diff options
| author | 2023-12-12 11:13:58 +0100 | |
|---|---|---|
| committer | 2023-12-12 11:13:58 +0100 | |
| commit | 9ecd81d16cf0754c3a4a72ea45422c51482d50ba (patch) | |
| tree | 0d5cfb4d16769ff82a2cd449f13847a347307be6 /cython/lockdown.pxi | |
| parent | 04c023317f616b4b9588cce8c2da3174a7d2086b (diff) | |
| download | libimobiledevice-9ecd81d16cf0754c3a4a72ea45422c51482d50ba.tar.gz libimobiledevice-9ecd81d16cf0754c3a4a72ea45422c51482d50ba.tar.bz2 | |
Fix iOS 1 SSL connection
Detect if we're talking to iOS 1 `if (connection->device->version == 0)`
and set `SSL_CTX_set_min_proto_version(ssl_ctx, 0);` to support SSL3.
iOS 1 doesn't understand TLS1_VERSION, it can only speak SSL3_VERSION.
However, modern OpenSSL is usually compiled without SSLv3 support.
So if we set min_proto_version to SSL3_VERSION on an OpenSSL instance which doesn't support it,
it will just ignore min_proto_version altogether and fall back to an even higher version.
To avoid accidentally breaking iOS 2.0+, we set min version to 0 instead.
Diffstat (limited to 'cython/lockdown.pxi')
0 files changed, 0 insertions, 0 deletions
