diff options
Diffstat (limited to 'src/lockdown.c')
| -rw-r--r-- | src/lockdown.c | 36 |
1 files changed, 24 insertions, 12 deletions
diff --git a/src/lockdown.c b/src/lockdown.c index 7fd3aa6..4fd8a66 100644 --- a/src/lockdown.c +++ b/src/lockdown.c | |||
| @@ -39,7 +39,6 @@ lockdownd_client *new_lockdownd_client(iPhone *phone) { | |||
| 39 | 39 | ||
| 40 | control->ssl_session = (gnutls_session_t*)malloc(sizeof(gnutls_session_t)); | 40 | control->ssl_session = (gnutls_session_t*)malloc(sizeof(gnutls_session_t)); |
| 41 | control->in_SSL = 0; | 41 | control->in_SSL = 0; |
| 42 | control->iphone = phone; | ||
| 43 | control->gtls_buffer_hack_len = 0; | 42 | control->gtls_buffer_hack_len = 0; |
| 44 | return control; | 43 | return control; |
| 45 | } | 44 | } |
| @@ -47,7 +46,7 @@ lockdownd_client *new_lockdownd_client(iPhone *phone) { | |||
| 47 | void lockdown_close(lockdownd_client *control) { | 46 | void lockdown_close(lockdownd_client *control) { |
| 48 | if (!control) return; | 47 | if (!control) return; |
| 49 | if (control->connection) { | 48 | if (control->connection) { |
| 50 | mux_close_connection(control->iphone, control->connection); | 49 | mux_close_connection(control->connection); |
| 51 | } | 50 | } |
| 52 | 51 | ||
| 53 | if (control->ssl_session) free(control->ssl_session); | 52 | if (control->ssl_session) free(control->ssl_session); |
| @@ -56,21 +55,23 @@ void lockdown_close(lockdownd_client *control) { | |||
| 56 | 55 | ||
| 57 | 56 | ||
| 58 | int lockdownd_recv(lockdownd_client *control, char **dump_data) { | 57 | int lockdownd_recv(lockdownd_client *control, char **dump_data) { |
| 58 | if (!control) return 0; | ||
| 59 | char *receive; | 59 | char *receive; |
| 60 | uint32 datalen = 0, bytes = 0; | 60 | uint32 datalen = 0, bytes = 0; |
| 61 | 61 | ||
| 62 | if (!control->in_SSL) bytes = mux_recv(control->iphone, control->connection, &datalen, sizeof(datalen)); | 62 | if (!control->in_SSL) bytes = mux_recv(control->connection, (char *)&datalen, sizeof(datalen)); |
| 63 | else bytes = gnutls_record_recv(*control->ssl_session, &datalen, sizeof(datalen)); | 63 | else bytes = gnutls_record_recv(*control->ssl_session, &datalen, sizeof(datalen)); |
| 64 | datalen = ntohl(datalen); | 64 | datalen = ntohl(datalen); |
| 65 | 65 | ||
| 66 | receive = (char*)malloc(sizeof(char) * datalen); | 66 | receive = (char*)malloc(sizeof(char) * datalen); |
| 67 | if (!control->in_SSL) bytes = mux_recv(control->iphone, control->connection, receive, datalen); | 67 | if (!control->in_SSL) bytes = mux_recv(control->connection, receive, datalen); |
| 68 | else bytes = gnutls_record_recv(*control->ssl_session, receive, datalen); | 68 | else bytes = gnutls_record_recv(*control->ssl_session, receive, datalen); |
| 69 | *dump_data = receive; | 69 | *dump_data = receive; |
| 70 | return bytes; | 70 | return bytes; |
| 71 | } | 71 | } |
| 72 | 72 | ||
| 73 | int lockdownd_send(lockdownd_client *control, char *raw_data, uint32 length) { | 73 | int lockdownd_send(lockdownd_client *control, char *raw_data, uint32 length) { |
| 74 | if (!control) return 0; | ||
| 74 | char *real_query; | 75 | char *real_query; |
| 75 | int bytes; | 76 | int bytes; |
| 76 | 77 | ||
| @@ -78,29 +79,39 @@ int lockdownd_send(lockdownd_client *control, char *raw_data, uint32 length) { | |||
| 78 | length = htonl(length); | 79 | length = htonl(length); |
| 79 | memcpy(real_query, &length, sizeof(length)); | 80 | memcpy(real_query, &length, sizeof(length)); |
| 80 | memcpy(real_query+4, raw_data, ntohl(length)); | 81 | memcpy(real_query+4, raw_data, ntohl(length)); |
| 81 | if (!control->in_SSL) bytes = mux_send(control->iphone, control->connection, real_query, ntohl(length)+sizeof(length)); | 82 | if (debug) { |
| 83 | printf("lockdownd_send(): made the query, sending it along\n"); | ||
| 84 | FILE *packet = fopen("grpkt", "w"); | ||
| 85 | fwrite(real_query, 1, ntohl(length)+4, packet); | ||
| 86 | fclose(packet); | ||
| 87 | packet = NULL; | ||
| 88 | } | ||
| 89 | |||
| 90 | if (!control->in_SSL) bytes = mux_send(control->connection, real_query, ntohl(length)+sizeof(length)); | ||
| 82 | else gnutls_record_send(*control->ssl_session, real_query, ntohl(length)+sizeof(length)); | 91 | else gnutls_record_send(*control->ssl_session, real_query, ntohl(length)+sizeof(length)); |
| 92 | if (debug) printf("lockdownd_send(): sent it!\n"); | ||
| 93 | free(real_query); | ||
| 83 | return bytes; | 94 | return bytes; |
| 84 | } | 95 | } |
| 85 | 96 | ||
| 86 | int lockdownd_hello(lockdownd_client *control) { | 97 | int lockdownd_hello(lockdownd_client *control) { |
| 98 | if (!control) return 0; | ||
| 87 | xmlDocPtr plist = new_plist(); | 99 | xmlDocPtr plist = new_plist(); |
| 88 | xmlNode *dict, *key; | 100 | xmlNode *dict, *key; |
| 89 | char **dictionary; | 101 | char **dictionary; |
| 90 | int bytes = 0, i = 0; | 102 | int bytes = 0, i = 0; |
| 91 | 103 | ||
| 104 | if (debug) printf("lockdownd_hello() called\n"); | ||
| 92 | dict = add_child_to_plist(plist, "dict", "\n", NULL, 0); | 105 | dict = add_child_to_plist(plist, "dict", "\n", NULL, 0); |
| 93 | key = add_key_str_dict_element(plist, dict, "Request", "QueryType", 1); | 106 | key = add_key_str_dict_element(plist, dict, "Request", "QueryType", 1); |
| 94 | char *XML_content; | 107 | char *XML_content; |
| 95 | uint32 length; | 108 | uint32 length; |
| 96 | 109 | ||
| 97 | xmlDocDumpMemory(plist, &XML_content, &length); | 110 | xmlDocDumpMemory(plist, (xmlChar **)&XML_content, &length); |
| 98 | |||
| 99 | bytes = lockdownd_send(control, XML_content, length); | 111 | bytes = lockdownd_send(control, XML_content, length); |
| 100 | 112 | ||
| 101 | xmlFree(XML_content); | 113 | xmlFree(XML_content); |
| 102 | xmlFreeDoc(plist); plist = NULL; | 114 | xmlFreeDoc(plist); plist = NULL; |
| 103 | |||
| 104 | bytes = lockdownd_recv(control, &XML_content); | 115 | bytes = lockdownd_recv(control, &XML_content); |
| 105 | 116 | ||
| 106 | plist = xmlReadMemory(XML_content, bytes, NULL, NULL, 0); | 117 | plist = xmlReadMemory(XML_content, bytes, NULL, NULL, 0); |
| @@ -118,6 +129,7 @@ int lockdownd_hello(lockdownd_client *control) { | |||
| 118 | for (i = 0; strcmp(dictionary[i], ""); i+=2) { | 129 | for (i = 0; strcmp(dictionary[i], ""); i+=2) { |
| 119 | if (!strcmp(dictionary[i], "Result") && !strcmp(dictionary[i+1], "Success")) { | 130 | if (!strcmp(dictionary[i], "Result") && !strcmp(dictionary[i+1], "Success")) { |
| 120 | free_dictionary(dictionary); | 131 | free_dictionary(dictionary); |
| 132 | if (debug) printf("lockdownd_hello(): success\n"); | ||
| 121 | return 1; | 133 | return 1; |
| 122 | } | 134 | } |
| 123 | } | 135 | } |
| @@ -147,7 +159,7 @@ int lockdownd_start_SSL_session(lockdownd_client *control, const char *HostID) { | |||
| 147 | return 0; | 159 | return 0; |
| 148 | } | 160 | } |
| 149 | 161 | ||
| 150 | xmlDocDumpMemory(plist, &what2send, &len); | 162 | xmlDocDumpMemory(plist, (xmlChar **)&what2send, &len); |
| 151 | bytes = lockdownd_send(control, what2send, len); | 163 | bytes = lockdownd_send(control, what2send, len); |
| 152 | 164 | ||
| 153 | xmlFree(what2send); | 165 | xmlFree(what2send); |
| @@ -239,7 +251,7 @@ ssize_t lockdownd_secuwrite(gnutls_transport_ptr_t transport, char *buffer, size | |||
| 239 | control = (lockdownd_client*)transport; | 251 | control = (lockdownd_client*)transport; |
| 240 | if (debug) printf("lockdownd_secuwrite() called\n"); | 252 | if (debug) printf("lockdownd_secuwrite() called\n"); |
| 241 | if (debug) printf("pre-send\nlength = %i\n", length); | 253 | if (debug) printf("pre-send\nlength = %i\n", length); |
| 242 | bytes = mux_send(control->iphone, control->connection, buffer, length); | 254 | bytes = mux_send(control->connection, buffer, length); |
| 243 | if (debug) printf("post-send\nsent %i bytes\n", bytes); | 255 | if (debug) printf("post-send\nsent %i bytes\n", bytes); |
| 244 | if (debug) { | 256 | if (debug) { |
| 245 | FILE *my_ssl_packet = fopen("sslpacketwrite.out", "w+"); | 257 | FILE *my_ssl_packet = fopen("sslpacketwrite.out", "w+"); |
| @@ -289,7 +301,7 @@ ssize_t lockdownd_securead(gnutls_transport_ptr_t transport, char *buffer, size_ | |||
| 289 | char *recv_buffer = (char*)malloc(sizeof(char) * (length * 1000)); // ensuring nothing stupid happens | 301 | char *recv_buffer = (char*)malloc(sizeof(char) * (length * 1000)); // ensuring nothing stupid happens |
| 290 | 302 | ||
| 291 | if (debug) printf("pre-read\nclient wants %i bytes\n", length); | 303 | if (debug) printf("pre-read\nclient wants %i bytes\n", length); |
| 292 | bytes = mux_recv(control->iphone, control->connection, recv_buffer, (length * 1000)); | 304 | bytes = mux_recv(control->connection, recv_buffer, (length * 1000)); |
| 293 | if (debug) printf("post-read\nwe got %i bytes\n", bytes); | 305 | if (debug) printf("post-read\nwe got %i bytes\n", bytes); |
| 294 | if (debug && bytes < 0) { | 306 | if (debug && bytes < 0) { |
| 295 | printf("lockdownd_securead(): uh oh\n"); | 307 | printf("lockdownd_securead(): uh oh\n"); |
| @@ -339,7 +351,7 @@ int lockdownd_start_service(lockdownd_client *control, const char *service) { | |||
| 339 | key = add_key_str_dict_element(plist, dict, "Service", service, 1); | 351 | key = add_key_str_dict_element(plist, dict, "Service", service, 1); |
| 340 | if (!key) { xmlFreeDoc(plist); return 0; } | 352 | if (!key) { xmlFreeDoc(plist); return 0; } |
| 341 | 353 | ||
| 342 | xmlDocDumpMemory(plist, &XML_query, &length); | 354 | xmlDocDumpMemory(plist, (xmlChar **)&XML_query, &length); |
| 343 | 355 | ||
| 344 | lockdownd_send(control, XML_query, length); | 356 | lockdownd_send(control, XML_query, length); |
| 345 | free(XML_query); | 357 | free(XML_query); |