我正在尝试使用 GCDAsyncSocket 编写一个受保护较弱的服务器(即我可以使用匿名密码连接到的服务器)。我目前正在做的事情如下:
绑定到端口并开始监听
... BOOL result = [serverSocket acceptOnPort:port error:&error]; ...然后,当指定端口上的连接到达时,我会在
- (void)socket:(GCDAsyncSocket *)sender didAcceptNewSocket:(GCDAsyncSocket *)newSocket回调中收到它。在这里,我使用我的 SSL/TLS 设置创建了一个字典:NSMutableDictionary *settings = [[NSMutableDictionary alloc] init]; NSArray* ciphers = [[NSArray alloc] initWithObjects: [NSNumber numberWithUnsignedInt:TLS_DH_anon_WITH_AES_256_CBC_SHA256], [NSNumber numberWithUnsignedInt:TLS_DH_anon_WITH_AES_256_CBC_SHA], [NSNumber numberWithUnsignedInt:SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA] , [NSNumber numberWithUnsignedInt:SSL_DH_anon_EXPORT_WITH_RC4_40_MD5] , [NSNumber numberWithUnsignedInt:SSL_DH_anon_WITH_DES_CBC_SHA], [NSNumber numberWithUnsignedInt:SSL_DH_anon_WITH_RC4_128_MD5], [NSNumber numberWithUnsignedInt:SSL_NULL_WITH_NULL_NULL], [NSNumber numberWithUnsignedInt:TLS_DH_anon_WITH_3DES_EDE_CBC_SHA], [NSNumber numberWithUnsignedInt:TLS_DH_anon_WITH_AES_128_CBC_SHA], [NSNumber numberWithUnsignedInt:TLS_DH_anon_WITH_AES_128_CBC_SHA256], [NSNumber numberWithUnsignedInt:TLS_DH_anon_WITH_AES_128_GCM_SHA256], [NSNumber numberWithUnsignedInt:TLS_DH_anon_WITH_AES_256_GCM_SHA384], [NSNumber numberWithUnsignedInt:TLS_DH_anon_WITH_RC4_128_MD5], nil]; //all anon ciphers [settings setObject:ciphers forKey:GCDAsyncSocketSSLCipherSuites]; //this is a server [settings setObject:[NSNumber numberWithBool:YES] forKey:(NSString*)kCFStreamSSLIsServer]; [newSocket startTLS:settings]; //apply the settings to new connection在我通过调用应用设置后
startTLS,newSocket断开连接并被调用- (void)socketDidDisconnect:(GCDAsyncSocket *)sock withError:(NSError *)error,错误代码为 9800 (errSSLProtocol)。
问题:我做错了什么/没有做什么?
我的猜测是这与我没有指定的证书有关。但是,如果我正在使用匿名密码,是否需要指定证书?