introduces optional `idevice_connection_disable_ssl` with ability not to send SSL shutdown message. As in debugserver this message will be considered as GDB server communication and break things

3 files changed, 30 insertions, 15 deletions

diff --git a/src/debugserver.c b/src/debugserver.c
index 0b0d614..447a91e 100644
--- a/src/debugserver.c
+++ b/src/debugserver.c
@@ -78,7 +78,7 @@ LIBIMOBILEDEVICE_API debugserver_error_t debugserver_client_new(idevice_t device
 		debug_info("Creating base service client failed. Error: %i", ret);
 		return ret;
 	}
-	service_disable_ssl(parent);
+	service_disable_bypass_ssl(parent, 1);
 
 	debugserver_client_t client_loc = (debugserver_client_t) malloc(sizeof(struct debugserver_client_private));
 	client_loc->parent = parent;
diff --git a/src/idevice.c b/src/idevice.c
index 6b6a716..10d897f 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -1036,6 +1036,11 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
 
 LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_disable_ssl(idevice_connection_t connection)
 {
+	return idevice_connection_disable_bypass_ssl(connection, 0);
+}
+
+LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_disable_bypass_ssl(idevice_connection_t connection, uint8_t sslBypass)
+{
 	if (!connection)
 		return IDEVICE_E_INVALID_ARG;
 	if (!connection->ssl_data) {
@@ -1043,24 +1048,29 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_disable_ssl(idevice_conn
 		return IDEVICE_E_SUCCESS;
 	}
 
+	// some services require plain text communication after SSL handshake
+	// sending out SSL_shutdown will cause bytes
+	if (!sslBypass) {
 #ifdef HAVE_OPENSSL
-	if (connection->ssl_data->session) {
-		/* see: https://www.openssl.org/docs/ssl/SSL_shutdown.html#RETURN_VALUES */
-		if (SSL_shutdown(connection->ssl_data->session) == 0) {
-			/* Only try bidirectional shutdown if we know it can complete */
-			int ssl_error;
-			if ((ssl_error = SSL_get_error(connection->ssl_data->session, 0)) == SSL_ERROR_NONE) {
-				SSL_shutdown(connection->ssl_data->session);
-			} else  {
-				debug_info("Skipping bidirectional SSL shutdown. SSL error code: %i\n", ssl_error);
+		if (connection->ssl_data->session) {
+			/* see: https://www.openssl.org/docs/ssl/SSL_shutdown.html#RETURN_VALUES */
+			if (SSL_shutdown(connection->ssl_data->session) == 0) {
+				/* Only try bidirectional shutdown if we know it can complete */
+				int ssl_error;
+				if ((ssl_error = SSL_get_error(connection->ssl_data->session, 0)) == SSL_ERROR_NONE) {
+					SSL_shutdown(connection->ssl_data->session);
+				} else  {
+					debug_info("Skipping bidirectional SSL shutdown. SSL error code: %i\n", ssl_error);
+				}
 			}
 		}
-	}
 #else
-	if (connection->ssl_data->session) {
-		gnutls_bye(connection->ssl_data->session, GNUTLS_SHUT_RDWR);
-	}
+		if (connection->ssl_data->session) {
+			gnutls_bye(connection->ssl_data->session, GNUTLS_SHUT_RDWR);
+		}
 #endif
+	}
+
 	internal_ssl_cleanup(connection->ssl_data);
 	free(connection->ssl_data);
 	connection->ssl_data = NULL;
diff --git a/src/service.c b/src/service.c
index 1b9838d..88132d2 100644
--- a/src/service.c
+++ b/src/service.c
@@ -188,8 +188,13 @@ LIBIMOBILEDEVICE_API service_error_t service_enable_ssl(service_client_t client)
 
 LIBIMOBILEDEVICE_API service_error_t service_disable_ssl(service_client_t client)
 {
+	return service_disable_bypass_ssl(client, 0);
+}
+
+LIBIMOBILEDEVICE_API service_error_t service_disable_bypass_ssl(service_client_t client, uint8_t sslBypass)
+{
 	if (!client || !client->connection)
 		return SERVICE_E_INVALID_ARG;
-	return idevice_to_service_error(idevice_connection_disable_ssl(client->connection));
+	return idevice_to_service_error(idevice_connection_disable_bypass_ssl(client->connection, sslBypass));
 }