
--Certificate
Certificate:
derSize: 1236
certSubjectCN: VeriSign Class 3 Public Primary Certification Authority - G5
certSerial: 250CE8E030612E9F2B89F7054D7CF8FD
certIssuerCN:
--Certificate
Certificate:
derSize: 576
certSubjectCN:
certSerial: 3C9131CB1FF6D01B0E9AB8D044BF12BE
certIssuerCN:
--Certificate
NumCertificates: 4
Queueing Certificates message...
--ProcessCertificates
--processHandshakeMessage
handshakeMessageType: ServerHelloDone
handshakeMessageLen: 0x0
processHandshakeMessage:
MessageType: ServerHelloDone
Queueing HelloDone message.
--processHandshakeMessage
HandshakeQueue:
MessageType: ServerHello
MessageType: Certificate
MessageType: ServerHelloDone
--HandshakeQueue
Dequeued ServerHello message.
Dequeued Certificate message.
DequeuedMessageType: ServerHelloDone
OK to ServerHelloDone!
No client certificate required by the server.
Encrypted pre-master secret with server certificate RSA public key is OK.
Sending ClientKeyExchange...
Sent ClientKeyExchange message.
Sending ChangeCipherSpec...
Sent ChangeCipherSpec message.
Derived keys.
Installed new outgoing security params.
Sending FINISHED message..
algorithm: aes
keyLength: 128
Sent FINISHED message..
TlsAlert:
level: fatal
descrip: handshake failure
--TlsAlert
Failed to read incoming handshake messages. (3)
Client handshake failed. (3)
Failed.
--Connect_Socket
--ChilkatLog
This new build may solve the problem:
http://www.chilkatsoft.com/preRelease/Chilkat-9.3.2-IOS-6.0.zip
There have been numerous issues reported by many Chilkat customers having to do with the new iOS 6 device builds (the simulator build is reported to work in all cases).
The solution was to build the Chilkat libs with a lower compiler optimization setting. There must be some invalid optimized code produced by the llvm-gcc-4.2 for the armv7 and armv7s devices. The optimization has been changed from "-Os" to "-O1". This has solved the problems of all customers that have so far tested the new build.