From 0f56484b9077207e43233a900a8f2fbb63d10c25 Mon Sep 17 00:00:00 2001
From: Mikkel Krautz <mikkel@krautz.dk>
Date: Sun, 3 Sep 2017 18:04:51 +0200
Subject: MKConnection: use kCFStreamSocketSecurityLevelNegotiatedSSL for
 kCFStreamSSLLevel to allow for TLS > 1.0.

---
 src/MKConnection.m | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/MKConnection.m b/src/MKConnection.m
index 2c546e6..aeca86f 100644
--- a/src/MKConnection.m
+++ b/src/MKConnection.m
@@ -502,7 +502,7 @@ static void MKConnectionUDPCallback(CFSocketRef sock, CFSocketCallBackType type,
                                                                      &kCFTypeDictionaryKeyCallBacks,
                                                                      &kCFTypeDictionaryValueCallBacks);
     if (sslDictionary) {
-        CFDictionaryAddValue(sslDictionary, kCFStreamSSLLevel, kCFStreamSocketSecurityLevelTLSv1);
+        CFDictionaryAddValue(sslDictionary, kCFStreamSSLLevel, kCFStreamSocketSecurityLevelNegotiatedSSL);
         CFDictionaryAddValue(sslDictionary, kCFStreamSSLValidatesCertificateChain, _ignoreSSLVerification ? kCFBooleanFalse : kCFBooleanTrue);
         
         if (_certificateChain) {
-- 
cgit v1.2.3