Comments (11)
Fairly generic error, but I do know SwiftHTTP works fine with HTTPS. Is the connection a self signed SSL certificate? I might try adding the self signed SSL code from the README.
https://github.com/daltoniam/SwiftHTTP#authentication
Also if you are testing with the iOS Simulator try restarting it. I have seen weird network related issues with the simulator that require it to be restarted.
from swifthttp.
@daltoniam It's not self-signed, it's issued by COMODO. I've tried restarting the sim but the same issue persists. Is there no way to bypass SSL or enforce TLS1.0 or SSL3.0 ?
from swifthttp.
@theblixguy ran across a similar issue with an API I built using a valid COMODO cert. The iOS app was using AFNetworking, but for some strange reason AFNetworking thought it was invalid. I haven't had a chance to track it down, but setting AFNetworking securityPolicy.allowInvalidCertificates
to true got it working. Here is my theory thus far. SwiftHTTP, like AFNetworking uses NSURLSession under the hood. When NSURLSession gets a challenge (say SSL in this case) it invokes this delegate method:
URLSession(session: NSURLSession, task: NSURLSessionTask, didReceiveChallenge challenge: NSURLAuthenticationChallenge, completionHandler: (NSURLSessionAuthChallengeDisposition, NSURLCredential!) -> Void)
In SwiftHTTP, if the authentication is not set it will just use the default handling, which in this case is failing. In AFNetworking case, if the challenge is a NSURLAuthenticationMethodServerTrust
(SSL) it will run logic that ultimately boils down to using the Apple API SecTrustEvaluate
to check the trust of the certificate that we received in the challenge. My guess is that SecTrustEvaluate
does not like the trust in the COMODO cert and is failing. So as @daltoniam stated above I would try and see if you can allow that connection by allowing "self-signed" certs, or maybe track down the SecTrustEvaluate
and see what it returns for your cert.
from swifthttp.
@acmacalister I tried using the self-signed method, but I still get
2015-01-06 15:30:46.421 PIPiOS[956:20640] CFNetwork SSLHandshake failed (-9805) 2015-01-06 15:30:46.422 PIPiOS[956:20640] NSURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9805)
I'm not sure how to use SecTrustEvaluate or something else since I'm just a beginner
from swifthttp.
@theblixguy interesting. Do you have any example code or domain in we can use to reproduce this?
from swifthttp.
@daltoniam Yes,
let randomUUID:String = NSUUID().UUIDString.stringByReplacingOccurrencesOfString("-", withString: "", options: NSStringCompareOptions.LiteralSearch, range: nil).lowercaseString
let username = usernameTextField.text
let password:String = passwordTextField.text
let parameters = ["succ": "wprin_menu.personal_page",
"server":"4", "pid":randomUUID, "user":username, "password":password,
"action":"OK"]
var request = HTTPTask()
var attempted = false
request.auth = {(challenge: NSURLAuthenticationChallenge) in
if !attempted {
attempted = true
return NSURLCredential(forTrust: challenge.protectionSpace.serverTrust)
}
return nil
}
request.POST("https://kmis.brookes.ac.uk/csms/w_secure.login", parameters: parameters, success: {(response: HTTPResponse) in
var alert = UIAlertController(title: "Success", message: "Login success", preferredStyle: UIAlertControllerStyle.Alert)
alert.addAction(UIAlertAction(title: "Okay", style: UIAlertActionStyle.Default, handler: nil))
self.presentViewController(alert, animated: true, completion: nil)
},failure: {(error: NSError, response: HTTPResponse?) in
var alert = UIAlertController(title: "Failure", message: "Login failure", preferredStyle: UIAlertControllerStyle.Alert)
alert.addAction(UIAlertAction(title: "Okay", style: UIAlertActionStyle.Default, handler: nil))
self.presentViewController(alert, animated: true, completion: nil)
})
from swifthttp.
Sweet, that helps a lot, thanks.I am getting the same error. The underlining error return is kCFErrorDomainCFNetwork error -1200, which means the SSL connection failed for an unknown reason. My only guess is that might be because it is getting a 404 for the resource requested:
Is this the expected behavior?
from swifthttp.
No, the URL is correct. If the login fails it redirects you to a Login failed page. Here's the equivalent Java code that I'm using for POSTing and it works fine:
public boolean LoginToPIP(String username, String password) {
boolean status = false;
httpClient = new DefaultHttpClient();
String responseBody;
httpPost = new HttpPost("https://kmis.brookes.ac.uk/csms/w_secure.login");
List<NameValuePair> loginRequestPair = new ArrayList<NameValuePair>(6);
loginRequestPair.add(new BasicNameValuePair("succ", "wprin_menu.personal_page"));
loginRequestPair.add(new BasicNameValuePair("server", "4"));
loginRequestPair.add(new BasicNameValuePair("pid", UUID.randomUUID().toString().replaceAll("-", "")));
loginRequestPair.add(new BasicNameValuePair("user", username));
loginRequestPair.add(new BasicNameValuePair("password", password));
loginRequestPair.add(new BasicNameValuePair("action", "OK"));
try {
httpPost.setEntity(new UrlEncodedFormEntity(loginRequestPair));
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
try {
HttpResponse response = httpClient.execute(httpPost);
responseBody = EntityUtils.toString(response.getEntity());
if (!responseBody.contains("Login Failed")) {
status = true;
doc = Jsoup.parse(responseBody);
}
} catch (ClientProtocolException cpe) {
// Ignore
} catch (IOException ioe) {
// Ignore
}
return status;
}
from swifthttp.
Okay, made a small mistake. In my Swift code, in parameters, it should be "action":"OK"
instead of "result":"OK"
but it doesn't fix the issue
2015-01-06 22:42:39.525 PIPiOS[3856:207357] CFNetwork SSLHandshake failed (-9805) 2015-01-06 22:42:39.526 PIOiOS[3856:207357] NSURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9805)
I tried logging directly, like
https://kmis.brookes.ac.uk/csms/w_secure.login?succ=wprin_menu.personal_page&server=4&pid=c3aa955f961a4db8b6ba4880890f00a2&user=myusername&password=mypassword&action=OK
and it worked, so yeah, the URL is correct.
from swifthttp.
hmmm interesting. Seems like it might be a bug in the SSL handling of NSURLSession. Not sure why it wouldn't like your SSL cert. I might recommend trying the code on real device. Also for the sake of testing, might want to try using a raw NSURLSession. I would wager the same error will come back.
from swifthttp.
I think we have narrowed this down to an environment issue or a bug in NSURLSession. I would recommend doing a simple NSURLSession example to reproduce the issue and open a bug on the apple radar.
from swifthttp.
Related Issues (20)
- Count is unavailable: there is no universally good answer, see the documentation comment for discussion HOT 5
- HTTP.POST() not working after screen-lock (iOS 9.3.5)
- How to handler download progress?
- 'count' is unavailable: there is no universally good answer, see the documentation comment for discussion
- failed in xcode9.3
- Pinning Trusted certs or keys HOT 2
- POST method parameters lost in traffic
- Parameters not converted properly when using arrays HOT 2
- Cannot upload file
- Progress closure seems broken
- Post objects array to server
- Ambiguous use of 'init(urlString:parameters:headers:cachePolicy:timeoutInterval:)'
- Retry a task?
- Why OperationQueue support has been removed?
- SSL Pinning - Code=-999 "cancelled" HOT 1
- Linux support ?
- Timeout
- 'taskMap' Dictionary related crashes in Operation.swift file HOT 3
- Cannot consume as Swift package
- SSL Pinning - Always failing
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from swifthttp.