@@ -1212,18 +1212,30 @@ - (void)startRequest
12121212 // see: http://iphonedevelopment.blogspot.com/2010/05/nsstream-tcp-and-ssl.html
12131213
12141214 NSDictionary *sslProperties = [[NSDictionary alloc ] initWithObjectsAndKeys:
1215- [NSNumber numberWithBool: YES ], kCFStreamSSLAllowsExpiredCertificates ,
1216- [NSNumber numberWithBool: YES ], kCFStreamSSLAllowsAnyRoot ,
1217- [NSNumber numberWithBool: NO ], kCFStreamSSLValidatesCertificateChain ,
1218- kCFNull ,kCFStreamSSLPeerName ,
1219- nil ];
1220-
1215+ [NSNumber numberWithBool: YES ], kCFStreamSSLAllowsExpiredCertificates ,
1216+ [NSNumber numberWithBool: YES ], kCFStreamSSLAllowsAnyRoot ,
1217+ [NSNumber numberWithBool: NO ], kCFStreamSSLValidatesCertificateChain ,
1218+ kCFNull ,kCFStreamSSLPeerName ,
1219+ @" kCFStreamSocketSecurityLevelTLSv1_0SSLv3 " , kCFStreamSSLLevel ,
1220+ nil ];
12211221 CFReadStreamSetProperty ((CFReadStreamRef)[self readStream ],
12221222 kCFStreamPropertySSLSettings ,
12231223 (CFTypeRef)sslProperties);
12241224 [sslProperties release ];
1225- }
1226-
1225+ } else {
1226+ NSDictionary *sslProperties = [[NSDictionary alloc ] initWithObjectsAndKeys:
1227+ [NSNumber numberWithBool: NO ], kCFStreamSSLAllowsExpiredCertificates ,
1228+ [NSNumber numberWithBool: NO ], kCFStreamSSLAllowsAnyRoot ,
1229+ [NSNumber numberWithBool: YES ], kCFStreamSSLValidatesCertificateChain ,
1230+ @" kCFStreamSocketSecurityLevelTLSv1_0SSLv3" kCFStreamSSLLevel ,
1231+ nil ];
1232+
1233+ CFReadStreamSetProperty ((CFReadStreamRef)[self readStream ],
1234+ kCFStreamPropertySSLSettings ,
1235+ (CFTypeRef)sslProperties);
1236+ [sslProperties release ];
1237+ }
1238+
12271239 // Tell CFNetwork to use a client certificate
12281240 if (clientCertificateIdentity) {
12291241 NSMutableDictionary *sslProperties = [NSMutableDictionary dictionaryWithCapacity: 1 ];
0 commit comments