libimobiledevice package update

Signed-off-by: basebuilder_pel7x64builder0 <basebuilder@powerel.org>

SOURCES/0001-Add-new-function-to-get-the-underlying-file-descript.patch

@@ -0,0 +1,61 @@
+From 692f7c9de72ca7fcaba51659972270d445751438 Mon Sep 17 00:00:00 2001
+From: BALATON Zoltan <balaton@eik.bme.hu>
+Date: Wed, 23 Sep 2015 02:19:27 +0200
+Subject: [PATCH] Add new function to get the underlying file descriptor of an
+ idevice connection
+
+---
+ include/libimobiledevice/libimobiledevice.h | 10 ++++++++++
+ src/idevice.c                               | 16 ++++++++++++++++
+ 2 files changed, 26 insertions(+)
+
+diff --git a/include/libimobiledevice/libimobiledevice.h b/include/libimobiledevice/libimobiledevice.h
+index 016cadb..b125adf 100644
+--- a/include/libimobiledevice/libimobiledevice.h
++++ b/include/libimobiledevice/libimobiledevice.h
+@@ -239,6 +239,16 @@ idevice_error_t idevice_connection_enable_ssl(idevice_connection_t connection);
+  */
+ idevice_error_t idevice_connection_disable_ssl(idevice_connection_t connection);
+
++/**
++ * Get the underlying file descriptor for a connection
++ *
++ * @param connection The connection to get fd of
++ * @param fd Pointer to an int where the fd is stored
++ *
++ * @return IDEVICE_E_SUCCESS if ok, otherwise an error code.
++ */
++idevice_error_t idevice_connection_get_fd(idevice_connection_t connection, int *fd);
++
+ /* misc */
+
+ /**
+diff --git a/src/idevice.c b/src/idevice.c
+index b776e84..5912aeb 100644
+--- a/src/idevice.c
++++ b/src/idevice.c
+@@ -463,6 +463,22 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive(idevice_connecti
+	return internal_connection_receive(connection, data, len, recv_bytes);
+ }
+
++LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_get_fd(idevice_connection_t connection, int *fd)
++{
++	if (!connection || !fd) {
++		return IDEVICE_E_INVALID_ARG;
++	}
++
++	idevice_error_t result = IDEVICE_E_UNKNOWN_ERROR;
++	if (connection->type == CONNECTION_USBMUXD) {
++		*fd = (int)(long)connection->data;
++		result = IDEVICE_E_SUCCESS;
++	} else {
++		debug_info("Unknown connection type %d", connection->type);
++	}
++	return result;
++}
++
+ LIBIMOBILEDEVICE_API idevice_error_t idevice_get_handle(idevice_t device, uint32_t *handle)
+ {
+	if (!device)
+--
+2.9.3

SOURCES/0001-Fix-SSL-version-negotiation-for-newer-versions-of-Op.patch

@@ -0,0 +1,27 @@
+From 13bf235cac2201747de11652cf14fe2714ca0718 Mon Sep 17 00:00:00 2001
+From: David Weinstein <dweinst@insitusec.com>
+Date: Mon, 21 Mar 2016 17:45:59 -0400
+Subject: [PATCH] Fix SSL version negotiation for newer versions of OpenSSL
+
+Depending on the OpenSSL version (and custom distribution patches), `SSLv3_method()`
+would return NULL on some systems and also `SSLv23_method()` fails with some older
+iOS versions...
+---
+ src/idevice.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/idevice.c b/src/idevice.c
+index f2de6a3..1dcdae2 100644
+--- a/src/idevice.c
++++ b/src/idevice.c
+@@ -703,7 +703,7 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
+	}
+	BIO_set_fd(ssl_bio, (int)(long)connection->data, BIO_NOCLOSE);
+
+-	SSL_CTX *ssl_ctx = SSL_CTX_new(SSLv3_method());
++	SSL_CTX *ssl_ctx = SSL_CTX_new(TLSv1_method());
+	if (ssl_ctx == NULL) {
+		debug_info("ERROR: Could not create SSL context.");
+		BIO_free(ssl_bio);
+--
+2.9.3

SOURCES/0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch

@@ -0,0 +1,40 @@
+From 6070126868069f2ee01ea9414f4cfbe5de285267 Mon Sep 17 00:00:00 2001
+From: "Jay Freeman (saurik)" <saurik@saurik.com>
+Date: Wed, 21 Oct 2015 00:39:14 -0700
+Subject: [PATCH] Fix installation_proxy when using GnuTLS instead of OpenSSL
+
+---
+ src/idevice.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/idevice.c b/src/idevice.c
+index 7c33cdd..b776e84 100644
+--- a/src/idevice.c
++++ b/src/idevice.c
+@@ -393,10 +393,13 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive_timeout(idevice_
+	}
+
+	if (connection->ssl_data) {
+-#ifdef HAVE_OPENSSL
+		uint32_t received = 0;
+		while (received < len) {
++#ifdef HAVE_OPENSSL
+			int r = SSL_read(connection->ssl_data->session, (void*)((char*)(data+received)), (int)len-received);
++#else
++			ssize_t r = gnutls_record_recv(connection->ssl_data->session, (void*)(data+received), (size_t)len-received);
++#endif
+			if (r > 0) {
+				received += r;
+			} else {
+@@ -404,9 +407,6 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive_timeout(idevice_
+			}
+		}
+		debug_info("SSL_read %d, received %d", len, received);
+-#else
+-		ssize_t received = gnutls_record_recv(connection->ssl_data->session, (void*)data, (size_t)len);
+-#endif
+		if (received > 0) {
+			*recv_bytes = received;
+			return IDEVICE_E_SUCCESS;
+--
+2.5.0

SOURCES/0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch

@@ -0,0 +1,53 @@
+From 2a5868411c57e25802d2f16fd6b77601f10d0b72 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@redhat.com>
+Date: Fri, 29 Apr 2016 22:58:34 +0200
+Subject: [PATCH] Updated gnutls certificate callback to new API (backwards
+ compatible)
+
+---
+ src/idevice.c | 13 +++++++++++++
+ 1 file changed, 13 insertions(+)
+
+diff --git a/src/idevice.c b/src/idevice.c
+index 5912aeb..f2de6a3 100644
+--- a/src/idevice.c
++++ b/src/idevice.c
+@@ -642,7 +642,11 @@ static const char *ssl_error_to_string(int e)
+ /**
+  * Internally used gnutls callback function that gets called during handshake.
+  */
++#if GNUTLS_VERSION_NUMBER >= 0x020b07
++static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t * req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t * sign_algos, int sign_algos_length, gnutls_retr2_st * st)
++#else
+ static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t * req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t * sign_algos, int sign_algos_length, gnutls_retr_st * st)
++#endif
+ {
+	int res = -1;
+	gnutls_certificate_type_t type = gnutls_certificate_type_get(session);
+@@ -650,7 +654,12 @@ static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t
+		ssl_data_t ssl_data = (ssl_data_t)gnutls_session_get_ptr(session);
+		if (ssl_data && ssl_data->host_privkey && ssl_data->host_cert) {
+			debug_info("Passing certificate");
++#if GNUTLS_VERSION_NUMBER >= 0x020b07
++			st->cert_type = type;
++			st->key_type = GNUTLS_PRIVKEY_X509;
++#else
+			st->type = type;
++#endif
+			st->ncerts = 1;
+			st->cert.x509 = &ssl_data->host_cert;
+			st->key.x509 = ssl_data->host_privkey;
+@@ -759,7 +768,11 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
+	debug_info("enabling SSL mode");
+	errno = 0;
+	gnutls_certificate_allocate_credentials(&ssl_data_loc->certificate);
++#if GNUTLS_VERSION_NUMBER >= 0x020b07
++	gnutls_certificate_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback);
++#else
+	gnutls_certificate_client_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback);
++#endif
+	gnutls_init(&ssl_data_loc->session, GNUTLS_CLIENT);
+	gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-SSL3.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL);
+	gnutls_credentials_set(ssl_data_loc->session, GNUTLS_CRD_CERTIFICATE, ssl_data_loc->certificate);
+--
+2.9.3

SOURCES/0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch

@@ -0,0 +1,28 @@
+From 72643b2b83990b9cf97cc84b285b30763d44a72d Mon Sep 17 00:00:00 2001
+From: "Jay Freeman (saurik)" <saurik@saurik.com>
+Date: Tue, 2 Aug 2016 03:08:04 -0700
+Subject: [PATCH] idevice: Update GnuTLS code to support iOS 10
+
+As of iOS 10 beta 4, the GnuTLS implementation idevice_connection_enable_ssl
+needs to be updated to support TLS. Using +VERS-TLS-ALL did not work on some
+of the devices I tested and I wasn't sure how to fix it, but +VERS-TLS1.0 is
+working on every device I've tested: iOS 9.0.2, 10.0b4, 8.1.1, 6.0, and 3.0.
+---
+ src/idevice.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/idevice.c b/src/idevice.c
+index 1dcdae2..b6dfe4e 100644
+--- a/src/idevice.c
++++ b/src/idevice.c
+@@ -774,7 +774,7 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
+	gnutls_certificate_client_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback);
+ #endif
+	gnutls_init(&ssl_data_loc->session, GNUTLS_CLIENT);
+-	gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-SSL3.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL);
++	gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-TLS1.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL);
+	gnutls_credentials_set(ssl_data_loc->session, GNUTLS_CRD_CERTIFICATE, ssl_data_loc->certificate);
+	gnutls_session_set_ptr(ssl_data_loc->session, ssl_data_loc);
+
+--
+2.9.3

SOURCES/0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch

@@ -0,0 +1,170 @@
+From 23069d10341ce637fdad7321d447c53752dba48c Mon Sep 17 00:00:00 2001
+From: Nikias Bassen <nikias@gmx.li>
+Date: Fri, 4 Nov 2016 02:11:39 +0100
+Subject: [PATCH] userpref: [GnuTLS] Fix pairing record generation and improve
+ error handling
+
+In newer GnuTLS versions the parameters supplied to
+gnutls_x509_privkey_import_rsa_raw() are actually checked for somewhat
+sane values. Since we were passing the same values for all parameters,
+this check fails and the device certificate is never generated.
+However due to missing checks the pairing record was saved anyway, with
+an empty device certificate. This led to TLS errors during communication,
+leading to the "GnuTLS: Error in pull function" error message appearing
+and the communication to fail.
+This commit fixes the issue by passing some sane values, and also improves
+the overall error handling during generation of the paring record.
+---
+ common/userpref.c | 85 +++++++++++++++++++++++++++++--------------------------
+ 1 file changed, 45 insertions(+), 40 deletions(-)
+
+diff --git a/common/userpref.c b/common/userpref.c
+index d22c7f5..3ae503a 100644
+--- a/common/userpref.c
++++ b/common/userpref.c
+@@ -643,15 +643,13 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
+	gnutls_x509_crt_export(host_cert, GNUTLS_X509_FMT_PEM, host_cert_pem.data, &host_cert_export_size);
+	host_cert_pem.size = host_cert_export_size;
+
+-	ret = USERPREF_E_UNKNOWN_ERROR;
+-
+	gnutls_datum_t modulus = { NULL, 0 };
+	gnutls_datum_t exponent = { NULL, 0 };
+
+	/* now decode the PEM encoded key */
+-	gnutls_datum_t der_pub_key;
+-	if (GNUTLS_E_SUCCESS == gnutls_pem_base64_decode_alloc("RSA PUBLIC KEY", &public_key, &der_pub_key)) {
+-
++	gnutls_datum_t der_pub_key = { NULL, 0 };
++	int gnutls_error = gnutls_pem_base64_decode_alloc("RSA PUBLIC KEY", &public_key, &der_pub_key);
++	if (GNUTLS_E_SUCCESS == gnutls_error) {
+		/* initalize asn.1 parser */
+		ASN1_TYPE pkcs1 = ASN1_TYPE_EMPTY;
+		if (ASN1_SUCCESS == asn1_array2tree(pkcs1_asn1_tab, &pkcs1, NULL)) {
+@@ -670,8 +668,14 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
+
+				ret1 = asn1_read_value(asn1_pub_key, "modulus", modulus.data, (int*)&modulus.size);
+				ret2 = asn1_read_value(asn1_pub_key, "publicExponent", exponent.data, (int*)&exponent.size);
+-				if (ASN1_SUCCESS == ret1 && ASN1_SUCCESS == ret2)
+-					ret = USERPREF_E_SUCCESS;
++				if (ret1 != ASN1_SUCCESS || ret2 != ASN1_SUCCESS) {
++					gnutls_free(modulus.data);
++					modulus.data = NULL;
++					modulus.size = 0;
++					gnutls_free(exponent.data);
++					exponent.data = NULL;
++					exponent.size = 0;
++				}
+			}
+			if (asn1_pub_key)
+				asn1_delete_structure(&asn1_pub_key);
+@@ -679,12 +683,15 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
+		if (pkcs1)
+			asn1_delete_structure(&pkcs1);
+	} else {
+-		debug_info("WARNING: Could not read public key");
++		debug_info("ERROR: Could not parse public key: %s", gnutls_strerror(gnutls_error));
+	}
+
+-	/* now generate certificates */
+-	if (USERPREF_E_SUCCESS == ret && 0 != modulus.size && 0 != exponent.size) {
+-		gnutls_datum_t essentially_null = { (unsigned char*)strdup("abababababababab"), strlen("abababababababab") };
++	/* generate device certificate */
++	if (modulus.data && 0 != modulus.size && exponent.data && 0 != exponent.size) {
++
++		gnutls_datum_t prime_p = { (unsigned char*)"\x00\xca\x4a\x03\x13\xdf\x9d\x7a\xfd", 9 };
++		gnutls_datum_t prime_q = { (unsigned char*)"\x00\xf2\xff\xe0\x15\xd1\x60\x37\x63", 9 };
++		gnutls_datum_t coeff = { (unsigned char*)"\x32\x07\xf1\x68\x57\xdf\x9a\xf4", 8 };
+
+		gnutls_x509_privkey_t fake_privkey;
+		gnutls_x509_crt_t dev_cert;
+@@ -692,8 +699,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
+		gnutls_x509_privkey_init(&fake_privkey);
+		gnutls_x509_crt_init(&dev_cert);
+
+-		if (GNUTLS_E_SUCCESS == gnutls_x509_privkey_import_rsa_raw(fake_privkey, &modulus, &exponent, &essentially_null, &essentially_null, &essentially_null, &essentially_null)) {
+-			/* generate device certificate */
++		gnutls_error = gnutls_x509_privkey_import_rsa_raw(fake_privkey, &modulus, &exponent, &exponent, &prime_p, &prime_q, &coeff);
++		if (GNUTLS_E_SUCCESS == gnutls_error) {
++			/* now generate device certificate */
+			gnutls_x509_crt_set_key(dev_cert, fake_privkey);
+			gnutls_x509_crt_set_serial(dev_cert, "\x00", 1);
+			gnutls_x509_crt_set_version(dev_cert, 3);
+@@ -712,9 +720,8 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
+			}
+
+			gnutls_x509_crt_set_key_usage(dev_cert, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT);
+-			gnutls_x509_crt_sign(dev_cert, root_cert, root_privkey);
+-
+-			if (USERPREF_E_SUCCESS == ret) {
++			gnutls_error = gnutls_x509_crt_sign(dev_cert, root_cert, root_privkey);
++			if (GNUTLS_E_SUCCESS == gnutls_error) {
+				/* if everything went well, export in PEM format */
+				size_t export_size = 0;
+				gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &export_size);
+@@ -722,13 +729,11 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
+				gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_cert_pem.data, &export_size);
+				dev_cert_pem.size = export_size;
+			} else {
+-				debug_info("ERROR: Signing device certificate with root private key failed!");
++				debug_info("ERROR: Signing device certificate with root private key failed: %s", gnutls_strerror(gnutls_error));
+			}
++		} else {
++			debug_info("ERROR: Failed to import RSA key data: %s", gnutls_strerror(gnutls_error));
+		}
+-
+-		if (essentially_null.data)
+-			free(essentially_null.data);
+-
+		gnutls_x509_crt_deinit(dev_cert);
+		gnutls_x509_privkey_deinit(fake_privkey);
+	}
+@@ -743,27 +748,27 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
+
+	gnutls_free(der_pub_key.data);
+ #endif
+-	if (NULL != root_cert_pem.data && 0 != root_cert_pem.size &&
+-		NULL != host_cert_pem.data && 0 != host_cert_pem.size)
++
++	/* make sure that we have all we need */
++	if (root_cert_pem.data && 0 != root_cert_pem.size
++	    && root_key_pem.data && 0 != root_key_pem.size
++	    && host_cert_pem.data && 0 != host_cert_pem.size
++	    && host_key_pem.data && 0 != host_key_pem.size
++	    && dev_cert_pem.data && 0 != dev_cert_pem.size) {
++		/* now set keys and certificates */
++		pair_record_set_item_from_key_data(pair_record, USERPREF_DEVICE_CERTIFICATE_KEY, &dev_cert_pem);
++		pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_PRIVATE_KEY_KEY, &host_key_pem);
++		pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_CERTIFICATE_KEY, &host_cert_pem);
++		pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_PRIVATE_KEY_KEY, &root_key_pem);
++		pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_CERTIFICATE_KEY, &root_cert_pem);
+		ret = USERPREF_E_SUCCESS;
++	}
+
+-	/* now set keys and certificates */
+-	pair_record_set_item_from_key_data(pair_record, USERPREF_DEVICE_CERTIFICATE_KEY, &dev_cert_pem);
+-	pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_PRIVATE_KEY_KEY, &host_key_pem);
+-	pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_CERTIFICATE_KEY, &host_cert_pem);
+-	pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_PRIVATE_KEY_KEY, &root_key_pem);
+-	pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_CERTIFICATE_KEY, &root_cert_pem);
+-
+-	if (dev_cert_pem.data)
+-		free(dev_cert_pem.data);
+-	if (root_key_pem.data)
+-		free(root_key_pem.data);
+-	if (root_cert_pem.data)
+-		free(root_cert_pem.data);
+-	if (host_key_pem.data)
+-		free(host_key_pem.data);
+-	if (host_cert_pem.data)
+-		free(host_cert_pem.data);
++	free(dev_cert_pem.data);
++	free(root_key_pem.data);
++	free(root_cert_pem.data);
++	free(host_key_pem.data);
++	free(host_cert_pem.data);
+
+	return ret;
+ }
+--
+2.9.3

SOURCES/CVE-2016-5104.patch

@@ -0,0 +1,31 @@
+From df1f5c4d70d0c19ad40072f5246ca457e7f9849e Mon Sep 17 00:00:00 2001
+From: Joshua Hill <posixninja@gmail.com>
+Date: Tue, 29 Dec 2015 22:27:17 +0100
+Subject: [PATCH] common: [security fix] Make sure sockets only listen locally
+
+---
+ common/socket.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/common/socket.c b/common/socket.c
+index b276864..e2968a6 100644
+--- a/common/socket.c
++++ b/common/socket.c
+@@ -172,7 +172,7 @@ int socket_create(uint16_t port)
+
+	memset((void *) &saddr, 0, sizeof(saddr));
+	saddr.sin_family = AF_INET;
+-	saddr.sin_addr.s_addr = htonl(INADDR_ANY);
++	saddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+	saddr.sin_port = htons(port);
+
+	if (0 > bind(sfd, (struct sockaddr *) &saddr, sizeof(saddr))) {
+@@ -329,7 +329,7 @@ int socket_accept(int fd, uint16_t port)
+
+	memset(&addr, 0, sizeof(addr));
+	addr.sin_family = AF_INET;
+-	addr.sin_addr.s_addr = htonl(INADDR_ANY);
++	addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
+	addr.sin_port = htons(port);
+
+	addr_len = sizeof(addr);

SPECS/libimobiledevice.spec

@@ -0,0 +1,269 @@
+Name:          libimobiledevice
+Version:       1.2.0
+Release:       1%{?dist}
+Summary:       Library for connecting to mobile devices
+
+Group:         System Environment/Libraries
+License:       LGPLv2+
+URL:           http://www.libimobiledevice.org/
+Source0:       http://www.libimobiledevice.org/downloads/%{name}-%{version}.tar.bz2
+Patch1:        0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch
+Patch2:        CVE-2016-5104.patch
+Patch3:        0001-Add-new-function-to-get-the-underlying-file-descript.patch
+Patch4:        0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch
+Patch5:        0001-Fix-SSL-version-negotiation-for-newer-versions-of-Op.patch
+Patch6:        0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch
+Patch7:        0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch
+
+BuildRequires: glib2-devel
+BuildRequires: gnutls-devel
+BuildRequires: libgcrypt-devel
+BuildRequires: libplist-devel
+BuildRequires: libplist-python
+BuildRequires: libtasn1-devel
+BuildRequires: libusbmuxd-devel
+BuildRequires: libusbx-devel
+BuildRequires: libxml2-devel
+
+%description
+libimobiledevice is a library for connecting to mobile devices including phones
+and music players
+
+%package devel
+Summary: Development package for libimobiledevice
+Group: Development/Libraries
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description devel
+Files for development with libimobiledevice.
+
+%package utils
+Summary: Utilites for libimobiledevice
+Group: Applications/System
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description utils
+Utilites for use with libimobiledevice.
+
+%package python
+Summary: Python bindings for libimobiledevice
+Group: Development/Libraries
+Requires: %{name}%{?_isa} = %{version}-%{release}
+
+%description python
+Python bindings for libimobiledevice.
+
+%prep
+%setup -q
+%patch1 -p1
+%patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+
+# Fix dir permissions on html docs
+chmod +x docs/html
+
+%build
+%configure --disable-static --disable-openssl --enable-dev-tools --without-cython
+# Remove rpath as per https://fedoraproject.org/wiki/Packaging/Guidelines#Beware_of_Rpath
+sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
+sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
+
+make %{?_smp_mflags} V=1
+
+%install
+make install DESTDIR=%{buildroot}
+
+#Remove libtool archives.
+find %{buildroot} -type f -name "*.la" -delete
+
+%post -p /sbin/ldconfig
+
+%postun -p /sbin/ldconfig
+
+%files
+%{!?_licensedir:%global license %%doc}
+%license COPYING.LESSER
+%doc AUTHORS README
+%{_libdir}/libimobiledevice.so.6*
+
+%files utils
+%doc %{_datadir}/man/man1/idevice*
+%{_bindir}/idevice*
+
+%files devel
+%doc docs/html/
+%{_libdir}/pkgconfig/libimobiledevice-1.0.pc
+%{_libdir}/libimobiledevice.so
+%{_includedir}/libimobiledevice/
+
+%files python
+#%{python_sitearch}/imobiledevice*
+
+%changelog
+* Wed Mar 01 2017 Bastien Nocera <bnocera@redhat.com> - 1.2.0-1
++ libimobiledevice-1.2.0-1
+- Rebase to 1.2.0
+- Fix iOS trust issues
+Resolves: #1387253
+
+* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 1.1.5-6
+- Mass rebuild 2014-01-24
+
+* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 1.1.5-5
+- Mass rebuild 2013-12-27
+
+* Tue Nov 05 2013 Bastien Nocera <bnocera@redhat.com> 1.1.5-4
+- Re-enable RPM-wide CFLAGS (regression in 1.1.5-2)
+Resolves: #884524
+
+* Mon Nov 04 2013 Bastien Nocera <bnocera@redhat.com> 1.1.5-3
+- Add missing libgcrypt BR
+Resolves: #884524
+
+* Tue Oct  8 2013 Matthias Clasen <mclasen@redhat.com> - 1.1.5-2
+- Disable strict aliasing (related: #884524)
+
+* Tue Mar 19 2013 Peter Robinson <pbrobinson@fedoraproject.org> 1.1.5-1
+- New 1.1.5 release
+
+* Thu Feb 21 2013 Bastien Nocera <bnocera@redhat.com> 1.1.4-6
+- Add patch to avoid multi-byte characters from being stripped
+  from the device name
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.4-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Wed Sep 05 2012 Bastien Nocera <bnocera@redhat.com> 1.1.4-4
+- Don't make upowerd crash when run under systemd (#834359)
+
+* Fri Aug 10 2012 Rex Dieter <rdieter@fedoraproject.org> - 1.1.4-3
+- disable broken python/cython bindings (for now, currently FTBFS)
+- track soname
+- tighten  subpkg deps
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Tue Apr 10 2012 Peter Robinson <pbrobinson@fedoraproject.org> - 1.1.4-1
+- New 1.1.4 release
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.1-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Thu Dec 08 2011 Bastien Nocera <bnocera@redhat.com> 1.1.1-4
+- All the version of Fedora are > 13 now
+
+* Thu Dec 01 2011 Bastien Nocera <bnocera@redhat.com> 1.1.1-3
+- Add iOS 5 support patches from upstream
+
+* Wed Sep 21 2011 Bastien Nocera <bnocera@redhat.com> 1.1.1-2
+- Fix compilation against recent version of gnutls
+
+* Fri Apr 29 2011 Peter Robinson <pbrobinson@gmail.com> 1.1.1-1
+- New 1.1.1 release
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Sun Dec 26 2010 Bastien Nocera <bnocera@redhat.com> 1.1.0-1
+- Update to 1.1.0
+
+* Sun Nov 28 2010 Peter Robinson <pbrobinson@gmail.com> 1.0.4-1
+- New 1.0.4 release
+
+* Mon Oct  4 2010 Peter Robinson <pbrobinson@gmail.com> 1.0.3-1
+- New 1.0.3 release
+
+* Sun Aug 01 2010 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.0.2-3
+- Allow build against swig-2.0.0
+
+* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 1.0.2-2
+- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild
+
+* Sun Jun 20 2010 Peter Robinson <pbrobinson@gmail.com> 1.0.2-1
+- New upstream stable 1.0.2 release
+
+* Wed May 12 2010 Peter Robinson <pbrobinson@gmail.com> 1.0.1-1
+- New upstream stable 1.0.1 release
+
+* Sun Mar 21 2010 Peter Robinson <pbrobinson@gmail.com> 1.0.0-1
+- New upstream stable 1.0.0 release
+
+* Mon Feb 15 2010 Peter Robinson <pbrobinson@gmail.com> 0.9.7-3
+- Add patch to fix DSO linking. Fixes bug 565084
+
+* Wed Feb  3 2010 Peter Robinson <pbrobinson@gmail.com> 0.9.7-2
+- Package review updates, add developer docs
+
+* Wed Jan 27 2010 Peter Robinson <pbrobinson@gmail.com> 0.9.7-1
+- New package for new library name. Update to 0.9.7
+
+* Sun Jan 24 2010 Peter Robinson <pbrobinson@gmail.com> 0.9.6-1
+- Update to 0.9.6 release
+
+* Sat Jan  9 2010 Peter Robinson <pbrobinson@gmail.com> 0.9.5-3
+- Updated to the new python sysarch spec file reqs
+
+* Tue Dec 15 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.5-2
+- Update python bindings
+
+* Sat Dec 12 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.5-1
+- Update to 0.9.5 release for new usbmuxd/libplist 1.0.0 final
+
+* Sat Dec 12 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.4-3
+- Rebuild for libplist .so bump
+
+* Wed Oct 28 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.4-2
+- Update from libusb to libusb1
+
+* Wed Oct 28 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.4-1
+- Update to 0.9.4 release for new usbmuxd 1.0.0-rc1
+
+* Mon Aug 10 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.3-1
+- Update to 0.9.3 release
+
+* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.1-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Wed May 13 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.1-2
+- Add new build reqs
+
+* Tue May 12 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.1-1
+- Update to official 0.9.1 release
+
+* Fri Apr 03 2009 - Bastien Nocera <bnocera@redhat.com> - 0.1.0-11.20090325git443edc8
+- Update to latest master version
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.0-10.20090103git5cde554
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Sat Jan 3 2009 Peter Robinson <pbrobinson@gmail.com> 0.1.0-9.git5cde554
+- Add back gnutls version patch
+
+* Sat Jan 3 2009 Peter Robinson <pbrobinson@gmail.com> 0.1.0-8.git5cde554
+- Upload bzipped source file
+
+* Sat Jan 3 2009 Peter Robinson <pbrobinson@gmail.com> 0.1.0-7.git5cde554
+- New git snapshot
+
+* Mon Dec 8 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-6.git8c3a01e
+- Fix devel dependency
+
+* Mon Dec 8 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-5.git8c3a01e
+- Fix gnutls check for new rawhide version
+
+* Mon Dec 8 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-4.git8c3a01e
+- Rebuild for pkgconfig
+
+* Tue Dec 2 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-3.git8c3a01e
+- Fix git file generation
+
+* Mon Dec 1 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-2.git8c3a01e
+- Updates for package review
+
+* Sat Nov 29 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-1
+- Initial package