In our source code for an app we are using CFSocket and CFSocketStream Apis to make connection towards our servers. These connections are secure connections. Being connected under proxy, we are not able to establish secure connection or tunnelled connection using the CFSocket Layer Apis.
Please provide us the refrences to solve the same and if there are any alternate ways of establishing the secure/tunnelled connection as for our approach.
The limitiation here is that we can only use lower Level Apis such as CFSocket and CFSocketStream.
The following approaches are discussed in the developer forums online.
1) Set proxy Properties on streams
kCFStreamPropertyHTTPProxyHost
kCFStreamPropertyHTTPProxyPort
Issue:
Properties to stream has to be set before opening the stream. TLSV1 properties are also important and to be forced before stream open.
In such cases, TLS V1 handshake with Proxy fails, due to certificate validation
Proxy tears down the connection
2) Create a stream without TLSV1 property, Communicate with proxy by sending CONNECT Message, then initiating a TLS handshake on the stream
Proxy responds by sending 200 OK
Issue:
TLS handshake failure error occurs, stream will not be available for writing and client times out.
No further communications were possible
3) Create a stream without TLSV1 property, communicate with proxy. Get underlying socket native handle, Create new streams with TLS V1 properties and open the streams
Secure Stream creation successful
No Handshake errors
Issue:
No response received from server and hence client times out.
Any help or pointers on the same will highely obliged.