iDevice GnuTLS issue with iOS 4.2 - libimobiledevice

Nikias Bassen nikias at
Mon Nov 22 00:17:23 CET 2010


I'm a leading developer of libimobiledevice ( and
we are facing a GnuTLS issue. The lockdown protocol is initializing an SSLv3
session and since iOS 4.2 the handshake fails when using GnuTLS. Further
investigation showed that the error is GNUTLS_E_FATAL_ALERT_RECEIVED -12,
Error: Could not negotiate a supported cipher suite.
However, I replaced the appropiate ssl code using OpenSSL and got it working.
Debugging output showed that the cipher is AES256-SHA, but surprisingly this
is the same cipher that we have with pre-4.2 devices using GnuTLS.

We have no clue what might be wrong here as it has been working since 4.2b
arrived, so I'd like to ask if anyone here might be able to help us
investigating this issue? Tell me what info you need and I'll get it for you.

The device is the server and libimobiledevice code the client side of the

Our code is here:
The SSL code is in src/idevice.c, the handshake is implemented in 
idevice_connection_enable_ssl(). If you have questions about the code just
ask. You can reach us in #libimobiledevice on FreeNode too.


More information about the Gnutls-devel mailing list