| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Apple removed the lockdownd command 'ValidatePair'. Validating a pairing
can just be done by trying to use the present pairing record to try to
start a lockdownd session: if it succeeds, the pairing is valid, otherwise
obviously not. So this is what we do now.
|
|
As seen in #726 the previous behavior results in wrong assumptions that a
restore is possible without rebooting the device, however this is not how
iOS is handling it.
I added a command line switch --no-reboot now that will let you still
restore without rebooting, if anyone wants to play around with that...
|
|
function, add command line switch to skip
|
|
This will trigger re-installation of apps that were installed when the backup
was created once the device finishes the restore and rebooted.
|
|
struct dirent
|
|
(esp. on network filesystems)
|
|
The 40 characters length check on the device UDID made newer devices unusable
with the libimobiledevice tools and was actually redundant since an invalid
UDID will always fail to resolve. This commit removes the length check
alltogether (but makes sure it is not an empty string "").
|
|
|
|
|
|
(i.e. not freed before writing)
|
|
|
|
If some arguments are passed multiple times, don't leak the memory used
for the value of the first arguments passed.
|
|
If some arguments are passed multiple times, don't leak the memory used
for the value of the first arguments passed.
|
|
When creating a connection handler thread fails, and we close the
server_fd, do not loop back to the start of the loop trying to run
socket_accept() on a closed fd, but break out of the loop instead.
|
|
If either of dstpath or srcpath can be NULL, then make sure they get
freed irrespective of the other variable's value in
mb2_copy_directory_by_path()
|
|
fd was leak in error path.
|
|
|
|
Another change in 3.6.0 is that a serial of '\0' is not valid anymore.
Bump it to one.
|
|
Verification will fail if a special flag is not passed. Use
gnutls_x509_crt_sign2() instead of gnutls_x509_crt_sign() to make
sure that passing this flag works in 3.6.0 and stays working with
3.6.1.
|
|
Starting with iOS 9.1, querying IORegistry by plane stopped working. This
commit will add a new command that allows querying by entry that will allow
gathering data for devices with newer iOS versions again (including iOS 11).
|
|
command
|
|
After device bootup several services cannot be used until the passcode
is entered on the device. This commit will detect this state and wait for
the passcode to be entered. Before this change you would have to restart
idevicesyslog or replug the device after entering the passcode to make
the logging work again.
|
|
Credit to Rudolf Tammekivi (Blefish), see issue #599
|
|
iOS 11.2+
When activating in session mode - which is required for newer iOS versions -
we can now pass the activation response headers with the activation command.
For iOS 11.2+ this is mandatory or the activation will fail.
|
|
PLIST_DATA
|
|
older device
On newer iOS version, ValidatePair is not mandatory to gain trusted host
status. Starting with iOS 11, the ValidatePair request has been removed from
lockdownd and will throw an error. This commit adds a version check so that
ValidatePair is only called on devices prior iOS 7.
|
|
device activation
|
|
|
|
|
|
|
|
That is, recover if gnutls_handshake() returns with non fatal
error codes like GNUTLS_E_INTERRUPTED or GNUTLS_E_AGAIN.
|
|
|
|
CRYPTO_set_id_callback
CRYPTO_set_locking_callback
EVP_cleanup
CRYPTO_cleanup_all_ex_data
SSL_COMP_free_compression_methods
are all no-ops with OpenSSL 1.1.0, so we can #ifdef out the
corresponding code. This cleans up some warnings about
id_function/locking_function being defined but unused (as the calls to
CRYPTO_set_id_callback and CRYPTO_set_locking_callback disappear at
preprocessing time).
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
|
|
It's deprecated and causes compile-time warnings. We don't want to
fallback to ERR_remove_state() either as it's similarly deprecated.
This commit adds a helper functions to hide the #ifdef mess between
the various openssl versions.
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
|
|
Since commit OpenSSL_1_1_0-pre3~178
https://github.com/openssl/openssl/commit/b184e3ef73200cb3b7914a603b43a5b8a074c85f
OpenSSL automatically cleans up some of its internal data when the
program exits. This conflicts with some similar clean up
libimobiledevice attempts to do, which causes a double-free.
SSL_COMP_free_compression_methods() was available in OpenSSL 1.0.2,
and is still there in 1.1.0 as a no-op, so we can use that to free
the compression methods.
This bug can be hit with a simple idevicebackup2 --help
==14299== Invalid read of size 4
==14299== at 0x547AEBC: OPENSSL_sk_pop_free (stack.c:263)
==14299== by 0x508B848: ssl_library_stop (ssl_init.c:182)
==14299== by 0x5424D11: OPENSSL_cleanup (init.c:402)
==14299== by 0x5DC3134: __cxa_finalize (cxa_finalize.c:56)
==14299== by 0x53332B2: ??? (in /usr/lib64/libcrypto.so.1.1.0e)
==14299== by 0x4011232: _dl_fini (dl-fini.c:235)
==14299== by 0x5DC2DC7: __run_exit_handlers (exit.c:83)
==14299== by 0x5DC2E19: exit (exit.c:105)
==14299== by 0x5DA8604: (below main) (libc-start.c:329)
==14299== Address 0x6585590 is 0 bytes inside a block of size 40 free'd
==14299== at 0x4C2FCC8: free (vg_replace_malloc.c:530)
==14299== by 0x4E43381: sk_SSL_COMP_free (ssl.h:830)
==14299== by 0x4E434E7: internal_idevice_deinit (idevice.c:103)
==14299== by 0x5B79643: __pthread_once_slow (pthread_once.c:116)
==14299== by 0x4E5663A: thread_once (thread.c:104)
==14299== by 0x4E43525: libimobiledevice_deinitialize (idevice.c:140)
==14299== by 0x4011232: _dl_fini (dl-fini.c:235)
==14299== by 0x5DC2DC7: __run_exit_handlers (exit.c:83)
==14299== by 0x5DC2E19: exit (exit.c:105)
==14299== by 0x5DA8604: (below main) (libc-start.c:329)
==14299== Block was alloc'd at
==14299== at 0x4C2EB1B: malloc (vg_replace_malloc.c:299)
==14299== by 0x5428908: CRYPTO_zalloc (mem.c:100)
==14299== by 0x547A9AE: OPENSSL_sk_new (stack.c:108)
==14299== by 0x5087D43: sk_SSL_COMP_new (ssl.h:830)
==14299== by 0x5087D43: do_load_builtin_compressions (ssl_ciph.c:482)
==14299== by 0x5087D43: do_load_builtin_compressions_ossl_ (ssl_ciph.c:476)
==14299== by 0x5B79643: __pthread_once_slow (pthread_once.c:116)
==14299== by 0x547B198: CRYPTO_THREAD_run_once (threads_pthread.c:106)
==14299== by 0x5089F96: load_builtin_compressions (ssl_ciph.c:500)
==14299== by 0x5089F96: SSL_COMP_get_compression_methods (ssl_ciph.c:1845)
==14299== by 0x508B68B: ossl_init_ssl_base (ssl_init.c:125)
==14299== by 0x508B68B: ossl_init_ssl_base_ossl_ (ssl_init.c:25)
==14299== by 0x5B79643: __pthread_once_slow (pthread_once.c:116)
==14299== by 0x547B198: CRYPTO_THREAD_run_once (threads_pthread.c:106)
==14299== by 0x508B90A: OPENSSL_init_ssl (ssl_init.c:227)
==14299== by 0x4E43416: internal_idevice_init (idevice.c:73)
=
Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
|
|
The capabilities parameter is a string array not a plist. Also check
other parameters when we are at it.
|
|
|
|
event number in libusbmuxd
|
|
error for most failures
|
|
There are services that would send really large plist data, e.g. when listing
provisioning profiles. Instead of forcing the data to be less than 16MB we
try to allocate a buffer as large as requested. If the allocation fails the
function returns with an error.
|
|
|
|
|
|
|
|
|
|
The condition in line 2278 is incorrectly evaluated when
mb2_status_check_snapshot_state() isn't able to read the Status.plist file.
While `if (-1) { ... }` will be a 'false' condition, `if (1 && -1) { ... }`
will be 'true' which in this case would make idevicebackup2 assume the backup
was successful while it was not.
This commit fixes this issue by changing the default return value of
mb2_status_check_snapshot_state() to be 0 (false).
Thanks to Xiao Deng for pointing out this issue!
|
|
profiles at once
|
|
|
|
return exit code on error
|
|
|
|
|
Nikias Bassen
Samuel Sadok
Bastien Nocera
Robert Gadbois
Nikos Mavrogiannopoulos
Christophe Fergeau
BALATON Zoltan
Antoine Reversat