summaryrefslogtreecommitdiffstats
path: root/src/lockdown.c
diff options
context:
space:
mode:
authorGravatar Jonathan Beck2008-08-22 18:32:20 +0200
committerGravatar Jonathan Beck2008-08-22 18:32:20 +0200
commit7539f5fbf43a8d5b454cd0f7725cb5247d227647 (patch)
tree09ef1e2aabd356eb485425d3a2a5d551fc765b91 /src/lockdown.c
parent6b706ced7bea4223cce3b83f25268130226a9756 (diff)
downloadlibimobiledevice-7539f5fbf43a8d5b454cd0f7725cb5247d227647.tar.gz
libimobiledevice-7539f5fbf43a8d5b454cd0f7725cb5247d227647.tar.bz2
Handle known device through their UniqueDeviceID and use it as name to store PEM device public key.
Diffstat (limited to 'src/lockdown.c')
-rw-r--r--src/lockdown.c44
1 files changed, 28 insertions, 16 deletions
diff --git a/src/lockdown.c b/src/lockdown.c
index 6ba7e18..c8275eb 100644
--- a/src/lockdown.c
+++ b/src/lockdown.c
@@ -320,21 +320,21 @@ int lockdownd_init(iPhone *phone, lockdownd_client **control)
320 fprintf(stderr, "Hello failed in the lockdownd client.\n"); 320 fprintf(stderr, "Hello failed in the lockdownd client.\n");
321 } 321 }
322 322
323 char *public_key = NULL; 323 char *uid = NULL;
324 if(!lockdownd_get_device_public_key(*control, &public_key)){ 324 if(!lockdownd_get_device_uid(*control, &uid)){
325 fprintf(stderr, "Device refused to send public key.\n"); 325 fprintf(stderr, "Device refused to send public key.\n");
326 } 326 }
327 327
328 host_id = get_host_id(); 328 host_id = get_host_id();
329 329
330 if (!is_device_known(public_key)) 330 if (!is_device_known(uid))
331 ret = lockdownd_pair_device(*control, public_key, host_id); 331 ret = lockdownd_pair_device(*control, uid, host_id);
332 else 332 else
333 ret = 1; 333 ret = 1;
334 334
335 if (public_key) { 335 if (uid) {
336 free(public_key); 336 free(uid);
337 public_key = NULL; 337 uid = NULL;
338 } 338 }
339 339
340 if (ret && host_id && lockdownd_start_SSL_session(*control, host_id)) { 340 if (ret && host_id && lockdownd_start_SSL_session(*control, host_id)) {
@@ -359,7 +359,7 @@ int lockdownd_init(iPhone *phone, lockdownd_client **control)
359 * 359 *
360 * @return 1 on success and 0 on failure 360 * @return 1 on success and 0 on failure
361 */ 361 */
362int lockdownd_pair_device(lockdownd_client *control, char *public_key_b64, char *host_id) 362int lockdownd_pair_device(lockdownd_client *control, char *uid, char *host_id)
363{ 363{
364 int ret = 0; 364 int ret = 0;
365 xmlDocPtr plist = new_plist(); 365 xmlDocPtr plist = new_plist();
@@ -373,8 +373,16 @@ int lockdownd_pair_device(lockdownd_client *control, char *public_key_b64, char
373 char* device_cert_b64 = NULL; 373 char* device_cert_b64 = NULL;
374 char* host_cert_b64 = NULL; 374 char* host_cert_b64 = NULL;
375 char* root_cert_b64 = NULL; 375 char* root_cert_b64 = NULL;
376 char *public_key_b64 = NULL;
377
378 if(!lockdownd_get_device_public_key(control, &public_key_b64)){
379 fprintf(stderr, "Device refused to send public key.\n");
380 return 0;
381 }
382
376 383
377 if(!lockdownd_gen_pair_cert(public_key_b64, &device_cert_b64, &host_cert_b64, &root_cert_b64)){ 384 if(!lockdownd_gen_pair_cert(public_key_b64, &device_cert_b64, &host_cert_b64, &root_cert_b64)){
385 free(public_key_b64);
378 return 0; 386 return 0;
379 } 387 }
380 388
@@ -408,12 +416,18 @@ int lockdownd_pair_device(lockdownd_client *control, char *public_key_b64, char
408 } 416 }
409 417
410 plist = xmlReadMemory(XML_content, bytes, NULL, NULL, 0); 418 plist = xmlReadMemory(XML_content, bytes, NULL, NULL, 0);
411 if (!plist) return 0; 419 if (!plist) {
420 free(public_key_b64);
421 return 0;
422 }
412 dict = xmlDocGetRootElement(plist); 423 dict = xmlDocGetRootElement(plist);
413 for (dict = dict->children; dict; dict = dict->next) { 424 for (dict = dict->children; dict; dict = dict->next) {
414 if (!xmlStrcmp(dict->name, "dict")) break; 425 if (!xmlStrcmp(dict->name, "dict")) break;
415 } 426 }
416 if (!dict) return 0; 427 if (!dict) {
428 free(public_key_b64);
429 return 0;
430 }
417 431
418 /* Parse xml to check success and to find public key */ 432 /* Parse xml to check success and to find public key */
419 dictionary = read_dict_element_strings(dict); 433 dictionary = read_dict_element_strings(dict);
@@ -435,11 +449,12 @@ int lockdownd_pair_device(lockdownd_client *control, char *public_key_b64, char
435 /* store public key in config if pairing succeeded */ 449 /* store public key in config if pairing succeeded */
436 if (success) { 450 if (success) {
437 if (debug) printf("lockdownd_pair_device: pair success\n"); 451 if (debug) printf("lockdownd_pair_device: pair success\n");
438 store_device_public_key(public_key_b64); 452 store_device_public_key(uid, public_key_b64);
439 ret = 1; 453 ret = 1;
440 } else { 454 } else {
441 if (debug) printf("lockdownd_pair_device: pair failure\n"); 455 if (debug) printf("lockdownd_pair_device: pair failure\n");
442 } 456 }
457 free(public_key_b64);
443 return ret; 458 return ret;
444} 459}
445 460
@@ -542,12 +557,9 @@ int lockdownd_gen_pair_cert(char *public_key_b64, char **device_cert_b64, char *
542 if (!error) { 557 if (!error) {
543 /* if everything went well, export in PEM format */ 558 /* if everything went well, export in PEM format */
544 gnutls_datum_t dev_pem = {NULL, 0}; 559 gnutls_datum_t dev_pem = {NULL, 0};
545 size_t crt_size; 560 gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &dev_pem.size);
546 gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &crt_size);
547 dev_pem.size = crt_size;
548 dev_pem.data = gnutls_malloc(dev_pem.size); 561 dev_pem.data = gnutls_malloc(dev_pem.size);
549 gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_pem.data, &crt_size); 562 gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_pem.data, &dev_pem.size);
550 dev_pem.size = crt_size;
551 563
552 /* now encode certificates for output */ 564 /* now encode certificates for output */
553 *device_cert_b64 = g_base64_encode(dev_pem.data, dev_pem.size); 565 *device_cert_b64 = g_base64_encode(dev_pem.data, dev_pem.size);
© 2009-2020 sukimashita.com - Generated by cgit - Icons from Tango - Uses Google Analytics