Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2014-08-06 | lockdown: Only set SystemBUID in pair_record_generate() if it actually ↵ | Nikias Bassen | 1 | -1/+2 | |
contains a value This will prevent a crash in libplist when plist_new_string() will be called with a NULL pointer. | |||||
2014-08-06 | lockdown: Silence compiler warning about ignored return value from asprintf() | Nikias Bassen | 1 | -8/+10 | |
2014-05-05 | lockdown: cleanup: remove pointless goto | Andreas Henriksson | 1 | -4/+0 | |
Minor cleanup. Drop useless code. We're already at "leave", so there's no need to (conditionally!) goto it. | |||||
2014-05-05 | lockdown: avoid crashing when getting system buid fails | Andreas Henriksson | 1 | -2/+3 | |
When userpref_read_system_buid fails to retrieve the buid, systembuid will be set to NULL. It was then unconditionally passed to plist_new_string - which will crash with a NULL argument. See https://bugs.debian.org/730756 for people reporting this happening in the real world. See https://github.com/libimobiledevice/libimobiledevice/commit/1331f6baa1799e41003aa812c0d1bf36193535ea ("lockdown: Make sure to set SystemBUID in generated pair records") for the commit where this problem was introduced. | |||||
2014-03-27 | Moved Doxygen comments from source files to public headers. | Aaron Burghardt | 1 | -278/+1 | |
Conflicts: include/libimobiledevice/afc.h | |||||
2014-03-27 | lockdown: Return error if getting a lockdown value failed to fix segfault | Martin Szulecki | 1 | -0/+2 | |
https://github.com/libimobiledevice/libimobiledevice/issues/67 The lockdownd_get_value() function is not properly handling an error situation. The code logic always returned success as long as the lockdown response was properly received. Thanks to Aaron Burghardt for spotting this. | |||||
2014-03-24 | lockdown: Prevent libplist assertion by checking result of ↵ | Nikias Bassen | 1 | -4/+10 | |
userpref_read_pair_record() | |||||
2014-03-22 | Update copyright in various files | Martin Szulecki | 1 | -0/+2 | |
2014-03-21 | lockdown: Fix starting unsecure services as needed during trust dialog pairing | Martin Szulecki | 1 | -14/+0 | |
2014-03-21 | lockdown: Fix fetching WiFi address for pair record after trust dialog pairing | Martin Szulecki | 1 | -12/+20 | |
2014-03-21 | lockdown: Correct a few comments within pair generation code | Martin Szulecki | 1 | -1/+2 | |
2014-03-21 | lockdown: Move HostID generation closer to code setting it in pair record | Martin Szulecki | 1 | -2/+1 | |
2014-03-21 | lockdown: Read HostID again after pairing to fix first pair workflow | Martin Szulecki | 1 | -0/+7 | |
2014-03-21 | userpref: merge pair_record_generate_from_device_public_key() into ↵ | Nikias Bassen | 1 | -15/+1 | |
pair_record_generate_keys_and_certs() | |||||
2014-03-21 | lockdown: Make sure failed pairing validation works with correct error code | Martin Szulecki | 1 | -1/+1 | |
2014-03-21 | lockdown: Plug memory leak due to missing free of public_key | Martin Szulecki | 1 | -0/+3 | |
2014-03-21 | lockdown: Make sure to set SystemBUID in generated pair records | Martin Szulecki | 1 | -1/+2 | |
2014-03-21 | lockdown: Fix wrong pointer dereference of pair_record plist | Martin Szulecki | 1 | -3/+3 | |
2014-03-21 | lockdown: Remove obsolete debug output | Martin Szulecki | 1 | -6/+0 | |
2014-03-21 | Refactor pair record handling to use new usbmuxd pair record interface | Martin Szulecki | 1 | -418/+112 | |
This refactoring is mandatory as libimobiledevice should not interact with the pair record configuration directory which is owned by the usbmuxd user. This change also adds compatibility for the native usbmuxd and thus pair records saved by iTunes. | |||||
2014-03-20 | Bump dependency to libplist 1.11 and remove use of "plist_dict_insert_item()" | Martin Szulecki | 1 | -39/+39 | |
2014-03-18 | lockdown: make sure type is always free'd in lockdownd_client_new_with_handshake | Nikias Bassen | 1 | -2/+2 | |
2014-03-10 | lockdown: disable SSL in lockdownd_stop_session() | Nikias Bassen | 1 | -0/+5 | |
2014-03-10 | lockdown: removed outdated call to lockdownd_goodbye() in lockdown_client_free() | Nikias Bassen | 1 | -4/+0 | |
2014-01-25 | Revert "lockdown: do not send Goodbye when SSL session was active" | Nikias Bassen | 1 | -2/+2 | |
This reverts commit 56392428a49543bab4b12431451ec04bb799c411. Actually I committed this because of usbmuxd complaining about a TCP RST. But lockdownd is now complaining since it waits for the Goodbye packet (which I apparently didn't see during testing). | |||||
2014-01-15 | lockdown: do not send Goodbye when SSL session was active | Nikias Bassen | 1 | -2/+2 | |
2013-11-30 | lockdown: Make sure to free client->session_id for sure | Martin Szulecki | 1 | -0/+4 | |
2013-11-30 | Fix possible memory corruption by ensuring client pointers NULL'd after free | Martin Szulecki | 1 | -0/+1 | |
2013-11-30 | lockdown: Do not free session_id again after stop_session already did | Martin Szulecki | 1 | -1/+0 | |
2013-11-08 | lockdown: fix possible invalid free in GnuTLS cert generation code | Nikias Bassen | 1 | -3/+3 | |
2013-11-04 | Convert stray spaces to corresponding tabs | Martin Szulecki | 1 | -0/+1 | |
2013-10-09 | Remove duplicate newline from debug messages as one is added automatically | Martin Szulecki | 1 | -1/+1 | |
2013-10-09 | lockdown: Plug few possible memory leaks in generate_pair_record_plist() | Martin Szulecki | 1 | -16/+6 | |
2013-09-24 | lockdown: improve lockdownd_query_type result checking | Nikias Bassen | 1 | -4/+11 | |
2013-09-23 | lockdown: Remove EscrowBag feature for now as it caused services to not start | Martin Szulecki | 1 | -7/+0 | |
2013-09-21 | lockdown: Only sent EscrowBag if we are running in a secure session | Martin Szulecki | 1 | -2/+6 | |
2013-09-21 | lockdown: Send EscrowBag when starting service for automatic unlocking | Martin Szulecki | 1 | -0/+3 | |
2013-09-19 | lockdown: Remove pairing code which is obsoleted by usbmuxd's preflight handler | Martin Szulecki | 1 | -53/+0 | |
2013-09-19 | lockdown: Don't shutdown SSL during StopSession already or device complains | Martin Szulecki | 1 | -7/+6 | |
2013-09-17 | lockdownd: remove unused udid variable in reconnect function | Nikias Bassen | 1 | -4/+0 | |
2013-09-17 | lockdown: Refactor pair record generation/loading logic a bit for efficiency | Martin Szulecki | 1 | -42/+47 | |
The current code always requests the public key and set's the SystemBUID, even if a pair record already exists which has these values ready. The change moves logic to only do that during generation of new certificates. | |||||
2013-09-17 | lockdown: Fix debug message during reconnect to show correct udid | Martin Szulecki | 1 | -1/+1 | |
2013-09-17 | lockdown: Fix generation of x509 subject key identifier extension for GnuTLS | Martin Szulecki | 1 | -7/+12 | |
2013-09-17 | Make sure to re-use the DeviceCertificate instead of generating a new one ↵ | Nikias Bassen | 1 | -8/+15 | |
every time This prevented iTunes from using a pairing made by libimobiledevice giving an error that the device sent invalid data. | |||||
2013-09-17 | lockdown: Add missing x509 extensions to match other platforms using GnuTLS | Martin Szulecki | 1 | -0/+8 | |
2013-09-17 | Fix broken build of GnuTLS and silence two compiler warnings | Martin Szulecki | 1 | -2/+2 | |
2013-09-17 | lockdown: Add missing x509 extensions to match other platforms using OpenSSL | Martin Szulecki | 1 | -2/+18 | |
2013-09-17 | lockdown: Allow starting services without the need for a running SSL session | Martin Szulecki | 1 | -2/+2 | |
2013-09-17 | Refactor userpref logic to use plist format and implement trust dialog handling | Martin Szulecki | 1 | -47/+210 | |
iOS 7 introduced a new pairing workflow which increases security by showing a trust dialog to the user before pairing with the host is allowed. The userpref system was refactored to use the native plist format, too. Configuration files of the native implementations are used on each platform. Former configuration files are no longer in use and can be deleted. | |||||
2013-06-30 | Fixed memory leak in lockdownd_gen_pair_cert() by freeing X509_EXTENSION ↵ | Aaron Burghardt | 1 | -0/+1 | |
object when using OpenSSL. |