diff options
Diffstat (limited to 'src/idevice.c')
| -rw-r--r-- | src/idevice.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/src/idevice.c b/src/idevice.c index 794af8b..38fc015 100644 --- a/src/idevice.c +++ b/src/idevice.c | |||
| @@ -789,6 +789,18 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne | |||
| 789 | return ret; | 789 | return ret; |
| 790 | } | 790 | } |
| 791 | 791 | ||
| 792 | /* force use of TLSv1 */ | ||
| 793 | #ifdef SSL_OP_NO_TLSv1_1 | ||
| 794 | int opts = SSL_OP_NO_TLSv1_1; | ||
| 795 | #ifdef SSL_OP_NO_TLSv1_2 | ||
| 796 | opts |= SSL_OP_NO_TLSv1_2; | ||
| 797 | #endif | ||
| 798 | #ifdef SSL_OP_NO_TLSv1_3 | ||
| 799 | opts |= SSL_OP_NO_TLSv1_3; | ||
| 800 | #endif | ||
| 801 | SSL_CTX_set_options(ssl_ctx, SSL_OP_ALL | opts); | ||
| 802 | #endif | ||
| 803 | |||
| 792 | BIO* membp; | 804 | BIO* membp; |
| 793 | X509* rootCert = NULL; | 805 | X509* rootCert = NULL; |
| 794 | membp = BIO_new_mem_buf(root_cert.data, root_cert.size); | 806 | membp = BIO_new_mem_buf(root_cert.data, root_cert.size); |
| @@ -832,7 +844,7 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne | |||
| 832 | ssl_data_loc->ctx = ssl_ctx; | 844 | ssl_data_loc->ctx = ssl_ctx; |
| 833 | connection->ssl_data = ssl_data_loc; | 845 | connection->ssl_data = ssl_data_loc; |
| 834 | ret = IDEVICE_E_SUCCESS; | 846 | ret = IDEVICE_E_SUCCESS; |
| 835 | debug_info("SSL mode enabled, cipher: %s", SSL_get_cipher(ssl)); | 847 | debug_info("SSL mode enabled, %s, cipher: %s", SSL_get_version(ssl), SSL_get_cipher(ssl)); |
| 836 | } | 848 | } |
| 837 | /* required for proper multi-thread clean up to prevent leaks */ | 849 | /* required for proper multi-thread clean up to prevent leaks */ |
| 838 | openssl_remove_thread_state(); | 850 | openssl_remove_thread_state(); |