iDevice GnuTLS issue with iOS 4.2 - libimobiledevice
Nikias Bassen
nikias at gmx.li
Sat Nov 27 15:20:28 CET 2010
Hi,
that did the trick. The fix for libimobiledevice is in git master now.
Regards,
Nikias
On Sat, 27 Nov 2010 06:07:07 +0100
Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote:
> On 11/26/2010 09:39 PM, Nikias Bassen wrote:
>
> >> No. They are functions for the one that wants to use certificate (it can be
> >> either server or client). The only distinction between server and
> >> client in gnutls
> >> is being done in gnutls_init(). Most of the other functions are applicable to
> >> both unless they mention otherwise in the description.
> > I made dumps with OpenSSL (succeeding) and GnuTLS (failing) and found out that
> > the GnuTLS code fails because it can't find a certificate. It sends the
> > following packet to the device, instead of the certificate (like openssl does)
>
> If you use gnutls_certificate_set_x509_key_file() then it will send a
> certificate to the server if the server requests a CA that matches the
> one in the certificate (you can check which one the server requested by
> viewing the transaction in wireshark).
>
> An alternative way, which you can force to send a certificate even if
> the server didn't request one, is by using the certificate callback
> function. See example in:
> http://www.gnu.org/software/gnutls/manual/html_node/Using-a-callback-to-select-the-certificate-to-use.html#Using-a-callback-to-select-the-certificate-to-use
>
>
> regards,
> Nikos
>
More information about the Gnutls-devel
mailing list