summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGravatar Author: Frederik Carlier2020-06-13 01:50:17 +0200
committerGravatar Nikias Bassen2020-06-13 01:50:17 +0200
commitf56a65f7bc08de0cd9bc5c1e4683b1d0c671b767 (patch)
treeae761b7360d35d721082f8142a2fe5475a5b4eb3
parent35cbcbc9327df22a7d33c5c7c08b01f6971fa1f3 (diff)
downloadlibimobiledevice-f56a65f7bc08de0cd9bc5c1e4683b1d0c671b767.tar.gz
libimobiledevice-f56a65f7bc08de0cd9bc5c1e4683b1d0c671b767.tar.bz2
Allow OpenSSL >= 1.1.0 to use older/disallowed TLS versions
-rw-r--r--src/idevice.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/src/idevice.c b/src/idevice.c
index 18487aa..fea1e03 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -922,7 +922,7 @@ static const char *ssl_error_to_string(int e)
case SSL_ERROR_NONE:
return "SSL_ERROR_NONE";
case SSL_ERROR_SSL:
- return "SSL_ERROR_SSL";
+ return ERR_error_string(ERR_get_error(), NULL);
case SSL_ERROR_WANT_READ:
return "SSL_ERROR_WANT_READ";
case SSL_ERROR_WANT_WRITE:
@@ -1015,6 +1015,10 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
return ret;
}
+#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+ SSL_CTX_set_security_level(ssl_ctx, 0);
+#endif
+
#if OPENSSL_VERSION_NUMBER < 0x10100002L || \
(defined(LIBRESSL_VERSION_NUMBER) && (LIBRESSL_VERSION_NUMBER < 0x2060000fL))
/* force use of TLSv1 for older devices */