summaryrefslogtreecommitdiffstats
path: root/src/lockdown.c
diff options
context:
space:
mode:
authorGravatar Nikias Bassen2009-11-29 16:04:18 +0100
committerGravatar Martin Szulecki2009-11-30 13:16:16 +0100
commit444b4d94afa6ff15129922f0dc2b82ae69deeac8 (patch)
tree841c2aa6fdebc6201721bb8bf0980f9853c788f1 /src/lockdown.c
parentd908c99c68c1722b8122e5d26c67ad614035aa25 (diff)
downloadlibimobiledevice-444b4d94afa6ff15129922f0dc2b82ae69deeac8.tar.gz
libimobiledevice-444b4d94afa6ff15129922f0dc2b82ae69deeac8.tar.bz2
Evaluate EnableSessionSSL key on session startup
This is required if the device does not send the EnableSessionSSL:true key-value pair in the answer to the StartSession request.
Diffstat (limited to 'src/lockdown.c')
-rw-r--r--src/lockdown.c20
1 files changed, 18 insertions, 2 deletions
diff --git a/src/lockdown.c b/src/lockdown.c
index d147f75..b182706 100644
--- a/src/lockdown.c
+++ b/src/lockdown.c
@@ -971,7 +971,8 @@ lockdownd_error_t lockdownd_gen_pair_cert(gnutls_datum_t public_key, gnutls_datu
return ret;
}
-/** Starts SSL communication with lockdownd after the iPhone has been paired.
+/** Starts communication with lockdownd after the iPhone has been paired,
+ * and if the device requires it, switches to SSL mode.
*
* @param client The lockdownd client
* @param HostID The HostID used with this phone
@@ -1038,9 +1039,24 @@ lockdownd_error_t lockdownd_start_ssl_session(lockdownd_client_t client, const c
}
ret = LOCKDOWN_E_SSL_ERROR;
+
+ int session_ok = 0;
+ uint8_t UseSSL = 0;
+
if (lockdown_check_result(dict, "StartSession") == RESULT_SUCCESS) {
+ plist_t enable_ssl = plist_dict_get_item(dict, "EnableSessionSSL");
+ if (enable_ssl && (plist_get_node_type(enable_ssl) == PLIST_BOOLEAN)) {
+ plist_get_bool_val(enable_ssl, &UseSSL);
+ }
+ log_dbg_msg(DBGMASK_LOCKDOWND, "%s: Session startup OK\n", __func__);
+ session_ok = 1;
+ }
+ if (session_ok && !UseSSL) {
+ client->in_SSL = 0;
+ ret = LOCKDOWN_E_SUCCESS;
+ } else if (session_ok) {
// Set up GnuTLS...
- log_dbg_msg(DBGMASK_LOCKDOWND, "%s: started the session OK, now trying GnuTLS\n", __func__);
+ log_dbg_msg(DBGMASK_LOCKDOWND, "%s: Switching to SSL mode\n", __func__);
errno = 0;
gnutls_global_init();
//gnutls_anon_allocate_client_credentials(&anoncred);