Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2024-04-27 | common/userpref: remove X509V3_EXT_cleanup() | orbea | 1 | -1/+0 | |
When building libimobiledevice with libressl 3.9 it fails with an implicit declaration for X509V3_EXT_cleanup(). This was removed in libressl "because it was part of a dangerous, incomplete and mostly useless API". Additionally it doesn't seem to be actually used by libimobiledevice: "It cleans up the stack containing custom extensions which libimobiledevice doesn't use, it's only needed after calls to X509V3_EXT_add{,_list,_alias}()." Reference: https://github.com/libressl/portable/issues/1050 Signed-off-by: orbea <orbea@riseup.net> | |||||
2023-07-05 | Updated OpenSSL-specific code to use OpenSSL 3.0+ API | Nikias Bassen | 1 | -6/+19 | |
2023-04-21 | Updated to use latest libplist API changes | Nikias Bassen | 1 | -1/+1 | |
2022-03-29 | common: Make sure ETIMEDOUT is defined | Nikias Bassen | 1 | -0/+4 | |
2021-09-01 | Remove common code in favor of new libimobiledevice-glue | Nikias Bassen | 1 | -1/+2 | |
2021-07-29 | common: Return proper error codes from userpref_read_pair_record | Nikias Bassen | 1 | -14/+19 | |
2021-07-27 | Add support for MbedTLS | Nikias Bassen | 1 | -39/+277 | |
2019-06-22 | Make sure to not use deprecated API when compiling with OpenSSL >= 1.1 | Rosen Penev | 1 | -6/+12 | |
There are several missing headers as well as deprecated functions for which compatibility was added as needed. | |||||
2018-10-01 | tools: Remove length check on device UDID arguments to support newer devices | Nikias Bassen | 1 | -29/+24 | |
The 40 characters length check on the device UDID made newer devices unusable with the libimobiledevice tools and was actually redundant since an invalid UDID will always fail to resolve. This commit removes the length check alltogether (but makes sure it is not an empty string ""). | |||||
2018-09-29 | lockdown: Pass along usbmux device id when saving pair records | Nikias Bassen | 1 | -2/+3 | |
2018-04-27 | userpref: [GnuTLS] Use valid serial for >= 3.6.0 | Bastien Nocera | 1 | -3/+3 | |
Another change in 3.6.0 is that a serial of '\0' is not valid anymore. Bump it to one. | |||||
2018-04-27 | userpref: [GnuTLS] Fix 3.6.0 SHA1 compatibility | Bastien Nocera | 1 | -3/+3 | |
Verification will fail if a special flag is not passed. Use gnutls_x509_crt_sign2() instead of gnutls_x509_crt_sign() to make sure that passing this flag works in 3.6.0 and stays working with 3.6.1. | |||||
2016-11-04 | userpref: [GnuTLS] Fix pairing record generation and improve error handling | Nikias Bassen | 1 | -40/+45 | |
In newer GnuTLS versions the parameters supplied to gnutls_x509_privkey_import_rsa_raw() are actually checked for somewhat sane values. Since we were passing the same values for all parameters, this check fails and the device certificate is never generated. However due to missing checks the pairing record was saved anyway, with an empty device certificate. This led to TLS errors during communication, leading to the "GnuTLS: Error in pull function" error message appearing and the communication to fail. This commit fixes the issue by passing some sane values, and also improves the overall error handling during generation of the paring record. | |||||
2016-07-27 | userpref: Remove obsoleted function userpref_has_pair_record() | Jay Freeman (saurik) | 1 | -29/+0 | |
Since pair records are meanwhile handled by usbmuxd there is no need to check for the existence of a pair record on disk. Asking usbmuxd for a pair record of a given UDID is sufficient to know if it exists or not. | |||||
2015-01-28 | Remove trailing whitespace errors from all files | Martin Szulecki | 1 | -3/+3 | |
2014-08-06 | userpref: Fix wrong documentation about return values of ↵ | Nikias Bassen | 1 | -7/+10 | |
userpref_read_system_buid() Also, add a debug message that will print the actual error code. | |||||
2014-03-22 | Update copyright in various files | Martin Szulecki | 1 | -1/+1 | |
2014-03-21 | implement global thread safe library initialization | Nikias Bassen | 1 | -4/+0 | |
2014-03-21 | userpref: Try to output similar error messages in GnuTLS and OpenSSL logic | Martin Szulecki | 1 | -1/+5 | |
2014-03-21 | userpref: fix GnuTLS key generation | Nikias Bassen | 1 | -7/+3 | |
2014-03-21 | userpref: merge pair_record_generate_from_device_public_key() into ↵ | Nikias Bassen | 1 | -249/+138 | |
pair_record_generate_keys_and_certs() | |||||
2014-03-21 | userpref: fix mixed up root/host certificate storage | Nikias Bassen | 1 | -2/+2 | |
2014-03-21 | userpref: Remove obsolete dict item check as plist_dict_set_item() takes care | Martin Szulecki | 1 | -5/+0 | |
2014-03-21 | userpref: Fix invalid plist_free() which caused pair process to fail | Martin Szulecki | 1 | -3/+6 | |
2014-03-21 | userpref: Use correct import helper for keys and certs | Martin Szulecki | 1 | -9/+9 | |
2014-03-21 | Refactor pair record handling to use new usbmuxd pair record interface | Martin Szulecki | 1 | -569/+420 | |
This refactoring is mandatory as libimobiledevice should not interact with the pair record configuration directory which is owned by the usbmuxd user. This change also adds compatibility for the native usbmuxd and thus pair records saved by iTunes. | |||||
2014-03-20 | Bump dependency to libplist 1.11 and remove use of "plist_dict_insert_item()" | Martin Szulecki | 1 | -2/+2 | |
2013-12-04 | userpref.c: removed excessive plist_free of a plist dict item. | Aaron Burghardt | 1 | -1/+0 | |
2013-11-06 | userpref: Fix memory leak in userpref_device_record_get_certs_as_pem() | Martin Szulecki | 1 | -0/+7 | |
2013-11-06 | userpref: fix incorrect use of BIO_get_mem_data() when generating keys ↵ | Nikias Bassen | 1 | -4/+29 | |
(closing #32) | |||||
2013-10-25 | userpref: Use RSA_generate_key_ex() in favor of deprecated RSA_generate_key() | Martin Szulecki | 1 | -2/+10 | |
The RSA_generate_key function has been deprecated in OpenSSL in favour of the newer function RSA_generate_key_ex. RSA_generate_key_ex with its current interface has been part of OpenSSL starting from version 0.9.8 (July 2005). | |||||
2013-10-09 | Remove duplicate newline from debug messages as one is added automatically | Martin Szulecki | 1 | -1/+1 | |
2013-10-09 | userpref: Free string in internal_set_value() to fix a memory leak | Martin Szulecki | 1 | -0/+2 | |
2013-10-08 | userpref: Free some plist return values to fix a few memory leaks | Martin Szulecki | 1 | -0/+15 | |
2013-09-27 | userpref: rename 'index' parameter to silece compiler warning on the Pi | Nikias Bassen | 1 | -2/+2 | |
2013-09-24 | userpref: return error if remove in userpref_remove_device_record fails | Nikias Bassen | 1 | -3/+7 | |
2013-09-21 | userpref: Use /var/lib/lockdown as the system-wide pair record path on Linux | Martin Szulecki | 1 | -4/+1 | |
2013-09-19 | userpref: Use system wide pair record path and add config directory getter | Martin Szulecki | 1 | -73/+3 | |
2013-09-19 | userpref: fix leak and possible endless recursion in mkdir_with_parents | Nikias Bassen | 1 | -7/+4 | |
2013-09-17 | userpref: Add missing argument docs for device_record_get_certs_as_pem() | Martin Szulecki | 1 | -0/+1 | |
2013-09-17 | Make sure to re-use the DeviceCertificate instead of generating a new one ↵ | Nikias Bassen | 1 | -1/+14 | |
every time This prevented iTunes from using a pairing made by libimobiledevice giving an error that the device sent invalid data. | |||||
2013-09-17 | Fix broken build of GnuTLS and silence two compiler warnings | Martin Szulecki | 1 | -2/+2 | |
2013-09-17 | userpref: Add copyright reference | Martin Szulecki | 1 | -0/+1 | |
2013-09-17 | Refactor userpref logic to use plist format and implement trust dialog handling | Martin Szulecki | 1 | -351/+333 | |
iOS 7 introduced a new pairing workflow which increases security by showing a trust dialog to the user before pairing with the host is allowed. The userpref system was refactored to use the native plist format, too. Configuration files of the native implementations are used on each platform. Former configuration files are no longer in use and can be deleted. | |||||
2013-07-15 | userpref: correctly NULL-terminate arguments in string_concat calls | Nikias Bassen | 1 | -2/+2 | |
2013-07-13 | common: Fix WIN32 portability for recent userpref security fix | Martin Szulecki | 1 | -1/+6 | |
2013-07-02 | Bug #331 - Don't create a /tmp/root directory insecurely | Federico Mena Quintero | 1 | -29/+76 | |
When finding the user's home directory to generate a subdirectory in $HOME/.config, we would fall back to /tmp if there were no environment variables for HOME or XDG_CONFIG_HOME. Since libimobiledevice gets used by upower, and since upowerd runs as root, this would cause a /tmp/root directory to be created insecurely, leaving upowerd vulnerable to a symlink attack. Now we fall back to getpwuid_r() to find the user's home directory if it is not provided in environment variables - this is the case when upowerd gets run via systemd, for example. The result is that we'll end up creating /root/.config, a safe directory, since regular users cannot create symlinks in /root. In the future we'll need a way for libimobiledevice to find where to store its pairing data on behalf of the console user, rather than writing it to /root. http://libiphone.lighthouseapp.com/projects/27916-libiphone/tickets/331-insecure-tmp-directory-use | |||||
2013-05-23 | Silence compiler warnings for win32 builds | Martin Szulecki | 1 | -0/+2 | |
2013-04-25 | common: Move debug and userpref code into libinternalcommon | Martin Szulecki | 1 | -0/+1161 | |