From 32d531a955b9a099e3418e84ef31f4b041974a4d Mon Sep 17 00:00:00 2001
From: Ruipu Ma
Date: Mon, 31 Jan 2022 12:06:52 +0800
Subject: idevice: Fix OpenSSL 3.0 internal error on read timeout

---
 src/idevice.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'src')

diff --git a/src/idevice.c b/src/idevice.c
index 3984583..5930db9 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -785,6 +785,10 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive_timeout(idevice_
 				int sslerr = SSL_get_error(connection->ssl_data->session, r);
 				if (sslerr == SSL_ERROR_WANT_READ) {
 					continue;
+				} else if (sslerr == SSL_ERROR_ZERO_RETURN) {
+					if (connection->status == IDEVICE_E_TIMEOUT) {
+						SSL_set_shutdown(connection->ssl_data->session, 0);
+					}
 				}
 				break;
 			}
@@ -1203,6 +1207,14 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
 		SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_VERSION);
 	}
 #endif
+#if (OPENSSL_VERSION_MAJOR >= 3) && defined(SSL_OP_IGNORE_UNEXPECTED_EOF)
+	/*
+	 * For OpenSSL 3 and later, mark close_notify alerts as optional.
+	 * For prior versions of OpenSSL we check for SSL_ERROR_SYSCALL when
+	 * reading instead (this error changes to SSL_ERROR_SSL in OpenSSL 3).
+	 */
+	SSL_CTX_set_options(ssl_ctx, SSL_OP_IGNORE_UNEXPECTED_EOF);
+#endif
 
 	BIO* membp;
 	X509* rootCert = NULL;
-- 
cgit v1.1-32-gdbae