Browse Source

libimobiledevice package update

Signed-off-by: basebuilder_pel7x64builder0 <basebuilder@powerel.org>
master
basebuilder_pel7x64builder0 6 years ago
parent
commit
7b61b17e04
  1. 61
      SOURCES/0001-Add-new-function-to-get-the-underlying-file-descript.patch
  2. 27
      SOURCES/0001-Fix-SSL-version-negotiation-for-newer-versions-of-Op.patch
  3. 40
      SOURCES/0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch
  4. 53
      SOURCES/0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch
  5. 28
      SOURCES/0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch
  6. 170
      SOURCES/0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch
  7. 31
      SOURCES/CVE-2016-5104.patch
  8. 269
      SPECS/libimobiledevice.spec

61
SOURCES/0001-Add-new-function-to-get-the-underlying-file-descript.patch

@ -0,0 +1,61 @@
From 692f7c9de72ca7fcaba51659972270d445751438 Mon Sep 17 00:00:00 2001
From: BALATON Zoltan <balaton@eik.bme.hu>
Date: Wed, 23 Sep 2015 02:19:27 +0200
Subject: [PATCH] Add new function to get the underlying file descriptor of an
idevice connection

---
include/libimobiledevice/libimobiledevice.h | 10 ++++++++++
src/idevice.c | 16 ++++++++++++++++
2 files changed, 26 insertions(+)

diff --git a/include/libimobiledevice/libimobiledevice.h b/include/libimobiledevice/libimobiledevice.h
index 016cadb..b125adf 100644
--- a/include/libimobiledevice/libimobiledevice.h
+++ b/include/libimobiledevice/libimobiledevice.h
@@ -239,6 +239,16 @@ idevice_error_t idevice_connection_enable_ssl(idevice_connection_t connection);
*/
idevice_error_t idevice_connection_disable_ssl(idevice_connection_t connection);

+/**
+ * Get the underlying file descriptor for a connection
+ *
+ * @param connection The connection to get fd of
+ * @param fd Pointer to an int where the fd is stored
+ *
+ * @return IDEVICE_E_SUCCESS if ok, otherwise an error code.
+ */
+idevice_error_t idevice_connection_get_fd(idevice_connection_t connection, int *fd);
+
/* misc */

/**
diff --git a/src/idevice.c b/src/idevice.c
index b776e84..5912aeb 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -463,6 +463,22 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive(idevice_connecti
return internal_connection_receive(connection, data, len, recv_bytes);
}

+LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_get_fd(idevice_connection_t connection, int *fd)
+{
+ if (!connection || !fd) {
+ return IDEVICE_E_INVALID_ARG;
+ }
+
+ idevice_error_t result = IDEVICE_E_UNKNOWN_ERROR;
+ if (connection->type == CONNECTION_USBMUXD) {
+ *fd = (int)(long)connection->data;
+ result = IDEVICE_E_SUCCESS;
+ } else {
+ debug_info("Unknown connection type %d", connection->type);
+ }
+ return result;
+}
+
LIBIMOBILEDEVICE_API idevice_error_t idevice_get_handle(idevice_t device, uint32_t *handle)
{
if (!device)
--
2.9.3

27
SOURCES/0001-Fix-SSL-version-negotiation-for-newer-versions-of-Op.patch

@ -0,0 +1,27 @@
From 13bf235cac2201747de11652cf14fe2714ca0718 Mon Sep 17 00:00:00 2001
From: David Weinstein <dweinst@insitusec.com>
Date: Mon, 21 Mar 2016 17:45:59 -0400
Subject: [PATCH] Fix SSL version negotiation for newer versions of OpenSSL

Depending on the OpenSSL version (and custom distribution patches), `SSLv3_method()`
would return NULL on some systems and also `SSLv23_method()` fails with some older
iOS versions...
---
src/idevice.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/idevice.c b/src/idevice.c
index f2de6a3..1dcdae2 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -703,7 +703,7 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
}
BIO_set_fd(ssl_bio, (int)(long)connection->data, BIO_NOCLOSE);

- SSL_CTX *ssl_ctx = SSL_CTX_new(SSLv3_method());
+ SSL_CTX *ssl_ctx = SSL_CTX_new(TLSv1_method());
if (ssl_ctx == NULL) {
debug_info("ERROR: Could not create SSL context.");
BIO_free(ssl_bio);
--
2.9.3

40
SOURCES/0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch

@ -0,0 +1,40 @@
From 6070126868069f2ee01ea9414f4cfbe5de285267 Mon Sep 17 00:00:00 2001
From: "Jay Freeman (saurik)" <saurik@saurik.com>
Date: Wed, 21 Oct 2015 00:39:14 -0700
Subject: [PATCH] Fix installation_proxy when using GnuTLS instead of OpenSSL

---
src/idevice.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/idevice.c b/src/idevice.c
index 7c33cdd..b776e84 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -393,10 +393,13 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive_timeout(idevice_
}

if (connection->ssl_data) {
-#ifdef HAVE_OPENSSL
uint32_t received = 0;
while (received < len) {
+#ifdef HAVE_OPENSSL
int r = SSL_read(connection->ssl_data->session, (void*)((char*)(data+received)), (int)len-received);
+#else
+ ssize_t r = gnutls_record_recv(connection->ssl_data->session, (void*)(data+received), (size_t)len-received);
+#endif
if (r > 0) {
received += r;
} else {
@@ -404,9 +407,6 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_receive_timeout(idevice_
}
}
debug_info("SSL_read %d, received %d", len, received);
-#else
- ssize_t received = gnutls_record_recv(connection->ssl_data->session, (void*)data, (size_t)len);
-#endif
if (received > 0) {
*recv_bytes = received;
return IDEVICE_E_SUCCESS;
--
2.5.0

53
SOURCES/0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch

@ -0,0 +1,53 @@
From 2a5868411c57e25802d2f16fd6b77601f10d0b72 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Fri, 29 Apr 2016 22:58:34 +0200
Subject: [PATCH] Updated gnutls certificate callback to new API (backwards
compatible)

---
src/idevice.c | 13 +++++++++++++
1 file changed, 13 insertions(+)

diff --git a/src/idevice.c b/src/idevice.c
index 5912aeb..f2de6a3 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -642,7 +642,11 @@ static const char *ssl_error_to_string(int e)
/**
* Internally used gnutls callback function that gets called during handshake.
*/
+#if GNUTLS_VERSION_NUMBER >= 0x020b07
+static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t * req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t * sign_algos, int sign_algos_length, gnutls_retr2_st * st)
+#else
static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t * req_ca_rdn, int nreqs, const gnutls_pk_algorithm_t * sign_algos, int sign_algos_length, gnutls_retr_st * st)
+#endif
{
int res = -1;
gnutls_certificate_type_t type = gnutls_certificate_type_get(session);
@@ -650,7 +654,12 @@ static int internal_cert_callback(gnutls_session_t session, const gnutls_datum_t
ssl_data_t ssl_data = (ssl_data_t)gnutls_session_get_ptr(session);
if (ssl_data && ssl_data->host_privkey && ssl_data->host_cert) {
debug_info("Passing certificate");
+#if GNUTLS_VERSION_NUMBER >= 0x020b07
+ st->cert_type = type;
+ st->key_type = GNUTLS_PRIVKEY_X509;
+#else
st->type = type;
+#endif
st->ncerts = 1;
st->cert.x509 = &ssl_data->host_cert;
st->key.x509 = ssl_data->host_privkey;
@@ -759,7 +768,11 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
debug_info("enabling SSL mode");
errno = 0;
gnutls_certificate_allocate_credentials(&ssl_data_loc->certificate);
+#if GNUTLS_VERSION_NUMBER >= 0x020b07
+ gnutls_certificate_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback);
+#else
gnutls_certificate_client_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback);
+#endif
gnutls_init(&ssl_data_loc->session, GNUTLS_CLIENT);
gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-SSL3.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL);
gnutls_credentials_set(ssl_data_loc->session, GNUTLS_CRD_CERTIFICATE, ssl_data_loc->certificate);
--
2.9.3

28
SOURCES/0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch

@ -0,0 +1,28 @@
From 72643b2b83990b9cf97cc84b285b30763d44a72d Mon Sep 17 00:00:00 2001
From: "Jay Freeman (saurik)" <saurik@saurik.com>
Date: Tue, 2 Aug 2016 03:08:04 -0700
Subject: [PATCH] idevice: Update GnuTLS code to support iOS 10

As of iOS 10 beta 4, the GnuTLS implementation idevice_connection_enable_ssl
needs to be updated to support TLS. Using +VERS-TLS-ALL did not work on some
of the devices I tested and I wasn't sure how to fix it, but +VERS-TLS1.0 is
working on every device I've tested: iOS 9.0.2, 10.0b4, 8.1.1, 6.0, and 3.0.
---
src/idevice.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/idevice.c b/src/idevice.c
index 1dcdae2..b6dfe4e 100644
--- a/src/idevice.c
+++ b/src/idevice.c
@@ -774,7 +774,7 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne
gnutls_certificate_client_set_retrieve_function(ssl_data_loc->certificate, internal_cert_callback);
#endif
gnutls_init(&ssl_data_loc->session, GNUTLS_CLIENT);
- gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-SSL3.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL);
+ gnutls_priority_set_direct(ssl_data_loc->session, "NONE:+VERS-TLS1.0:+ANON-DH:+RSA:+AES-128-CBC:+AES-256-CBC:+SHA1:+MD5:+COMP-NULL", NULL);
gnutls_credentials_set(ssl_data_loc->session, GNUTLS_CRD_CERTIFICATE, ssl_data_loc->certificate);
gnutls_session_set_ptr(ssl_data_loc->session, ssl_data_loc);

--
2.9.3

170
SOURCES/0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch

@ -0,0 +1,170 @@
From 23069d10341ce637fdad7321d447c53752dba48c Mon Sep 17 00:00:00 2001
From: Nikias Bassen <nikias@gmx.li>
Date: Fri, 4 Nov 2016 02:11:39 +0100
Subject: [PATCH] userpref: [GnuTLS] Fix pairing record generation and improve
error handling

In newer GnuTLS versions the parameters supplied to
gnutls_x509_privkey_import_rsa_raw() are actually checked for somewhat
sane values. Since we were passing the same values for all parameters,
this check fails and the device certificate is never generated.
However due to missing checks the pairing record was saved anyway, with
an empty device certificate. This led to TLS errors during communication,
leading to the "GnuTLS: Error in pull function" error message appearing
and the communication to fail.
This commit fixes the issue by passing some sane values, and also improves
the overall error handling during generation of the paring record.
---
common/userpref.c | 85 +++++++++++++++++++++++++++++--------------------------
1 file changed, 45 insertions(+), 40 deletions(-)

diff --git a/common/userpref.c b/common/userpref.c
index d22c7f5..3ae503a 100644
--- a/common/userpref.c
+++ b/common/userpref.c
@@ -643,15 +643,13 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
gnutls_x509_crt_export(host_cert, GNUTLS_X509_FMT_PEM, host_cert_pem.data, &host_cert_export_size);
host_cert_pem.size = host_cert_export_size;

- ret = USERPREF_E_UNKNOWN_ERROR;
-
gnutls_datum_t modulus = { NULL, 0 };
gnutls_datum_t exponent = { NULL, 0 };

/* now decode the PEM encoded key */
- gnutls_datum_t der_pub_key;
- if (GNUTLS_E_SUCCESS == gnutls_pem_base64_decode_alloc("RSA PUBLIC KEY", &public_key, &der_pub_key)) {
-
+ gnutls_datum_t der_pub_key = { NULL, 0 };
+ int gnutls_error = gnutls_pem_base64_decode_alloc("RSA PUBLIC KEY", &public_key, &der_pub_key);
+ if (GNUTLS_E_SUCCESS == gnutls_error) {
/* initalize asn.1 parser */
ASN1_TYPE pkcs1 = ASN1_TYPE_EMPTY;
if (ASN1_SUCCESS == asn1_array2tree(pkcs1_asn1_tab, &pkcs1, NULL)) {
@@ -670,8 +668,14 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da

ret1 = asn1_read_value(asn1_pub_key, "modulus", modulus.data, (int*)&modulus.size);
ret2 = asn1_read_value(asn1_pub_key, "publicExponent", exponent.data, (int*)&exponent.size);
- if (ASN1_SUCCESS == ret1 && ASN1_SUCCESS == ret2)
- ret = USERPREF_E_SUCCESS;
+ if (ret1 != ASN1_SUCCESS || ret2 != ASN1_SUCCESS) {
+ gnutls_free(modulus.data);
+ modulus.data = NULL;
+ modulus.size = 0;
+ gnutls_free(exponent.data);
+ exponent.data = NULL;
+ exponent.size = 0;
+ }
}
if (asn1_pub_key)
asn1_delete_structure(&asn1_pub_key);
@@ -679,12 +683,15 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
if (pkcs1)
asn1_delete_structure(&pkcs1);
} else {
- debug_info("WARNING: Could not read public key");
+ debug_info("ERROR: Could not parse public key: %s", gnutls_strerror(gnutls_error));
}

- /* now generate certificates */
- if (USERPREF_E_SUCCESS == ret && 0 != modulus.size && 0 != exponent.size) {
- gnutls_datum_t essentially_null = { (unsigned char*)strdup("abababababababab"), strlen("abababababababab") };
+ /* generate device certificate */
+ if (modulus.data && 0 != modulus.size && exponent.data && 0 != exponent.size) {
+
+ gnutls_datum_t prime_p = { (unsigned char*)"\x00\xca\x4a\x03\x13\xdf\x9d\x7a\xfd", 9 };
+ gnutls_datum_t prime_q = { (unsigned char*)"\x00\xf2\xff\xe0\x15\xd1\x60\x37\x63", 9 };
+ gnutls_datum_t coeff = { (unsigned char*)"\x32\x07\xf1\x68\x57\xdf\x9a\xf4", 8 };

gnutls_x509_privkey_t fake_privkey;
gnutls_x509_crt_t dev_cert;
@@ -692,8 +699,9 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
gnutls_x509_privkey_init(&fake_privkey);
gnutls_x509_crt_init(&dev_cert);

- if (GNUTLS_E_SUCCESS == gnutls_x509_privkey_import_rsa_raw(fake_privkey, &modulus, &exponent, &essentially_null, &essentially_null, &essentially_null, &essentially_null)) {
- /* generate device certificate */
+ gnutls_error = gnutls_x509_privkey_import_rsa_raw(fake_privkey, &modulus, &exponent, &exponent, &prime_p, &prime_q, &coeff);
+ if (GNUTLS_E_SUCCESS == gnutls_error) {
+ /* now generate device certificate */
gnutls_x509_crt_set_key(dev_cert, fake_privkey);
gnutls_x509_crt_set_serial(dev_cert, "\x00", 1);
gnutls_x509_crt_set_version(dev_cert, 3);
@@ -712,9 +720,8 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
}

gnutls_x509_crt_set_key_usage(dev_cert, GNUTLS_KEY_DIGITAL_SIGNATURE | GNUTLS_KEY_KEY_ENCIPHERMENT);
- gnutls_x509_crt_sign(dev_cert, root_cert, root_privkey);
-
- if (USERPREF_E_SUCCESS == ret) {
+ gnutls_error = gnutls_x509_crt_sign(dev_cert, root_cert, root_privkey);
+ if (GNUTLS_E_SUCCESS == gnutls_error) {
/* if everything went well, export in PEM format */
size_t export_size = 0;
gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, NULL, &export_size);
@@ -722,13 +729,11 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da
gnutls_x509_crt_export(dev_cert, GNUTLS_X509_FMT_PEM, dev_cert_pem.data, &export_size);
dev_cert_pem.size = export_size;
} else {
- debug_info("ERROR: Signing device certificate with root private key failed!");
+ debug_info("ERROR: Signing device certificate with root private key failed: %s", gnutls_strerror(gnutls_error));
}
+ } else {
+ debug_info("ERROR: Failed to import RSA key data: %s", gnutls_strerror(gnutls_error));
}
-
- if (essentially_null.data)
- free(essentially_null.data);
-
gnutls_x509_crt_deinit(dev_cert);
gnutls_x509_privkey_deinit(fake_privkey);
}
@@ -743,27 +748,27 @@ userpref_error_t pair_record_generate_keys_and_certs(plist_t pair_record, key_da

gnutls_free(der_pub_key.data);
#endif
- if (NULL != root_cert_pem.data && 0 != root_cert_pem.size &&
- NULL != host_cert_pem.data && 0 != host_cert_pem.size)
+
+ /* make sure that we have all we need */
+ if (root_cert_pem.data && 0 != root_cert_pem.size
+ && root_key_pem.data && 0 != root_key_pem.size
+ && host_cert_pem.data && 0 != host_cert_pem.size
+ && host_key_pem.data && 0 != host_key_pem.size
+ && dev_cert_pem.data && 0 != dev_cert_pem.size) {
+ /* now set keys and certificates */
+ pair_record_set_item_from_key_data(pair_record, USERPREF_DEVICE_CERTIFICATE_KEY, &dev_cert_pem);
+ pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_PRIVATE_KEY_KEY, &host_key_pem);
+ pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_CERTIFICATE_KEY, &host_cert_pem);
+ pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_PRIVATE_KEY_KEY, &root_key_pem);
+ pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_CERTIFICATE_KEY, &root_cert_pem);
ret = USERPREF_E_SUCCESS;
+ }

- /* now set keys and certificates */
- pair_record_set_item_from_key_data(pair_record, USERPREF_DEVICE_CERTIFICATE_KEY, &dev_cert_pem);
- pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_PRIVATE_KEY_KEY, &host_key_pem);
- pair_record_set_item_from_key_data(pair_record, USERPREF_HOST_CERTIFICATE_KEY, &host_cert_pem);
- pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_PRIVATE_KEY_KEY, &root_key_pem);
- pair_record_set_item_from_key_data(pair_record, USERPREF_ROOT_CERTIFICATE_KEY, &root_cert_pem);
-
- if (dev_cert_pem.data)
- free(dev_cert_pem.data);
- if (root_key_pem.data)
- free(root_key_pem.data);
- if (root_cert_pem.data)
- free(root_cert_pem.data);
- if (host_key_pem.data)
- free(host_key_pem.data);
- if (host_cert_pem.data)
- free(host_cert_pem.data);
+ free(dev_cert_pem.data);
+ free(root_key_pem.data);
+ free(root_cert_pem.data);
+ free(host_key_pem.data);
+ free(host_cert_pem.data);

return ret;
}
--
2.9.3

31
SOURCES/CVE-2016-5104.patch

@ -0,0 +1,31 @@
From df1f5c4d70d0c19ad40072f5246ca457e7f9849e Mon Sep 17 00:00:00 2001
From: Joshua Hill <posixninja@gmail.com>
Date: Tue, 29 Dec 2015 22:27:17 +0100
Subject: [PATCH] common: [security fix] Make sure sockets only listen locally

---
common/socket.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/common/socket.c b/common/socket.c
index b276864..e2968a6 100644
--- a/common/socket.c
+++ b/common/socket.c
@@ -172,7 +172,7 @@ int socket_create(uint16_t port)

memset((void *) &saddr, 0, sizeof(saddr));
saddr.sin_family = AF_INET;
- saddr.sin_addr.s_addr = htonl(INADDR_ANY);
+ saddr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
saddr.sin_port = htons(port);

if (0 > bind(sfd, (struct sockaddr *) &saddr, sizeof(saddr))) {
@@ -329,7 +329,7 @@ int socket_accept(int fd, uint16_t port)

memset(&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
- addr.sin_addr.s_addr = htonl(INADDR_ANY);
+ addr.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
addr.sin_port = htons(port);

addr_len = sizeof(addr);

269
SPECS/libimobiledevice.spec

@ -0,0 +1,269 @@
Name: libimobiledevice
Version: 1.2.0
Release: 1%{?dist}
Summary: Library for connecting to mobile devices

Group: System Environment/Libraries
License: LGPLv2+
URL: http://www.libimobiledevice.org/
Source0: http://www.libimobiledevice.org/downloads/%{name}-%{version}.tar.bz2
Patch1: 0001-Fix-installation_proxy-when-using-GnuTLS-instead-of-.patch
Patch2: CVE-2016-5104.patch
Patch3: 0001-Add-new-function-to-get-the-underlying-file-descript.patch
Patch4: 0001-Updated-gnutls-certificate-callback-to-new-API-backw.patch
Patch5: 0001-Fix-SSL-version-negotiation-for-newer-versions-of-Op.patch
Patch6: 0001-idevice-Update-GnuTLS-code-to-support-iOS-10.patch
Patch7: 0001-userpref-GnuTLS-Fix-pairing-record-generation-and-im.patch

BuildRequires: glib2-devel
BuildRequires: gnutls-devel
BuildRequires: libgcrypt-devel
BuildRequires: libplist-devel
BuildRequires: libplist-python
BuildRequires: libtasn1-devel
BuildRequires: libusbmuxd-devel
BuildRequires: libusbx-devel
BuildRequires: libxml2-devel

%description
libimobiledevice is a library for connecting to mobile devices including phones
and music players

%package devel
Summary: Development package for libimobiledevice
Group: Development/Libraries
Requires: %{name}%{?_isa} = %{version}-%{release}

%description devel
Files for development with libimobiledevice.

%package utils
Summary: Utilites for libimobiledevice
Group: Applications/System
Requires: %{name}%{?_isa} = %{version}-%{release}

%description utils
Utilites for use with libimobiledevice.

%package python
Summary: Python bindings for libimobiledevice
Group: Development/Libraries
Requires: %{name}%{?_isa} = %{version}-%{release}

%description python
Python bindings for libimobiledevice.

%prep
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1

# Fix dir permissions on html docs
chmod +x docs/html

%build
%configure --disable-static --disable-openssl --enable-dev-tools --without-cython
# Remove rpath as per https://fedoraproject.org/wiki/Packaging/Guidelines#Beware_of_Rpath
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool

make %{?_smp_mflags} V=1

%install
make install DESTDIR=%{buildroot}

#Remove libtool archives.
find %{buildroot} -type f -name "*.la" -delete

%post -p /sbin/ldconfig

%postun -p /sbin/ldconfig

%files
%{!?_licensedir:%global license %%doc}
%license COPYING.LESSER
%doc AUTHORS README
%{_libdir}/libimobiledevice.so.6*

%files utils
%doc %{_datadir}/man/man1/idevice*
%{_bindir}/idevice*

%files devel
%doc docs/html/
%{_libdir}/pkgconfig/libimobiledevice-1.0.pc
%{_libdir}/libimobiledevice.so
%{_includedir}/libimobiledevice/

%files python
#%{python_sitearch}/imobiledevice*

%changelog
* Wed Mar 01 2017 Bastien Nocera <bnocera@redhat.com> - 1.2.0-1
+ libimobiledevice-1.2.0-1
- Rebase to 1.2.0
- Fix iOS trust issues
Resolves: #1387253

* Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 1.1.5-6
- Mass rebuild 2014-01-24

* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 1.1.5-5
- Mass rebuild 2013-12-27

* Tue Nov 05 2013 Bastien Nocera <bnocera@redhat.com> 1.1.5-4
- Re-enable RPM-wide CFLAGS (regression in 1.1.5-2)
Resolves: #884524

* Mon Nov 04 2013 Bastien Nocera <bnocera@redhat.com> 1.1.5-3
- Add missing libgcrypt BR
Resolves: #884524

* Tue Oct 8 2013 Matthias Clasen <mclasen@redhat.com> - 1.1.5-2
- Disable strict aliasing (related: #884524)

* Tue Mar 19 2013 Peter Robinson <pbrobinson@fedoraproject.org> 1.1.5-1
- New 1.1.5 release

* Thu Feb 21 2013 Bastien Nocera <bnocera@redhat.com> 1.1.4-6
- Add patch to avoid multi-byte characters from being stripped
from the device name

* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.4-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

* Wed Sep 05 2012 Bastien Nocera <bnocera@redhat.com> 1.1.4-4
- Don't make upowerd crash when run under systemd (#834359)

* Fri Aug 10 2012 Rex Dieter <rdieter@fedoraproject.org> - 1.1.4-3
- disable broken python/cython bindings (for now, currently FTBFS)
- track soname
- tighten subpkg deps

* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

* Tue Apr 10 2012 Peter Robinson <pbrobinson@fedoraproject.org> - 1.1.4-1
- New 1.1.4 release

* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Thu Dec 08 2011 Bastien Nocera <bnocera@redhat.com> 1.1.1-4
- All the version of Fedora are > 13 now

* Thu Dec 01 2011 Bastien Nocera <bnocera@redhat.com> 1.1.1-3
- Add iOS 5 support patches from upstream

* Wed Sep 21 2011 Bastien Nocera <bnocera@redhat.com> 1.1.1-2
- Fix compilation against recent version of gnutls

* Fri Apr 29 2011 Peter Robinson <pbrobinson@gmail.com> 1.1.1-1
- New 1.1.1 release

* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Sun Dec 26 2010 Bastien Nocera <bnocera@redhat.com> 1.1.0-1
- Update to 1.1.0

* Sun Nov 28 2010 Peter Robinson <pbrobinson@gmail.com> 1.0.4-1
- New 1.0.4 release

* Mon Oct 4 2010 Peter Robinson <pbrobinson@gmail.com> 1.0.3-1
- New 1.0.3 release

* Sun Aug 01 2010 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.0.2-3
- Allow build against swig-2.0.0

* Wed Jul 21 2010 David Malcolm <dmalcolm@redhat.com> - 1.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild

* Sun Jun 20 2010 Peter Robinson <pbrobinson@gmail.com> 1.0.2-1
- New upstream stable 1.0.2 release

* Wed May 12 2010 Peter Robinson <pbrobinson@gmail.com> 1.0.1-1
- New upstream stable 1.0.1 release

* Sun Mar 21 2010 Peter Robinson <pbrobinson@gmail.com> 1.0.0-1
- New upstream stable 1.0.0 release

* Mon Feb 15 2010 Peter Robinson <pbrobinson@gmail.com> 0.9.7-3
- Add patch to fix DSO linking. Fixes bug 565084

* Wed Feb 3 2010 Peter Robinson <pbrobinson@gmail.com> 0.9.7-2
- Package review updates, add developer docs

* Wed Jan 27 2010 Peter Robinson <pbrobinson@gmail.com> 0.9.7-1
- New package for new library name. Update to 0.9.7

* Sun Jan 24 2010 Peter Robinson <pbrobinson@gmail.com> 0.9.6-1
- Update to 0.9.6 release

* Sat Jan 9 2010 Peter Robinson <pbrobinson@gmail.com> 0.9.5-3
- Updated to the new python sysarch spec file reqs

* Tue Dec 15 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.5-2
- Update python bindings

* Sat Dec 12 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.5-1
- Update to 0.9.5 release for new usbmuxd/libplist 1.0.0 final

* Sat Dec 12 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.4-3
- Rebuild for libplist .so bump

* Wed Oct 28 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.4-2
- Update from libusb to libusb1

* Wed Oct 28 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.4-1
- Update to 0.9.4 release for new usbmuxd 1.0.0-rc1

* Mon Aug 10 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.3-1
- Update to 0.9.3 release

* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.9.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

* Wed May 13 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.1-2
- Add new build reqs

* Tue May 12 2009 Peter Robinson <pbrobinson@gmail.com> 0.9.1-1
- Update to official 0.9.1 release

* Fri Apr 03 2009 - Bastien Nocera <bnocera@redhat.com> - 0.1.0-11.20090325git443edc8
- Update to latest master version

* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.1.0-10.20090103git5cde554
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

* Sat Jan 3 2009 Peter Robinson <pbrobinson@gmail.com> 0.1.0-9.git5cde554
- Add back gnutls version patch

* Sat Jan 3 2009 Peter Robinson <pbrobinson@gmail.com> 0.1.0-8.git5cde554
- Upload bzipped source file

* Sat Jan 3 2009 Peter Robinson <pbrobinson@gmail.com> 0.1.0-7.git5cde554
- New git snapshot

* Mon Dec 8 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-6.git8c3a01e
- Fix devel dependency

* Mon Dec 8 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-5.git8c3a01e
- Fix gnutls check for new rawhide version

* Mon Dec 8 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-4.git8c3a01e
- Rebuild for pkgconfig

* Tue Dec 2 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-3.git8c3a01e
- Fix git file generation

* Mon Dec 1 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-2.git8c3a01e
- Updates for package review

* Sat Nov 29 2008 Peter Robinson <pbrobinson@gmail.com> 0.1.0-1
- Initial package
Loading…
Cancel
Save