diff options
author | Jonathan Beck | 2008-08-22 18:32:20 +0200 |
---|---|---|
committer | Jonathan Beck | 2008-08-22 18:32:20 +0200 |
commit | 7539f5fbf43a8d5b454cd0f7725cb5247d227647 (patch) | |
tree | 09ef1e2aabd356eb485425d3a2a5d551fc765b91 | |
parent | 6b706ced7bea4223cce3b83f25268130226a9756 (diff) | |
download | libimobiledevice-7539f5fbf43a8d5b454cd0f7725cb5247d227647.tar.gz libimobiledevice-7539f5fbf43a8d5b454cd0f7725cb5247d227647.tar.bz2 |
Handle known device through their UniqueDeviceID and use it as name to store PEM device public key.
-rw-r--r-- | src/lockdown.c | 44 | ||||
-rw-r--r-- | src/lockdown.h | 2 | ||||
-rw-r--r-- | src/userpref.c | 143 | ||||
-rw-r--r-- | src/userpref.h | 4 |
4 files changed, 70 insertions, 123 deletions
diff --git a/src/lockdown.c b/src/lockdown.c index 6ba7e18..c8275eb 100644 --- a/src/lockdown.c +++ b/src/lockdown.c @@ -320,21 +320,21 @@ int lockdownd_init(iPhone *phone, lockdownd_client **control) fprintf(stderr, "Hello failed in the lockdownd client.\n"); } - char *public_key = NULL; - if(!lockdownd_get_device_public_key(*control, &public_key)){ + char *uid = NULL; + if(!lockdownd_get_device_uid(*control, &uid)){ fprintf(stderr, "Device refused to send public key.\n"); } host_id = get_host_id(); - if (!is_device_known(public_key)) - ret = lockdownd_pair_device(*control, public_key, host_id); + if (!is_device_known(uid)) + ret = lockdownd_pair_device(*control, uid, host_id); else ret = 1; - if (public_key) { - free(public_key); - public_key = NULL; + if (uid) { + free(uid); + uid = NULL; } if (ret && host_id && lockdownd_start_SSL_session(*control, host_id)) { @@ -359,7 +359,7 @@ int lockdownd_init(iPhone *phone, lockdownd_client **control) * * @return 1 on success and 0 on failure */ -int lockdownd_pair_device(lockdownd_client *control, char *public_key_b64, char *host_id) +int lockdownd_pair_device(lockdownd_client *control, char *uid, char *host_id) { int ret = 0; xmlDocPtr plist = new_plist(); @@ -373,8 +373,16 @@ int lockdownd_pair_device(lockdownd_client *control, char *public_key_b64, char char* device_cert_b64 = NULL; char* host_cert_b64 = NULL; char* root_cert_b64 = NULL; + char *public_key_b64 = NULL; + + if(!lockdownd_get_device_public_key(control, &public_key_b64)){ + fprintf(stderr, "Device refused to send public key.\n"); + return 0; + } + if(!lockdownd_gen_pair_cert(public_key_b64, &device_cert_b64, &host_cert_b64, &root_cert_b64)){ + free(public_key_b64); return 0; } @@ -408,12 +416,18 @@ int lockdownd_pair_device(lockdownd_client *control, char *public_key_b64, char } plist = xmlReadMemory(XML_content, bytes, NULL, NULL, 0); - if (!plist) return 0; + if (!plist) { + free(public_key_b64); + return 0; + } dict = xmlDocGetRootElement(plist); for (dict = dict->children; dict; dict = dict->next) { if (!xmlStrcmp(dict->name, "dict")) break; } - if (!dict) return 0; + if (!dict) { + free(public_key_b64); + return 0; + } /* Parse xml to check success and to find public key */ dictionary = read_dict_element_strings(dict); @@ -435,11 +449,12 @@ int lockdownd_pair_device(lockdownd_client *control, char *public_key_b64, char /* store public key in config if pairing succeeded */ if (success) { if (debug) printf("lockdownd_pair_device: pair success\n"); - store_device_public_key(public_key_b64); + store_device_public_key(uid, public_key_b64); ret = 1; } else { if (debug) printf("lockdownd_pair_device: pair failure\n"); } + free(public_key_b64); return ret; } @@ -542,12 +557,9 @@ int lockdownd_gen_pair_cert(char *public_key_b64, char **device_cert_b64, char * if (!error) { /* if everything went well, export in PEM format */ gnutls_datum_t dev_pem = {NULL, 0}; - size_t crt_size; - gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &crt_size); - dev_pem.size = crt_size; + gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &dev_pem.size); dev_pem.data = gnutls_malloc(dev_pem.size); - gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_pem.data, &crt_size); - dev_pem.size = crt_size; + gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_pem.data, &dev_pem.size); /* now encode certificates for output */ *device_cert_b64 = g_base64_encode(dev_pem.data, dev_pem.size); diff --git a/src/lockdown.h b/src/lockdown.h index df70bbd..c542d65 100644 --- a/src/lockdown.h +++ b/src/lockdown.h @@ -44,7 +44,7 @@ int lockdownd_hello(lockdownd_client *control); int lockdownd_get_device_uid(lockdownd_client *control, char **uid); int lockdownd_get_device_public_key(lockdownd_client *control, char **public_key); int lockdownd_gen_pair_cert(char *public_key_b64, char **device_cert_b64, char **host_cert_b64, char **root_cert_b64); -int lockdownd_pair_device(lockdownd_client *control, char *public_key, char *host_id); +int lockdownd_pair_device(lockdownd_client *control, char *uid, char *host_id); int lockdownd_recv(lockdownd_client *control, char **dump_data); int lockdownd_send(lockdownd_client *control, char *raw_data, uint32 length); void lockdownd_close(lockdownd_client *control); diff --git a/src/userpref.c b/src/userpref.c index 41b11bc..5b53775 100644 --- a/src/userpref.c +++ b/src/userpref.c @@ -25,7 +25,7 @@ #include <string.h> #include "userpref.h" #include <string.h> -#include <stdio.h> +#include <stdlib.h> #define LIBIPHONE_CONF_DIR "libiphone" #define LIBIPHONE_CONF_FILE "libiphonerc" @@ -37,6 +37,18 @@ extern int debug; +/** Creates a freedesktop compatible configuration directory for libiphone. + */ +inline void create_config_dir() { + gchar* config_dir = g_build_path(G_DIR_SEPARATOR_S, g_get_user_config_dir(), LIBIPHONE_CONF_DIR, NULL); + + if (!g_file_test(config_dir, (G_FILE_TEST_EXISTS | G_FILE_TEST_IS_DIR) )) + g_mkdir_with_parents(config_dir, 0755); + + g_free(config_dir); +} + + /** Reads the HostID from a previously generated configuration file. * * @note It is the responsibility of the calling function to free the returned host_id @@ -68,12 +80,12 @@ char* get_host_id() { /** Determines whether this iPhone has been connected to this system before. * - * @param public_key The public key as given by the iPhone. + * @param uid The device uid as given by the iPhone. * * @return 1 if the iPhone has been connected previously to this configuration * or 0 otherwise. */ -int is_device_known(char* public_key) { +int is_device_known(char* uid) { int ret = 0; gchar *config_file; GKeyFile *key_file; @@ -81,41 +93,12 @@ int is_device_known(char* public_key) { GIOChannel *keyfile; /* first get config file */ - config_file = g_build_path(G_DIR_SEPARATOR_S, g_get_user_config_dir(), LIBIPHONE_CONF_DIR, LIBIPHONE_CONF_FILE, NULL); - if (g_file_test(config_file, (G_FILE_TEST_EXISTS | G_FILE_TEST_IS_REGULAR))) { - - /* now parse file to get knwon devices list */ - key_file = g_key_file_new (); - if(g_key_file_load_from_file(key_file, config_file, G_KEY_FILE_KEEP_COMMENTS, NULL)) { - - devices_list = g_key_file_get_string_list (key_file, "Global", "DevicesList", NULL, NULL); - if (devices_list) { - pcur = devices_list; - while(*pcur && !ret) { - /* open associated base64 encoded key */ - keyfilepath = g_build_path(G_DIR_SEPARATOR_S, g_get_user_config_dir(), LIBIPHONE_CONF_DIR, *pcur, NULL); - if (g_file_test(keyfilepath, (G_FILE_TEST_EXISTS | G_FILE_TEST_IS_REGULAR))) { - keyfile = g_io_channel_new_file (keyfilepath, "r", NULL); - - stored_key = NULL; - g_io_channel_read_to_end (keyfile, &stored_key, NULL, NULL); - - /* now compare to input */ - if (strcmp(public_key, stored_key) == 2 || !strcmp(public_key, stored_key)) - ret = 1; - g_free(stored_key); - g_io_channel_shutdown(keyfile, FALSE, NULL); - g_io_channel_unref(keyfile); - pcur++; - } - g_free(keyfilepath); - } - } - g_strfreev(devices_list); - } - g_key_file_free(key_file); - g_free(config_file); - } + gchar* device_file = g_strconcat(uid, ".pem", NULL); + config_file = g_build_path(G_DIR_SEPARATOR_S, g_get_user_config_dir(), LIBIPHONE_CONF_DIR, device_file, NULL); + if (g_file_test(config_file, (G_FILE_TEST_EXISTS | G_FILE_TEST_IS_REGULAR))) + ret = 1; + g_free(config_file); + g_free(device_file); return ret; } @@ -127,65 +110,28 @@ int is_device_known(char* public_key) { * @return 1 on success and 0 if no public key is given or if it has already * been marked as connected previously. */ -int store_device_public_key(char* public_key) { - gchar *config_file; - GKeyFile *key_file; - gchar **devices_list; - guint len = 0; - guint wlength = 0; - gchar dev_file[20]; - int i; - const gchar** new_devices_list; - gsize length; - gchar *buf; - GIOChannel *file; - gchar* device_file; +int store_device_public_key(char* uid, char* public_key) { - if (NULL == public_key || is_device_known(public_key)) + if (NULL == public_key || is_device_known(uid)) return 0; - /* first get config file */ - config_file = g_build_path(G_DIR_SEPARATOR_S, g_get_user_config_dir(), LIBIPHONE_CONF_DIR, LIBIPHONE_CONF_FILE, NULL); - if (g_file_test(config_file, (G_FILE_TEST_EXISTS | G_FILE_TEST_IS_REGULAR))) { - key_file = g_key_file_new(); - if(g_key_file_load_from_file (key_file, config_file, G_KEY_FILE_KEEP_COMMENTS, NULL)) { - - /* Determine device name */ - devices_list = g_key_file_get_string_list (key_file, "Global", "DevicesList", NULL, NULL); - if (devices_list) - len = g_strv_length(devices_list); - g_strfreev(devices_list); - g_sprintf(dev_file, "Device%i", len); - - /* Write device file to disk */ - device_file = g_build_path(G_DIR_SEPARATOR_S, g_get_user_config_dir(), LIBIPHONE_CONF_DIR, dev_file, NULL); - file = g_io_channel_new_file (device_file, "w", NULL); - g_free(device_file); - wlength = strlen(public_key); // why this wasn't discovered before... ugh - g_io_channel_write_chars(file, public_key, wlength, NULL, NULL); - g_io_channel_shutdown(file, TRUE, NULL); - g_io_channel_unref(file); - - /* Append device to list */ - new_devices_list = (const gchar**)g_malloc(sizeof(gchar*)* (len + 2)); - for( i = 0; i < len; i++) - new_devices_list[i] = devices_list[i]; - new_devices_list[len] = dev_file; - new_devices_list[len+1] = NULL; - g_key_file_set_string_list(key_file,"Global", "DevicesList", new_devices_list, len+1); - g_free(new_devices_list); - - } - - /* Write config file to disk */ - buf = g_key_file_to_data(key_file, &length, NULL); - file = g_io_channel_new_file(config_file, "w", NULL); - g_io_channel_write_chars(file, buf, length, NULL, NULL); - g_io_channel_shutdown(file, TRUE, NULL); - g_io_channel_unref(file); - g_key_file_free(key_file); - } + /* ensure config directory exists */ + create_config_dir(); + + /* build file path */ + gchar* device_file = g_strconcat(uid, ".pem", NULL); + gchar* pem = g_build_path(G_DIR_SEPARATOR_S, g_get_user_config_dir(), LIBIPHONE_CONF_DIR, device_file, NULL); + /* decode public key for storing */ + gsize decoded_size; + gchar* data = g_base64_decode (public_key, &decoded_size); + /* store file */ + FILE* pFile = fopen(pem , "wb"); + fwrite(data, 1, decoded_size, pFile); + fclose(pFile); + g_free(pem); + g_free(data); + g_free(device_file); return 1; } @@ -257,17 +203,6 @@ int get_host_certificate(gnutls_datum_t* host_cert) { return read_file_in_confdir(LIBIPHONE_HOST_CERTIF, host_cert); } -/** Creates a freedesktop compatible configuration directory for libiphone. - */ -inline void create_config_dir() { - gchar* config_dir = g_build_path(G_DIR_SEPARATOR_S, g_get_user_config_dir(), LIBIPHONE_CONF_DIR, NULL); - - if (!g_file_test(config_dir, (G_FILE_TEST_EXISTS | G_FILE_TEST_IS_DIR) )) - g_mkdir_with_parents(config_dir, 0755); - - g_free(config_dir); -} - /** Create and save a configuration file containing the given data. * * @note: All fields must specified and be non-null diff --git a/src/userpref.h b/src/userpref.h index c437e52..553c5df 100644 --- a/src/userpref.h +++ b/src/userpref.h @@ -35,12 +35,12 @@ char* get_host_id(); * * @return 1 if device is already paired. Returns 0 otherwise. */ -int is_device_known(char* public_key); +int is_device_known(char* uid); /** * @return 1 if everything went well. Returns 0 otherwise. */ -int store_device_public_key(char* public_key); +int store_device_public_key(char* uid, char* public_key); /** * @return 1 if everything went well. Returns 0 otherwise. |