diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/AFC.h | 35 | ||||
-rw-r--r-- | src/MobileSync.c | 9 | ||||
-rw-r--r-- | src/NotificationProxy.c | 65 | ||||
-rw-r--r-- | src/NotificationProxy.h | 1 | ||||
-rw-r--r-- | src/lockdown.c | 116 | ||||
-rw-r--r-- | src/lockdown.h | 2 |
6 files changed, 99 insertions, 129 deletions
@@ -59,33 +59,32 @@ struct iphone_afc_file_int { enum { AFC_ERROR = 0x00000001, AFC_SUCCESS_RESPONSE = 0x00000002, - AFC_LIST_DIR = 0x00000003, // ReadDir + AFC_LIST_DIR = 0x00000003, // ReadDir // 0x00000004 // ReadFile // 0x00000005 // WriteFile // 0x00000006 // WritePart - AFC_TRUNCATE = 0x00000007, // Truncate - AFC_DELETE = 0x00000008, // RemovePath - AFC_MAKE_DIR = 0x00000009, // MakeDir - AFC_GET_INFO = 0x0000000a, // GetFileInfo - AFC_GET_DEVINFO = 0x0000000b, // GetDeviceInfo + AFC_TRUNCATE = 0x00000007, // Truncate + AFC_DELETE = 0x00000008, // RemovePath + AFC_MAKE_DIR = 0x00000009, // MakeDir + AFC_GET_INFO = 0x0000000a, // GetFileInfo + AFC_GET_DEVINFO = 0x0000000b, // GetDeviceInfo // 0x0000000c // same as 5, but writes to temp file, then renames it. - AFC_FILE_OPEN = 0x0000000d, // FileRefOpen - AFC_FILE_HANDLE = 0x0000000e, // _unknownPacket - AFC_READ = 0x0000000f, // FileRefRead - AFC_WRITE = 0x00000010, // FileRefWrite - AFC_FILE_SEEK = 0x00000011, // FileRefSeek - AFC_FILE_TELL = 0x00000012, // FileRefTell + AFC_FILE_OPEN = 0x0000000d, // FileRefOpen + AFC_FILE_HANDLE = 0x0000000e, // _unknownPacket + AFC_READ = 0x0000000f, // FileRefRead + AFC_WRITE = 0x00000010, // FileRefWrite + AFC_FILE_SEEK = 0x00000011, // FileRefSeek + AFC_FILE_TELL = 0x00000012, // FileRefTell // 0x00000013 // _unknownPacket - AFC_FILE_CLOSE = 0x00000014, // FileRefClose - AFC_FILE_TRUNCATE = 0x00000015, // FileRefSetFileSize (ftruncate) + AFC_FILE_CLOSE = 0x00000014, // FileRefClose + AFC_FILE_TRUNCATE = 0x00000015, // FileRefSetFileSize (ftruncate) // 0x00000016 // SetFatalError // 0x00000017 // SetConnectionOptions - AFC_RENAME = 0x00000018, // RenamePath + AFC_RENAME = 0x00000018, // RenamePath // 0x00000019 // SetFSBlockSize (0x800000) // 0x0000001A // SetBlockSize (0x800000) - AFC_FILE_LOCK = 0x0000001B, // FileRefLock - AFC_MAKE_LINK = 0x0000001C // MakeLink + AFC_FILE_LOCK = 0x0000001B, // FileRefLock + AFC_MAKE_LINK = 0x0000001C // MakeLink }; - uint32_t iphone_afc_get_file_handle(iphone_afc_file_t file); diff --git a/src/MobileSync.c b/src/MobileSync.c index 839ed2b..b16a51b 100644 --- a/src/MobileSync.c +++ b/src/MobileSync.c @@ -50,8 +50,7 @@ iphone_error_t iphone_msync_new_client(iphone_device_t device, int src_port, int //first receive version ret = iphone_msync_recv(client_loc, &array); - plist_t msg_node = - plist_find_node_by_string(array, "DLMessageVersionExchange"); + plist_t msg_node = plist_find_node_by_string(array, "DLMessageVersionExchange"); plist_t ver_1 = plist_get_next_sibling(msg_node); plist_t ver_2 = plist_get_next_sibling(ver_1); @@ -82,8 +81,7 @@ iphone_error_t iphone_msync_new_client(iphone_device_t device, int src_port, int array = NULL; ret = iphone_msync_recv(client_loc, &array); - plist_t rep_node = - plist_find_node_by_string(array, "DLMessageDeviceReady"); + plist_t rep_node = plist_find_node_by_string(array, "DLMessageDeviceReady"); if (rep_node) { ret = IPHONE_E_SUCCESS; @@ -245,8 +243,7 @@ iphone_error_t iphone_msync_get_all_contacts(iphone_msync_client_t client) plist_t switch_node; contact_node = plist_find_node_by_string(array, "com.apple.Contacts"); - switch_node = - plist_find_node_by_string(array, "SDMessageDeviceReadyToReceiveChanges"); + switch_node = plist_find_node_by_string(array, "SDMessageDeviceReadyToReceiveChanges"); while (NULL == switch_node) { diff --git a/src/NotificationProxy.c b/src/NotificationProxy.c index eec7857..726852e 100644 --- a/src/NotificationProxy.c +++ b/src/NotificationProxy.c @@ -52,7 +52,7 @@ static void np_unlock(iphone_np_client_t client) * * @return A handle to the newly-connected client or NULL upon error. */ -iphone_error_t iphone_np_new_client ( iphone_device_t device, int src_port, int dst_port, iphone_np_client_t *client ) +iphone_error_t iphone_np_new_client(iphone_device_t device, int src_port, int dst_port, iphone_np_client_t * client) { int ret = IPHONE_E_SUCCESS; @@ -75,16 +75,16 @@ iphone_error_t iphone_np_new_client ( iphone_device_t device, int src_port, int client_loc->mutex = g_mutex_new(); *client = client_loc; - return IPHONE_E_SUCCESS; + return IPHONE_E_SUCCESS; } /** Disconnects an NP client from the phone. * * @param client The client to disconnect. */ -iphone_error_t iphone_np_free_client ( iphone_np_client_t client ) +iphone_error_t iphone_np_free_client(iphone_np_client_t client) { - if (!client || !client->connection ) + if (!client || !client->connection) return IPHONE_E_INVALID_ARG; iphone_mux_free_client(client->connection); @@ -101,7 +101,7 @@ iphone_error_t iphone_np_free_client ( iphone_np_client_t client ) * @param client The client to send to * @param notification The notification Message */ -iphone_error_t iphone_np_post_notification( iphone_np_client_t client, const char *notification ) +iphone_error_t iphone_np_post_notification(iphone_np_client_t client, const char *notification) { char *XML_content = NULL; uint32_t length = 0; @@ -126,9 +126,9 @@ iphone_error_t iphone_np_post_notification( iphone_np_client_t client, const cha nlen = htonl(length); - memcpy(sndbuf+sndlen, &nlen, 4); + memcpy(sndbuf + sndlen, &nlen, 4); sndlen += 4; - memcpy(sndbuf+sndlen, XML_content, length); + memcpy(sndbuf + sndlen, XML_content, length); sndlen += length; plist_free(dict); @@ -143,11 +143,11 @@ iphone_error_t iphone_np_post_notification( iphone_np_client_t client, const cha nlen = htonl(length); - memcpy(sndbuf+sndlen, &nlen, 4); - sndlen+=4; + memcpy(sndbuf + sndlen, &nlen, 4); + sndlen += 4; - memcpy(sndbuf+sndlen, XML_content, length); - sndlen+=length; + memcpy(sndbuf + sndlen, XML_content, length); + sndlen += length; plist_free(dict); dict = NULL; @@ -157,7 +157,7 @@ iphone_error_t iphone_np_post_notification( iphone_np_client_t client, const cha log_debug_buffer(sndbuf, sndlen); iphone_mux_send(client->connection, sndbuf, sndlen, &bytes); - if (bytes <= 0) { + if (bytes <= 0) { np_unlock(client); return bytes; } @@ -181,7 +181,7 @@ iphone_error_t iphone_np_post_notification( iphone_np_client_t client, const cha * * @param client The client to send to */ -iphone_error_t iphone_np_observe_notification( iphone_np_client_t client ) +iphone_error_t iphone_np_observe_notification(iphone_np_client_t client) { plist_t dict = NULL; char *XML_content = NULL; @@ -191,18 +191,19 @@ iphone_error_t iphone_np_observe_notification( iphone_np_client_t client ) unsigned char sndbuf[4096]; int sndlen = 0; int nlen = 0; - int i=0; + int i = 0; const char *notifications[10] = { - "com.apple.itunes-client.syncCancelRequest", - "com.apple.itunes-client.syncSuspendRequest", - "com.apple.itunes-client.syncResumeRequest", - "com.apple.mobile.lockdown.phone_number_changed", - "com.apple.mobile.lockdown.device_name_changed", - "com.apple.springboard.attemptactivation", - "com.apple.mobile.data_sync.domain_changed", - "com.apple.mobile.application_installed", - "com.apple.mobile.application_uninstalled", - NULL}; + "com.apple.itunes-client.syncCancelRequest", + "com.apple.itunes-client.syncSuspendRequest", + "com.apple.itunes-client.syncResumeRequest", + "com.apple.mobile.lockdown.phone_number_changed", + "com.apple.mobile.lockdown.device_name_changed", + "com.apple.springboard.attemptactivation", + "com.apple.mobile.data_sync.domain_changed", + "com.apple.mobile.application_installed", + "com.apple.mobile.application_uninstalled", + NULL + }; sndlen = 0; @@ -221,11 +222,11 @@ iphone_error_t iphone_np_observe_notification( iphone_np_client_t client ) plist_to_xml(dict, &XML_content, &length); nlen = htonl(length); - memcpy(sndbuf+sndlen, &nlen, 4); + memcpy(sndbuf + sndlen, &nlen, 4); sndlen += 4; - memcpy(sndbuf+sndlen, XML_content, length); + memcpy(sndbuf + sndlen, XML_content, length); sndlen += length; - + plist_free(dict); dict = NULL; free(XML_content); @@ -239,11 +240,11 @@ iphone_error_t iphone_np_observe_notification( iphone_np_client_t client ) nlen = htonl(length); - memcpy(sndbuf+sndlen, &nlen, 4); - sndlen+=4; + memcpy(sndbuf + sndlen, &nlen, 4); + sndlen += 4; - memcpy(sndbuf+sndlen, XML_content, length); - sndlen+=length; + memcpy(sndbuf + sndlen, XML_content, length); + sndlen += length; plist_free(dict); dict = NULL; @@ -253,7 +254,7 @@ iphone_error_t iphone_np_observe_notification( iphone_np_client_t client ) log_debug_buffer(sndbuf, sndlen); iphone_mux_send(client->connection, sndbuf, sndlen, &bytes); - if (bytes <= 0) { + if (bytes <= 0) { np_unlock(client); return bytes; } diff --git a/src/NotificationProxy.h b/src/NotificationProxy.h index 57ad751..7b4b48d 100644 --- a/src/NotificationProxy.h +++ b/src/NotificationProxy.h @@ -28,4 +28,3 @@ struct iphone_np_client_int { iphone_umux_client_t connection; GMutex *mutex; }; - diff --git a/src/lockdown.c b/src/lockdown.c index 2f48dfd..63f9090 100644 --- a/src/lockdown.c +++ b/src/lockdown.c @@ -62,7 +62,6 @@ iphone_lckd_client_t new_lockdownd_client(iphone_device_t phone) control->ssl_session = (gnutls_session_t *) malloc(sizeof(gnutls_session_t)); control->in_SSL = 0; - control->gtls_buffer_hack_len = 0; return control; } @@ -152,7 +151,6 @@ static void iphone_lckd_stop_SSL_session(iphone_lckd_client_t client) free(client->ssl_session); } client->in_SSL = 0; - client->gtls_buffer_hack_len = 0; // dunno if required?! return; } @@ -467,6 +465,10 @@ iphone_error_t iphone_lckd_new_client(iphone_device_t device, iphone_lckd_client char *host_id = NULL; iphone_lckd_client_t client_loc = new_lockdownd_client(device); + if (!client_loc) { + log_debug_msg("FATAL: lockdownd client could not be created!\n"); + return IPHONE_E_UNKNOWN_ERROR; + } if (IPHONE_E_SUCCESS != lockdownd_hello(client_loc)) { log_debug_msg("Hello failed in the lockdownd client.\n"); ret = IPHONE_E_NOT_ENOUGH_DATA; @@ -801,7 +803,7 @@ iphone_error_t lockdownd_gen_pair_cert(gnutls_datum_t public_key, gnutls_datum_t iphone_error_t lockdownd_start_SSL_session(iphone_lckd_client_t control, const char *HostID) { plist_t dict = NULL; - uint32_t return_me = 0; + uint32_t return_me = 0; iphone_error_t ret = IPHONE_E_UNKNOWN_ERROR; control->session_id[0] = '\0'; @@ -956,79 +958,53 @@ ssize_t lockdownd_secuwrite(gnutls_transport_ptr_t transport, char *buffer, size ssize_t lockdownd_securead(gnutls_transport_ptr_t transport, char *buffer, size_t length) { int bytes = 0, pos_start_fill = 0; - char *hackhackhack = NULL; + int tbytes = 0; + int this_len = length; + iphone_error_t res; iphone_lckd_client_t control; control = (iphone_lckd_client_t) transport; - log_dbg_msg(DBGMASK_LOCKDOWND, "lockdownd_securead() called\nlength = %zi\n", length); - // Buffering hack! Throw what we've got in our "buffer" into the stream first, then get more. - if (control->gtls_buffer_hack_len > 0) { - if (length > control->gtls_buffer_hack_len) { // If it's asking for more than we got - length -= control->gtls_buffer_hack_len; // Subtract what we have from their requested length - pos_start_fill = control->gtls_buffer_hack_len; // set the pos to start filling at - memcpy(buffer, control->gtls_buffer_hack, control->gtls_buffer_hack_len); // Fill their buffer partially - free(control->gtls_buffer_hack); // free our memory, it's not chained anymore - control->gtls_buffer_hack_len = 0; // we don't have a hack buffer anymore - log_dbg_msg(DBGMASK_LOCKDOWND, "Did a partial fill to help quench thirst for data\n"); - } else if (length < control->gtls_buffer_hack_len) { // If it's asking for less... - control->gtls_buffer_hack_len -= length; // subtract what they're asking for - memcpy(buffer, control->gtls_buffer_hack, length); // fill their buffer - hackhackhack = (char *) malloc(sizeof(char) * control->gtls_buffer_hack_len); // strndup is NOT a good solution -- concatenates \0!!!! Anyway, make a new "hack" buffer. - memcpy(hackhackhack, control->gtls_buffer_hack + length, control->gtls_buffer_hack_len); // Move what's left into the new one - free(control->gtls_buffer_hack); // Free the old one - control->gtls_buffer_hack = hackhackhack; // And make it the new one. - hackhackhack = NULL; - log_dbg_msg(DBGMASK_LOCKDOWND, "Quenched the thirst for data; new hack length is %i\n", - control->gtls_buffer_hack_len); - return length; // hand it over. - } else { // length == hack length - memcpy(buffer, control->gtls_buffer_hack, length); // copy our buffer into theirs - free(control->gtls_buffer_hack); // free our "obligation" - control->gtls_buffer_hack_len = 0; // free our "obligation" - log_dbg_msg(DBGMASK_LOCKDOWND, "Satiated the thirst for data; now we have to eventually receive again.\n"); - return length; // hand it over + char *recv_buffer; + + log_debug_msg("lockdownd_securead() called\nlength = %zi\n", length); + + log_debug_msg("pre-read\nclient wants %zi bytes\n", length); + + recv_buffer = (char *) malloc(sizeof(char) * this_len); + + // repeat until we have the full data or an error occurs. + do { + if ((res = iphone_mux_recv(control->connection, recv_buffer, this_len, &bytes)) != IPHONE_E_SUCCESS) { + log_debug_msg("%s: ERROR: iphone_mux_recv returned %d\n", __func__, res); + return res; } - } - // End buffering hack! - char *recv_buffer = (char *) malloc(sizeof(char) * (length * 1000)); // ensuring nothing stupid happens - - log_dbg_msg(DBGMASK_LOCKDOWND, "pre-read\nclient wants %zi bytes\n", length); - iphone_mux_recv(control->connection, recv_buffer, (length * 1000), &bytes); - log_dbg_msg(DBGMASK_LOCKDOWND, "post-read\nwe got %i bytes\n", bytes); - if (bytes < 0) { - log_dbg_msg(DBGMASK_LOCKDOWND, "lockdownd_securead(): uh oh\n"); - log_dbg_msg(DBGMASK_LOCKDOWND, - "I believe what we have here is a failure to communicate... libusb says %s but strerror says %s\n", - usb_strerror(), strerror(errno)); - return bytes + 28; // an errno - } - if (bytes >= length) { - if (bytes > length) { - log_dbg_msg(DBGMASK_LOCKDOWND, - "lockdownd_securead: Client deliberately read less data than was there; resorting to GnuTLS buffering hack.\n"); - if (!control->gtls_buffer_hack_len) { // if there's no hack buffer yet - //control->gtls_buffer_hack = strndup(recv_buffer+length, bytes-length); // strndup is NOT a good solution! - control->gtls_buffer_hack_len += bytes - length; - control->gtls_buffer_hack = (char *) malloc(sizeof(char) * control->gtls_buffer_hack_len); - memcpy(control->gtls_buffer_hack, recv_buffer + length, control->gtls_buffer_hack_len); - } else { // if there is. - control->gtls_buffer_hack = - realloc(control->gtls_buffer_hack, control->gtls_buffer_hack_len + (bytes - length)); - memcpy(control->gtls_buffer_hack + control->gtls_buffer_hack_len, recv_buffer + length, bytes - length); - control->gtls_buffer_hack_len += bytes - length; - } + log_debug_msg("post-read\nwe got %i bytes\n", bytes); + + if (bytes < 0) { + log_debug_msg("lockdownd_securead(): uh oh\n"); + log_debug_msg + ("I believe what we have here is a failure to communicate... libusb says %s but strerror says %s\n", + usb_strerror(), strerror(errno)); + return bytes; // + 28; // an errno } - memcpy(buffer + pos_start_fill, recv_buffer, length); - free(recv_buffer); - if (bytes == length) { - log_dbg_msg(DBGMASK_LOCKDOWND, "Returning how much we received.\n"); - return bytes; - } else { - log_dbg_msg(DBGMASK_LOCKDOWND, "Returning what they want to hear.\nHack length: %i\n", - control->gtls_buffer_hack_len); - return length; + // increase read count + tbytes += bytes; + + // fill the buffer with what we got right now + memcpy(buffer + pos_start_fill, recv_buffer, bytes); + pos_start_fill += bytes; + + if (tbytes >= length) { + break; } + + this_len = length - tbytes; + log_debug_msg("re-read\ntrying to read missing %i bytes\n", this_len); + } while (tbytes < length); + if (recv_buffer) { + free(recv_buffer); } - return bytes; + + return tbytes; } /** Command to start the desired service diff --git a/src/lockdown.h b/src/lockdown.h index 2f2a4b9..cad06a3 100644 --- a/src/lockdown.h +++ b/src/lockdown.h @@ -35,8 +35,6 @@ struct iphone_lckd_client_int { iphone_umux_client_t connection; gnutls_session_t *ssl_session; int in_SSL; - char *gtls_buffer_hack; - int gtls_buffer_hack_len; char session_id[40]; }; |