Introduction to Push notification in iPhone

Source: Internet
Author: User
Tags ssl certificate

IPhoneMediumPushFunction Principle push notification is the content to be introduced in this article, mainly aboutPUSHFor more information, see this article.

Push Principle

(The vast majority of the content below is fromIPhoneOS Reference Library)

Mechanism Overview

PushCan be simply summarized

In the figure,

Provider refers to the Push server of an iPhone software.

APNS is the abbreviation of Apple Push Notification Service (Apple Push server.

As a result, the entire process can be divided into three stages. Below we will describe the common chat client BeejiveIM. (BeejiveIM is an iPhone chat client that supports multiple account logon and supports Push, such as MSN and Google Talk)

At this time, the Provider is the BeejiveIM server. We log on to MSN on BeejiveIM. In fact, the software first sends the login information to the BeejiveIM server, and then logs on to MSN through its server. Therefore, when I close BeejiveIM, The BeejiveIM server will continue to log on to MSN for me. If someone sends a message to my MSN account, the Push will be triggered. At this point:

Stage 1: The BeejiveIM server packs the message to be sent and the ID of the target iPhone and sends it to APNS.

Stage 2: APNS searches for the iPhone with the corresponding identifier in its registered Push Service iPhone list and sends the message to the iPhone.

Stage 3: The iPhone transmits the sent message to the corresponding application, and a Push notification is displayed according to the settings.

Push Authentication

Many friends say that Push cannot be used. Most of them are problems in the authentication phase. Want to know why? Please refer to the following details:

The authentication mechanism mentioned here actually contains two layers. One layer is the authentication on the physical connection, and the other layer is the authentication involving the iPhone token.

Authentication on physical connections: SSL/TLS links

(If you know TLS, I hardly need to introduce it here .)

When Push is enabled, the iPhone connects to APNS to establish a TLS encrypted link. Each normal iPhone has a unique device certificate, and APNS also has a server certificate. When the two are established, they will verify the validity of each other's certificates.

Once a TLS link is established and there is no data, you only need to perform a live handshake every 15 minutes, so there is almost no traffic. Once the link is interrupted due to unexpected reasons, the iPhone will try again to establish a TLS link until the connection is successful.

Higher level: token-based authentication

In the mechanism introduction, I mentioned that APNS determines which iPhone to send a Push message based on a "target iPhone ID", which is the device token ).

How is a device token generated? It is the unique device certificate (unique device certificate) of each normal iPhone that we mentioned in the previous layer (TLS layer) of APNS each time a TLS connection is established ), encrypted with the token key.

After the token is generated, APNS returns the device token to the iPhone, and the corresponding Push application (such as BeejiveIM ), the device token returned is directly sent to the Provider (such as BeejiveIM server ). In this way, when the Provider has a Push message to send, it will send the device token and message of the corresponding account to APNS, APNS then finds the iPhone with the corresponding TLS link based on the device token and sends the corresponding Push message.

The above complex process can be summarized into the following figure:

In the figure, the Client App is a Push application on the iPhone. (In the figure, a link from Provider to APNS is missing (when a Push message exists)

The most important part is the unique device certificate and key of each iPhone.

After a normal iPhone has been flushed to the system, there is no device certificate or key. This is why the iPhone needs to be connected to iTunes for activation. During the activation process, Apple will assign a unique device certificate and key to each iPhone ).

The above section only describes how to establish a connection from iPhone to APNS. In fact, there is also a TLS link from Provider to APNS, but it has little to do with this article, so I will not discuss it more.

Where is the PUSH problem?

I believe many of you have such questions.

As mentioned above, iPhone Push requires APNS to generate a device token for the corresponding iPhone, but generating this token requires a valid device certificate (device certificate) on the iPhone) and key,:

IPhone OS 3.X uses blacksn0w for unlocking without going through iT

Unes, and blacksn0w itself does not generate the corresponding device certificate and key. Therefore, it is impossible for the unlocked iPhone to establish any TLS link with APNS, push is useless.

Various pushfix Patches

The only way to fix this problem is to regenerate the unique and valid device certificate and key ).

But you need to know that the certificate is issued by the organization. A certificate that you just get will only be considered invalid by APNS. (You can check the cost of an SSL certificate)

In addition, the corresponding file seems to be related to some content of the iPhone, not directly prepared files can be put in.

As a result, the dev team launched a beta version patch and pushed fix by dev team (published on twitter, so there is no message on the official website ). This patch is effective at the initial stage. However, it is normal only on the iPhone 2G.

Then someone released pushfix 1.0. Different generation methods are used, so the new iPhone version works normally. So popular.

However, both patches have serious risks-they use a fixed certificate as a device certificate ). Therefore, the difference between different iPhones is that the generated keys are different. (To be confirmed)

As mentioned above, APNS uses device certificate and key to generate a unique device token to identify each iPhone.

However, when the device certificates (device certificate) of multiple iPhones are identical, there is a certain probability that multiple iPhones will receive the same device token)

As the number of users of these two patches increases, the number of iPhones with the same device token increases significantly.

When the Push of the same application is enabled on these iPhone devices with the same device token, it is very likely that the Push strings are sent to each other. -For example, N people in a forum complain that QQ is pushed to another iPhone.

Then, the author of Pushfix claimed that he could create a unique device certificate and key for each iPhone operator, and began to provide paid services, and finally launched the paid Pushfix 2.0-the principle of its installation through cydia is to connect to the pushfix site online during installation to check whether the imei of the corresponding iPhone is paid and then automatically download the corresponding certificate.

Although I don't know how he made these certificates. However, according to Xiao's verification, the certificate he created is indeed valid. The Push problem is fixed.

After that, a patch called Pushfix_D appeared on a forum, claiming that the problem can be fixed directly without payment. However,

Considering some situations, I decided to publish the judgment on Pushfix_D in English. Of course, the producer must be clear about the following :)

 
 
  1. it contains the same released push keys from back in July 2009. Everybody gets the same key,  
  2.  so it is going to have all the same problems of ALL the free push fixes.   
  3. Push isn't going to work very long and it is going to drain your battery. 

Other errors

Why can't I push my iPhone under cmwap ?!

Yes, this is completely normal. Within the wap network, TLS connections cannot be successfully established.

Why can't I push my iPhone under Wi-Fi ?!

In fact, the iPhone is not compatible with some wireless routers. If the DNS forwarding function is enabled on the wireless router, it is very likely that your iPhone cannot establish a TLS link with the APNS server.

Solution:

Disable the DNS forwarding function of the wireless router and manually set the DNS to 8.8.8.8 for the iPhone's wi-fi connection.

In fact, this is why the iPhone is hot and consumes a lot of power when it is connected to wi-fi and cannot receive a Push. Because the iPhone will constantly try to establish TLS connections.

How do I know if my Push is successfully cracked?

A simple method is to install Twitbird Pro. On its Accounts page, the Push registration status of the current software is displayed.

Or you can use software such as WinSCP to view

 
 
  1. /var/mobile/Library/Preferences/com.apple.apsd.plist 

File status.

If the size is 119 bytes, it indicates that the iPhone has successfully obtained the device token and saved it in the file.

If it is smaller than the size, it indicates that the iPhone has been connected to APNS, but the device token is not obtained ).

If this file does not exist, it indicates that the iPhone has not been successfully connected to APNS.

Other noteworthy issues

The Push mechanism of iPod Touch is different from that of iPhone. You can check the Push mechanism once every 15 minutes after the screen is locked. Therefore, do not use the check mark above.

When APNS sends a Push message, if the corresponding iPhone link is interrupted, the Push message will be sent several minutes later. After more than one time, the Push message will be deleted. Therefore, pay attention to whether your network conditions affect normal Push operations.

As mentioned above, device tokens for each iPhone are stored in the/var/mobile/Library/Preferences/com. apple. apsd. plist file. This is why we recommend that you delete the Push program and delete the file every time you reinstall the push patch.

If you use the EDGE switch of sbsettings to disable EDGE, but do not disable Push, the iPhone will constantly try to establish a TLS connection and eventually consume power. Therefore, if you do not plan or cannot use Push, disable the Push option.

For softwarePushFor the server (Provider), Wi-Fi is the same as the mobile network, and there is no difference in Push processing.

Although it has been explained clearly, it is still clear that as long as the TLS connection is normal, the Push Service is real-time and the speed is only dependent on the Provider.

Digress, The directmail on the iPhone isPushThe Mail technology is completely different from the Push mentioned in this article. Please refer to the Exchange Direct Push related content.

In a word, if you thinkPushIt is useless. It only means that you have little knowledge. You can view some support on the following pagePushExcellent Software.

Http://appadvice.com/applists/show/definitive-list-of-push-capable-apps

Summary: IntroductionIPhoneMediumPushI hope this article will be helpful to you.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.