[14E5230e] Missing ALPN and h2 support in SecureTransport
| Originator: | fkuehne | ||
| Number: | rdar://30366695 | Date Originated: | 2017-02-05 |
| Status: | Open | Resolved: | |
| Product: | iOS + SDK | Product Version: | 14E5230e |
| Classification: | Serious Bug | Reproducible: | Always |
Area: Security Framework Summary: We use the SecureTransport feature of the Security framework to enable TLS support for our own http stack, which is specifically tweaked to the needs of a media player. We upgraded our stack to support h2 and SPDY. However, after concluding our work, we discovered that SecureTransport does not support the ALPN TLS extension. Therefore, we can't deploy h2 support on appleOS, which is a major feature lacking compared to all other competing platforms. We discovered that NSURLSession supports h2, ALPN and SPDY, so we therefore ask to provide a public API allowing us to access that hidden part of SecureTransport. Steps to Reproduce: Open Security.framework and locate the SecureTransport.h file. There is no API to provide an ALPN string for h2 negotiation. Expected Results: ALPN support in SecureTransport. Actual Results: There is no h2 and ALPN support in SecureTransport. Version: iOS 10.3 14E5230e Notes: Configuration: iPhone 6s and 13-inch MBP 2015
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
Resolved
My dupe my closed with :
Please know that our engineering team has determined that this issue behaves as intended based on the information provided.
The following function to set the ALPN protocols was added in iOS 11:
OSStatus SSLSetALPNProtocols(SSLContextRef context, CFArrayRef protocols);
Duplicate of rdar://29127318