Thursday, March 6, 2014


I'm using AFNetworking to access a HTTPS website.

AFHTTPRequestOperationManager *manager = [AFHTTPRequestOperationManager manager];
    // We modify AFSecurityPolicy to allow invalid certificate only for beecloud.cn
    manager.securityPolicy.allowInvalidCertificates = YES;
    [manager GET:@"https://url" parameters:nil success:^(AFHTTPRequestOperation *operation, id responseObject) {
        NSLog(@"JSON: %@", responseObject);
} failure:^(AFHTTPRequestOperation *operation, NSError *error) {
        NSLog(@"Error: %@", error);
}];


But I got the following errors:

2014-03-06 00:46:13.311 xctest[61972:1b27] CFNetwork SSLHandshake failed (-9806)
2014-03-06 00:46:13.371 xctest[61972:1b27] CFNetwork SSLHandshake failed (-9806)
2014-03-06 00:46:13.456 xctest[61972:1b27] CFNetwork SSLHandshake failed (-9806)
2014-03-06 00:46:13.458 xctest[61972:1b27] NSURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9806)

2014-03-06 00:46:13.461 xctest[61972:303] Error: Error Domain=NSURLErrorDomain Code=-1200 "An SSL error has occurred and a secure connection to the server cannot be made." UserInfo=0x102a2aa50 {NSUnderlyingError=0x10c0dd710 "An SSL error has occurred and a secure connection to the server cannot be made.", NSErrorFailingURLStringKey=, NSErrorFailingURLKey=, NSLocalizedRecoverySuggestion=Would you like to connect to the server anyway?, NSLocalizedDescription=An SSL error has occurred and a secure connection to the server cannot be made.}

It turns out that at our server side, we are generating a self-signed certificate using the keys generated using the default DSA algorithm. Somehow iOS has trouble dealing with DSA keys for SSL. After changing it to RSA using the following command, the problem is gone: 

keytool -genkey -keyalg RSA -alias server -keystore real_serverKeys 

Problem is gone!

Saturday, March 1, 2014

写代码的建议

几个写代码的建议,尽量避免重新发明车轮,一般比较好的做法是写一些底层的比较灵活的API,然后对这些底层API做各种crazy的unit test,然后其他的高层的API都调用这些底层的API,这样能够减少bug,代码design也更好。

我在Google受到的training有很多是关于代码格式,我刚来Google的时候,写的第一段代码写了改改了写差不多10多个来回,被人拍的体无完肤。以后要把这个习惯延续。
1 所有的函数都需要写注释,写清楚这个函数干嘛的,@param 参数是什么, @return 返回值是什么。
2 Unit Test极其重要,写的每一个函数最好都能有unit test来测试各种分支情况,尤其是对于逻辑复杂的函数,必须有Unit Test,各种不合法的输入等等。(UI可能不好unit test,但是对于写的一些具有复杂的logic代码也要有unit test)。
3 代码里面要多些注释,尤其是一些不那么常见的设计,或者是自己图方便图简单的设计,不那么显而易见的逻辑都需要写注释。

这些看是浪费时间,实则磨刀不误砍柴工,我深有体会,以前读PHD时候也是懒得这么做,后来上班了读别人的代码才知道这样做的重要性。

做后端,就是要能静下心,做技术的就是要有对技术追求精益求精的强迫症。所以你们在做设计,写代码的时候,一定要做到有“洁癖”,有“强迫症”,一定要找到最elegant的方案。

另外Google永远是好伙伴,找不到解决方案一定要上Google搜索,中文或者英文的关键词都试试,很多问题都迎刃而解。

共勉+自勉