I have a problem like the title here, but it only occurs in some mobile phones and some networks. It seems that it has little to do with the code level. How to solve it. When it is clear, some iOS 15 will appear, and iOS 13 does not have this problem.

In iPad with OS 15.4 and above, after removing the SIM card, cellular network data shows enable and the device returns some default Network values (which are wrong than the actual values): Network provider name : "CTRadioAccessTechnologyLTE" (4G Network) CTCarrier { Carrier name: [iPad] Mobile Country Code: [234] Mobile Network Code:[25] ISO Country Code:[gb] Allows VOIP? [YES] } I am using CoreTelephony to get the above data. Steps to reproduce the issue: Remove SIM from iPad. Toggle Cellular data in the Settings from ON to OFF and reverted to ON. Root Cause of the issue: The device considers as a SIM is available even though it is not inserted.

Hello, TL;DR; I'm looking for a way to recognise and filter out private IPs resolved from our NTP hosts using CFHostStartInfoResolution(_:_:_:). I suspect that it returns addresses within local network range sporadically, which leads to bringing up the Local Network Privacy alert when sending UDP packages (for NTP sync). Our customers report that our SDK brings up the "Local Network Privacy" alert to the fraction of their end users. This behaviour is very rare and volatile, so we couldn't manage to reproduce it on our side on any device. We're trying to find out the the root cause, as local networking attempt is definitely not expected to happen in our SDK. I'm pretty familiar with the content of Local Network Privacy FAQ, but couldn't find an answer in there, hence I'm looking for any clues to move forward. Certainly the issue is coming from NTP sync our SDK does with the use of CFNetwork APIs. The logic starts with resolving one of our NTP pools: 0.datadog.pool.ntp.org 1.datadog.pool.ntp.org 2.datadog.pool.ntp.org 3.datadog.pool.ntp.org into a sequence of IP addresses with CFHostStartInfoResolution(_:_:_:). Then we query each IP with CFSocketConnectToAddress(_:_:_:) by exchanging NTP messages through CFSocket. Now, given that the issue is rare and volatile our first assumption was that in some network circumstances our DNS phase can lead to resolving private IPs. This hypothesis was proven in telemetry we collected with using NWConnection API and method described in How do I use the unsatisfied reason property?. Among thousands of attempts, we found one that failed on .localNetworkDenied when querying 192.168.1.250. To filter out local IPs, we ran through IETF RFCs on IPv4 and IPV6 specifics, coming up with the filter that should prevent from sending UDP to local network. Our "private IP" definition includes: IPv6 addresses containing: local IP FC00::/7 prefix (RFC-4193); multicast IPs with FF prefix (RFC-4291); IPv4 addresses: reserved for private internets of ranges A, B and C (RFC-1918); multicast addresses within range 224.0.0.0 - 239.255.255.255 and broadcast 255.255.255.255 (as suggested in What is a local network?) With recent user reports, it turns out that this filter is either too weak or the entire idea of IP filtering is too flaky. The problem is still being reported. One report included a list of IPs out of which at least one must have lead to private networking and bringing up the alert on a device using regular 4G network: 82.64.172.48 178.170.37.31 62.210.244.146 188.165.236.162 193.200.43.105 51.15.175.180 95.81.173.74 51.195.117.133 151.80.211.8 92.222.117.115 51.75.17.219 64:ff9b::5be0:9529 2a05:f480:1400:53d::123 64:ff9b::a29f:c801 64:ff9b::253b:3f7d 2a05:f480:2000:1834::123 64:ff9b::c2b1:2274 64:ff9b::5cf3:605 2001:41d0:305:2100::3f3e 64:ff9b::33c3:7585 64:ff9b::d453:9e53 2001:41d0:8:7a7d::1 64:ff9b:1::5cde:7573 Looking at this list (even trying to hit these IPs with UDP) none seems to be commonly known local IP, hence my question is which IP ranges / RFCs are included in Apple's definition of local network? Is there anything obvious that I am missing? PS1. I'm familiar with categories listed in What operations require local network access? PS2. I know that CFNetwork APIs are deprecated and we should use Network APIs - however I don't suppose the problem will be gone only by migrating our logic to new code, hence I want to find the flaw in our filtering.

I've looked into a good number of articles on how to do a multipart/form-data POST on iOS, but none really explain what to do if there were normal parameters as well as the file upload.I have used the multipart/form-data POST on iOS & I had written the following code and it is uploading data but not image data - (void)postWithImage:(NSDictionary *)dictionary{ NSString *urlString = [NSString stringWithFormat:@"YourHostString"]; NSURL *url = [NSURL URLWithString:urlString]; NSString *boundary = @"----1010101010"; // define content type and add Body Boundry NSString *contentType = [NSString stringWithFormat:@"multipart/form-data; boundary=%@",boundary]; NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url]; [request setHTTPMethod:@"POST"]; [request addValue:contentType forHTTPHeaderField: @"Content-Type"]; NSMutableData *body = [NSMutableData data]; [body appendData:[[NSString stringWithFormat:@"--%@\r\n", boundary] dataUsingEncoding:NSUTF8StringEncoding]]; NSEnumerator *enumerator = [dictionary keyEnumerator]; NSString *key; NSString *value; NSString *content_disposition; while ((key = (NSString *)[enumerator nextObject])) { if ([key isEqualToString:@"file"]) { value = (NSString *)[dictionary objectForKey:key]; NSData *postData = UIImageJPEGRepresentation([UIImage imageNamed:value], 1.0); [body appendData:[[NSString stringWithFormat:@"Content-Disposition: form-data; name=\"%@\";\r\nfilename=\"screen.png\"\r\n\r\n",value] dataUsingEncoding:NSUTF8StringEncoding]]; [body appendData:postData]; } else { value = (NSString *)[dictionary objectForKey:key]; content_disposition = [NSString stringWithFormat:@"Content-Disposition: form-data; name=\"%@\"\r\n\r\n", key]; [body appendData:[content_disposition dataUsingEncoding:NSUTF8StringEncoding]]; NSError *error; NSData *jsonData = [NSJSONSerialization dataWithJSONObject:value options:NSJSONWritingPrettyPrinted error:&error]; [body appendData:jsonData]; //[body appendData:[value dataUsingEncoding:NSUTF8StringEncoding]]; } [body appendData:[[NSString stringWithFormat:@"\r\n--%@\r\n", boundary] dataUsingEncoding:NSUTF8StringEncoding]]; } //Close the request body with Boundry [body appendData:[[NSString stringWithFormat:@"\r\n--%@--\r\n",boundary] dataUsingEncoding:NSUTF8StringEncoding]]; [request setHTTPBody:body]; [request addValue:[NSString stringWithFormat:@"%d", body.length] forHTTPHeaderField: @"Content-Length"]; NSData *returnData = [NSURLConnection sendSynchronousRequest:request returningResponse:nil error:nil]; NSString *returnString = [[NSString alloc] initWithData:returnData encoding:NSUTF8StringEncoding]; NSLog(@"%@", returnString);}Can anyone please help me to get why image data is not uploading

Hello, I am learning NWConnection and I have studied the TicTacToe app example. I am learning by creating my own app. I am trying to create a remote mouse app (the mouse/keyboard input from iPhone) over WiFi to control my Mac. My MacBook starts a NWListener and waits for connection. My iPhone starts a NWBrowser and I connect to a the BrowseResult. I can make a successful TCP with TLS connection with no problem thanks to the TicTacToe example. I figured out how to move the mouse but my main goal is to get a more smooth remote mouse control. First, I can successfully send data from my iPhone. The data I'm sending is from the DragGesture onChanged value I obtain on a View. Now everytime I drag on my View it sends Data of two Double values x and y, 16 bytes. On the receiving end, my Macbook receives the Data and successfully parses each of the messages and then moves the mouse using Quartz Display Services API. I implemented my own NWFramerImplementation and I can parse the message easily since I know the length of my payload data is always the same. I get consistent smooth mouse movement when testing it on my iPad everytime, but when I use my iPhone it is horrible and there is a lot of lag/latency. I've tried using UDP on the connection and it's still the same. I turn off the data and bluetooth on my iPhone and it doesnt help Where should I go from here?

Hi there, I know we can configure Default and Data APN via a .mobileconfig file but I don't see any way to configure the APN associated with a Personal Hotspot connection in this way. Is this possible at all? Thanks Alan

Hello, I am automating a test scenario, as part of it I have to make a Raspberry Host connection which is on local area network. I can make successful connection to the host from UnitTest target. But the connection is failing when I make the same connection from Unit Test target. I am using XCUITest to automate the app. I am blocked here. I did refer some posts but didn't find any solution. Kindly help. Thanks, Sudheer

Hi, I am struggling to receive multicast UDP packets on an iPad Pro (iOS 15.5) in the context of an ethernet-only lab network. The packet reception code uses a NWConnectionGroup configured with a NWMulticastGroup, as described in https://developer.apple.com/news/?id=0oi77447. This code works well on a Mac connected to the lab network with a USB ethernet adapter, provided the ethernet adapter interface has the highest priority among connected network interfaces. To make it work on iOS, I have successfully added the com.apple.developer.networking.multicast to the app, following the process detailed by @eskimo in https://developer.apple.com/forums/thread/663271 However, on the iPad, the app doesn't receive any data packet on the configured connection group, although no error shows on the console. I suspected that the issue may be related to a question of network interface selection by the receiving NWConnectionGroup, but disabling the wifi on the iPad doesn't seem to help. Searching in the dev forums, I found this message where @meaton wrote You will want to make sure that you test this on a physical device connected to Wi-Fi to know that the Multicast feature is actually working. This makes we wonder if using the Wi-Fi network is mandatory here… Hence my question: is there a way to receive multicast UDP packets on an ethernet network on an iPad? Thanks.

We have a notification service extension which does silent login to our backing to get and update notification content. Login response comes with HTTP header Set-Cookie which adds session cookie used to identify login session. Then in the app we have actions registered for the corresponding category identifier. Both actions result in requests to our backend which also require session cookie. Both extension and the app have AppGroup entitlement and use same app group. Then we configure HTTPCookieStorage: let cookieStorage = HTTPCookieStorage.sharedCookieStorage(forGroupContainerIdentifier:<group_id>) let configuration = URLSessionConfiguration.default configuration.httpCookieStorage = NetworkClient.cookieStorage And we do use the very same configuration for all requests in extension / app, however when the app is spawned in the background after user taps one of the notification actions, the cookie storage in the app is empty. Although beforehand the cookie is set in the extension. Tested with with iOS 14.4.2. Also the question would be if it is possible to activate CFNETWORK_DIAGNOSTICS in both app and extension? App works so far. But not getting logs for the extension in the console. Appreciate any help and / or ideas.

Hi, In the session it's mentioned that requests are being deduplicated when a new request with the same method, url is being sent in the same session while another one is still being performed. I never heard of it before and used to implement that manually in different apps. Is it a new feature of URLSession or should be expect this before? Does anybody know? Best, Karl

We are trying to evaluate certificate trust chain in our macOS app. We are setting the certificate chain (Root and two Intermediate CA certificates) using SecTrustSetAnchorCertificates and then calling SecTrustEvaluateWithError. The result is success. Next time, we are calling SecTrustSetAnchorCertificates with one intermediate CA certificate missing in the certificate chain and then calling SecTrustEvaluateWithError for our server trust. The result is still success. Next, we are calling SecTrustSetAnchorCertificates with all intermediate certificates but missing Root CA in certificate chain and then calling SecTrustEvaluateWithError for our server trust. The result is false/unsuccessful. The first and third scenarios are expected. But how is trust evaluation successful when one of intermediate CA certificate is missing? Is macOS caching the intermediate CA certificates we have provided to SecTrustSetAnchorCertificates some other time and using it the next time when it is missing one of intermediate CA certificates since the documentation says intermediate CA certificates are looked up in different location including Among any certificates you previously provided by calling SecTrustSetAnchorCertificates(_:_:) but not the Root CA? If caching is the reason, is there a way we can clear cached intermediate CA certificates so that it only uses the certificate chain I provide in most recent call to SecTrustSetAnchorCertificates? I have already tried passing nil to SecTrustSetAnchorCertificates and then passing the certificate chain in subsequent call. The result is still a success. Note: All our Root and intermediate CA certificates are custom certificates and not available outside. We have also tried to set false in SecTrustGetNetworkFetchAllowed and result is still the same.

I am writing an application that will, on the high end, have a screen-on time of > 1 hour. While the app is in use, it will need to send a heartbeat to a server via an open socket every so many seconds (usually a value between 4s and 29s), as shown below. connection = NWConnection(host: .init(combinedAddress), port: .init(integerLiteral: port), using: .tcp) if let ipOptions = connection.parameters.defaultProtocolStack.internetProtocol as? NWProtocolIP.Options { ipOptions.version = .v4 } connection.parameters.preferNoProxies = true DispatchQueue.global(qos: .default).async { self.heartbeatTimer = Timer.scheduledTimer(withTimeInterval: self.getHeartbeatInterval(), repeats: true, block: { _ in self.sendHeartbeat() // eventually connection.send("heartbeat data... ", completion: {...} ) }) RunLoop.current.run() } During periods of less user interaction, the only data going across the network will be the heartbeat. According to this page, there's a periods of high power network activity, followed by another less energy intensive period, before the energy draw drops back down to baseline levels. I have slight control over the heartbeat interval, and if X seconds keeps the radio at full power and Y seconds can give my users a Y-X second period of lower energy state, I can increase the time between heartbeats and take advantage of the lower power state to prevent the battery from getting hammered. Is there a document that will provide times for the values shown in the graph, or otherwise provide guidance on how long network requests can/should be delayed for an optimized battery life? Thank you in advance. Note: This should all happen via Wifi, and for various reasons there's no need to take cellular modems into account.

My app is searching for few services which are running on my local network with NetServiceBrowser. As I am searching using _services._dns-sd._udp.local., I have requested and get the permission of com.apple.developer.networking.multicast (which has been discussed here ). I have created a provisioning profile with enabling multicast entitlement according to forum guide. But after that I still have to add Bonjour service types in Info.plist or else NetServiceBrowser throws ["NSNetServicesErrorCode": -72008, "NSNetServicesErrorDomain": 10]. <key>NSBonjourServices</key> <array>     <string>_mydummy._tcp</string>     <string>_services._dns-sd._udp</string> </array> Do I still have to add each service into info.plist although I have added multicast entitlement?

Hi, I was trying to capture ARP traffic from my iphone, I created a virtual interface using rvictl tool - rvi0. However, the packet captures on Wireshark tool for rvi0 interface do not show any ARP packets. Why is this happening? I used the tcpdump command - tcpdump -n -t -i rvi0 -q arp, while I was able to see some request packets, the response packets were not visible, why is this happening? Is there some other mechanism to capture ARP traffic from iphone? Can third-party apps capture arp traffic/arp table using any Apple API?

That's pretty much the question: we've got a tunnel provider, and I think the OS' ability to handle a captive portal situation is better than I could do, so is there a way to find out if we are in one, and if so wait for it to be handled by the user before we start doing things?

Hi We have an app (ios) that communicates with Azure WebApp backend working on TLS1.2 Since mid May we recieve complants from our customer that the connection fails. This happens regulary and almost of the time when using 3G/4G cellular data. I can simulate this issue (on 4G with good connection) The customer can use the app but after some API requests we get an exception: NSLocalizedDescription=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made., NSErrorFailingURLKey=https://sxxxx.azurewebsites.net./api/AppRequest., NSUnderlyingError=0x2831ff810 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)" UserInfo={_kCFStreamPropertySSLClientCertificateState=0, _kCFNetworkCFStreamSSLErrorOriginalValue=-9816, _kCFStreamErrorDomainKey=3, _kCFStreamErrorCodeKey=-9816, _NSURLErrorNWPathKey=satisfied (Path is satisfied), viable, interface: pdp_ip0, ipv4, ipv6, dns, expensive}}, _kCFStreamErrorCodeKey=-9816} We connect directly to domain from azurewebsites.net (we don't use online custom domain). Build with XCode 13.3 We don't use client authentication. Any idea's what is wrong? Regards Peter.

Hey,I want to get nearby Wi-Fi network's SSID into the app using network extension framework.Right now I can get scan list by visiting the setting---&gt;Wifi Screen but I want to get those Scan Result into the app without visiting the setting wifi screen.If anyone idea about it please let me know

We have some extensive tests which exercise UDP communication. Some of these tests fail fairly often due to the UDP packet being dropped by the kernel (or related reasons). These tests use loopback interface for communication. I have been looking to see if there's a way to pinpoint or narrow down exactly why a particular packet was dropped by the kernel. Looking at the kernel code, like here https://github.com/apple-opensource/xnu/blob/master/bsd/netinet/udp_usrreq.c#L1463 it appears that there are log message that get written out during some of this communication. However, looking at what KERNEL_DEBUG stands for, it appears that it's: /* * Traced only on debug kernels. */ #define KDBG_DEBUG(x, ...) KDBG_(_DEBUG, x, ## __VA_ARGS__, 4, 3, 2, 1, 0) So I don't think these logs get generated in a regular release build of the OS. Are there any other ways we can generate similar logs or any other tools that will give a clearer picture of why the packet might be drop?