summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorGravatar Demyan Kimitsa2019-10-10 11:57:06 +0300
committerGravatar Nikias Bassen2020-02-20 01:58:42 +0100
commite52ef954be27fb5a4bf6f7e769c33851483d0e80 (patch)
tree8b13ae05bb5643bf54106cdab276141210c2b109 /src
parent56527f070cefbbddf392ba3897e3318fc2f2db9f (diff)
downloadlibimobiledevice-e52ef954be27fb5a4bf6f7e769c33851483d0e80.tar.gz
libimobiledevice-e52ef954be27fb5a4bf6f7e769c33851483d0e80.tar.bz2
introduces optional `idevice_connection_disable_ssl` with ability not to send SSL shutdown message. As in debugserver this message will be considered as GDB server communication and break things
Diffstat (limited to 'src')
-rw-r--r--src/debugserver.c2
-rw-r--r--src/idevice.c36
-rw-r--r--src/service.c7
3 files changed, 30 insertions, 15 deletions
diff --git a/src/debugserver.c b/src/debugserver.c
index 0b0d614..447a91e 100644
--- a/src/debugserver.c
+++ b/src/debugserver.c
@@ -78,7 +78,7 @@ LIBIMOBILEDEVICE_API debugserver_error_t debugserver_client_new(idevice_t device
debug_info("Creating base service client failed. Error: %i", ret);
return ret;
}
- service_disable_ssl(parent);
+ service_disable_bypass_ssl(parent, 1);
debugserver_client_t client_loc = (debugserver_client_t) malloc(sizeof(struct debugserver_client_private));
client_loc->parent = parent;
diff --git a/src/idevice.c b/src/idevice.c
index 6b6a716..10d897f 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -1036,6 +1036,11 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_disable_ssl(idevice_connection_t connection)
{
+ return idevice_connection_disable_bypass_ssl(connection, 0);
+}
+
+LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_disable_bypass_ssl(idevice_connection_t connection, uint8_t sslBypass)
+{
if (!connection)
return IDEVICE_E_INVALID_ARG;
if (!connection->ssl_data) {
@@ -1043,24 +1048,29 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_disable_ssl(idevice_conn
return IDEVICE_E_SUCCESS;
}
+ // some services require plain text communication after SSL handshake
+ // sending out SSL_shutdown will cause bytes
+ if (!sslBypass) {
#ifdef HAVE_OPENSSL
- if (connection->ssl_data->session) {
- /* see: https://www.openssl.org/docs/ssl/SSL_shutdown.html#RETURN_VALUES */
- if (SSL_shutdown(connection->ssl_data->session) == 0) {
- /* Only try bidirectional shutdown if we know it can complete */
- int ssl_error;
- if ((ssl_error = SSL_get_error(connection->ssl_data->session, 0)) == SSL_ERROR_NONE) {
- SSL_shutdown(connection->ssl_data->session);
- } else {
- debug_info("Skipping bidirectional SSL shutdown. SSL error code: %i\n", ssl_error);
+ if (connection->ssl_data->session) {
+ /* see: https://www.openssl.org/docs/ssl/SSL_shutdown.html#RETURN_VALUES */
+ if (SSL_shutdown(connection->ssl_data->session) == 0) {
+ /* Only try bidirectional shutdown if we know it can complete */
+ int ssl_error;
+ if ((ssl_error = SSL_get_error(connection->ssl_data->session, 0)) == SSL_ERROR_NONE) {
+ SSL_shutdown(connection->ssl_data->session);
+ } else {
+ debug_info("Skipping bidirectional SSL shutdown. SSL error code: %i\n", ssl_error);
+ }
}
}
- }
#else
- if (connection->ssl_data->session) {
- gnutls_bye(connection->ssl_data->session, GNUTLS_SHUT_RDWR);
- }
+ if (connection->ssl_data->session) {
+ gnutls_bye(connection->ssl_data->session, GNUTLS_SHUT_RDWR);
+ }
#endif
+ }
+
internal_ssl_cleanup(connection->ssl_data);
free(connection->ssl_data);
connection->ssl_data = NULL;
diff --git a/src/service.c b/src/service.c
index 1b9838d..88132d2 100644
--- a/src/service.c
+++ b/src/service.c
@@ -188,8 +188,13 @@ LIBIMOBILEDEVICE_API service_error_t service_enable_ssl(service_client_t client)
LIBIMOBILEDEVICE_API service_error_t service_disable_ssl(service_client_t client)
{
+ return service_disable_bypass_ssl(client, 0);
+}
+
+LIBIMOBILEDEVICE_API service_error_t service_disable_bypass_ssl(service_client_t client, uint8_t sslBypass)
+{
if (!client || !client->connection)
return SERVICE_E_INVALID_ARG;
- return idevice_to_service_error(idevice_connection_disable_ssl(client->connection));
+ return idevice_to_service_error(idevice_connection_disable_bypass_ssl(client->connection, sslBypass));
}