2 files changed, 50 insertions, 47 deletions
diff --git a/src/lockdown.c b/src/lockdown.c
index 7f938fb..cb57ca9 100644
--- a/src/lockdown.c
+++ b/src/lockdown.c
@@ -228,6 +228,9 @@ int lockdownd_get_device_public_key(lockdownd_client *control, char **public_key
        return success;
 }
+/**
+ * @return 1 on success and 0 on failure
+ */
 int lockdownd_init(iPhone *phone, lockdownd_client **control)
 {
        int ret = 0;
@@ -251,22 +254,27 @@ int lockdownd_init(iPhone *phone, lockdownd_client **control)
        
        if (!is_device_known(public_key)){
                ret = lockdownd_pair_device(*control, public_key, host_id);
+        }else{
+                ret = 1;
        }
        free(public_key);
        public_key = NULL;
        
-        if (ret && host_id && !lockdownd_start_SSL_session(*control, host_id)) {
+        if (ret && host_id && lockdownd_start_SSL_session(*control, host_id)) {
                ret = 1;
                free(host_id);
                host_id = NULL;
        } else {
                ret = 0;
-                fprintf(stderr, "SSL Session opening failed.\n");
+                fprintf(stderr, "lockdownd_init: SSL Session opening failed, has libiphone-initconf been run?\n");
        }
        return ret;
 }
+/**
+ * @return 1 on success and 0 on failure
+ */
 int lockdownd_pair_device(lockdownd_client *control, char *public_key_b64, char *host_id)
 {
        int ret = 0;
@@ -282,7 +290,9 @@ int lockdownd_pair_device(lockdownd_client *control, char *public_key_b64, char
        char* host_cert_b64 = NULL;
        char* root_cert_b64 = NULL;
-        lockdownd_gen_pair_cert(public_key_b64, &device_cert_b64, &host_cert_b64, &root_cert_b64);
+        if(!lockdownd_gen_pair_cert(public_key_b64, &device_cert_b64, &host_cert_b64, &root_cert_b64)){
+                return 0;
+        }
        /* Setup Pair request plist */
        dict = add_child_to_plist(plist, "dict", "\n", NULL, 0);
@@ -349,9 +359,12 @@ int lockdownd_pair_device(lockdownd_client *control, char *public_key_b64, char
        return ret;
 }
+/**
+ * @return 1 on success and 0 on failure.
+ */
 int lockdownd_gen_pair_cert(char *public_key_b64, char **device_cert_b64, char **host_cert_b64, char **root_cert_b64)
 {
-        int ret = 0;
+        int ret = 0, error = 0;
        gnutls_datum_t modulus = {NULL, 0};
        gnutls_datum_t exponent = {NULL, 0};
@@ -415,24 +428,23 @@ int lockdownd_gen_pair_cert(char *public_key_b64, char **device_cert_b64, char *
                        
                        /* get root cert */
                        gnutls_datum_t pem_root_cert = {NULL, 0};
-                        ret = get_root_certificate(&pem_root_cert);
+                        get_root_certificate(&pem_root_cert);
-                        ret = gnutls_x509_crt_import (root_cert, &pem_root_cert, GNUTLS_X509_FMT_PEM);
+                        ret = gnutls_x509_crt_import(root_cert, &pem_root_cert, GNUTLS_X509_FMT_PEM);
-                        
+                        if (ret != GNUTLS_E_SUCCESS) error = 1;
                        /* get host cert */
                        gnutls_datum_t pem_host_cert = {NULL, 0};
-                        ret = get_host_certificate(&pem_host_cert);
+                        get_host_certificate(&pem_host_cert);
-                        ret = gnutls_x509_crt_import (host_cert, &pem_host_cert, GNUTLS_X509_FMT_PEM);
+                        ret = gnutls_x509_crt_import(host_cert, &pem_host_cert, GNUTLS_X509_FMT_PEM);
-                        
+                        if (ret != GNUTLS_E_SUCCESS) error = 1;
                        /* get root private key */
                        gnutls_datum_t pem_root_priv = {NULL, 0};
-                        ret = get_root_private_key(&pem_root_priv);
+                        get_root_private_key(&pem_root_priv);
-                        ret = gnutls_x509_privkey_import (root_privkey, &pem_root_priv, GNUTLS_X509_FMT_PEM);
+                        ret = gnutls_x509_privkey_import(root_privkey, &pem_root_priv, GNUTLS_X509_FMT_PEM);
-                        
+                        if (ret != GNUTLS_E_SUCCESS) error = 1;
                        /* generate device certificate */
-                        
                        gnutls_x509_crt_set_key(dev_cert, fake_privkey);
                        gnutls_x509_crt_set_serial(dev_cert, "\x00", 1);
                        gnutls_x509_crt_set_version(dev_cert, 3);
@@ -441,12 +453,8 @@ int lockdownd_gen_pair_cert(char *public_key_b64, char **device_cert_b64, char *
                        gnutls_x509_crt_set_expiration_time(dev_cert, time(NULL) + (60 * 60 * 24 * 365 * 10));
                        gnutls_x509_crt_sign(dev_cert, root_cert, root_privkey);
-                        //TODO handle errors
+                        if (!error) {
-                        ret = 1;
-                        if (ret) {
                                /* if everything went well, export in PEM format */
-        
                                gnutls_datum_t dev_pem = {NULL, 0};
                                size_t crt_size;
                                gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &crt_size);
@@ -472,7 +480,12 @@ int lockdownd_gen_pair_cert(char *public_key_b64, char **device_cert_b64, char *
        gnutls_free(der_pub_key.data);
        g_free(pem_pub_key.data);
-        return ret;
+        
+        if (error) {
+                return 0;
+        } else {
+                return ret;
+        }
 }
 int lockdownd_start_SSL_session(lockdownd_client *control, const char *HostID) {
diff --git a/src/main.c b/src/main.c
index 31c2a76..0267dee 100644
--- a/src/main.c
+++ b/src/main.c
@@ -37,37 +37,29 @@
 int debug = 1;
 int main(int argc, char *argv[]) {
-        /* char* host_id = NULL; */
-        iPhone *phone = get_iPhone();
-        if (argc > 1 && !strcasecmp(argv[1], "--debug")) debug = 1;
-        else debug = 0;
        int bytes = 0, port = 0, i = 0;
-        if (phone) printf("I got a phone.\n");
-        else { printf("oops\n"); return -1; }
        lockdownd_client *control = NULL;
-        lockdownd_init(phone, &control);
+        iPhone *phone = get_iPhone();
-        /*
+        
-        lockdownd_client *control = new_lockdownd_client(phone);
+        if (argc > 1 && !strcasecmp(argv[1], "--debug")){
-        if (!lockdownd_hello(control)) {
+                debug = 1;
-                printf("Something went wrong in the lockdownd client, go take a look.\n");
        } else {
-                printf("We said hello. :)\n");
+                debug = 0;
        }
-                
+        
-        printf("Now starting SSL.\n");
+        if (!phone) {
+                printf("No iPhone found, is it plugged in?\n");
+                return -1;
+        }
-        host_id = get_host_id();
+        if (!lockdownd_init(phone, &control)){
-        if (host_id && !lockdownd_start_SSL_session(control, host_id)) {
+                free_iPhone(phone);
-                printf("Error happened in GnuTLS...\n");
+                return -1;
-        } else { 
+        }
-                free(host_id);
-                host_id = NULL;*/
+        port = lockdownd_start_service(control, "com.apple.afc");
-                printf("... we're in SSL with the phone... !?\n");
+        
-                port = lockdownd_start_service(control, "com.apple.afc");
-        //}
        if (port) {
-                printf("Start Service successful -- connect on port %i\n", port);
                AFClient *afc = afc_connect(phone, 3432, port);
                if (afc) {
                        char **dirs;
@@ -139,8 +131,6 @@ int main(int argc, char *argv[]) {
                printf("Start service failure.\n");
        }
        
-        printf("All done.\n");
-        
        free_iPhone(phone);
        
        return 0;

diff --git a/src/lockdown.c b/src/lockdown.c index 7f938fb..cb57ca9 100644 --- a/src/lockdown.c +++ b/src/lockdown.c
@@ -228,6 +228,9 @@ int lockdownd_get_device_public_key(lockdownd_client control, char *public_key
228	return success;	228	return success;
229	}	229	}
230		230
		231	/**
		232	* @return 1 on success and 0 on failure
		233	*/
231	int lockdownd_init(iPhone phone, lockdownd_client *control)	234	int lockdownd_init(iPhone phone, lockdownd_client *control)
232	{	235	{
233	int ret = 0;	236	int ret = 0;
@@ -251,22 +254,27 @@ int lockdownd_init(iPhone phone, lockdownd_client *control)
251		254
252	if (!is_device_known(public_key)){	255	if (!is_device_known(public_key)){
253	ret = lockdownd_pair_device(*control, public_key, host_id);	256	ret = lockdownd_pair_device(*control, public_key, host_id);
		257	}else{
		258	ret = 1;
254	}	259	}
255	free(public_key);	260	free(public_key);
256	public_key = NULL;	261	public_key = NULL;
257		262
258	if (ret && host_id && !lockdownd_start_SSL_session(*control, host_id)) {	263	if (ret && host_id && lockdownd_start_SSL_session(*control, host_id)) {
259	ret = 1;	264	ret = 1;
260	free(host_id);	265	free(host_id);
261	host_id = NULL;	266	host_id = NULL;
262	} else {	267	} else {
263	ret = 0;	268	ret = 0;
264	fprintf(stderr, "SSL Session opening failed.\n");	269	fprintf(stderr, "lockdownd_init: SSL Session opening failed, has libiphone-initconf been run?\n");
265	}	270	}
266		271
267	return ret;	272	return ret;
268	}	273	}
269		274
		275	/**
		276	* @return 1 on success and 0 on failure
		277	*/
270	int lockdownd_pair_device(lockdownd_client control, char public_key_b64, char *host_id)	278	int lockdownd_pair_device(lockdownd_client control, char public_key_b64, char *host_id)
271	{	279	{
272	int ret = 0;	280	int ret = 0;
@@ -282,7 +290,9 @@ int lockdownd_pair_device(lockdownd_client control, char public_key_b64, char
282	char* host_cert_b64 = NULL;	290	char* host_cert_b64 = NULL;
283	char* root_cert_b64 = NULL;	291	char* root_cert_b64 = NULL;
284		292
285	lockdownd_gen_pair_cert(public_key_b64, &device_cert_b64, &host_cert_b64, &root_cert_b64);	293	if(!lockdownd_gen_pair_cert(public_key_b64, &device_cert_b64, &host_cert_b64, &root_cert_b64)){
		294	return 0;
		295	}
286		296
287	/* Setup Pair request plist */	297	/* Setup Pair request plist */
288	dict = add_child_to_plist(plist, "dict", "\n", NULL, 0);	298	dict = add_child_to_plist(plist, "dict", "\n", NULL, 0);
@@ -349,9 +359,12 @@ int lockdownd_pair_device(lockdownd_client control, char public_key_b64, char
349	return ret;	359	return ret;
350	}	360	}
351		361
		362	/**
		363	* @return 1 on success and 0 on failure.
		364	*/
352	int lockdownd_gen_pair_cert(char public_key_b64, char device_cert_b64, char host_cert_b64, char *root_cert_b64)	365	int lockdownd_gen_pair_cert(char public_key_b64, char device_cert_b64, char host_cert_b64, char *root_cert_b64)
353	{	366	{
354	int ret = 0;	367	int ret = 0, error = 0;
355		368
356	gnutls_datum_t modulus = {NULL, 0};	369	gnutls_datum_t modulus = {NULL, 0};
357	gnutls_datum_t exponent = {NULL, 0};	370	gnutls_datum_t exponent = {NULL, 0};
@@ -415,24 +428,23 @@ int lockdownd_gen_pair_cert(char public_key_b64, char device_cert_b64, char
415		428
416	/* get root cert */	429	/* get root cert */
417	gnutls_datum_t pem_root_cert = {NULL, 0};	430	gnutls_datum_t pem_root_cert = {NULL, 0};
418	ret = get_root_certificate(&pem_root_cert);	431	get_root_certificate(&pem_root_cert);
419	ret = gnutls_x509_crt_import (root_cert, &pem_root_cert, GNUTLS_X509_FMT_PEM);	432	ret = gnutls_x509_crt_import(root_cert, &pem_root_cert, GNUTLS_X509_FMT_PEM);
420		433	if (ret != GNUTLS_E_SUCCESS) error = 1;
421		434
422	/* get host cert */	435	/* get host cert */
423	gnutls_datum_t pem_host_cert = {NULL, 0};	436	gnutls_datum_t pem_host_cert = {NULL, 0};
424	ret = get_host_certificate(&pem_host_cert);	437	get_host_certificate(&pem_host_cert);
425	ret = gnutls_x509_crt_import (host_cert, &pem_host_cert, GNUTLS_X509_FMT_PEM);	438	ret = gnutls_x509_crt_import(host_cert, &pem_host_cert, GNUTLS_X509_FMT_PEM);
426		439	if (ret != GNUTLS_E_SUCCESS) error = 1;
427		440
428	/* get root private key */	441	/* get root private key */
429	gnutls_datum_t pem_root_priv = {NULL, 0};	442	gnutls_datum_t pem_root_priv = {NULL, 0};
430	ret = get_root_private_key(&pem_root_priv);	443	get_root_private_key(&pem_root_priv);
431	ret = gnutls_x509_privkey_import (root_privkey, &pem_root_priv, GNUTLS_X509_FMT_PEM);	444	ret = gnutls_x509_privkey_import(root_privkey, &pem_root_priv, GNUTLS_X509_FMT_PEM);
432		445	if (ret != GNUTLS_E_SUCCESS) error = 1;
433		446
434	/* generate device certificate */	447	/* generate device certificate */
435
436	gnutls_x509_crt_set_key(dev_cert, fake_privkey);	448	gnutls_x509_crt_set_key(dev_cert, fake_privkey);
437	gnutls_x509_crt_set_serial(dev_cert, "\x00", 1);	449	gnutls_x509_crt_set_serial(dev_cert, "\x00", 1);
438	gnutls_x509_crt_set_version(dev_cert, 3);	450	gnutls_x509_crt_set_version(dev_cert, 3);
@@ -441,12 +453,8 @@ int lockdownd_gen_pair_cert(char public_key_b64, char device_cert_b64, char
441	gnutls_x509_crt_set_expiration_time(dev_cert, time(NULL) + (60 * 60 * 24 * 365 * 10));	453	gnutls_x509_crt_set_expiration_time(dev_cert, time(NULL) + (60 * 60 * 24 * 365 * 10));
442	gnutls_x509_crt_sign(dev_cert, root_cert, root_privkey);	454	gnutls_x509_crt_sign(dev_cert, root_cert, root_privkey);
443		455
444	//TODO handle errors	456	if (!error) {
445	ret = 1;
446
447	if (ret) {
448	/* if everything went well, export in PEM format */	457	/* if everything went well, export in PEM format */
449
450	gnutls_datum_t dev_pem = {NULL, 0};	458	gnutls_datum_t dev_pem = {NULL, 0};
451	size_t crt_size;	459	size_t crt_size;
452	gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &crt_size);	460	gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &crt_size);
@@ -472,7 +480,12 @@ int lockdownd_gen_pair_cert(char public_key_b64, char device_cert_b64, char
472		480
473	gnutls_free(der_pub_key.data);	481	gnutls_free(der_pub_key.data);
474	g_free(pem_pub_key.data);	482	g_free(pem_pub_key.data);
475	return ret;	483
		484	if (error) {
		485	return 0;
		486	} else {
		487	return ret;
		488	}
476	}	489	}
477		490
478	int lockdownd_start_SSL_session(lockdownd_client control, const char HostID) {	491	int lockdownd_start_SSL_session(lockdownd_client control, const char HostID) {


diff --git a/src/main.c b/src/main.c index 31c2a76..0267dee 100644 --- a/src/main.c +++ b/src/main.c
@@ -37,37 +37,29 @@
37	int debug = 1;	37	int debug = 1;
38		38
39	int main(int argc, char *argv[]) {	39	int main(int argc, char *argv[]) {
40	/* char* host_id = NULL; */
41	iPhone *phone = get_iPhone();
42	if (argc > 1 && !strcasecmp(argv[1], "--debug")) debug = 1;
43	else debug = 0;
44	int bytes = 0, port = 0, i = 0;	40	int bytes = 0, port = 0, i = 0;
45	if (phone) printf("I got a phone.\n");
46	else { printf("oops\n"); return -1; }
47
48	lockdownd_client *control = NULL;	41	lockdownd_client *control = NULL;
49	lockdownd_init(phone, &control);	42	iPhone *phone = get_iPhone();
50	/*	43
51	lockdownd_client *control = new_lockdownd_client(phone);	44	if (argc > 1 && !strcasecmp(argv[1], "--debug")){
52	if (!lockdownd_hello(control)) {	45	debug = 1;
53	printf("Something went wrong in the lockdownd client, go take a look.\n");
54	} else {	46	} else {
55	printf("We said hello. :)\n");	47	debug = 0;
56	}	48	}
57		49
58	printf("Now starting SSL.\n");	50	if (!phone) {
		51	printf("No iPhone found, is it plugged in?\n");
		52	return -1;
		53	}
59		54
60	host_id = get_host_id();	55	if (!lockdownd_init(phone, &control)){
61	if (host_id && !lockdownd_start_SSL_session(control, host_id)) {	56	free_iPhone(phone);
62	printf("Error happened in GnuTLS...\n");	57	return -1;
63	} else {	58	}
64	free(host_id);	59
65	host_id = NULL;*/	60	port = lockdownd_start_service(control, "com.apple.afc");
66	printf("... we're in SSL with the phone... !?\n");	61
67	port = lockdownd_start_service(control, "com.apple.afc");
68	//}
69	if (port) {	62	if (port) {
70	printf("Start Service successful -- connect on port %i\n", port);
71	AFClient *afc = afc_connect(phone, 3432, port);	63	AFClient *afc = afc_connect(phone, 3432, port);
72	if (afc) {	64	if (afc) {
73	char **dirs;	65	char **dirs;
@@ -139,8 +131,6 @@ int main(int argc, char *argv[]) {
139	printf("Start service failure.\n");	131	printf("Start service failure.\n");
140	}	132	}
141		133
142	printf("All done.\n");
143
144	free_iPhone(phone);	134	free_iPhone(phone);
145		135
146	return 0;	136	return 0;