summaryrefslogtreecommitdiffstats
path: root/src/lockdown.c
AgeCommit message (Collapse)AuthorFilesLines
2014-01-25Revert "lockdown: do not send Goodbye when SSL session was active"Gravatar Nikias Bassen1-2/+2
This reverts commit 56392428a49543bab4b12431451ec04bb799c411. Actually I committed this because of usbmuxd complaining about a TCP RST. But lockdownd is now complaining since it waits for the Goodbye packet (which I apparently didn't see during testing).
2014-01-15lockdown: do not send Goodbye when SSL session was activeGravatar Nikias Bassen1-2/+2
2013-11-30lockdown: Make sure to free client->session_id for sureGravatar Martin Szulecki1-0/+4
2013-11-30Fix possible memory corruption by ensuring client pointers NULL'd after freeGravatar Martin Szulecki1-0/+1
2013-11-30lockdown: Do not free session_id again after stop_session already didGravatar Martin Szulecki1-1/+0
2013-11-08lockdown: fix possible invalid free in GnuTLS cert generation codeGravatar Nikias Bassen1-3/+3
2013-11-04Convert stray spaces to corresponding tabsGravatar Martin Szulecki1-0/+1
2013-10-09Remove duplicate newline from debug messages as one is added automaticallyGravatar Martin Szulecki1-1/+1
2013-10-09lockdown: Plug few possible memory leaks in generate_pair_record_plist()Gravatar Martin Szulecki1-16/+6
2013-09-24lockdown: improve lockdownd_query_type result checkingGravatar Nikias Bassen1-4/+11
2013-09-23lockdown: Remove EscrowBag feature for now as it caused services to not startGravatar Martin Szulecki1-7/+0
2013-09-21lockdown: Only sent EscrowBag if we are running in a secure sessionGravatar Martin Szulecki1-2/+6
2013-09-21lockdown: Send EscrowBag when starting service for automatic unlockingGravatar Martin Szulecki1-0/+3
2013-09-19lockdown: Remove pairing code which is obsoleted by usbmuxd's preflight handlerGravatar Martin Szulecki1-53/+0
2013-09-19lockdown: Don't shutdown SSL during StopSession already or device complainsGravatar Martin Szulecki1-7/+6
2013-09-17lockdownd: remove unused udid variable in reconnect functionGravatar Nikias Bassen1-4/+0
2013-09-17lockdown: Refactor pair record generation/loading logic a bit for efficiencyGravatar Martin Szulecki1-42/+47
The current code always requests the public key and set's the SystemBUID, even if a pair record already exists which has these values ready. The change moves logic to only do that during generation of new certificates.
2013-09-17lockdown: Fix debug message during reconnect to show correct udidGravatar Martin Szulecki1-1/+1
2013-09-17lockdown: Fix generation of x509 subject key identifier extension for GnuTLSGravatar Martin Szulecki1-7/+12
2013-09-17Make sure to re-use the DeviceCertificate instead of generating a new one ↵Gravatar Nikias Bassen1-8/+15
every time This prevented iTunes from using a pairing made by libimobiledevice giving an error that the device sent invalid data.
2013-09-17lockdown: Add missing x509 extensions to match other platforms using GnuTLSGravatar Martin Szulecki1-0/+8
2013-09-17Fix broken build of GnuTLS and silence two compiler warningsGravatar Martin Szulecki1-2/+2
2013-09-17lockdown: Add missing x509 extensions to match other platforms using OpenSSLGravatar Martin Szulecki1-2/+18
2013-09-17lockdown: Allow starting services without the need for a running SSL sessionGravatar Martin Szulecki1-2/+2
2013-09-17Refactor userpref logic to use plist format and implement trust dialog handlingGravatar Martin Szulecki1-47/+210
iOS 7 introduced a new pairing workflow which increases security by showing a trust dialog to the user before pairing with the host is allowed. The userpref system was refactored to use the native plist format, too. Configuration files of the native implementations are used on each platform. Former configuration files are no longer in use and can be deleted.
2013-06-30Fixed memory leak in lockdownd_gen_pair_cert() by freeing X509_EXTENSION ↵Gravatar Aaron Burghardt1-0/+1
object when using OpenSSL.
2013-06-30Fixed memory leak in lockdownd_gen_pair_cert() when getting cert data using ↵Gravatar Aaron Burghardt1-2/+5
OpenSSL.
2013-04-25common: Move debug and userpref code into libinternalcommonGravatar Martin Szulecki1-2/+2
2013-03-14lockdown: only return service descriptor if StartService succeedsGravatar Nikias Bassen1-5/+11
2013-02-26Refactor port number use into service descriptor to enable SSL for servicesGravatar Martin Szulecki1-12/+46
This is a major change which breaks API but is required in order to support SSL communication for services as used by network connections.
2012-04-01lockdown: Correct a few wrong comments showing NP_E_* error messagesGravatar Martin Szulecki1-7/+9
2012-03-22Mass replace UUID by UDID, which is the correct term for itGravatar Martin Szulecki1-12/+12
2012-03-19Fix broken debug_info usageGravatar Nikias Bassen1-2/+2
2012-03-19free bio after using itGravatar Nikias Bassen1-1/+3
2012-03-19Add OpenSSL supportGravatar Nikias Bassen1-10/+154
2012-03-19Refined asprintf/vasprintf detection and inclusionGravatar Nikias Bassen1-2/+0
2012-03-19Fix building on OSXGravatar Martin Szulecki1-0/+2
2012-03-19Add asprintf replacement for systems lacking itGravatar Nikias Bassen1-0/+1
2012-03-18Completely remove glib dependency.Gravatar Nikias Bassen1-3/+2
2011-11-21lockdown: iOS 5: handle 'Error' key in lockdown_check_resultGravatar Nikias Bassen1-1/+15
2011-06-09lockdown: move writing of device uuid to client struct inside ↵Gravatar Nikias Bassen1-7/+6
lockdownd_client_new() ... instead of in lockdownd_client_new_with_handshake(). This way the device UUID is also available when only using a non-paired connection (e.g. when using the idevicepair tool).
2011-06-07lockdown: fix support for iOS 5Gravatar Nikias Bassen1-1/+3
2011-03-31debug: Use explicit size for string when debugging non-null terminatedGravatar Martin Szulecki1-1/+1
The debug code to output the device public key was not taking into account that the key data is not null terminated.
2010-11-27Add a safety check in lockdownd_client_new_with_handshake() to fix a ↵Gravatar Martin Szulecki1-1/+4
possible crash
2010-06-04lockdown: correctly handle activation_record parameter in lockdownd_activateGravatar Nikias Bassen1-1/+1
The activation_record was inserted into the request plist and freed at the end. If the user app then uses plist_free to free the activation record, it gets an invalid free. By using plist_copy the activation_record is not touched.
2010-05-28Add special handling for unpair request; probably a bug in the iPhone OSGravatar Martin Szulecki1-4/+13
2010-05-28Refactor lockdownd_client_new() internalsGravatar Martin Szulecki1-11/+3
2010-05-25Document that lockdownd automatically drops the connection when idleGravatar Martin Szulecki1-0/+7
2010-05-15Use a more general implementation to get data classes the device supportsGravatar Martin Szulecki1-45/+14
Some devices appear to not have anything set in com.apple.mobile.tethered_sync. Thus we use the more general com.apple.mobile.iTunes domain to query which seems to be supported on all tested devices.
2010-05-15Add documentation for lockdownd_get_sync_data_classes/data_classes_free()Gravatar Martin Szulecki1-0/+22