summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2022-10-12Check if device is limera1n-vulnerable for --pwn optionGravatar Alfie Cockell Gwinnett1-8/+30
2022-10-11recovery: Also send "go" and "reset" commands with bRequest set to 1Gravatar Nikias Bassen1-2/+2
2022-10-08recovery: Send bootx with bRequest set to 1 for all platformsGravatar Nikias Bassen1-1/+1
2022-10-05recovery: set bRequest to 1 when sending bootx commandGravatar Munehisa Kamata1-1/+1
In macOS 13 beta 8 or newer release, bootx seems to fail if bRequest is 0 in the control transfer setup. Then, the device fails to enter restore mode. Seems like something has changed in iBEC since beta 8 and Apple Configurator 2 has set it to 1, so do the same thing. While this could be applied for all *OS variants, it's limited to macOS for now just to be safe. Signed-off-by: Munehisa Kamata <kamatam@amazon.com>
2022-10-04img4: Add support for stitching with additional TBM dataGravatar Nikias Bassen3-7/+191
2022-10-02Reduce memory usage for SourceBootObjectV4 imagesGravatar Nikias Bassen4-91/+201
2022-09-25tss: Add preliminary code to set UID_MODEGravatar Nikias Bassen1-0/+12
2022-09-25tss: Make sure vinyl tags include eUICC,Gold and eUICC,Main digestsGravatar Nikias Bassen1-0/+19
... as well as eUICC,ApProductionMode which was missing before.
2022-09-21img4: Add some more component tagsGravatar Nikias Bassen1-16/+28
2022-09-21tss: Add NeRDEpoch to TSS requests for newer devices (iPhone 13 and up)Gravatar Nikias Bassen1-0/+2
2022-09-20ipsw: Add some NULL checks to ipsw_extract_to_file_with_progress()Gravatar Nikias Bassen1-1/+12
2022-09-16tss: Don't add @BBTicket in tss_request_new()Gravatar Nikias Bassen2-2/+1
2022-09-16Fix Cryptex1 and Cryptex1LocalPolicy TSS request handlingGravatar Nikias Bassen3-15/+74
2022-08-29restore: Add support for Cryptex1LocalPolicy firmware updaterGravatar Nikias Bassen1-10/+23
2022-08-29restore: use an appropriate ticket for Cryptex1 global manifestGravatar Munehisa Kamata1-7/+24
macOS 13 introduced a new global manifest for Cryptex1 and it requires tickets found in Firmware/Manifests/restore/cryptex1/macOS Customer/ inside an IPSW, but we currently do not use the tickets and end up unexpected behavior on a Mac device after restoring, e.g. bputil fails to downgrade security mode due to "Cryptex1 manifest verification failed". This adds a proper handling to use the appropriate tickets. Signed-off-by: Munehisa Kamata <kamatam@amazon.com>
2022-08-23tss: Skip components with IsFTAB:true when adding AP tags to requestGravatar Nikias Bassen1-0/+6
This should fix devices failing to enter restore mode due to an incorrect signature for the repective components.
2022-06-28restore: Don't print 'Attempting to continue after critical error' warning ↵Gravatar Nikias Bassen1-1/+1
when no error was detected This only occurred when using --ignore-errors command line option.
2022-06-28Make sure to exactly match the passed variant when using --variantGravatar Nikias Bassen3-9/+9
2022-06-27Add --variant command line switch to specify build identity to useGravatar Nikias Bassen2-4/+16
2022-06-27Ignore 'Research*' variant in build identity selectionGravatar Nikias Bassen1-2/+2
2022-06-27ipsw: Add workaround for missing RestoreBehavior entries for ipsw infoGravatar Nikias Bassen1-1/+9
2022-06-27Don't print an error message when RestoreBehavior is missingGravatar Nikias Bassen1-13/+6
2022-06-27ipsw: Improve error message when fwrite failsGravatar Nikias Bassen1-2/+2
2022-06-23Support iOS 16.0 Beta 2 (#506)Gravatar Emma Lethaltail1-0/+1
2022-06-20Remove more serial number checks, and get ECID early on in all modesGravatar Nikias Bassen8-135/+31
Some devices seem to not have a serial number, usually in restore mode, which will cause the restore operation to fail since we specifically check for it. An earlier commit already removed the actual comparison in favor of comparing the ECID, but some checks would still result in restore failures as it can't retrieve the serial number on said devices at all. This commit also makes sure to get the ECID in all modes as early as possible and removes all the helper functions for it since they are not needed anymore.
2022-06-20Add support for FirmwareUpdaterPreflight messageGravatar Clément Decoodt1-0/+31
This message seems mandatory on the new versions of MacOS (12+), but it seems an empty response is what's expected.
2022-06-17Use more elegant way to match file name to component nameGravatar Nikias Bassen1-37/+33
2022-06-17restore: Fix memory corruption in restore_get_timer_firmware_dataGravatar Doron Zarhi1-1/+1
2022-06-17Add support for iOS 16Gravatar Doron Zarhi4-21/+157
2022-05-23ipsw: Update to reflect color macro name change in libimobiledevice-glueGravatar Nikias Bassen1-7/+7
2022-04-27Fix restore for devices that don't have eUICCGravatar Nikias Bassen1-1/+1
Because of a default value of (uint64_t)-1LL returned when _plist_dict_get_uint doesn't find the dictionary entry for the given key, a later comparison of that unsigned value against something like >= 5 will result in the condition being true even though it was not supposed to. _plist_dict_get_uint will now return a default value of 0 if the key is not found. Code paths that deal with actual values of 0 vs. non-existent values need to test the existence of the key deal with that; I am currently not aware of anything that would be affected.
2022-04-25Increase recovery mode disconnect and re-connect timeout from 10 to 60 secondsGravatar Rodrigo Arias1-2/+2
2022-04-13Print version string upon executionGravatar Nikias Bassen1-0/+2
2022-04-12More code improvements using _plist_dict_copy_* helperGravatar Nikias Bassen3-52/+13
2022-04-12Use proper detection for macOS restore path (instead of version number ↵Gravatar Nikias Bassen5-17/+21
comparison)
2022-04-10Fix build identity selection for beta (developer) firmwareGravatar Nikias Bassen3-17/+14
2022-04-10restore: Fixed a problem that nobody even knew existedGravatar Nikias Bassen2-7/+11
At least this has been going unnoticed until recently. For quite some time we have been sending NorImageData as array to the device, but it turned out that this was only expected for iOS < 7.0 and from then on it was supposed to be a dictionary with the components. Now we should correctly handle it.
2022-04-08normal: Skip fetching FirmwarePreflightInfo for non-baseband devicesGravatar Nikias Bassen1-6/+17
This will prevent the otherwise confusing (but harmless) error messages ERROR: Unable to get (null)-FirmwarePreflightInfo from lockdownd ERROR: Unable to get FirmwarePreflightInfo during restore.
2022-04-07tss: Fix img4 tag for TSS requestGravatar Nikias Bassen1-1/+1
2022-04-07tss/restore: Improve code readability with plist helpers and removal of ↵Gravatar Nikias Bassen4-810/+243
unneeded comments
2022-04-06Add support for Timer,* components and TSS found in iPad Air 5th gen firmwareGravatar Nikias Bassen3-0/+353
2022-04-05ipsw: Use libplist's new plist_from_json APIGravatar Nikias Bassen6-639/+3
2022-03-07restore: Use ECID instead of serial number in restore_is_current_device() to ↵Gravatar Nikias Bassen1-14/+16
match device Some devices seem to not provide serial number information in recovery or restore mode so we use ECID instead to make sure we deal with the same device.
2021-11-27Use macros for the different restore variant stringsGravatar Nikias Bassen3-6/+10
2021-11-26Cache build manifest in client structGravatar Nikias Bassen3-31/+20
2021-11-24Update TSS Client versionGravatar Daniel VanBritsom1-1/+7
Updates the "TSS_CLIENT_VERSION_STRING" to match that of iTunes 12.12.0.6 on Windows and Finder on the latest macOS.
2021-11-24restore: Use new reverse proxy implementation from latest libimobiledeviceGravatar Nikias Bassen1-0/+52
with fallback to the legacy code with a compile time warning. The legacy code will be removed in the future once a newer libimobiledevice has been officially released.
2021-11-19Fix compilation on WindowsGravatar Nikias Bassen3-5/+24
2021-11-17restore: Add missing newlines to info messagesGravatar Hector Martin1-2/+2
Signed-off-by: Hector Martin <marcan@marcan.st>
2021-11-17restore: Support sending BootabilityBundle (Monterey)Gravatar Hector Martin1-0/+155
This is used on macOS 12+ (Monterey and later) to allow older OSes to perform the bless2/bootability process for newer OSes, by putting a shared library in the Preboot partition that contains the specific logic required to make a given macOS install bootable. Closes: #441 Signed-off-by: Hector Martin <marcan@marcan.st>