From 7b61b17e0459d744ff61b0f405f9a53b2e9a0ba7 Mon Sep 17 00:00:00 2001 From: basebuilder_pel7x64builder0 Date: Mon, 26 Nov 2018 17:19:07 +0100 Subject: [PATCH] libimobiledevice package update Signed-off-by: basebuilder_pel7x64builder0 --- ...-to-get-the-underlying-file-descript.patch | 61 ++++ ...negotiation-for-newer-versions-of-Op.patch | 27 ++ ..._proxy-when-using-GnuTLS-instead-of-.patch | 40 +++ ...ertificate-callback-to-new-API-backw.patch | 53 ++++ ...Update-GnuTLS-code-to-support-iOS-10.patch | 28 ++ ...Fix-pairing-record-generation-and-im.patch | 170 +++++++++++ SOURCES/CVE-2016-5104.patch | 31 ++ SPECS/libimobiledevice.spec | 269 ++++++++++++++++++ 8 files changed, 679 insertions(+) create mode 100644 SOURCES/0001-Add-new-function-to-get-the-underlying-file-descript.patch create mode 100644 SOURCES/0001-Fix-SSL-version-negotiation-for-newer-versions-of-Op.patch create mode 100644 SOURCES/0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch create mode 100644 SOURCES/0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch create mode 100644 SOURCES/0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch create mode 100644 SOURCES/0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch create mode 100644 SOURCES/CVE-2016-5104.patch create mode 100644 SPECS/libimobiledevice.spec diff --git a/SOURCES/0001-Add-new-function-to-get-the-underlying-file-descript.patch b/SOURCES/0001-Add-new-function-to-get-the-underlying-file-descript.patch new file mode 100644 index 00000000..ec966f6a --- /dev/null +++ b/SOURCES/0001-Add-new-function-to-get-the-underlying-file-descript.patch @@ -0,0 +1,61 @@ +From 692f7c9de72ca7fcaba51659972270d445751438 Mon Sep 17 00:00:00 2001 +From: BALATON Zoltan +Date: Wed, 23 Sep 2015 02:19:27 +0200 +Subject: [PATCH] Add new function to get the underlying file descriptor of an + idevice connection + +--- + include/libimobiledevice/libimobiledevice.h | 10 ++++++++++ + src/idevice.c | 16 ++++++++++++++++ + 2 files changed, 26 insertions(+) + +diff --git a/include/libimobiledevice/libimobiledevice.h b/include/libimobiledevice/libimobiledevice.h +index 016cadb..b125adf 100644 +--- a/include/libimobiledevice/libimobiledevice.h ++++ b/include/libimobiledevice/libimobiledevice.h +@@ -239,6 +239,16 @@ idevice_error_t idevice_connection_enable_ssl(idevice_connection_t connection); + */ + idevice_error_t idevice_connection_disable_ssl(idevice_connection_t connection); + ++/** ++ * Get the underlying file descriptor for a connection ++ * ++ * @param connection The connection to get fd of ++ * @param fd Pointer to an int where the fd is stored ++ * ++ * @return IDEVICE_E_SUCCESS if ok, otherwise an error code. ++ */ ++idevice_error_t idevice_connection_get_fd(idevice_connection_t connection, int *fd); ++ + /* misc */ + + /** +diff --git a/src/idevice.c b/src/idevice.c +index b776e84..5912aeb 100644 +--- a/src/idevice.c ++++ b/src/idevice.c +@@ -463,6 +463,22 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive(idevice_connecti + return internal_connection_receive(connection, data, len, recv_bytes); + } + ++LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_get_fd(idevice_connection_t connection, int *fd) ++{ ++ if (!connection || !fd) { ++ return IDEVICE_E_INVALID_ARG; ++ } ++ ++ idevice_error_t result = IDEVICE_E_UNKNOWN_ERROR; ++ if (connection->type == CONNECTION_USBMUXD) { ++ *fd = (int)(long)connection->data; ++ result = IDEVICE_E_SUCCESS; ++ } else { ++ debug_info("Unknown connection type %d", connection->type); ++ } ++ return result; ++} ++ + LIBIMOBILEDEVICE_API idevice_error_t idevice_get_handle(idevice_t device, uint32_t *handle) + { + if (!device) +-- +2.9.3 diff --git a/SOURCES/0001-Fix-SSL-version-negotiation-for-newer-versions-of-Op.patch b/SOURCES/0001-Fix-SSL-version-negotiation-for-newer-versions-of-Op.patch new file mode 100644 index 00000000..c38f38c5 --- /dev/null +++ b/SOURCES/0001-Fix-SSL-version-negotiation-for-newer-versions-of-Op.patch @@ -0,0 +1,27 @@ +From 13bf235cac2201747de11652cf14fe2714ca0718 Mon Sep 17 00:00:00 2001 +From: David Weinstein +Date: Mon, 21 Mar 2016 17:45:59 -0400 +Subject: [PATCH] Fix SSL version negotiation for newer versions of OpenSSL + +Depending on the OpenSSL version (and custom distribution patches), `SSLv3_method()` +would return NULL on some systems and also `SSLv23_method()` fails with some older +iOS versions... +--- + src/idevice.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/idevice.c b/src/idevice.c +index f2de6a3..1dcdae2 100644 +--- a/src/idevice.c ++++ b/src/idevice.c +@@ -703,7 +703,7 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne + } + BIO_set_fd(ssl_bio, (int)(long)connection->data, BIO_NOCLOSE); + +- SSL_CTX *ssl_ctx = SSL_CTX_new(SSLv3_method()); ++ SSL_CTX *ssl_ctx = SSL_CTX_new(TLSv1_method()); + if (ssl_ctx == NULL) { + debug_info("ERROR: Could not create SSL context."); + BIO_free(ssl_bio); +-- +2.9.3 diff --git a/SOURCES/0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch b/SOURCES/0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch new file mode 100644 index 00000000..0a1fc0c4 --- /dev/null +++ b/SOURCES/0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch @@ -0,0 +1,40 @@ +From 6070126868069f2ee01ea9414f4cfbe5de285267 Mon Sep 17 00:00:00 2001 +From: "Jay Freeman (saurik)" +Date: Wed, 21 Oct 2015 00:39:14 -0700 +Subject: [PATCH] Fix installation_proxy when using GnuTLS instead of OpenSSL + +--- + src/idevice.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/idevice.c b/src/idevice.c +index 7c33cdd..b776e84 100644 +--- a/src/idevice.c ++++ b/src/idevice.c +@@ -393,10 +393,13 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive_timeout(idevice_ + } + + if (connection->ssl_data) { +-#ifdef HAVE_OPENSSL + uint32_t received = 0; + while (received < len) { ++#ifdef HAVE_OPENSSL + int r = SSL_read(connection->ssl_data->session, (void*)((char*)(data+received)), (int)len-received); ++#else ++ ssize_t r = gnutls_record_recv(connection->ssl_data->session, (void*)(data+received), (size_t)len-received); ++#endif + if (r > 0) { + received += r; + } else { +@@ -404,9 +407,6 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive_timeout(idevice_ + } + } + debug_info("SSL_read %d, received %d", len, received); +-#else +- ssize_t received = gnutls_record_recv(connection->ssl_data->session, (void*)data, (size_t)len); +-#endif + if (received > 0) { + *recv_bytes = received; + return IDEVICE_E_SUCCESS; +-- +2.5.0 diff --git a/SOURCES/0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch b/SOURCES/0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch new file mode 100644 index 00000000..c0c6fa4f --- /dev/null +++ b/SOURCES/0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch @@ -0,0 +1,53 @@ +From 2a5868411c57e25802d2f16fd6b77601f10d0b72 Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Fri, 29 Apr 2016 22:58:34 +0200 +Subject: [PATCH] Updated gnutls certificate callback to new API (backwards + compatible) + +--- + src/idevice.c | 13 +++++++++++++ + 1 file changed, 13 insertions(+) + +diff --git a/src/idevice.c b/src/idevice.c +index 5912aeb..f2de6a3 100644 +--- a/src/idevice.c ++++ b/src/idevice.c +@@ -642,7 +642,11 @@ static const char *ssl_error_to_string(int e) + /** + * Internally used gnutls callback function that gets called during handshake. + */ ++#if GNUTLS_VERSION_NUMBER >= 0x020b07 ++static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t * req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t * sign_algos, int sign_algos_length, gnutls_retr2_st * st) ++#else + static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t * req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t * sign_algos, int sign_algos_length, gnutls_retr_st * st) ++#endif + { + int res = -1; + gnutls_certificate_type_t type = gnutls_certificate_type_get(session); +@@ -650,7 +654,12 @@ static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t + ssl_data_t ssl_data = (ssl_data_t)gnutls_session_get_ptr(session); + if (ssl_data && ssl_data->host_privkey && ssl_data->host_cert) { + debug_info("Passing certificate"); ++#if GNUTLS_VERSION_NUMBER >= 0x020b07 ++ st->cert_type = type; ++ st->key_type = GNUTLS_PRIVKEY_X509; ++#else + st->type = type; ++#endif + st->ncerts = 1; + st->cert.x509 = &ssl_data->host_cert; + st->key.x509 = ssl_data->host_privkey; +@@ -759,7 +768,11 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne + debug_info("enabling SSL mode"); + errno = 0; + gnutls_certificate_allocate_credentials(&ssl_data_loc->certificate); ++#if GNUTLS_VERSION_NUMBER >= 0x020b07 ++ gnutls_certificate_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback); ++#else + gnutls_certificate_client_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback); ++#endif + gnutls_init(&ssl_data_loc->session, GNUTLS_CLIENT); + gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-SSL3.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL); + gnutls_credentials_set(ssl_data_loc->session, GNUTLS_CRD_CERTIFICATE, ssl_data_loc->certificate); +-- +2.9.3 diff --git a/SOURCES/0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch b/SOURCES/0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch new file mode 100644 index 00000000..70024c91 --- /dev/null +++ b/SOURCES/0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch @@ -0,0 +1,28 @@ +From 72643b2b83990b9cf97cc84b285b30763d44a72d Mon Sep 17 00:00:00 2001 +From: "Jay Freeman (saurik)" +Date: Tue, 2 Aug 2016 03:08:04 -0700 +Subject: [PATCH] idevice: Update GnuTLS code to support iOS 10 + +As of iOS 10 beta 4, the GnuTLS implementation idevice_connection_enable_ssl +needs to be updated to support TLS. Using +VERS-TLS-ALL did not work on some +of the devices I tested and I wasn't sure how to fix it, but +VERS-TLS1.0 is +working on every device I've tested: iOS 9.0.2, 10.0b4, 8.1.1, 6.0, and 3.0. +--- + src/idevice.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/idevice.c b/src/idevice.c +index 1dcdae2..b6dfe4e 100644 +--- a/src/idevice.c ++++ b/src/idevice.c +@@ -774,7 +774,7 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne + gnutls_certificate_client_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback); + #endif + gnutls_init(&ssl_data_loc->session, GNUTLS_CLIENT); +- gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-SSL3.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL); ++ gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-TLS1.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL); + gnutls_credentials_set(ssl_data_loc->session, GNUTLS_CRD_CERTIFICATE, ssl_data_loc->certificate); + gnutls_session_set_ptr(ssl_data_loc->session, ssl_data_loc); + +-- +2.9.3 diff --git a/SOURCES/0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch b/SOURCES/0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch new file mode 100644 index 00000000..27998eee --- /dev/null +++ b/SOURCES/0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch @@ -0,0 +1,170 @@ +From 23069d10341ce637fdad7321d447c53752dba48c Mon Sep 17 00:00:00 2001 +From: Nikias Bassen +Date: Fri, 4 Nov 2016 02:11:39 +0100 +Subject: [PATCH] userpref: [GnuTLS] Fix pairing record generation and improve + error handling + +In newer GnuTLS versions the parameters supplied to +gnutls_x509_privkey_import_rsa_raw() are actually checked for somewhat +sane values. Since we were passing the same values for all parameters, +this check fails and the device certificate is never generated. +However due to missing checks the pairing record was saved anyway, with +an empty device certificate. This led to TLS errors during communication, +leading to the "GnuTLS: Error in pull function" error message appearing +and the communication to fail. +This commit fixes the issue by passing some sane values, and also improves +the overall error handling during generation of the paring record. +--- + common/userpref.c | 85 +++++++++++++++++++++++++++++-------------------------- + 1 file changed, 45 insertions(+), 40 deletions(-) + +diff --git a/common/userpref.c b/common/userpref.c +index d22c7f5..3ae503a 100644 +--- a/common/userpref.c ++++ b/common/userpref.c +@@ -643,15 +643,13 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da + gnutls_x509_crt_export(host_cert, GNUTLS_X509_FMT_PEM, host_cert_pem.data, &host_cert_export_size); + host_cert_pem.size = host_cert_export_size; + +- ret = USERPREF_E_UNKNOWN_ERROR; +- + gnutls_datum_t modulus = { NULL, 0 }; + gnutls_datum_t exponent = { NULL, 0 }; + + /* now decode the PEM encoded key */ +- gnutls_datum_t der_pub_key; +- if (GNUTLS_E_SUCCESS == gnutls_pem_base64_decode_alloc("RSA PUBLIC KEY", &public_key, &der_pub_key)) { +- ++ gnutls_datum_t der_pub_key = { NULL, 0 }; ++ int gnutls_error = gnutls_pem_base64_decode_alloc("RSA PUBLIC KEY", &public_key, &der_pub_key); ++ if (GNUTLS_E_SUCCESS == gnutls_error) { + /* initalize asn.1 parser */ + ASN1_TYPE pkcs1 = ASN1_TYPE_EMPTY; + if (ASN1_SUCCESS == asn1_array2tree(pkcs1_asn1_tab, &pkcs1, NULL)) { +@@ -670,8 +668,14 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da + + ret1 = asn1_read_value(asn1_pub_key, "modulus", modulus.data, (int*)&modulus.size); + ret2 = asn1_read_value(asn1_pub_key, "publicExponent", exponent.data, (int*)&exponent.size); +- if (ASN1_SUCCESS == ret1 && ASN1_SUCCESS == ret2) +- ret = USERPREF_E_SUCCESS; ++ if (ret1 != ASN1_SUCCESS || ret2 != ASN1_SUCCESS) { ++ gnutls_free(modulus.data); ++ modulus.data = NULL; ++ modulus.size = 0; ++ gnutls_free(exponent.data); ++ exponent.data = NULL; ++ exponent.size = 0; ++ } + } + if (asn1_pub_key) + asn1_delete_structure(&asn1_pub_key); +@@ -679,12 +683,15 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da + if (pkcs1) + asn1_delete_structure(&pkcs1); + } else { +- debug_info("WARNING: Could not read public key"); ++ debug_info("ERROR: Could not parse public key: %s", gnutls_strerror(gnutls_error)); + } + +- /* now generate certificates */ +- if (USERPREF_E_SUCCESS == ret && 0 != modulus.size && 0 != exponent.size) { +- gnutls_datum_t essentially_null = { (unsigned char*)strdup("abababababababab"), strlen("abababababababab") }; ++ /* generate device certificate */ ++ if (modulus.data && 0 != modulus.size && exponent.data && 0 != exponent.size) { ++ ++ gnutls_datum_t prime_p = { (unsigned char*)"\x00\xca\x4a\x03\x13\xdf\x9d\x7a\xfd", 9 }; ++ gnutls_datum_t prime_q = { (unsigned char*)"\x00\xf2\xff\xe0\x15\xd1\x60\x37\x63", 9 }; ++ gnutls_datum_t coeff = { (unsigned char*)"\x32\x07\xf1\x68\x57\xdf\x9a\xf4", 8 }; + + gnutls_x509_privkey_t fake_privkey; + gnutls_x509_crt_t dev_cert; +@@ -692,8 +699,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da + gnutls_x509_privkey_init(&fake_privkey); + gnutls_x509_crt_init(&dev_cert); + +- if (GNUTLS_E_SUCCESS == gnutls_x509_privkey_import_rsa_raw(fake_privkey, &modulus, &exponent, &essentially_null, &essentially_null, &essentially_null, &essentially_null)) { +- /* generate device certificate */ ++ gnutls_error = gnutls_x509_privkey_import_rsa_raw(fake_privkey, &modulus, &exponent, &exponent, &prime_p, &prime_q, &coeff); ++ if (GNUTLS_E_SUCCESS == gnutls_error) { ++ /* now generate device certificate */ + gnutls_x509_crt_set_key(dev_cert, fake_privkey); + gnutls_x509_crt_set_serial(dev_cert, "\x00", 1); + gnutls_x509_crt_set_version(dev_cert, 3); +@@ -712,9 +720,8 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da + } + + gnutls_x509_crt_set_key_usage(dev_cert, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT); +- gnutls_x509_crt_sign(dev_cert, root_cert, root_privkey); +- +- if (USERPREF_E_SUCCESS == ret) { ++ gnutls_error = gnutls_x509_crt_sign(dev_cert, root_cert, root_privkey); ++ if (GNUTLS_E_SUCCESS == gnutls_error) { + /* if everything went well, export in PEM format */ + size_t export_size = 0; + gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &export_size); +@@ -722,13 +729,11 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da + gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_cert_pem.data, &export_size); + dev_cert_pem.size = export_size; + } else { +- debug_info("ERROR: Signing device certificate with root private key failed!"); ++ debug_info("ERROR: Signing device certificate with root private key failed: %s", gnutls_strerror(gnutls_error)); + } ++ } else { ++ debug_info("ERROR: Failed to import RSA key data: %s", gnutls_strerror(gnutls_error)); + } +- +- if (essentially_null.data) +- free(essentially_null.data); +- + gnutls_x509_crt_deinit(dev_cert); + gnutls_x509_privkey_deinit(fake_privkey); + } +@@ -743,27 +748,27 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da + + gnutls_free(der_pub_key.data); + #endif +- if (NULL != root_cert_pem.data && 0 != root_cert_pem.size && +- NULL != host_cert_pem.data && 0 != host_cert_pem.size) ++ ++ /* make sure that we have all we need */ ++ if (root_cert_pem.data && 0 != root_cert_pem.size ++ && root_key_pem.data && 0 != root_key_pem.size ++ && host_cert_pem.data && 0 != host_cert_pem.size ++ && host_key_pem.data && 0 != host_key_pem.size ++ && dev_cert_pem.data && 0 != dev_cert_pem.size) { ++ /* now set keys and certificates */ ++ pair_record_set_item_from_key_data(pair_record, USERPREF_DEVICE_CERTIFICATE_KEY, &dev_cert_pem); ++ pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_PRIVATE_KEY_KEY, &host_key_pem); ++ pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_CERTIFICATE_KEY, &host_cert_pem); ++ pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_PRIVATE_KEY_KEY, &root_key_pem); ++ pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_CERTIFICATE_KEY, &root_cert_pem); + ret = USERPREF_E_SUCCESS; ++ } + +- /* now set keys and certificates */ +- pair_record_set_item_from_key_data(pair_record, USERPREF_DEVICE_CERTIFICATE_KEY, &dev_cert_pem); +- pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_PRIVATE_KEY_KEY, &host_key_pem); +- pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_CERTIFICATE_KEY, &host_cert_pem); +- pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_PRIVATE_KEY_KEY, &root_key_pem); +- pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_CERTIFICATE_KEY, &root_cert_pem); +- +- if (dev_cert_pem.data) +- free(dev_cert_pem.data); +- if (root_key_pem.data) +- free(root_key_pem.data); +- if (root_cert_pem.data) +- free(root_cert_pem.data); +- if (host_key_pem.data) +- free(host_key_pem.data); +- if (host_cert_pem.data) +- free(host_cert_pem.data); ++ free(dev_cert_pem.data); ++ free(root_key_pem.data); ++ free(root_cert_pem.data); ++ free(host_key_pem.data); ++ free(host_cert_pem.data); + + return ret; + } +-- +2.9.3 diff --git a/SOURCES/CVE-2016-5104.patch b/SOURCES/CVE-2016-5104.patch new file mode 100644 index 00000000..77b2e03b --- /dev/null +++ b/SOURCES/CVE-2016-5104.patch @@ -0,0 +1,31 @@ +From df1f5c4d70d0c19ad40072f5246ca457e7f9849e Mon Sep 17 00:00:00 2001 +From: Joshua Hill +Date: Tue, 29 Dec 2015 22:27:17 +0100 +Subject: [PATCH] common: [security fix] Make sure sockets only listen locally + +--- + common/socket.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/common/socket.c b/common/socket.c +index b276864..e2968a6 100644 +--- a/common/socket.c ++++ b/common/socket.c +@@ -172,7 +172,7 @@ int socket_create(uint16_t port) + + memset((void *) &saddr, 0, sizeof(saddr)); + saddr.sin_family = AF_INET; +- saddr.sin_addr.s_addr = htonl(INADDR_ANY); ++ saddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + saddr.sin_port = htons(port); + + if (0 > bind(sfd, (struct sockaddr *) &saddr, sizeof(saddr))) { +@@ -329,7 +329,7 @@ int socket_accept(int fd, uint16_t port) + + memset(&addr, 0, sizeof(addr)); + addr.sin_family = AF_INET; +- addr.sin_addr.s_addr = htonl(INADDR_ANY); ++ addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK); + addr.sin_port = htons(port); + + addr_len = sizeof(addr); diff --git a/SPECS/libimobiledevice.spec b/SPECS/libimobiledevice.spec new file mode 100644 index 00000000..d80e5ae7 --- /dev/null +++ b/SPECS/libimobiledevice.spec @@ -0,0 +1,269 @@ +Name: libimobiledevice +Version: 1.2.0 +Release: 1%{?dist} +Summary: Library for connecting to mobile devices + +Group: System Environment/Libraries +License: LGPLv2+ +URL: http://www.libimobiledevice.org/ +Source0: http://www.libimobiledevice.org/downloads/%{name}-%{version}.tar.bz2 +Patch1: 0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch +Patch2: CVE-2016-5104.patch +Patch3: 0001-Add-new-function-to-get-the-underlying-file-descript.patch +Patch4: 0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch +Patch5: 0001-Fix-SSL-version-negotiation-for-newer-versions-of-Op.patch +Patch6: 0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch +Patch7: 0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch + +BuildRequires: glib2-devel +BuildRequires: gnutls-devel +BuildRequires: libgcrypt-devel +BuildRequires: libplist-devel +BuildRequires: libplist-python +BuildRequires: libtasn1-devel +BuildRequires: libusbmuxd-devel +BuildRequires: libusbx-devel +BuildRequires: libxml2-devel + +%description +libimobiledevice is a library for connecting to mobile devices including phones +and music players + +%package devel +Summary: Development package for libimobiledevice +Group: Development/Libraries +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +Files for development with libimobiledevice. + +%package utils +Summary: Utilites for libimobiledevice +Group: Applications/System +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description utils +Utilites for use with libimobiledevice. + +%package python +Summary: Python bindings for libimobiledevice +Group: Development/Libraries +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description python +Python bindings for libimobiledevice. + +%prep +%setup -q +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 + +# Fix dir permissions on html docs +chmod +x docs/html + +%build +%configure --disable-static --disable-openssl --enable-dev-tools --without-cython +# Remove rpath as per https://fedoraproject.org/wiki/Packaging/Guidelines#Beware_of_Rpath +sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool +sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool + +make %{?_smp_mflags} V=1 + +%install +make install DESTDIR=%{buildroot} + +#Remove libtool archives. +find %{buildroot} -type f -name "*.la" -delete + +%post -p /sbin/ldconfig + +%postun -p /sbin/ldconfig + +%files +%{!?_licensedir:%global license %%doc} +%license COPYING.LESSER +%doc AUTHORS README +%{_libdir}/libimobiledevice.so.6* + +%files utils +%doc %{_datadir}/man/man1/idevice* +%{_bindir}/idevice* + +%files devel +%doc docs/html/ +%{_libdir}/pkgconfig/libimobiledevice-1.0.pc +%{_libdir}/libimobiledevice.so +%{_includedir}/libimobiledevice/ + +%files python +#%{python_sitearch}/imobiledevice* + +%changelog +* Wed Mar 01 2017 Bastien Nocera - 1.2.0-1 ++ libimobiledevice-1.2.0-1 +- Rebase to 1.2.0 +- Fix iOS trust issues +Resolves: #1387253 + +* Fri Jan 24 2014 Daniel Mach - 1.1.5-6 +- Mass rebuild 2014-01-24 + +* Fri Dec 27 2013 Daniel Mach - 1.1.5-5 +- Mass rebuild 2013-12-27 + +* Tue Nov 05 2013 Bastien Nocera 1.1.5-4 +- Re-enable RPM-wide CFLAGS (regression in 1.1.5-2) +Resolves: #884524 + +* Mon Nov 04 2013 Bastien Nocera 1.1.5-3 +- Add missing libgcrypt BR +Resolves: #884524 + +* Tue Oct 8 2013 Matthias Clasen - 1.1.5-2 +- Disable strict aliasing (related: #884524) + +* Tue Mar 19 2013 Peter Robinson 1.1.5-1 +- New 1.1.5 release + +* Thu Feb 21 2013 Bastien Nocera 1.1.4-6 +- Add patch to avoid multi-byte characters from being stripped + from the device name + +* Thu Feb 14 2013 Fedora Release Engineering - 1.1.4-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Wed Sep 05 2012 Bastien Nocera 1.1.4-4 +- Don't make upowerd crash when run under systemd (#834359) + +* Fri Aug 10 2012 Rex Dieter - 1.1.4-3 +- disable broken python/cython bindings (for now, currently FTBFS) +- track soname +- tighten subpkg deps + +* Thu Jul 19 2012 Fedora Release Engineering - 1.1.4-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Tue Apr 10 2012 Peter Robinson - 1.1.4-1 +- New 1.1.4 release + +* Fri Jan 13 2012 Fedora Release Engineering - 1.1.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Thu Dec 08 2011 Bastien Nocera 1.1.1-4 +- All the version of Fedora are > 13 now + +* Thu Dec 01 2011 Bastien Nocera 1.1.1-3 +- Add iOS 5 support patches from upstream + +* Wed Sep 21 2011 Bastien Nocera 1.1.1-2 +- Fix compilation against recent version of gnutls + +* Fri Apr 29 2011 Peter Robinson 1.1.1-1 +- New 1.1.1 release + +* Tue Feb 08 2011 Fedora Release Engineering - 1.1.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Sun Dec 26 2010 Bastien Nocera 1.1.0-1 +- Update to 1.1.0 + +* Sun Nov 28 2010 Peter Robinson 1.0.4-1 +- New 1.0.4 release + +* Mon Oct 4 2010 Peter Robinson 1.0.3-1 +- New 1.0.3 release + +* Sun Aug 01 2010 Orcan Ogetbil - 1.0.2-3 +- Allow build against swig-2.0.0 + +* Wed Jul 21 2010 David Malcolm - 1.0.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild + +* Sun Jun 20 2010 Peter Robinson 1.0.2-1 +- New upstream stable 1.0.2 release + +* Wed May 12 2010 Peter Robinson 1.0.1-1 +- New upstream stable 1.0.1 release + +* Sun Mar 21 2010 Peter Robinson 1.0.0-1 +- New upstream stable 1.0.0 release + +* Mon Feb 15 2010 Peter Robinson 0.9.7-3 +- Add patch to fix DSO linking. Fixes bug 565084 + +* Wed Feb 3 2010 Peter Robinson 0.9.7-2 +- Package review updates, add developer docs + +* Wed Jan 27 2010 Peter Robinson 0.9.7-1 +- New package for new library name. Update to 0.9.7 + +* Sun Jan 24 2010 Peter Robinson 0.9.6-1 +- Update to 0.9.6 release + +* Sat Jan 9 2010 Peter Robinson 0.9.5-3 +- Updated to the new python sysarch spec file reqs + +* Tue Dec 15 2009 Peter Robinson 0.9.5-2 +- Update python bindings + +* Sat Dec 12 2009 Peter Robinson 0.9.5-1 +- Update to 0.9.5 release for new usbmuxd/libplist 1.0.0 final + +* Sat Dec 12 2009 Peter Robinson 0.9.4-3 +- Rebuild for libplist .so bump + +* Wed Oct 28 2009 Peter Robinson 0.9.4-2 +- Update from libusb to libusb1 + +* Wed Oct 28 2009 Peter Robinson 0.9.4-1 +- Update to 0.9.4 release for new usbmuxd 1.0.0-rc1 + +* Mon Aug 10 2009 Peter Robinson 0.9.3-1 +- Update to 0.9.3 release + +* Fri Jul 24 2009 Fedora Release Engineering - 0.9.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Wed May 13 2009 Peter Robinson 0.9.1-2 +- Add new build reqs + +* Tue May 12 2009 Peter Robinson 0.9.1-1 +- Update to official 0.9.1 release + +* Fri Apr 03 2009 - Bastien Nocera - 0.1.0-11.20090325git443edc8 +- Update to latest master version + +* Wed Feb 25 2009 Fedora Release Engineering - 0.1.0-10.20090103git5cde554 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Sat Jan 3 2009 Peter Robinson 0.1.0-9.git5cde554 +- Add back gnutls version patch + +* Sat Jan 3 2009 Peter Robinson 0.1.0-8.git5cde554 +- Upload bzipped source file + +* Sat Jan 3 2009 Peter Robinson 0.1.0-7.git5cde554 +- New git snapshot + +* Mon Dec 8 2008 Peter Robinson 0.1.0-6.git8c3a01e +- Fix devel dependency + +* Mon Dec 8 2008 Peter Robinson 0.1.0-5.git8c3a01e +- Fix gnutls check for new rawhide version + +* Mon Dec 8 2008 Peter Robinson 0.1.0-4.git8c3a01e +- Rebuild for pkgconfig + +* Tue Dec 2 2008 Peter Robinson 0.1.0-3.git8c3a01e +- Fix git file generation + +* Mon Dec 1 2008 Peter Robinson 0.1.0-2.git8c3a01e +- Updates for package review + +* Sat Nov 29 2008 Peter Robinson 0.1.0-1 +- Initial package