idevice: Fix OpenSSL 3.0 internal error on read timeout

1 files changed, 12 insertions, 0 deletions

diff --git a/src/idevice.c b/src/idevice.c
index 3984583..5930db9 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -785,6 +785,10 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive_timeout(idevice_
                                 int sslerr = SSL_get_error(connection->ssl_data->session, r);
                                 if (sslerr == SSL_ERROR_WANT_READ) {
                                         continue;
+                                } else if (sslerr == SSL_ERROR_ZERO_RETURN) {
+                                        if (connection->status == IDEVICE_E_TIMEOUT) {
+                                                SSL_set_shutdown(connection->ssl_data->session, 0);
+                                        }
                                 }
                                 break;
                         }
@@ -1203,6 +1207,14 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
                 SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_VERSION);
         }
 #endif
+#if (OPENSSL_VERSION_MAJOR >= 3) && defined(SSL_OP_IGNORE_UNEXPECTED_EOF)
+        /*
+         * For OpenSSL 3 and later, mark close_notify alerts as optional.
+         * For prior versions of OpenSSL we check for SSL_ERROR_SYSCALL when
+         * reading instead (this error changes to SSL_ERROR_SSL in OpenSSL 3).
+         */
+        SSL_CTX_set_options(ssl_ctx, SSL_OP_IGNORE_UNEXPECTED_EOF);
+#endif
 
         BIO* membp;
         X509* rootCert = NULL;