search

jumaris / indyproject

Automatically exported from code.google.com/p/indyproject
0 stars 0 forks source link

Indy clients require "com.apple.security.network.server" entitlement in Mac OSX sandbox. #266

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
Indy clients, like TIdHTTP, require the "com.apple.security.network.server" 
entitlement when running in a Mac OSX sandbox.  Apple then rejects the app when 
submitted:

"This app uses one or more entitlements which do not have matching 
functionality within the app. Apps should have only the minimum set of 
entitlements necessary for the app to function properly. Please remove all 
entitlements that are not needed by your app and submit an updated binary for 
review, including the following:

com.apple.security.network.server"

The problem appears to be related to TIdIOHandlerSocket.ConnectClient() calling 
TIdSocketHandle.Bind().  Apparently the server entitlement is required in order 
for the socket API bind() function to work.  This seems wrong to me, since 
bind() is not restricted to just servers.  Clients can use it too, especially 
on multi-homed networks.  Possible Apple sandbox bug?

In any case, TIdSocketHandle.Bind() should be avoided (or updated to not call 
TIdSocketHandle.TryBind() internally) when the TIdSocketHandle.IP property is 
blank and the TIdSocketHandle.Port, TIdSocketHandle.ClientPortMin, and 
TIdSocketHandle.ClientPortMax properties are all 0.  That would allow the 
socket to choose its own binding parameters when connect() is called.

Original issue reported on code.google.com by gambit47 on 18 Sep 2013 at 7:58

GoogleCodeExporter commented 9 years ago 
This is not only a medium priority bug. It basicly makes the Indy component set 
useless for Mac OS X and iOS development. You cannot make an application to any 
of those platforms if it is being rejected by the App store.
This is a CRITICAL issue, and should be solved immediately!

Original comment by h...@earmaster.com on 15 Nov 2014 at 5:31

GoogleCodeExporter commented 9 years ago 
Updated TIdIOHandlerSocket.ConnectClient() to not call TIdSocketHandle.Bind() 
on OSX if no binding values have been assigned.  See SVN rev 5204.

Original comment by gambit47 on 15 Nov 2014 at 10:51

GoogleCodeExporter commented 9 years ago 
Great, I will check it out ASAP to verify that it solved the entitlement issue.

Original comment by h...@earmaster.com on 17 Nov 2014 at 8:29