https://developer.apple.com/library/ios/technotes/tn2287/_index.html#//apple_ref/doc/uid/DTS40011309
https://github.com/pokeb/asi-http-request/pull/325
How to set the TLS protocol version on CFStream and CFHTTPStream.
// Use the following code to configure CFStream (e.g., CFStreamCreatePairWithSocketToHost) |
// or CFHTTPStream (e.g., CFReadStreamCreateForHTTPRequest) based read streams to connect |
// with specific TLS protocol versions. |
// Insert before calling CFReadStreamOpen(). |
|
const void* keys[] = { kCFStreamSSLLevel }; |
// New CFString values available only on iOS 5: |
// (if these values are used on versions before iOS 5, then will |
// default to max TLS 1.0, min SSLv3) |
// kCFStreamSocketSecurityLevelTLSv1_0SSLv3 configures max TLS 1.0, min SSLv3 |
// (same as default behavior on versions before iOS 5). |
// kCFStreamSocketSecurityLevelTLSv1_0 configures to use only TLS 1.0. |
// kCFStreamSocketSecurityLevelTLSv1_1 configures to use only TLS 1.1. |
// kCFStreamSocketSecurityLevelTLSv1_2 configures to use only TLS 1.2. |
const void* values[] = { CFSTR("kCFStreamSocketSecurityLevelTLSv1_0SSLv3") }; |
CFDictionaryRef sslSettingsDict = CFDictionaryCreate(kCFAllocatorDefault, keys, values, 1, |
&kCFTypeDictionaryKeyCallBacks, |
&kCFTypeDictionaryValueCallBacks); |
CFReadStreamSetProperty(myStream, kCFStreamPropertySSLSettings, sslSettingsDict); |
CFRelease(sslSettingsDict); |