我在启用了SSL的端口9090上运行了一个java服务器。在我的ios客户端应用程序需要连接到该服务器。我的ios代码是,
CFReadStreamRef readStream = NULL;
CFWriteStreamRef writeStream = NULL;
CFStreamCreatePairWithSocketToHost(kCFAllocatorDefault, (__bridge CFStringRef) hostname, port, &readStream, &writeStream);
if (readStream && writeStream) {
CFReadStreamSetProperty(readStream, kCFStreamPropertyShouldCloseNativeSocket , kCFBooleanTrue);
CFWriteStreamSetProperty(writeStream, kCFStreamPropertyShouldCloseNativeSocket, kCFBooleanTrue);
//CFDataRef readdata = (CFDataRef) CFReadStreamCopyProperty(readStream, kCFStreamPropertySSLContext);
// Extract the SSLContextRef from the CFData
SSLContextRef readsslContext = (SSLContextRef) CFReadStreamCopyProperty(readStream, kCFStreamPropertySSLContext);
//CFDataGetBytes(readdata, CFRangeMake(0, sizeof(SSLContextRef)), (UInt8*)&readsslContext);
SSLCipherSuite *readciphers = (SSLCipherSuite *)malloc(80 * sizeof(SSLCipherSuite));
SSLGetSupportedCiphers(readsslContext, readciphers, 80);
SSLSetEnabledCiphers(readsslContext, readciphers, 80);
SSLGetEnabledCiphers(readsslContext, readciphers, 80);
[self printCipher:readciphers];
//CFDataRef data = (CFDataRef) CFWriteStreamCopyProperty(writeStream, kCFStreamPropertySSLContext);
// Extract the SSLContextRef from the CFData
SSLContextRef sslContext = (SSLContextRef) CFWriteStreamCopyProperty(writeStream, kCFStreamPropertySSLContext);
//CFDataGetBytes(data, CFRangeMake(0, sizeof(SSLContextRef)), (UInt8*)&sslContext);
SSLCipherSuite *ciphers = (SSLCipherSuite *)malloc(80 * sizeof(SSLCipherSuite));
SSLGetSupportedCiphers(sslContext, ciphers, 80);
SSLSetEnabledCiphers(sslContext, ciphers, 80);
inputStream = (__bridge NSInputStream *)readStream;
[inputStream setDelegate:self];
outputStream = (__bridge NSOutputStream *)writeStream;
[outputStream setDelegate:self];
if (true)
{
int res1 = [inputStream setProperty:NSStreamSocketSecurityLevelNegotiatedSSL forKey:NSStreamSocketSecurityLevelKey];
int res2 = [outputStream setProperty:NSStreamSocketSecurityLevelNegotiatedSSL forKey:NSStreamSocketSecurityLevelKey];
NSLog(@"SEC TEST %d %d",res1,res2);
NSDictionary *settings = [[NSDictionary alloc] initWithObjectsAndKeys:
[NSNumber numberWithBool:YES], kCFStreamSSLAllowsExpiredCertificates,
[NSNumber numberWithBool:YES], kCFStreamSSLAllowsAnyRoot,
[NSNumber numberWithBool:NO], kCFStreamSSLValidatesCertificateChain,
kCFNull,kCFStreamSSLPeerName,
kCFStreamSocketSecurityLevelSSLv2, kCFStreamSSLLevel,
nil];
CFReadStreamSetProperty((CFReadStreamRef)inputStream, kCFStreamPropertySSLSettings, (CFTypeRef)settings);
CFWriteStreamSetProperty((CFWriteStreamRef)outputStream, kCFStreamPropertySSLSettings, (CFTypeRef)settings);
}
[inputStream scheduleInRunLoop:[NSRunLoop mainRunLoop] forMode:NSDefaultRunLoopMode];
[inputStream open];
[outputStream scheduleInRunLoop:[NSRunLoop mainRunLoop] forMode:NSDefaultRunLoopMode];
[outputStream open];
}
if (readStream)
CFRelease(readStream);
if (writeStream)
CFRelease(writeStream);
当我在java端运行此im im getting error时。
Is initial handshake: true
Is secure renegotiation: false
SocketQueueReceiver:New Channel with socket:988500939
Socket Listener:9090, setSoTimeout(1000) called
Socket Reader:/fe80:0:0:0:0:0:0:1%1:55358, READ: SSLv3 Handshake, length = 75
*** ClientHello, SSLv3
RandomCookie: GMT: 1370064854 bytes = { 165, 24, 2, 48, 54, 154, 212, 242, 125, 211, 254, 197, 34, 77, 97, 201, 236, 50, 124, 169, 11, 152, 170, 30, 65, 185, 239, 0 }
Session ID: {}
Cipher Suites: [TLS_EMPTY_RENEGOTIATION_INFO_SCSV, Unknown 0x0:0x3d, Unknown 0x0:0x3c, TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_RSA_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, Unknown 0x0:0x67, Unknown 0x0:0x6b, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, Unknown 0x0:0x3b, SSL_RSA_WITH_NULL_SHA, SSL_RSA_WITH_NULL_MD5]
Compression Methods: { 0 }
***
Socket Reader:/fe80:0:0:0:0:0:0:1%1:55358, SEND SSLv3 ALERT: fatal, description = handshake_failure
Socket Reader:/fe80:0:0:0:0:0:0:1%1:55358, WRITE: SSLv3 Alert, length = 2
Socket Reader:/fe80:0:0:0:0:0:0:1%1:55358, called closeSocket()
Socket Reader:/fe80:0:0:0:0:0:0:1%1:55358, handling exception: javax.net.ssl.SSLHandshakeException: no cipher suites in common
2013-12-13 09:41:02 [Socket Reader:/fe80:0:0:0:0:0:0:1%1:55358] ERROR com.enactor.core.queues.tcp.SocketQueueReceiver - Error reading socket
javax.net.ssl.SSLHandshakeException: no cipher suites in common
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1747)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:231)
at com.sun.net.ssl.internal.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:790)
at com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:560)
at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:151)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:943)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:818)
at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:75)
at com.enactor.core.queues.tcp.SocketQueueBase$SocketReader.run(SocketQueueBase.java:620)
Socket Reader:/fe80:0:0:0:0:0:0:1%1:55358, called close()
Socket Reader:/fe80:0:0:0:0:0:0:1%1:55358, called closeInternal(true)
Socket Reader:/fe80:0:0:0:0:0:0:1%1:55358, called close()
Socket Reader:/fe80:0:0:0:0:0:0:1%1:55358, called closeInternal(true)
Finalizer, called close()
我知道java端的密码是TLS_DHE_DSS_WITH_AES_256_CBC_SHA 不是在启用了密码的ios支持的密码中。我试图启用该密码,但仍然没有启用。 我该如何启用它?