Skip to content

Commit

Permalink
Patched issue pokeb#263 - (can't revert 'validatesSecureCertificate' …
Browse files Browse the repository at this point in the history
…once set to 'NO' on new requests)
  • Loading branch information
ikarius committed Oct 5, 2011
1 parent f7fe5c7 commit 6600374
Showing 1 changed file with 22 additions and 10 deletions.
32 changes: 22 additions & 10 deletions Classes/ASIHTTPRequest.m
Original file line number Diff line number Diff line change
Expand Up @@ -1198,18 +1198,28 @@ - (void)startRequest
// Handle SSL certificate settings
//

if([[[[self url] scheme] lowercaseString] isEqualToString:@"https"]) {

NSMutableDictionary *sslProperties = [NSMutableDictionary dictionaryWithCapacity:1];

if([[[[self url] scheme] lowercaseString] isEqualToString:@"https"]) {

// Tell CFNetwork not to validate SSL certificates
if (![self validatesSecureCertificate]) {
[sslProperties setObject:(NSString *)kCFBooleanFalse forKey:(NSString *)kCFStreamSSLValidatesCertificateChain];
}

// see: http://iphonedevelopment.blogspot.com/2010/05/nsstream-tcp-and-ssl.html

NSDictionary *sslProperties = [[NSDictionary alloc] initWithObjectsAndKeys:
[NSNumber numberWithBool:YES], kCFStreamSSLAllowsExpiredCertificates,
[NSNumber numberWithBool:YES], kCFStreamSSLAllowsAnyRoot,
[NSNumber numberWithBool:NO], kCFStreamSSLValidatesCertificateChain,
kCFNull,kCFStreamSSLPeerName,
nil];

CFReadStreamSetProperty((CFReadStreamRef)[self readStream],
kCFStreamPropertySSLSettings,
(CFTypeRef)sslProperties);
}

// Tell CFNetwork to use a client certificate
if (clientCertificateIdentity) {

NSMutableDictionary *sslProperties = [NSMutableDictionary dictionaryWithCapacity:1];

NSMutableArray *certificates = [NSMutableArray arrayWithCapacity:[clientCertificates count]+1];

// The first object in the array is our SecIdentityRef
Expand All @@ -1219,10 +1229,12 @@ - (void)startRequest
for (id cert in clientCertificates) {
[certificates addObject:cert];
}

[sslProperties setObject:certificates forKey:(NSString *)kCFStreamSSLCertificates];

CFReadStreamSetProperty((CFReadStreamRef)[self readStream], kCFStreamPropertySSLSettings, sslProperties);
}

CFReadStreamSetProperty((CFReadStreamRef)[self readStream], kCFStreamPropertySSLSettings, sslProperties);

}

//
Expand Down

0 comments on commit 6600374

Please sign in to comment.