From c782abbeb204156d30ecbb902915d1eaf9b10f9e Mon Sep 17 00:00:00 2001 From: Ignacio Valdivieso Date: Thu, 31 May 2012 03:46:43 -0300 Subject: [PATCH] Fixed SSL validation error in IOS 5.0.1 by setting kCFStreamSSLLevel to @"kCFStreamSocketSecurityLevelTLSv1_0SSLv3" --- Classes/ASIHTTPRequest.m | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) diff --git a/Classes/ASIHTTPRequest.m b/Classes/ASIHTTPRequest.m index 8dd162c3..1e8c2bcf 100644 --- a/Classes/ASIHTTPRequest.m +++ b/Classes/ASIHTTPRequest.m @@ -1212,17 +1212,30 @@ - (void)startRequest // see: http://iphonedevelopment.blogspot.com/2010/05/nsstream-tcp-and-ssl.html NSDictionary *sslProperties = [[NSDictionary alloc] initWithObjectsAndKeys: - [NSNumber numberWithBool:YES], kCFStreamSSLAllowsExpiredCertificates, - [NSNumber numberWithBool:YES], kCFStreamSSLAllowsAnyRoot, - [NSNumber numberWithBool:NO], kCFStreamSSLValidatesCertificateChain, - kCFNull,kCFStreamSSLPeerName, - nil]; + [NSNumber numberWithBool:YES], kCFStreamSSLAllowsExpiredCertificates, + [NSNumber numberWithBool:YES], kCFStreamSSLAllowsAnyRoot, + [NSNumber numberWithBool:NO], kCFStreamSSLValidatesCertificateChain, + kCFNull,kCFStreamSSLPeerName, + @"kCFStreamSocketSecurityLevelTLSv1_0SSLv3", kCFStreamSSLLevel, + nil]; CFReadStreamSetProperty((CFReadStreamRef)[self readStream], kCFStreamPropertySSLSettings, (CFTypeRef)sslProperties); [sslProperties release]; - } + }else { + NSDictionary *sslProperties = [[NSDictionary alloc] initWithObjectsAndKeys: + [NSNumber numberWithBool:NO], kCFStreamSSLAllowsExpiredCertificates, + [NSNumber numberWithBool:NO], kCFStreamSSLAllowsAnyRoot, + [NSNumber numberWithBool:YES], kCFStreamSSLValidatesCertificateChain, + @"kCFStreamSocketSecurityLevelTLSv1_0SSLv3", kCFStreamSSLLevel, + nil]; + + CFReadStreamSetProperty((CFReadStreamRef)[self readStream], + kCFStreamPropertySSLSettings, + (CFTypeRef)sslProperties); + [sslProperties release]; + } // Tell CFNetwork to use a client certificate if (clientCertificateIdentity) {