Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Merge pull request #264 from ikarius/master

issue #263 - proposed patch
  • Loading branch information...
commit c27b8f550f36744dde92a952c886071136082adf 2 parents f7fe5c7 + 6600374
@greenisus greenisus authored
Showing with 22 additions and 10 deletions.
  1. +22 −10 Classes/ASIHTTPRequest.m
View
32 Classes/ASIHTTPRequest.m
@@ -1198,18 +1198,28 @@ - (void)startRequest
// Handle SSL certificate settings
//
- if([[[[self url] scheme] lowercaseString] isEqualToString:@"https"]) {
-
- NSMutableDictionary *sslProperties = [NSMutableDictionary dictionaryWithCapacity:1];
-
+ if([[[[self url] scheme] lowercaseString] isEqualToString:@"https"]) {
+
// Tell CFNetwork not to validate SSL certificates
if (![self validatesSecureCertificate]) {
- [sslProperties setObject:(NSString *)kCFBooleanFalse forKey:(NSString *)kCFStreamSSLValidatesCertificateChain];
- }
-
+ // see: http://iphonedevelopment.blogspot.com/2010/05/nsstream-tcp-and-ssl.html
+
+ NSDictionary *sslProperties = [[NSDictionary alloc] initWithObjectsAndKeys:
+ [NSNumber numberWithBool:YES], kCFStreamSSLAllowsExpiredCertificates,
+ [NSNumber numberWithBool:YES], kCFStreamSSLAllowsAnyRoot,
+ [NSNumber numberWithBool:NO], kCFStreamSSLValidatesCertificateChain,
+ kCFNull,kCFStreamSSLPeerName,
+ nil];
+
+ CFReadStreamSetProperty((CFReadStreamRef)[self readStream],
+ kCFStreamPropertySSLSettings,
+ (CFTypeRef)sslProperties);
+ }
+
// Tell CFNetwork to use a client certificate
if (clientCertificateIdentity) {
-
+ NSMutableDictionary *sslProperties = [NSMutableDictionary dictionaryWithCapacity:1];
+
NSMutableArray *certificates = [NSMutableArray arrayWithCapacity:[clientCertificates count]+1];
// The first object in the array is our SecIdentityRef
@@ -1219,10 +1229,12 @@ - (void)startRequest
for (id cert in clientCertificates) {
[certificates addObject:cert];
}
+
[sslProperties setObject:certificates forKey:(NSString *)kCFStreamSSLCertificates];
+
+ CFReadStreamSetProperty((CFReadStreamRef)[self readStream], kCFStreamPropertySSLSettings, sslProperties);
}
-
- CFReadStreamSetProperty((CFReadStreamRef)[self readStream], kCFStreamPropertySSLSettings, sslProperties);
+
}
//
Please sign in to comment.
Something went wrong with that request. Please try again.