diff options
author | Nikias Bassen | 2009-11-29 16:04:18 +0100 |
---|---|---|
committer | Martin Szulecki | 2009-11-30 13:16:16 +0100 |
commit | 444b4d94afa6ff15129922f0dc2b82ae69deeac8 (patch) | |
tree | 841c2aa6fdebc6201721bb8bf0980f9853c788f1 | |
parent | d908c99c68c1722b8122e5d26c67ad614035aa25 (diff) | |
download | libimobiledevice-444b4d94afa6ff15129922f0dc2b82ae69deeac8.tar.gz libimobiledevice-444b4d94afa6ff15129922f0dc2b82ae69deeac8.tar.bz2 |
Evaluate EnableSessionSSL key on session startup
This is required if the device does not send the EnableSessionSSL:true
key-value pair in the answer to the StartSession request.
-rw-r--r-- | src/lockdown.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/src/lockdown.c b/src/lockdown.c index d147f75..b182706 100644 --- a/src/lockdown.c +++ b/src/lockdown.c @@ -971,7 +971,8 @@ lockdownd_error_t lockdownd_gen_pair_cert(gnutls_datum_t public_key, gnutls_datu return ret; } -/** Starts SSL communication with lockdownd after the iPhone has been paired. +/** Starts communication with lockdownd after the iPhone has been paired, + * and if the device requires it, switches to SSL mode. * * @param client The lockdownd client * @param HostID The HostID used with this phone @@ -1038,9 +1039,24 @@ lockdownd_error_t lockdownd_start_ssl_session(lockdownd_client_t client, const c } ret = LOCKDOWN_E_SSL_ERROR; + + int session_ok = 0; + uint8_t UseSSL = 0; + if (lockdown_check_result(dict, "StartSession") == RESULT_SUCCESS) { + plist_t enable_ssl = plist_dict_get_item(dict, "EnableSessionSSL"); + if (enable_ssl && (plist_get_node_type(enable_ssl) == PLIST_BOOLEAN)) { + plist_get_bool_val(enable_ssl, &UseSSL); + } + log_dbg_msg(DBGMASK_LOCKDOWND, "%s: Session startup OK\n", __func__); + session_ok = 1; + } + if (session_ok && !UseSSL) { + client->in_SSL = 0; + ret = LOCKDOWN_E_SUCCESS; + } else if (session_ok) { // Set up GnuTLS... - log_dbg_msg(DBGMASK_LOCKDOWND, "%s: started the session OK, now trying GnuTLS\n", __func__); + log_dbg_msg(DBGMASK_LOCKDOWND, "%s: Switching to SSL mode\n", __func__); errno = 0; gnutls_global_init(); //gnutls_anon_allocate_client_credentials(&anoncred); |