Unknown_krror_2cf是什么么意思 是我登陆 CF出现的
点击联系发帖人
时间:2011-07-13 10:10
3 Common Causes of Unknown SSL Protocol Errors with cURL - Blogging Techstacks
A blog, support, and help resource for web site systems adminstrators, developers, and engineers.
I see a lot of people hitting this site looking for reasons as to why
is logging the following message when an SSL connection is attempted:
curl: (35) Unknown SSL protocol error in connection to ${some_server}
So, I thought it would be helpful to publish my 3 most common reasons why I've experienced this error during my web mastering career.
It should not serve as an end-all list but it should provide some quick pointers.
The Destination Site Does Not Like the Protocol
Let's take my Techstacks Tools site as an example.
Firing off a request like the following, results in the Unknown SSL Protocol error:
curl --sslv2 https://techstacks-tools.appspot.com/
Well, in this case it is because the techstacks tools site does not support SSLv2, thus, generating the curl (35) error.
The Destination Site Does Not Like the Cipher
You could be trying to connect to the site using an ssl cipher that the site is configured to reject.
For example, anonymous ciphers are typically disabled on ssl-encrypted sites that are customer-facing.
(Many of us set a blanket rejection policy on any SSL-encrypted web site—regardless of it's purpose.)
The following command string "can" also result in the curl (35) error:
curl --ciphers ADH-RC4-MD5 https://some_web_site.some_domain.com/
Unfortunately, the type of error response you can get from curl depends largely upon the ssl server.
On some sites, you'll receive the Unknown SSL Protocol error but on my techstacks-tools site, I get:
curl: (35) error::SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
Kudos to Google because this particular error is a bit more descriptive than the one my websites at work generate because this at least tells you that a ssl socket was started but because of handshake failures, the socket was never able to complete.
Try connecting to the site with a cipher that the site supports.
Not sure which cipher to use? & Well, let me introduce my
ssl cipher tester...
The SSL Private Key Has Expired
I came across this one earlier today working with an old WebSeAL site.
In IBM GSKit, you can specify how long the private key password is valid.
After reaching a certain date, you will still be able to get webseal started and listening on port 443 (or whatever you set your https-port value to) but you will not be able to successfully negotiate an SSL session.
In today's case, the old WebSEAL instance was using long-expired kdb file with a long expired private key password.
Once replaced with the correct, more-up-to-date version, everything worked again.
UPDATE (March 15, 2012): Since publishing this post two years ago, I have learned that you can see unknown protocol errors for another somewhat common reason. Some ISP's and DNS providers like to intercept your failed DNS queries in order to redirect you to a search engine results-style page offering you alternative URLs or "Did you mean...?" counter-query results. If you see an error like this: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol, it could be due to you typing the hostname incorrectly or the hostname is not yet tabled in your DNS. You can verify that with a simple "host" or "nslookup".NSError - NSHipster
Written by
October 14th, 2013
To err is human.
To NSError is Cocoa.
All programs on a Unix system are a child process of another process, forking all the way from the original process, the unmoved mover: pid 1 (which in the case of OS X is launchd). When the executable finishes, it communicates a status code between 0 and 255 to its parent, as a way to communicate why or how the process exited. 0 means &everyt nothing to report here&, while any non-zero value indicates something that the parent process should be aware of. Exit status codes may be used to indicate whether the process crashed, or terminated prematurely. By some conventions, the higher the return value, the more severe the cause of the error.
In an OO paradigm processes are, for the most part, abstracted away, leaving only objects and the messages they pass between one another. That distinction between success and failure (and between different varieties of failure) is still useful in object-oriented programming. But considering that methods are often wont to return values other than BOOL, this can create something of a predicament.
Languages more drama-prone and trigger-happy than Objective-C reconcile this by abusing the hell out of exceptions, raising at even the slightest breach in contract. To our good fortune as Cocoanauts, however, Objective-C takes a more civilized approach when it comes to giving us bad news, and that approach is NSError.
NSError is the unsung hero of the Foundation framework. Passed gallantly in and out of perilous method calls, it is the messenger by which we are able to contextualize our failures. No news is good news, when it comes to such matters, but passing a nil pointer to an NSError ** isn&t going to do you any favors.
NSError is toll-free bridged with CFError, but it&s unlikely that you&ll ever find a reason to dip down to its Core Foundation counterpart.
Each NSError object encodes three critical pieces of information: a status code, corresponding to a particular error domain, as well as additional context provided by a userInfo dictionary.
code & domain
Like exit status codes, an NSError -code signals the nature of the problem. These status codes are defined within a particular error domain, in order to avoid overlap and confusion. These status codes are generally defined by constants in an enum.
For example, in the NSCocoaErrorDomain, the status code for an error caused by NSFileManager attempting to access a non-existant file is 4, as defined by NSFileNoSuchFileError. However, 4 in NSPOSIXErrorDomain refers to a .
Now, anyone coming from a systems programming background may have just had a vision of a switch statement with smatterings of printf to translate numeric constants into something human-readable. NSError is way ahead of you.
What gives NSError its particular charm is everyone&s favorite grab bag property: userInfo. As a convention throughout Cocoa, userInfo is a dictionary that contains arbitrary key-value pairs that, whether for reasons of subclassing or schematic sparsity, are not suited to full-fledged properties in and of themselves. In the case of NSError, there are several special keys that correspond to readonly properties.
Three are generally useful:
localizedDescription (NSLocalizedDescriptionKey): A localized description of the error.
localizedRecoverySuggestion (NSLocalizedRecoverySuggestionErrorKey): A localized recovery suggestion for the error.
localizedFailureReason (NSLocalizedFailureReasonErrorKey): A localized explanation of the reason for the error.
&whereas three others are specific to OS X:
localizedRecoveryOptions (NSLocalizedRecoveryOptionsErrorKey): An array containing the localized titles of buttons appropriate for displaying in an alert panel
recoveryAttempter (NSRecoveryAttempterErrorKey)
helpAnchor (NSHelpAnchorErrorKey): Used by an alert panel by a help anchor button.
Here&s how to construct NSError with a userInfo dictionary:
NSDictionary *userInfo = @{
NSLocalizedDescriptionKey: NSLocalizedString(@&Operation was unsuccessful.&, nil),
NSLocalizedFailureReasonErrorKey: NSLocalizedString(@&The operation timed out.&, nil),
NSLocalizedRecoverySuggestionErrorKey: NSLocalizedString(@&Have you tried turning it off and on again?&, nil)
NSError *error = [NSError errorWithDomain:NSHipsterErrorDomain
userInfo:userInfo];
The advantage of encapsulating this information in an object like NSError, as opposed to, say, throwing exceptions willy-nilly, is that these error objects can be easily passed between different objects and contexts.
For example, a controller that calls a method that populates an NSError ** (as discussed in the next section) might pass that error into an alert view:
[[[UIAlertView alloc] initWithTitle:error.localizedDescription
message:error.localizedRecoverySuggestion
delegate:nil
cancelButtonTitle:NSLocalizedString(@&OK&, nil)
otherButtonTitles:nil, nil] show];
As a brief non-sequitur: one clever hack used by C functions to communicate errors is to . It&s no localizedDescription, but it&s better than cross-referencing error codes from a table every time!
For sake of completeness: here is a list of the standard NSError userInfo keys:
NSLocalizedDescriptionKey
NSLocalizedFailureReasonErrorKey
NSLocalizedRecoverySuggestionErrorKey
NSLocalizedRecoveryOptionsErrorKey
NSFilePathErrorKey
NSStringEncodingErrorKey
NSUnderlyingErrorKey
NSRecoveryAttempterErrorKey
NSHelpAnchorErrorKey
Using NSError
There are two ways in which you will encounter NSError: as a consumer and as a producer.
As a consumer, you are primarily concerned with methods that have a final parameter of type NSError **. Again, this is to get around the single return value constraint of Objective-C; by passing a pointer to an uninitialized NSError * variable, that variable will be populated with any error the method encounters:
NSError *error = nil;
BOOL success = [[NSFileManager defaultManager] moveItemAtPath:@&/path/to/target&
toPath:@&/path/to/destination&
error:&error];
if (!success) {
NSLog(@&%@&, error);
According to Cocoa conventions, methods returning BOOL to indicate success or failure are encouraged to have a final NSError ** parameter if there are multiple failure conditions to distinguish between. A good guideline is whether you could imagine that NSError bubbling up, and being presented to the user.
Another way NSError objects are passed is the inclusion of an NSError * argument in completionHandler blocks. This gets around both a constraint on single value returns as well as one on that value being returned synchronously. This has become especially popular with newer Foundation APIs, like NSURLSession:
NSURL *URL = [NSURL URLWithString:@&http://example.com&];
NSURLRequest *request = [NSURLRequest requestWithURL:URL];
NSURLSession *session = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration defaultSessionConfiguration]];
[[session dataTaskWithRequest:request
completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
if (!data) {
NSLog(@&%@&, error);
}] resume];
One would be well-advised to follow the same conventions for error handling as other Foundation classes. In situations where a custom method invokes a method with an NSError ** parameter, it is usually a good idea to similarly pass that NSError ** parameter into the signature of the custom method. More substantial apps or libraries are encouraged to define their own error domains and error code constants as suitable.
To pass an error to an NSError ** parameter, do the following:
- (BOOL)validateObject:(id)object
error:(NSError * __autoreleasing *)outError
NSError *error = nil;
BOOL success = ...; // call another API, passing &error into its (NSError **) parameter
if (!success) {
if (outError) {
*outError = [NSError errorWithDomain:NSHipsterErrorDomain
userInfo:@{NSUnderlyingErrorKey: error}];
return success;
The root error, if one exists, should be returned as part of your custom error&s userInfo dictionary as the value for NSUnderlyingErrorKey.
NSURLErrorDomain & CFNetworkErrors
The greatest source of failure in iOS apps is networking. Between radios, transport, data roaming policies, proxies, security, authentication, and any number of protocol-specific negotiation, there is a lot that can go wrong.
On the plus side, the Foundation URL Loading system is incredibly mature, and takes care of most of that for you. The only negative is that the documentation for all of the various things that can go wrong is scattered across different programming guides and headers. If you get a request failing with error -1004, it can be surprisingly difficult to figure out exactly what that means.
As such, here is an exhaustive, well-formatted table at your disposal:
Description
-1NSURLErrorUnknown
1kCFHostErrorHostNotFound
Indicates that the DNS lookup failed.
2kCFHostErrorUnknown
An unknown error occurred (a name server failure, for example). For additional information, query the kCFGetAddrInfoFailureKey to get the value retur lookup in netdb.h
100kCFSOCKSErrorUnknownClientVersion
The SOCKS server rejected access because it does not support connections with the requested SOCKS version.Query kCFSOCKSStatusCodeKey to recover the status code returned by the server.
101kCFSOCKSErrorUnsupportedServerVersion
The version of SOCKS requested by the server is not supported. Query kCFSOCKSStatusCodeKey to recover the status code returned by the server.Query the kCFSOCKSVersionKey to find the version requested by the server.
SOCKS4 Errors
Description
110kCFSOCKS4ErrorRequestFailed
Request rejected or failed by the server.
111kCFSOCKS4ErrorIdentdFailed
Request rejected because SOCKS server cannot connect to identd on the client.
112kCFSOCKS4ErrorIdConflict
Request rejected because the client program and identd report different user-ids.
113kCFSOCKS4ErrorUnknownStatusCode
The status code returned by the server is unknown.
SOCKS5 Errors
Description
120kCFSOCKS5ErrorBadState
The stream is not in a state that allows the requested operation.
121kCFSOCKS5ErrorBadResponseAddr
The address type returned is not supported.
122kCFSOCKS5ErrorBadCredentials
The SOCKS server refused the client connection because of bad login credentials.
123kCFSOCKS5ErrorUnsupportedNegotiationMethod
The requested method is not supported. Query kCFSOCKSNegotiationMethodKey to find the method requested.
124kCFSOCKS5ErrorNoAcceptableMethod
The client and server could not find a mutually agreeable authentication method.
FTP Errors
Description
200kCFFTPErrorUnexpectedStatusCode
The server returned an unexpected status code. Query the kCFFTPStatusCodeKey to get the status code returned by the server
HTTP Errors
Description
300kCFErrorHTTPAuthenticationTypeUnsupported
The client and server could not agree on a supported authentication type.
301kCFErrorHTTPBadCredentials
The credentials provided for an authenticated connection were rejected by the server.
302kCFErrorHTTPConnectionLost
The connection to the server was dropped. This usually indicates a highly overloaded server.
303kCFErrorHTTPParseFailure
The HTTP server response could not be parsed.
304kCFErrorHTTPRedirectionLoopDetected
Too many HTTP redirects occurred before reaching a page that did not redirect the client to another page. This usually indicates a redirect loop.
305kCFErrorHTTPBadURL
The requested URL could not be retrieved.
306kCFErrorHTTPProxyConnectionFailure
A connection could not be established to the HTTP proxy.
307kCFErrorHTTPBadProxyCredentials
The authentication credentials provided for logging into the proxy were rejected.
308kCFErrorPACFileError
An error occurred with the proxy autoconfiguration file.
309kCFErrorPACFileAuth
The authentication credentials provided by the proxy autoconfiguration file were rejected.
310kCFErrorHTTPSProxyConnectionFailure
A connection could not be established to the HTTPS proxy.
311kCFStreamErrorHTTPSProxyFailureUnexpectedResponseToCONNECTMethod
The HTTPS proxy returned an unexpected status code, such as a 3xx redirect.
CFURLConnection & CFURLProtocol Errors
Description
-998kCFURLErrorUnknown
An unknown error occurred.
-999kCFURLErrorCancelledNSURLErrorCancelled
The connection was cancelled.
-1000kCFURLErrorBadURLNSURLErrorBadURL
The connection failed due to a malformed URL.
-1001kCFURLErrorTimedOutNSURLErrorTimedOut
The connection timed out.
-1002kCFURLErrorUnsupportedURLNSURLErrorUnsupportedURL
The connection failed due to an unsupported URL scheme.
-1003kCFURLErrorCannotFindHostNSURLErrorCannotFindHost
The connection failed because the host could not be found.
-1004kCFURLErrorCannotConnectToHostNSURLErrorCannotConnectToHost
The connection failed because a connection cannot be made to the host.
-1005kCFURLErrorNetworkConnectionLostNSURLErrorNetworkConnectionLost
The connection failed because the network connection was lost.
-1006kCFURLErrorDNSLookupFailedNSURLErrorDNSLookupFailed
The connection failed because the DNS lookup failed.
-1007kCFURLErrorHTTPTooManyRedirectsNSURLErrorHTTPTooManyRedirects
The HTTP connection failed due to too many redirects.
-1008kCFURLErrorResourceUnavailableNSURLErrorResourceUnavailable
The connection’s resource is unavailable.
-1009kCFURLErrorNotConnectedToInternetNSURLErrorNotConnectedToInternet
The connection failed because the device is not connected to the internet.
-1010kCFURLErrorRedirectToNonExistentLocationNSURLErrorRedirectToNonExistentLocation
The connection was redirected to a nonexistent location.
-1011kCFURLErrorBadServerResponseNSURLErrorBadServerResponse
The connection received an invalid server response.
-1012kCFURLErrorUserCancelledAuthenticationNSURLErrorUserCancelledAuthentication
The connection failed because the user cancelled required authentication.
-1013kCFURLErrorUserAuthenticationRequiredNSURLErrorUserAuthenticationRequired
The connection failed because authentication is required.
-1014kCFURLErrorZeroByteResourceNSURLErrorZeroByteResource
The resource retrieved by the connection is zero bytes.
-1015kCFURLErrorCannotDecodeRawDataNSURLErrorCannotDecodeRawData
The connection cannot decode data encoded with a known content encoding.
-1016kCFURLErrorCannotDecodeContentDataNSURLErrorCannotDecodeContentData
The connection cannot decode data encoded with an unknown content encoding.
-1017kCFURLErrorCannotParseResponseNSURLErrorCannotParseResponse
The connection cannot parse the server’s response.
-1018kCFURLErrorInternationalRoamingOff
The connection failed because international roaming is disabled on the device.
-1019kCFURLErrorCallIsActive
The connection failed because a call is active.
-1020kCFURLErrorDataNotAllowed
The connection failed because data use is currently not allowed on the device.
-1021kCFURLErrorRequestBodyStreamExhausted
The connection failed because its request’s body stream was exhausted.
-1022kCFURLErrorAppTransportSecurityRequiresSecureConnection
The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.
File Errors
Description
-1100kCFURLErrorFileDoesNotExistNSURLErrorFileDoesNotExist
The file operation failed because the file does not exist.
-1101kCFURLErrorFileIsDirectoryNSURLErrorFileIsDirectory
The file operation failed because the file is a directory.
-1102kCFURLErrorNoPermissionsToReadFileNSURLErrorNoPermissionsToReadFile
The file operation failed because it does not have permission to read the file.
-1103kCFURLErrorDataLengthExceedsMaximumNSURLErrorDataLengthExceedsMaximum
The file operation failed because the file is too large.
SSL Errors
Description
-1200kCFURLErrorSecureConnectionFailedNSURLErrorSecureConnectionFailed
The secure connection failed for an unknown reason.
-1201kCFURLErrorServerCertificateHasBadDateNSURLErrorServerCertificateHasBadDate
The secure connection failed because the server’s certificate has an invalid date.
-1202kCFURLErrorServerCertificateUntrustedNSURLErrorServerCertificateUntrusted
The secure connection failed because the server’s certificate is not trusted.
-1203kCFURLErrorServerCertificateHasUnknownRootNSURLErrorServerCertificateHasUnknownRoot
The secure connection failed because the server’s certificate has an unknown root.
-1204kCFURLErrorServerCertificateNotYetValidNSURLErrorServerCertificateNotYetValid
The secure connection failed because the server’s certificate is not yet valid.
-1205kCFURLErrorClientCertificateRejectedNSURLErrorClientCertificateRejected
The secure connection failed because the client’s certificate was rejected.
-1206kCFURLErrorClientCertificateRequiredNSURLErrorClientCertificateRequired
The secure connection failed because the server requires a client certificate.
Download and File I/O Errors
Description
-2000kCFURLErrorCannotLoadFromNetworkNSURLErrorCannotLoadFromNetwork
The connection failed because it is being required to return a cached resource, but one is not available.
-3000kCFURLErrorCannotCreateFileNSURLErrorCannotCreateFile
The file cannot be created.
-3001kCFURLErrorCannotOpenFileNSURLErrorCannotOpenFile
The file cannot be opened.
-3002kCFURLErrorCannotCloseFileNSURLErrorCannotCloseFile
The file cannot be closed.
-3003kCFURLErrorCannotWriteToFileNSURLErrorCannotWriteToFile
The file cannot be written.
-3004kCFURLErrorCannotRemoveFileNSURLErrorCannotRemoveFile
The file cannot be removed.
-3005kCFURLErrorCannotMoveFileNSURLErrorCannotMoveFile
The file cannot be moved.
-3006kCFURLErrorDownloadDecodingFailedMidStreamNSURLErrorDownloadDecodingFailedMidStream
The download failed because decoding of the downloaded data failed mid-stream.
-3007kCFURLErrorDownloadDecodingFailedToCompleteNSURLErrorDownloadDecodingFailedToComplete
The download failed because decoding of the downloaded data failed to complete.
Cookie errors
Description
-4000kCFHTTPCookieCannotParseCookieFile
The cookie file cannot be parsed.
CFNetServices Errors
Description
-72000LkCFNetServiceErrorUnknown
An unknown error occurred.
-72001LkCFNetServiceErrorCollision
An attempt was made to use a name that is already in use.
-72002LkCFNetServiceErrorNotFound
-72003LkCFNetServiceErrorInProgress
A new search could not be started because a search is already in progress.
-72004LkCFNetServiceErrorBadArgument
A required argument was not provided or was not valid.
-72005LkCFNetServiceErrorCancel
The search or service was cancelled.
-72006LkCFNetServiceErrorInvalid
Invalid data was passed to a CFNetServices function.
-72007LkCFNetServiceErrorTimeout
A search failed because it timed out.
-73000LkCFNetServiceErrorDNSServiceFailure
An error from DNS look at kCFDNSServiceFailureKey to get the error number and interpret using dnssd.h
Having scrolled down through that huge table, you might be expecting the usual NSHipster philosophical wrap-up. Not this week. Do you have any idea how long it took to compile that table? It&s all, like, NSRepetitiveStrainInjury up in here.
Such are the error of my ways.
NSMutableHipster
Questions? Corrections?
are always welcome — NSHipster is made better by readers like you.
Find status information for all articles on the .
Follow NSHipster
Written by
() is a writer and developer from the Rustbelt.
Next Article
Launch Arguments &Environment Variables
There are a number of options that can be passed into a target&s scheme to enable useful debugging behavior, but like a fast food secret menu, they&re obscure and widely unknown.
Related Articles
Questions? Corrections?
NSHipster.com is released under a .}
A blog, support, and help resource for web site systems adminstrators, developers, and engineers.
I see a lot of people hitting this site looking for reasons as to why
is logging the following message when an SSL connection is attempted:
curl: (35) Unknown SSL protocol error in connection to ${some_server}
So, I thought it would be helpful to publish my 3 most common reasons why I've experienced this error during my web mastering career.
It should not serve as an end-all list but it should provide some quick pointers.
The Destination Site Does Not Like the Protocol
Let's take my Techstacks Tools site as an example.
Firing off a request like the following, results in the Unknown SSL Protocol error:
curl --sslv2 https://techstacks-tools.appspot.com/
Well, in this case it is because the techstacks tools site does not support SSLv2, thus, generating the curl (35) error.
The Destination Site Does Not Like the Cipher
You could be trying to connect to the site using an ssl cipher that the site is configured to reject.
For example, anonymous ciphers are typically disabled on ssl-encrypted sites that are customer-facing.
(Many of us set a blanket rejection policy on any SSL-encrypted web site—regardless of it's purpose.)
The following command string "can" also result in the curl (35) error:
curl --ciphers ADH-RC4-MD5 https://some_web_site.some_domain.com/
Unfortunately, the type of error response you can get from curl depends largely upon the ssl server.
On some sites, you'll receive the Unknown SSL Protocol error but on my techstacks-tools site, I get:
curl: (35) error::SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure
Kudos to Google because this particular error is a bit more descriptive than the one my websites at work generate because this at least tells you that a ssl socket was started but because of handshake failures, the socket was never able to complete.
Try connecting to the site with a cipher that the site supports.
Not sure which cipher to use? & Well, let me introduce my
ssl cipher tester...
The SSL Private Key Has Expired
I came across this one earlier today working with an old WebSeAL site.
In IBM GSKit, you can specify how long the private key password is valid.
After reaching a certain date, you will still be able to get webseal started and listening on port 443 (or whatever you set your https-port value to) but you will not be able to successfully negotiate an SSL session.
In today's case, the old WebSEAL instance was using long-expired kdb file with a long expired private key password.
Once replaced with the correct, more-up-to-date version, everything worked again.
UPDATE (March 15, 2012): Since publishing this post two years ago, I have learned that you can see unknown protocol errors for another somewhat common reason. Some ISP's and DNS providers like to intercept your failed DNS queries in order to redirect you to a search engine results-style page offering you alternative URLs or "Did you mean...?" counter-query results. If you see an error like this: error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol, it could be due to you typing the hostname incorrectly or the hostname is not yet tabled in your DNS. You can verify that with a simple "host" or "nslookup".NSError - NSHipster
Written by
October 14th, 2013
To err is human.
To NSError is Cocoa.
All programs on a Unix system are a child process of another process, forking all the way from the original process, the unmoved mover: pid 1 (which in the case of OS X is launchd). When the executable finishes, it communicates a status code between 0 and 255 to its parent, as a way to communicate why or how the process exited. 0 means &everyt nothing to report here&, while any non-zero value indicates something that the parent process should be aware of. Exit status codes may be used to indicate whether the process crashed, or terminated prematurely. By some conventions, the higher the return value, the more severe the cause of the error.
In an OO paradigm processes are, for the most part, abstracted away, leaving only objects and the messages they pass between one another. That distinction between success and failure (and between different varieties of failure) is still useful in object-oriented programming. But considering that methods are often wont to return values other than BOOL, this can create something of a predicament.
Languages more drama-prone and trigger-happy than Objective-C reconcile this by abusing the hell out of exceptions, raising at even the slightest breach in contract. To our good fortune as Cocoanauts, however, Objective-C takes a more civilized approach when it comes to giving us bad news, and that approach is NSError.
NSError is the unsung hero of the Foundation framework. Passed gallantly in and out of perilous method calls, it is the messenger by which we are able to contextualize our failures. No news is good news, when it comes to such matters, but passing a nil pointer to an NSError ** isn&t going to do you any favors.
NSError is toll-free bridged with CFError, but it&s unlikely that you&ll ever find a reason to dip down to its Core Foundation counterpart.
Each NSError object encodes three critical pieces of information: a status code, corresponding to a particular error domain, as well as additional context provided by a userInfo dictionary.
code & domain
Like exit status codes, an NSError -code signals the nature of the problem. These status codes are defined within a particular error domain, in order to avoid overlap and confusion. These status codes are generally defined by constants in an enum.
For example, in the NSCocoaErrorDomain, the status code for an error caused by NSFileManager attempting to access a non-existant file is 4, as defined by NSFileNoSuchFileError. However, 4 in NSPOSIXErrorDomain refers to a .
Now, anyone coming from a systems programming background may have just had a vision of a switch statement with smatterings of printf to translate numeric constants into something human-readable. NSError is way ahead of you.
What gives NSError its particular charm is everyone&s favorite grab bag property: userInfo. As a convention throughout Cocoa, userInfo is a dictionary that contains arbitrary key-value pairs that, whether for reasons of subclassing or schematic sparsity, are not suited to full-fledged properties in and of themselves. In the case of NSError, there are several special keys that correspond to readonly properties.
Three are generally useful:
localizedDescription (NSLocalizedDescriptionKey): A localized description of the error.
localizedRecoverySuggestion (NSLocalizedRecoverySuggestionErrorKey): A localized recovery suggestion for the error.
localizedFailureReason (NSLocalizedFailureReasonErrorKey): A localized explanation of the reason for the error.
&whereas three others are specific to OS X:
localizedRecoveryOptions (NSLocalizedRecoveryOptionsErrorKey): An array containing the localized titles of buttons appropriate for displaying in an alert panel
recoveryAttempter (NSRecoveryAttempterErrorKey)
helpAnchor (NSHelpAnchorErrorKey): Used by an alert panel by a help anchor button.
Here&s how to construct NSError with a userInfo dictionary:
NSDictionary *userInfo = @{
NSLocalizedDescriptionKey: NSLocalizedString(@&Operation was unsuccessful.&, nil),
NSLocalizedFailureReasonErrorKey: NSLocalizedString(@&The operation timed out.&, nil),
NSLocalizedRecoverySuggestionErrorKey: NSLocalizedString(@&Have you tried turning it off and on again?&, nil)
NSError *error = [NSError errorWithDomain:NSHipsterErrorDomain
userInfo:userInfo];
The advantage of encapsulating this information in an object like NSError, as opposed to, say, throwing exceptions willy-nilly, is that these error objects can be easily passed between different objects and contexts.
For example, a controller that calls a method that populates an NSError ** (as discussed in the next section) might pass that error into an alert view:
[[[UIAlertView alloc] initWithTitle:error.localizedDescription
message:error.localizedRecoverySuggestion
delegate:nil
cancelButtonTitle:NSLocalizedString(@&OK&, nil)
otherButtonTitles:nil, nil] show];
As a brief non-sequitur: one clever hack used by C functions to communicate errors is to . It&s no localizedDescription, but it&s better than cross-referencing error codes from a table every time!
For sake of completeness: here is a list of the standard NSError userInfo keys:
NSLocalizedDescriptionKey
NSLocalizedFailureReasonErrorKey
NSLocalizedRecoverySuggestionErrorKey
NSLocalizedRecoveryOptionsErrorKey
NSFilePathErrorKey
NSStringEncodingErrorKey
NSUnderlyingErrorKey
NSRecoveryAttempterErrorKey
NSHelpAnchorErrorKey
Using NSError
There are two ways in which you will encounter NSError: as a consumer and as a producer.
As a consumer, you are primarily concerned with methods that have a final parameter of type NSError **. Again, this is to get around the single return value constraint of Objective-C; by passing a pointer to an uninitialized NSError * variable, that variable will be populated with any error the method encounters:
NSError *error = nil;
BOOL success = [[NSFileManager defaultManager] moveItemAtPath:@&/path/to/target&
toPath:@&/path/to/destination&
error:&error];
if (!success) {
NSLog(@&%@&, error);
According to Cocoa conventions, methods returning BOOL to indicate success or failure are encouraged to have a final NSError ** parameter if there are multiple failure conditions to distinguish between. A good guideline is whether you could imagine that NSError bubbling up, and being presented to the user.
Another way NSError objects are passed is the inclusion of an NSError * argument in completionHandler blocks. This gets around both a constraint on single value returns as well as one on that value being returned synchronously. This has become especially popular with newer Foundation APIs, like NSURLSession:
NSURL *URL = [NSURL URLWithString:@&http://example.com&];
NSURLRequest *request = [NSURLRequest requestWithURL:URL];
NSURLSession *session = [NSURLSession sessionWithConfiguration:[NSURLSessionConfiguration defaultSessionConfiguration]];
[[session dataTaskWithRequest:request
completionHandler:^(NSData *data, NSURLResponse *response, NSError *error) {
if (!data) {
NSLog(@&%@&, error);
}] resume];
One would be well-advised to follow the same conventions for error handling as other Foundation classes. In situations where a custom method invokes a method with an NSError ** parameter, it is usually a good idea to similarly pass that NSError ** parameter into the signature of the custom method. More substantial apps or libraries are encouraged to define their own error domains and error code constants as suitable.
To pass an error to an NSError ** parameter, do the following:
- (BOOL)validateObject:(id)object
error:(NSError * __autoreleasing *)outError
NSError *error = nil;
BOOL success = ...; // call another API, passing &error into its (NSError **) parameter
if (!success) {
if (outError) {
*outError = [NSError errorWithDomain:NSHipsterErrorDomain
userInfo:@{NSUnderlyingErrorKey: error}];
return success;
The root error, if one exists, should be returned as part of your custom error&s userInfo dictionary as the value for NSUnderlyingErrorKey.
NSURLErrorDomain & CFNetworkErrors
The greatest source of failure in iOS apps is networking. Between radios, transport, data roaming policies, proxies, security, authentication, and any number of protocol-specific negotiation, there is a lot that can go wrong.
On the plus side, the Foundation URL Loading system is incredibly mature, and takes care of most of that for you. The only negative is that the documentation for all of the various things that can go wrong is scattered across different programming guides and headers. If you get a request failing with error -1004, it can be surprisingly difficult to figure out exactly what that means.
As such, here is an exhaustive, well-formatted table at your disposal:
Description
-1NSURLErrorUnknown
1kCFHostErrorHostNotFound
Indicates that the DNS lookup failed.
2kCFHostErrorUnknown
An unknown error occurred (a name server failure, for example). For additional information, query the kCFGetAddrInfoFailureKey to get the value retur lookup in netdb.h
100kCFSOCKSErrorUnknownClientVersion
The SOCKS server rejected access because it does not support connections with the requested SOCKS version.Query kCFSOCKSStatusCodeKey to recover the status code returned by the server.
101kCFSOCKSErrorUnsupportedServerVersion
The version of SOCKS requested by the server is not supported. Query kCFSOCKSStatusCodeKey to recover the status code returned by the server.Query the kCFSOCKSVersionKey to find the version requested by the server.
SOCKS4 Errors
Description
110kCFSOCKS4ErrorRequestFailed
Request rejected or failed by the server.
111kCFSOCKS4ErrorIdentdFailed
Request rejected because SOCKS server cannot connect to identd on the client.
112kCFSOCKS4ErrorIdConflict
Request rejected because the client program and identd report different user-ids.
113kCFSOCKS4ErrorUnknownStatusCode
The status code returned by the server is unknown.
SOCKS5 Errors
Description
120kCFSOCKS5ErrorBadState
The stream is not in a state that allows the requested operation.
121kCFSOCKS5ErrorBadResponseAddr
The address type returned is not supported.
122kCFSOCKS5ErrorBadCredentials
The SOCKS server refused the client connection because of bad login credentials.
123kCFSOCKS5ErrorUnsupportedNegotiationMethod
The requested method is not supported. Query kCFSOCKSNegotiationMethodKey to find the method requested.
124kCFSOCKS5ErrorNoAcceptableMethod
The client and server could not find a mutually agreeable authentication method.
FTP Errors
Description
200kCFFTPErrorUnexpectedStatusCode
The server returned an unexpected status code. Query the kCFFTPStatusCodeKey to get the status code returned by the server
HTTP Errors
Description
300kCFErrorHTTPAuthenticationTypeUnsupported
The client and server could not agree on a supported authentication type.
301kCFErrorHTTPBadCredentials
The credentials provided for an authenticated connection were rejected by the server.
302kCFErrorHTTPConnectionLost
The connection to the server was dropped. This usually indicates a highly overloaded server.
303kCFErrorHTTPParseFailure
The HTTP server response could not be parsed.
304kCFErrorHTTPRedirectionLoopDetected
Too many HTTP redirects occurred before reaching a page that did not redirect the client to another page. This usually indicates a redirect loop.
305kCFErrorHTTPBadURL
The requested URL could not be retrieved.
306kCFErrorHTTPProxyConnectionFailure
A connection could not be established to the HTTP proxy.
307kCFErrorHTTPBadProxyCredentials
The authentication credentials provided for logging into the proxy were rejected.
308kCFErrorPACFileError
An error occurred with the proxy autoconfiguration file.
309kCFErrorPACFileAuth
The authentication credentials provided by the proxy autoconfiguration file were rejected.
310kCFErrorHTTPSProxyConnectionFailure
A connection could not be established to the HTTPS proxy.
311kCFStreamErrorHTTPSProxyFailureUnexpectedResponseToCONNECTMethod
The HTTPS proxy returned an unexpected status code, such as a 3xx redirect.
CFURLConnection & CFURLProtocol Errors
Description
-998kCFURLErrorUnknown
An unknown error occurred.
-999kCFURLErrorCancelledNSURLErrorCancelled
The connection was cancelled.
-1000kCFURLErrorBadURLNSURLErrorBadURL
The connection failed due to a malformed URL.
-1001kCFURLErrorTimedOutNSURLErrorTimedOut
The connection timed out.
-1002kCFURLErrorUnsupportedURLNSURLErrorUnsupportedURL
The connection failed due to an unsupported URL scheme.
-1003kCFURLErrorCannotFindHostNSURLErrorCannotFindHost
The connection failed because the host could not be found.
-1004kCFURLErrorCannotConnectToHostNSURLErrorCannotConnectToHost
The connection failed because a connection cannot be made to the host.
-1005kCFURLErrorNetworkConnectionLostNSURLErrorNetworkConnectionLost
The connection failed because the network connection was lost.
-1006kCFURLErrorDNSLookupFailedNSURLErrorDNSLookupFailed
The connection failed because the DNS lookup failed.
-1007kCFURLErrorHTTPTooManyRedirectsNSURLErrorHTTPTooManyRedirects
The HTTP connection failed due to too many redirects.
-1008kCFURLErrorResourceUnavailableNSURLErrorResourceUnavailable
The connection’s resource is unavailable.
-1009kCFURLErrorNotConnectedToInternetNSURLErrorNotConnectedToInternet
The connection failed because the device is not connected to the internet.
-1010kCFURLErrorRedirectToNonExistentLocationNSURLErrorRedirectToNonExistentLocation
The connection was redirected to a nonexistent location.
-1011kCFURLErrorBadServerResponseNSURLErrorBadServerResponse
The connection received an invalid server response.
-1012kCFURLErrorUserCancelledAuthenticationNSURLErrorUserCancelledAuthentication
The connection failed because the user cancelled required authentication.
-1013kCFURLErrorUserAuthenticationRequiredNSURLErrorUserAuthenticationRequired
The connection failed because authentication is required.
-1014kCFURLErrorZeroByteResourceNSURLErrorZeroByteResource
The resource retrieved by the connection is zero bytes.
-1015kCFURLErrorCannotDecodeRawDataNSURLErrorCannotDecodeRawData
The connection cannot decode data encoded with a known content encoding.
-1016kCFURLErrorCannotDecodeContentDataNSURLErrorCannotDecodeContentData
The connection cannot decode data encoded with an unknown content encoding.
-1017kCFURLErrorCannotParseResponseNSURLErrorCannotParseResponse
The connection cannot parse the server’s response.
-1018kCFURLErrorInternationalRoamingOff
The connection failed because international roaming is disabled on the device.
-1019kCFURLErrorCallIsActive
The connection failed because a call is active.
-1020kCFURLErrorDataNotAllowed
The connection failed because data use is currently not allowed on the device.
-1021kCFURLErrorRequestBodyStreamExhausted
The connection failed because its request’s body stream was exhausted.
-1022kCFURLErrorAppTransportSecurityRequiresSecureConnection
The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.
File Errors
Description
-1100kCFURLErrorFileDoesNotExistNSURLErrorFileDoesNotExist
The file operation failed because the file does not exist.
-1101kCFURLErrorFileIsDirectoryNSURLErrorFileIsDirectory
The file operation failed because the file is a directory.
-1102kCFURLErrorNoPermissionsToReadFileNSURLErrorNoPermissionsToReadFile
The file operation failed because it does not have permission to read the file.
-1103kCFURLErrorDataLengthExceedsMaximumNSURLErrorDataLengthExceedsMaximum
The file operation failed because the file is too large.
SSL Errors
Description
-1200kCFURLErrorSecureConnectionFailedNSURLErrorSecureConnectionFailed
The secure connection failed for an unknown reason.
-1201kCFURLErrorServerCertificateHasBadDateNSURLErrorServerCertificateHasBadDate
The secure connection failed because the server’s certificate has an invalid date.
-1202kCFURLErrorServerCertificateUntrustedNSURLErrorServerCertificateUntrusted
The secure connection failed because the server’s certificate is not trusted.
-1203kCFURLErrorServerCertificateHasUnknownRootNSURLErrorServerCertificateHasUnknownRoot
The secure connection failed because the server’s certificate has an unknown root.
-1204kCFURLErrorServerCertificateNotYetValidNSURLErrorServerCertificateNotYetValid
The secure connection failed because the server’s certificate is not yet valid.
-1205kCFURLErrorClientCertificateRejectedNSURLErrorClientCertificateRejected
The secure connection failed because the client’s certificate was rejected.
-1206kCFURLErrorClientCertificateRequiredNSURLErrorClientCertificateRequired
The secure connection failed because the server requires a client certificate.
Download and File I/O Errors
Description
-2000kCFURLErrorCannotLoadFromNetworkNSURLErrorCannotLoadFromNetwork
The connection failed because it is being required to return a cached resource, but one is not available.
-3000kCFURLErrorCannotCreateFileNSURLErrorCannotCreateFile
The file cannot be created.
-3001kCFURLErrorCannotOpenFileNSURLErrorCannotOpenFile
The file cannot be opened.
-3002kCFURLErrorCannotCloseFileNSURLErrorCannotCloseFile
The file cannot be closed.
-3003kCFURLErrorCannotWriteToFileNSURLErrorCannotWriteToFile
The file cannot be written.
-3004kCFURLErrorCannotRemoveFileNSURLErrorCannotRemoveFile
The file cannot be removed.
-3005kCFURLErrorCannotMoveFileNSURLErrorCannotMoveFile
The file cannot be moved.
-3006kCFURLErrorDownloadDecodingFailedMidStreamNSURLErrorDownloadDecodingFailedMidStream
The download failed because decoding of the downloaded data failed mid-stream.
-3007kCFURLErrorDownloadDecodingFailedToCompleteNSURLErrorDownloadDecodingFailedToComplete
The download failed because decoding of the downloaded data failed to complete.
Cookie errors
Description
-4000kCFHTTPCookieCannotParseCookieFile
The cookie file cannot be parsed.
CFNetServices Errors
Description
-72000LkCFNetServiceErrorUnknown
An unknown error occurred.
-72001LkCFNetServiceErrorCollision
An attempt was made to use a name that is already in use.
-72002LkCFNetServiceErrorNotFound
-72003LkCFNetServiceErrorInProgress
A new search could not be started because a search is already in progress.
-72004LkCFNetServiceErrorBadArgument
A required argument was not provided or was not valid.
-72005LkCFNetServiceErrorCancel
The search or service was cancelled.
-72006LkCFNetServiceErrorInvalid
Invalid data was passed to a CFNetServices function.
-72007LkCFNetServiceErrorTimeout
A search failed because it timed out.
-73000LkCFNetServiceErrorDNSServiceFailure
An error from DNS look at kCFDNSServiceFailureKey to get the error number and interpret using dnssd.h
Having scrolled down through that huge table, you might be expecting the usual NSHipster philosophical wrap-up. Not this week. Do you have any idea how long it took to compile that table? It&s all, like, NSRepetitiveStrainInjury up in here.
Such are the error of my ways.
NSMutableHipster
Questions? Corrections?
are always welcome — NSHipster is made better by readers like you.
Find status information for all articles on the .
Follow NSHipster
Written by
() is a writer and developer from the Rustbelt.
Next Article
Launch Arguments &Environment Variables
There are a number of options that can be passed into a target&s scheme to enable useful debugging behavior, but like a fast food secret menu, they&re obscure and widely unknown.
Related Articles
Questions? Corrections?
NSHipster.com is released under a .}
我要回帖
更多关于 cf是什么 的文章
- ·CF中爆点cf是什么么意思
- ·都来看看CF商城卖些什么东西?这些cf是什么么?
- ·cf体验服cf是什么么?
- ·CF的最高境界cf是什么么
- ·CF下面一个模式cf是什么么模式
- ·cf是什么游戏啊
- ·CF最加经验的cf是什么么模式
- ·cf加速的辅助cf是什么么
- ·cfcfyy是什么意思怎样打开
- ·CF里鬼跳和超级跳有什么区别?具体操作键cf是什么么??
- ·进入CF提示下边图片cf是什么么意思?
- ·现在CF所出的所有人物的效果cf是什么么?
- ·cf体验服最新版本cf是什么么
- ·cf进频道时说此ID已登陆cf是什么么意思
- ·现在7月份最新的耍CF点教程cf是什么么?
- ·CF能够做名字的特殊字符cf是什么么?
- ·Unknown_krror_2cf是什么么意思 是我登陆 CF出现的
- ·CF对换卷cf是什么么怎么找不到
- ·CF体验服TAG密码cf是什么么不懂别乱说
- ·cfcfg桩是什么么啊东西啊
- ·cf挑战8人房cf是什么么意思
- ·破处cf是什么么意思?我玩CF的时候,经常有...
- ·cf fice watchercf是什么么意...
- ·CF里Galilcf是什么么抢?
- ·cf 上一代cf是什么么
- ·CF这个游戏的意义cf是什么么
- ·CF (青春炫耀)的英语cf是什么么? (青春闪耀)的英语cf是什么…
- ·CF登录性息有误cf是什么么意思?
- ·CFcf新地图是什么模式啊。这款游戏好玩吗
- ·CF这是啥
- ·CFcf是什么CF
- ·cf名字cf是什么么
- ·cf中秋节战起来网址cf是什么么
- ·为什么我家玩CF一按F7~F9就会调分辨率,这cf是什么么情…
- ·CF有种步伐和滑步一样那cf是什么么步伐啊 如何走啊
- ·今天最新的cf辅助cf是什么么
- ·CF 线下赛cf是什么么意思
- ·cf补丁程序已在运行cf是什么么意思
- ·cf 最好的角色cf是什么么?
- ·CF百城联赛中规定不能使用急救包,急救包指的cf是什么么…
- ·CF等级最高cf是什么么
- ·cf体验服比赛的密码cf是什么么?
- ·CF RScf是什么么 进不去
- ·cf file watchercf是什么么意
- ·我是CF浙江1区的下士一枚,有点跑酷经验,也曾调戏15个红色肌肉男过/由于经验不足,训练不够。
更多推荐
- ·2部电话和1台买电风扇扇一共400元,同样的1部电话和1台买电风扇扇300元,一台买电风扇扇多少钱′?
- ·联通的卡电话欠费多久会被注销几个月后会自动注销呢?
- ·沈阳盛京通公交卡可以坐地铁吗异型卡能用手机充钱么?买它合适么?
- ·听说华硕z790a吹雪是不是丐版吹雪主板升级了?性能怎么样?
- ·对于水垢问题,你能推荐一款效果好的什么净水器可以去水垢吗?
- ·塞纳波一般都是塞纳里奥怎么死的的~
- ·冠铭一卡通(99193com)的卡可以充征途2吗? 在线等好快
- ·极品飞车14配置要求需求
- ·我卡 进蓝沫游戏网 蓝条!!!!怎么解决?
- ·能够进入劲舞团个性房间名的房间里,可是一开始游戏就掉,显示没有下...
- ·帮我qs一下吧
- ·有多少钱在win7玩cfF
- ·非仙勿扰刷元宝代码怎么刷灵石,而且我装备不好…
- ·空之轨迹3rd修改器 玲的机器人 怎么拿 ? 具体点谢谢!!!
- ·炫舞的炫舞名字可以多长不填麽?
- ·极品兑换卡eb怎么获得
- ·请借一个迅雷7VIP号 迅雷下载魔兽兽啊.. 可以加...分 绝对…
- ·苞做双眼皮手术多少钱钱
- ·S2反向太空蜿蜒跑道s2极限跳跃
- ·Unknown_krror_2cf是什么么意思 是我登陆 CF出现的
- ·陕一谁借我50W啊,5天内还,急用钱!!!绝对还钱,骗…
- ·腾讯新游戏的游戏哪个点机率最高
- ·PSP模拟器玩psp游戏王卡片力量23卡住 刚开始和校长对完…
- ·魔兽争霸常用快捷键3里血条有没有快捷键?
- ·七雄争霸蓝钻七雄礼包君主升级的点卷这个任务在那能找到
- ·CFcf游戏名字符号,昂扣,在加点符号什么的
- ·迷你忍者 打开一打开就是这个
- ·地下城法驱加化魔后要不要加力驱缓慢愈合合?
- ·谁帮qq飞车刷车工具级?
- ·上海卢湾婚纱摄影哪家好,卢湾成都哪家拍婚纱照好哪里好?能不...
- ·2012安徽二本投档线医科大临床医学院2011投档线
- ·怎样从上海客运总站时刻表到松江区的上海城市科技学院
- ·上海武警总队城市交通行政执法总队 地址 急急!!
- ·闸北区共和新路街道中山北路814弄属于什么街道 什么居委会
