iDevice GnuTLS issue with iOS 4.2 - libimobiledevice

Nikos Mavrogiannopoulos nmav at gnutls.org
Tue Nov 23 10:08:20 CET 2010


I'd suggest that you use the priority_set_direct() function. Check the examples
in the gnutls documentation for details. Does gnutls-cli work on the server you
are connecting? What is the output of gnutls-cli-debug?

regards,
Nikos

On Mon, Nov 22, 2010 at 12:17 AM, Nikias Bassen <nikias at gmx.li> wrote:
> Hi,
>
> I'm a leading developer of libimobiledevice (http://libimobiledevice.org/) and
> we are facing a GnuTLS issue. The lockdown protocol is initializing an SSLv3
> session and since iOS 4.2 the handshake fails when using GnuTLS. Further
> investigation showed that the error is GNUTLS_E_FATAL_ALERT_RECEIVED -12,
> Error: Could not negotiate a supported cipher suite.
> However, I replaced the appropiate ssl code using OpenSSL and got it working.
> Debugging output showed that the cipher is AES256-SHA, but surprisingly this
> is the same cipher that we have with pre-4.2 devices using GnuTLS.
>
> We have no clue what might be wrong here as it has been working since 4.2b
> arrived, so I'd like to ask if anyone here might be able to help us
> investigating this issue? Tell me what info you need and I'll get it for you.
>
> The device is the server and libimobiledevice code the client side of the
> communication.
>
> Our code is here: http://cgit.sukimashita.com/libimobiledevice.git/
> The SSL code is in src/idevice.c, the handshake is implemented in
> idevice_connection_enable_ssl(). If you have questions about the code just
> ask. You can reach us in #libimobiledevice on FreeNode too.
>
> Regards,
> Nikias
>
> _______________________________________________
> Gnutls-devel mailing list
> Gnutls-devel at gnu.org
> http://lists.gnu.org/mailman/listinfo/gnutls-devel
>




More information about the Gnutls-devel mailing list