idevice: Fix OpenSSL 3.0 internal error on read timeout
diff --git a/src/idevice.c b/src/idevice.c
index 3984583..5930db9 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -785,6 +785,10 @@
int sslerr = SSL_get_error(connection->ssl_data->session, r);
if (sslerr == SSL_ERROR_WANT_READ) {
continue;
+ } else if (sslerr == SSL_ERROR_ZERO_RETURN) {
+ if (connection->status == IDEVICE_E_TIMEOUT) {
+ SSL_set_shutdown(connection->ssl_data->session, 0);
+ }
}
break;
}
@@ -1203,6 +1207,14 @@
SSL_CTX_set_max_proto_version(ssl_ctx, TLS1_VERSION);
}
#endif
+#if (OPENSSL_VERSION_MAJOR >= 3) && defined(SSL_OP_IGNORE_UNEXPECTED_EOF)
+ /*
+ * For OpenSSL 3 and later, mark close_notify alerts as optional.
+ * For prior versions of OpenSSL we check for SSL_ERROR_SYSCALL when
+ * reading instead (this error changes to SSL_ERROR_SSL in OpenSSL 3).
+ */
+ SSL_CTX_set_options(ssl_ctx, SSL_OP_IGNORE_UNEXPECTED_EOF);
+#endif
BIO* membp;
X509* rootCert = NULL;
