summaryrefslogtreecommitdiffstats
path: root/src/lockdown.c
AgeCommit message (Collapse)AuthorFilesLines
2019-02-12lockdown: Make sure to return correct error code when pairing failsGravatar Nikias Bassen1-1/+1
2018-09-29lockdown: Pass along usbmux device id when saving pair recordsGravatar Nikias Bassen1-1/+2
2017-12-08lockdown: Plug small memory leakGravatar Nikias Bassen1-0/+1
Credit to Rudolf Tammekivi (Blefish), see issue #599
2017-08-13lockdown: Don't explicitly validate pairing unless we're dealing with an ↵Gravatar Nikias Bassen1-12/+25
older device On newer iOS version, ValidatePair is not mandatory to gain trusted host status. Starting with iOS 11, the ValidatePair request has been removed from lockdownd and will throw an error. This commit adds a version check so that ValidatePair is only called on devices prior iOS 7.
2017-04-08Propagate lower level errors to callers instead of returning unknownGravatar BALATON Zoltan1-36/+40
error for most failures
2016-08-09lockdown: return LOCKDOWN_E_INVALID_HOST_ID when missing pair recordGravatar Jay Freeman (saurik)1-1/+1
When the check of /var/db/lockdown was removed, lockdownd_do_pair started to always return LOCKDOWN_E_INVALID_CONF instead of usually (but not always...) returning LOCKDOWN_E_INVALID_HOST_ID for devices not currently paired. This change not only breaks some third-party code, but also breaks the other code in this library calling this function (lockdownd_client_new_with_handshake).
2016-07-27lockdown: remove unnecessary check for pair record file during pairingGravatar Jay Freeman (saurik)1-7/+3
During device pairing the code in lockdownd_do_pair() is checking if there is a pair record on disk for the current device, and then requests it from usbmuxd. This additional check is not only unnecessary since usbmuxd can obviously only return a pair record if it exists, but is also causing issues on newer versions of macOS where /var/db/lockdown is mode 700.
2016-04-01Avoid potential NULL pointer dereference (leading to segfault) if functions ↵Gravatar BALATON Zoltan1-1/+1
are called with NULL arguments
2015-07-15lockdown: Add new lockdownd_pair_with_options() functionGravatar Nikias Bassen1-9/+28
2015-07-10lockdown: Add more error codesGravatar Nikias Bassen1-1/+9
2015-05-24lockdown: Remove unneeded plist_free() calls since entire dict is freed laterGravatar Nikias Bassen1-5/+0
2015-01-28Remove trailing whitespace errors from all filesGravatar Martin Szulecki1-1/+1
2015-01-12lockdown: Refactor internal error checking and add more native errors to enumGravatar Martin Szulecki1-82/+123
2014-12-10lockdown: Add new LOCKDOWN_E_SERVICE_LIMIT error to detect service limit statesGravatar Martin Szulecki1-0/+2
2014-10-26lockdown: Fix error in re-pairing when previous record became invalidGravatar BALATON Zoltan1-9/+5
When connecting with an existing pair record failed we attempted to pair again which generated a new host id but then connect after successful pairing tried to use host id from the old record and failed. Make sure we forget the old host id when re-pairing. This also fixes a possible memory leak.
2014-10-05Convert int16_t macro error types into enum to improve debugging/type-checkingGravatar Martin Szulecki1-3/+5
This simple change provides various benefits for developers like compile time errors, better auto-completition in editors and the ability of a debugger to show the constant instead of just the raw value. Thanks to Aaron Burghardt for the proposal.
2014-10-03Avoid exporting non-public symbolsGravatar Martin Szulecki1-27/+26
2014-10-02lockdown: Added lockdownd_start_service_with_escrow_bagGravatar Koby Boyango1-5/+79
Signed-off-by: Martin Szulecki <m.szulecki@libimobiledevice.org>
2014-08-06lockdown: Only set SystemBUID in pair_record_generate() if it actually ↵Gravatar Nikias Bassen1-1/+2
contains a value This will prevent a crash in libplist when plist_new_string() will be called with a NULL pointer.
2014-08-06lockdown: Silence compiler warning about ignored return value from asprintf()Gravatar Nikias Bassen1-8/+10
2014-05-05lockdown: cleanup: remove pointless gotoGravatar Andreas Henriksson1-4/+0
Minor cleanup. Drop useless code. We're already at "leave", so there's no need to (conditionally!) goto it.
2014-05-05lockdown: avoid crashing when getting system buid failsGravatar Andreas Henriksson1-2/+3
When userpref_read_system_buid fails to retrieve the buid, systembuid will be set to NULL. It was then unconditionally passed to plist_new_string - which will crash with a NULL argument. See https://bugs.debian.org/730756 for people reporting this happening in the real world. See https://github.com/libimobiledevice/libimobiledevice/commit/1331f6baa1799e41003aa812c0d1bf36193535ea ("lockdown: Make sure to set SystemBUID in generated pair records") for the commit where this problem was introduced.
2014-03-27Moved Doxygen comments from source files to public headers.Gravatar Aaron Burghardt1-278/+1
Conflicts: include/libimobiledevice/afc.h
2014-03-27lockdown: Return error if getting a lockdown value failed to fix segfaultGravatar Martin Szulecki1-0/+2
https://github.com/libimobiledevice/libimobiledevice/issues/67 The lockdownd_get_value() function is not properly handling an error situation. The code logic always returned success as long as the lockdown response was properly received. Thanks to Aaron Burghardt for spotting this.
2014-03-24lockdown: Prevent libplist assertion by checking result of ↵Gravatar Nikias Bassen1-4/+10
userpref_read_pair_record()
2014-03-22Update copyright in various filesGravatar Martin Szulecki1-0/+2
2014-03-21lockdown: Fix starting unsecure services as needed during trust dialog pairingGravatar Martin Szulecki1-14/+0
2014-03-21lockdown: Fix fetching WiFi address for pair record after trust dialog pairingGravatar Martin Szulecki1-12/+20
2014-03-21lockdown: Correct a few comments within pair generation codeGravatar Martin Szulecki1-1/+2
2014-03-21lockdown: Move HostID generation closer to code setting it in pair recordGravatar Martin Szulecki1-2/+1
2014-03-21lockdown: Read HostID again after pairing to fix first pair workflowGravatar Martin Szulecki1-0/+7
2014-03-21userpref: merge pair_record_generate_from_device_public_key() into ↵Gravatar Nikias Bassen1-15/+1
pair_record_generate_keys_and_certs()
2014-03-21lockdown: Make sure failed pairing validation works with correct error codeGravatar Martin Szulecki1-1/+1
2014-03-21lockdown: Plug memory leak due to missing free of public_keyGravatar Martin Szulecki1-0/+3
2014-03-21lockdown: Make sure to set SystemBUID in generated pair recordsGravatar Martin Szulecki1-1/+2
2014-03-21lockdown: Fix wrong pointer dereference of pair_record plistGravatar Martin Szulecki1-3/+3
2014-03-21lockdown: Remove obsolete debug outputGravatar Martin Szulecki1-6/+0
2014-03-21Refactor pair record handling to use new usbmuxd pair record interfaceGravatar Martin Szulecki1-418/+112
This refactoring is mandatory as libimobiledevice should not interact with the pair record configuration directory which is owned by the usbmuxd user. This change also adds compatibility for the native usbmuxd and thus pair records saved by iTunes.
2014-03-20Bump dependency to libplist 1.11 and remove use of "plist_dict_insert_item()"Gravatar Martin Szulecki1-39/+39
2014-03-18lockdown: make sure type is always free'd in lockdownd_client_new_with_handshakeGravatar Nikias Bassen1-2/+2
2014-03-10lockdown: disable SSL in lockdownd_stop_session()Gravatar Nikias Bassen1-0/+5
2014-03-10lockdown: removed outdated call to lockdownd_goodbye() in lockdown_client_free()Gravatar Nikias Bassen1-4/+0
2014-01-25Revert "lockdown: do not send Goodbye when SSL session was active"Gravatar Nikias Bassen1-2/+2
This reverts commit 56392428a49543bab4b12431451ec04bb799c411. Actually I committed this because of usbmuxd complaining about a TCP RST. But lockdownd is now complaining since it waits for the Goodbye packet (which I apparently didn't see during testing).
2014-01-15lockdown: do not send Goodbye when SSL session was activeGravatar Nikias Bassen1-2/+2
2013-11-30lockdown: Make sure to free client->session_id for sureGravatar Martin Szulecki1-0/+4
2013-11-30Fix possible memory corruption by ensuring client pointers NULL'd after freeGravatar Martin Szulecki1-0/+1
2013-11-30lockdown: Do not free session_id again after stop_session already didGravatar Martin Szulecki1-1/+0
2013-11-08lockdown: fix possible invalid free in GnuTLS cert generation codeGravatar Nikias Bassen1-3/+3
2013-11-04Convert stray spaces to corresponding tabsGravatar Martin Szulecki1-0/+1
2013-10-09Remove duplicate newline from debug messages as one is added automaticallyGravatar Martin Szulecki1-1/+1