I'm using Network to establish a connection to various SMTP servers. For SMTP servers that use SSL on port 465, using the following code to establish the connection and communicate with the server works fine (read/write code omitted): nw_endpoint_t endpoint = nw_endpoint_create_host("smtp.example.com", "465"); nw_parameters_t parameters = nw_parameters_create_secure_tcp(NW_PARAMETERS_DEFAULT_CONFIGURATION, NW_PARAMETERS_DEFAULT_CONFIGURATION); nw_connection_t connection = nw_connection_create(endpoint, parameters); nw_connection_set_queue(connection, dispatch_get_main_queue()); nw_connection_set_state_changed_handler(connection, ^(nw_connection_state_t state, nw_error_t error) { //... } nw_connection_start(connection); For servers on port 587 that require an insecure connection at start then renegotiate a TLS handshake with the STARTTLS command, I change the parameters like so: nw_parameters_t parameters = nw_parameters_create_secure_tcp(NW_PARAMETERS_DISABLE_PROTOCOL, NW_PARAMETERS_DEFAULT_CONFIGURATION); This does allow me to establish the connection to the SMTP server but I'm stumped on how to initiate TLS on the established connection after invoking the STARTTLS command and receiving an OK response from the SMTP server. How do I add TLS options to an existing connected nw_connection_t connection?

I'm new to Networking, so forgive me if this is a silly question: In the sample code, Building a custom peer-to-peer protocol, TLS is configured as follows: // Create TLS options using a passcode to derive a pre-shared key. private static func tlsOptions(passcode: String) -> NWProtocolTLS.Options { let tlsOptions = NWProtocolTLS.Options() let authenticationKey = SymmetricKey(data: passcode.data(using: .utf8)!) var authenticationCode = HMAC<SHA256>.authenticationCode(for: "TicTacToe".data(using: .utf8)!, using: authenticationKey) let authenticationDispatchData = withUnsafeBytes(of: &authenticationCode) { (ptr: UnsafeRawBufferPointer) in DispatchData(bytes: ptr) } sec_protocol_options_add_pre_shared_key(tlsOptions.securityProtocolOptions, authenticationDispatchData as __DispatchData, stringToDispatchData("TicTacToe")! as __DispatchData) sec_protocol_options_append_tls_ciphersuite(tlsOptions.securityProtocolOptions, tls_ciphersuite_t(rawValue: TLS_PSK_WITH_AES_128_GCM_SHA256)!) return tlsOptions } The sample code touts the connection as secure ("...uses Bonjour and TLS to establish secure connections between nearby devices"), but to my untrained eye it doesn't seem so. My reasoning is as follows: If I adapt this code as-is, so connections between two instances of my app use SymmetricKeys derived from the four-digit passcode, then wouldn't my encryption be easy to break by an adversary who sends 0000...9999 and records corresponding changes in the encryption, exposing my app to all sorts of attacks? The sample uses the passcode to validate the connection (host user shows client user the passcode, which is manually entered), which is a feature I would like to keep in some form or another, which is why this is causing so many headaches. Generally speaking, is there a way to secure a local peer-to-peer connection over Network.framework that doesn't involve certificates? If certificates are the only way, are there good resources you can recommend?

I have a sample iOS app in Xcode that I run in the iOS 17.5 Simulator. It creates a WKWebView and configures a proxy via the ProxyConfiguration API, it works as expected unless the proxy tries to establish mTLS. It seems there is no way to handle the client certificate request when using a proxy. If I navigate to a page that requests mTLS without a proxy configured, it works as expected. Here is a minimal repro: #import "ViewController.h" #import &lt;WebKit/WebKit.h&gt; @import Foundation; @import WebKit; @interface ViewController () &lt;WKNavigationDelegate&gt; @property (nonatomic,strong) WKWebView* webView; @property (nonatomic, strong) WKWebViewConfiguration * webConfig; @end @implementation ViewController - (void)loadView { [super loadView]; nw_protocol_options_t tls_options = nw_tls_create_options(); sec_protocol_options_t sec_options = nw_tls_copy_sec_protocol_options(tls_options); sec_protocol_options_set_challenge_block( sec_options, ^(sec_protocol_metadata_t metadata, sec_protocol_challenge_complete_t challenge_complete) { NSLog(@"Inside of challenge block"); challenge_complete(nil); }, dispatch_get_main_queue()); nw_endpoint_t proxy_endpoint = nw_endpoint_create_host(GetHost(), GetPort()); nw_relay_hop_t relay = nw_relay_hop_create(nil, proxy_endpoint, tls_options); nw_proxy_config_t proxy_config = nw_proxy_config_create_relay(relay, nil); nw_proxy_config_add_match_domain(proxy_config, "api.ipify.org"); self.webConfig = [[WKWebViewConfiguration alloc] init]; self.webConfig.websiteDataStore = [WKWebsiteDataStore nonPersistentDataStore]; self.webConfig.websiteDataStore.proxyConfigurations = @[ proxy_config ]; self.webView = [[WKWebView alloc] initWithFrame:self.view.frame configuration:self.webConfig]; self.webView.navigationDelegate = self; [self.view addSubview:self.webView]; } - (void)viewDidLoad { [super viewDidLoad]; NSLog(@"%s",__func__); NSURL* url = [[NSURL alloc] initWithString:@"https://api.ipify.org"]; NSURLRequest* request = [[NSURLRequest alloc] initWithURL:url]; [self.webView loadRequest:request]; } - (void)webView:(WKWebView *)webView didStartProvisionalNavigation:(WKNavigation *)navigation { NSLog(@"%s",__func__); } - (void)webView:(WKWebView *)webView didFailProvisionalNavigation:(WKNavigation *)navigation withError:(NSError *)error { NSLog(@"%s. Error %@",__func__,error); } - (void)webView:(WKWebView *)webView didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge completionHandler:(void (^)(NSURLSessionAuthChallengeDisposition, NSURLCredential *))completionHandler { NSLog(@"%s",__func__); NSLog(@"protection space: %@", challenge.protectionSpace.authenticationMethod); completionHandler(NSURLSessionAuthChallengePerformDefaultHandling, nil); } @end The logs for this code show: -[ViewController viewDidLoad] -[ViewController webView:didStartProvisionalNavigation:] -[ViewController webView:didFailProvisionalNavigation:withError:]. Error Error Domain=NSURLErrorDomain Code=-1206 "The server “api.ipify.org” requires a client certificate." If we don't set up the ProxyConfiguration and navigate to a site that requires mTLS, the logs look like this: -[ViewController viewDidLoad] -[ViewController webView:didReceiveAuthenticationChallenge:completionHandler:] protection space: NSURLAuthenticationMethodServerTrust -[ViewController webView:didReceiveAuthenticationChallenge:completionHandler:] protection space: NSURLAuthenticationMethodClientCertificate -[ViewController webView:didStartProvisionalNavigation:] //... Eventually the request fails but the key difference is that didReceiveAuthenticationChallenge was invoked. When using the ProxyConfiguration neither that function nor the block we set via sec_protocol_options_set_challenge_block were run. I also tried to provide the client identity via sec_protocol_options_set_local_identity to no avail, and I've tried configuring these options too but they had no effect sec_protocol_options_add_tls_application_protocol(sec_options, "h2"); sec_protocol_options_set_max_tls_protocol_version(sec_options, tls_protocol_version_TLSv13); sec_protocol_options_set_peer_authentication_required(sec_options, true); Am I missing something? Or is this a bug in the ProxyConfiguration API?

Hello, I am trying to get network statistics using Swift on macOS. I am attempting to obtain: total input bytes total output bytes total input packets total output packets The following code works in the app as far as I can tell so far, but... the for-loop is a hack that I'd like to correct by properly iterating over all the interfaces. import Foundation import OSLog struct NetworkStatisticsData { var totalInputBytes: UInt64 = 0 var totalOutputBytes: UInt64 = 0 var totalInputPackets: UInt64 = 0 var totalOutputPackets: UInt64 = 0 } final class NetworkStatistics: Sendable { private let logger = Logger(subsystem: Bundle.main.bundleIdentifier!, category: "SwiftNetworkInformation") func getNetworkStatistics() -> NetworkStatisticsData { var networkStatisticsData = NetworkStatisticsData() for i in 1..<24 { // <- this for-loop should be iterating over a list of interfaces. NET_RT_IFLIST2 ? var keys: [Int32] = [ CTL_NET, PF_LINK, NETLINK_GENERIC, IFMIB_IFDATA, Int32(i), IFDATA_GENERAL ] var mibData: ifmibdata = ifmibdata() var mibDataSize: size_t = MemoryLayout<ifmibdata>.size if sysctl(&keys, u_int(keys.count), &mibData, &mibDataSize, nil, 0) < 0 { logger.error("sysctl error getting mib data: \(String(describing: strerror(errno)))") } networkStatisticsData.totalInputPackets += mibData.ifmd_data.ifi_ipackets networkStatisticsData.totalOutputPackets += mibData.ifmd_data.ifi_opackets networkStatisticsData.totalInputBytes += mibData.ifmd_data.ifi_ibytes networkStatisticsData.totalOutputBytes += mibData.ifmd_data.ifi_obytes } return networkStatisticsData } } Any thoughts on how to iterate over all of the network interfaces (maybe using NET_RT_IFLIST2)? When I run ifconfig in the terminal, there are 24 interfaces, hence the reason for 24 in the for-loop.

Initially, my task was to determine which type of connection is being used at the moment: 5G or 4G. And I found "CTTelephonyNetworkInfo().serviceCurrentRadioAccessTechnology" but there is a problem when the device has more than one sim. My iPhone has two sims, one physical and one electronic. I need to determine which one is used to access the network. I tried to use "CTTelephonyNetworkInfo().serviceCurrentRadioAccessTechnology" but it is a dictionary [String: String] that only indicates the connection of each of the cards, and it is not possible to find out which one is active from this dictionary. So how can I determine which of the two cards are currently being used to access the Internet?

Is it possible to develop two apps in which one should use cellular data only and another one should connect with Wi-Fi socket for data communication?

As TN3135 clearly explains the limitations apple puts on the low level networking, it doesn’t really give a reason. Presumably the power consumption problem. But as the battery technology continues evolving, it could be exciting that apple might loose the restrictions someday. The watch itself is powerful enough to do a lot of sophisticated works, sure it works best with companion apps on iPhone, but even as a standalone device, we can still provide many advanced user experience with low level networking supports. wish apple guys can read it and give a consideration.

Hi I'm getting this issue: Crashed: com.apple.network.connections 0 libsystem_kernel.dylib 0xa974 __pthread_kill + 8 1 libsystem_pthread.dylib 0x60ec pthread_kill + 268 2 libsystem_c.dylib 0x75b80 abort + 180 3 libsystem_malloc.dylib 0x2bc68 malloc_vreport + 896 4 libsystem_malloc.dylib 0x2bf10 malloc_zone_error + 104 5 libsystem_malloc.dylib 0x21a44 nanov2_guard_corruption_detected + 44 6 libsystem_malloc.dylib 0x7f84 nanov2_find_block_and_allocate + 402 7 libc++abi.dylib 0x16b84 operator new(unsigned long) + 52 8 Network 0x7e8c void std::__1::vector<nw_object_wrapper_t, std::__1::allocator<nw_object_wrapper_t> >::__emplace_back_slow_path<nw_object*&>(nw_object*&) + 124 9 Network 0x7dd8 nw_array_append + 280 10 Network 0xc3d0 __nw_resolver_insert_endpoint_locked_block_invoke + 1036 11 Network 0xbd80 nw_array_apply + 124 12 Network 0x77250 nw_resolver_insert_endpoint_locked + 256 13 Network 0x770b8 nw_resolver_insert_address + 1356 14 Network 0x29a850 __nw_resolver_create_dns_getaddrinfo_locked_block_invoke.187 + 7836 15 libdns_services.dylib 0x1000 ___dnssd_getaddrinfo_activate_block_invoke + 216 16 libdispatch.dylib 0x3dd4 _dispatch_client_callout + 20 17 libdispatch.dylib 0x72d8 _dispatch_continuation_pop + 600 18 libdispatch.dylib 0x1b1c8 _dispatch_source_latch_and_call + 420 19 libdispatch.dylib 0x19d8c _dispatch_source_invoke + 832 20 libdispatch.dylib 0xd284 _dispatch_workloop_invoke + 1756 21 libdispatch.dylib 0x16cb4 _dispatch_root_queue_drain_deferred_wlh + 288 22 libdispatch.dylib 0x16528 _dispatch_workloop_worker_thread + 404 23 libsystem_pthread.dylib 0x1f20 _pthread_wqthread + 288 24 libsystem_pthread.dylib 0x1fc0 start_wqthread + 8

I need to obtain data through mqtt and subscription? Is there any idea or framework ？ Think you

Hey everyone, I'm tackling a scenario where I need to fetch a comprehensive list of both IPv4 and IPv6 addresses linked to a particular DNS. I know about the POSIX function getaddrinfo(), but I'm on the lookout for an asynchronous solution. Previously, I could've used CFHost, but unfortunately, it's been deprecated. Any suggestions or insights on how to achieve this asynchronously would be greatly appreciated! Thanks, Harshal

Hello, I've been encountering some challenges while working with NWConnectionGroup and NWMulticastGroup for multicast operations on iOS. I have a few doubts and issues that I would like to address: 1. NWMulticastGroup Initialization It seems that when initializing NWMulticastGroup, only one NWEndpoint can be passed, and attempting to pass multiple endpoints results in failure. Can someone confirm if this behavior is correct? 2. Interface Level Control Upon initializing NWConnectionGroup, it appears that packets are received on all interfaces without the ability to control this at the interface level. Is this correct? If not is there a way to configure NWConnectionGroup to receive packets on all interfaces? 3. Sending Behavior During the send operation, it appears that the data is sent through any one of the available interfaces, and there doesn't seem to be an option to configure it to send through all available endpoints. Is there a way to enable sending data through all available endpoints? Any insights, guidance, or solutions to these issues would be greatly appreciated. Has anyone else encountered similar problems or found workarounds for these limitations? Thank you for your assistance and support. Thanks, Harshal

I would like to determine why communication with the server is failing. The following situation. ・An SSL error occurs when communicating with the server. ATS failed system trust Connection 13: system TLS Trust evaluation failed(-9802) Connection 13: TLS Trust encountered error 3:-9802 Connection 13: encountered error(3:-9802) nw_connection_copy_connected_local_endpoint_block_invoke [C14] Client called nw_connection_copy_connected_local_endpoint on unconnected nw_connection nw_connection_copy_connected_remote_endpoint_block_invoke [C14] Client called nw_connection_copy_connected_remote_endpoint on unconnected nw_connection nw_connection_copy_protocol_metadata_internal_block_invoke [C14] Client called nw_connection_copy_protocol_metadata_internal on unconnected nw_connection Task <07B896CB-44B4-44BC-87B4-EB786D5B25DA>.<10> HTTP load failed, 0/0 bytes (error code: -1200 [3:-9802]) Task <07B896CB-44B4-44BC-87B4-EB786D5B25DA>.<10> finished with error [-1200] Error Domain=NSURLErrorDomain Code=-1200 "SSLエラーが起きたため、サーバへのセキュリティ保護された接続を確立できません。" UserInfo={NSLocalizedRecoverySuggestion=それでもサーバに接続しますか?, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=( "<cert(0x1091bca00) s: Default Company Ltd i: Default Company Ltd>" ), NSErrorClientCertificateStateKey=0, NSErrorFailingURLKey=https://xxxx, NSErrorFailingURLStringKey=https://xxxx, NSUnderlyingError=0x2838e96e0 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x28073aa80>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9802, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9802, kCFStreamPropertySSLPeerCertificates=( "<cert(0x1091bca00) s: Default Company Ltd i: Default Company Ltd>" )}}, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <07B896CB-44B4-44BC-87B4-EB786D5B25DA>.<10>" ), _kCFStreamErrorCodeKey=-9802, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <07B896CB-44B4-44BC-87B4-EB786D5B25DA>.<10>, NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x28073aa80>, NSLocalizedDescription=SSLエラーが起きたため、サーバへのセキュリティ保護された接続を確立できません。} ・I checked that server for ATS (App Transport Security) support with the nscurl command and found that it supported it without any problems. ・The error content changes when an ATS exception is handled by the iOS client. Connection 35: default TLS Trust evaluation failed(-9807) Connection 35: TLS Trust encountered error 3:-9807 Connection 35: encountered error(3:-9807) nw_connection_copy_connected_local_endpoint_block_invoke [C36] Client called nw_connection_copy_connected_local_endpoint on unconnected nw_connection nw_connection_copy_connected_remote_endpoint_block_invoke [C36] Client called nw_connection_copy_connected_remote_endpoint on unconnected nw_connection nw_connection_copy_protocol_metadata_internal_block_invoke [C36] Client called nw_connection_copy_protocol_metadata_internal on unconnected nw_connection Task <882E38EE-4E0D-4428-A4BE-709BB8448530>.<34> HTTP load failed, 0/0 bytes (error code: -1202 [3:-9807]) Task <882E38EE-4E0D-4428-A4BE-709BB8448530>.<34> finished with error [-1202] Error Domain=NSURLErrorDomain Code=-1202 "このサーバの証明書は無効です。"xxxx"に偽装したサーバに接続している可能性があり、機密情報が漏えいするおそれがあります。" UserInfo={NSLocalizedRecoverySuggestion=それでもサーバに接続しますか?, _kCFStreamErrorDomainKey=3, NSErrorPeerCertificateChainKey=( "<cert(0x14c2e9000) s: Default Company Ltd i: Default Company Ltd>" ), NSErrorClientCertificateStateKey=0, NSErrorFailingURLKey=https://xxxx, NSErrorFailingURLStringKey=https://xxxx, NSUnderlyingError=0x281d86310 {Error Domain=kCFErrorDomainCFNetwork Code=-1202 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, kCFStreamPropertySSLPeerTrust=<SecTrustRef: 0x2823f7200>, _kCFNetworkCFStreamSSLErrorOriginalValue=-9807, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9807, kCFStreamPropertySSLPeerCertificates=( "<cert(0x14c2e9000) s: Default Company Ltd i: Default Company Ltd>" )}}, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <882E38EE-4E0D-4428-A4BE-709BB8448530>.<34>" ), _kCFStreamErrorCodeKey=-9807, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <882E38EE-4E0D-4428-A4BE-709BB8448530>.<34>, NSURLErrorFailingURLPeerTrustErrorKey=<SecTrustRef: 0x2823f7200>, NSLocalizedDescription=このサーバの証明書は無効です。"xxxx"に偽装したサーバに接続している可能性があり、機密情報が漏えいするおそれがあります。} ・Client can communicate normally when client is not iOS (also Safari) ・Even on iOS, after many failed attempts, the communication suddenly succeeds (after success, the session cache is consulted). The server appears to be fine, but that said, iOS is failing to communicate. What are possible cases like this?

I'm trying to use rvictl but here's what I run into > rvictl Could not get list of devices > sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.rpmuxd.plist Load failed: 5: Input/output error Try running `launchctl bootstrap` as root for richer errors. > ls /System/Library/LaunchDaemons/com.apple.rpmuxd.plist ls: /System/Library/LaunchDaemons/com.apple.rpmuxd.plist: No such file or directory XCode version 15.3 MacOS Sonoma 14.4.1 Apple M1 Max

Hello, I'm looking for a way to detect using NWPathMonitor when the iOS device is connected to a router but not to the internet. As an example a mobile router WiFi without SIM. In settings I'm able to switch the connection to its WiFi, once connected a label below the SSID shows Not connected to the internet. I would like to show the same thing to the user inside my app, but unfortunately I always get the satisfied answer. Am I missing something in configuring NWPathMonitor or reading the answer? final class InternetConnectionMonitor { lazy var internetConnectionStatusPublisher: AnyPublisher&lt;InternetConnectionStatus, Never&gt; = { _internetConnectionStatusSubject .compactMap{ $0 } .eraseToAnyPublisher() }() var lastInternetConnectionStatus: InternetConnectionStatus? { _internetConnectionStatusSubject.value } private let _internetConnectionStatusSubject = CurrentValueSubject&lt;InternetConnectionStatus?, Never&gt;(nil) private let pathMonitor = NWPathMonitor() private let pathMonitorQueue = DispatchQueue(label: "com.xxxxx-network-monitor", qos: .default) init() { startPathMonitoring() } private func startPathMonitoring() { pathMonitor.pathUpdateHandler = { [weak self] path in guard let self else { return } let networkStatus = InternetConnectionStatus(from: path) self._internetConnectionStatusSubject.send(networkStatus) } pathMonitor.start(queue: pathMonitorQueue) } }

Users have reported unusually high data usage with my app. So to investigate I have profiled in instruments. My app as expected in using minimal data. However in instruments I see an "Unknown" process. Which sends around 1mb of data every 2 seconds. Can anyone explain what unknown process is? Sorry my question is vague but I'm at the beginning of understanding the instruments outputs so your help is so very much appreciated.

We've released our app on the App Store and are facing the following issue: Some users are unable to connect to the server with the app, and the "Cellular Data" settings for our app are missing in the system settings. The app is developer on Qt framework (qt.io) This is how it should be This is what some users reporting - app unable to make requests to the server by https (request timeout) Why it happening? Any tips how to fix?

Hi, I observed some unexpected behavior and hope that someone can enlighten me as to what this is about: mDNSResponder prepends IP / network based default search domains that are checked before any other search domain. E.g. 0.1.168.192.in-addr.arpa. would be used for an interface with an address in the the 192.168.1.0/24 subnet. This is done for any configured non-link-local IP address. I tried to find any mention of an approach like this in RFCs but couldn't spot anything. Please note that this is indeed a search domain and different from reverse-DNS lookups. Example output of tcpdump for ping devtest: 10:02:13.850802 IP (tos 0x0, ttl 64, id 43461, offset 0, flags [none], proto UDP (17), length 92) 192.168.1.2.52319 &gt; 192.168.1.1.53: 54890+ [1au] A? devtest.0.1.168.192.in-addr.arpa. (64) I was able to identify the code that adds those default IP subnet based search domains but failed to spot any indication as to what this is about: https://github.com/apple-oss-distributions/mDNSResponder/blob/d5029b5/mDNSMacOSX/mDNSMacOSX.c#L4171-L4211 Does anyone here have an ideas as to what this might be about?

The man page for getifaddrs states: The ifa_data field references address family specific data. For AF_LINK addresses it contains a pointer to the struct if_data (as defined in include file <net/if.h>) which contains various interface attributes and statistics. For all other address families, it contains a pointer to the struct ifa_data (as defined in include file <net/if.h>) which contains per-address interface statistics. I assume that "AF_LINK address" is the one that has AF_LINK in the p.ifa_addr.sa_family field. However I do not see "struct ifa_data" anywehere. Is this a documentation bug and if so how do I read this documentation right?

Hello! I'm playing around with QUIC and Swift and using the Network framework. So far, the process has been really straightforward, but I noticed that I can't seem to get a handle on the stream with identifier 0. If I use NWConnection directly, I only have access to the first stream, which has the stream ID 0. This not what I want since I wanna use multiple streams. Following the documentation, I started using NWMultiplexGroup and starting a NWConnectionGroup with it. Everything works fine and I can get all streams that my backend service opens using NWMultiplexGroup's newConnectionHandler property. However, whenever backend sends a message on stream_id 0, none of my connections receive it. Looking around with connection.metadata(definition: NWProtocolQUIC.definition) as? NWProtocolQUIC.Metadata for each connection, I see that all streams are accounted for except stream 0. Then, using the NWConnectionGroup variant of the above connectionGroup.metadata(definition: NWProtocolQUIC.definition) as? NWProtocolQUIC.Metadata I see that the connection group itself has Stream ID 0. However, calling setReceiveHandler does nothing (it's never called, even when backend is sending messages) and when I attempt to send a message using NWConnectionGroup's -send method, a new stream is opened (instead of it being sent on stream ID 0). How can one get a handle on NWConnection for stream ID 0?

We are using and iOS version 17.4.1 and 17.5(beta) , and when are we facing the issue for local network permission in our app. Success scenario steps: Don't allow the local network permission in our App Allow it manually in app setting for local network permission(works only in first install of the App) We are able to call the API successfully Error scenario steps: Allow the local network permission popup to app when asked for permission Call the API successfully Uninstall the app and install the same app again and don't allow the local network permission API call fail's Manually change the local network permission to allow in app settings Still the API call fails even if we allow the local network permission Conclusion : We are getting API error when re-install the app and if it is not allowed local network permission as well as when we allow the local network permission. Looks like caching issue. Note: Even if uninstall and install multiple time and allow the local network permission from 2nd time onward API keeps on failing , but these scenario work perfectly fine on iOS 16 version and below. Even the existing app stopped working after updating iOS version to 17 and above. Also we found alternatively when we uninstall the app and restart the device and install it back again it works fine for the first time as a fresh install. Additionally : We are not calling local network permission explicitly, when the API call is happening this is native popup coming on iOS