manually send plist

0f99a693 · Spotlight Deveaux · e24faeea · 0f99a693 · 0f99a693
Unverified Commit 0f99a693 authored 6 years ago by Spotlight Deveaux
--- a/Makefile
+++ b/Makefile
@@ -7,8 +7,10 @@ CFILES = mobile_inject.c
 # include $(MAKEFILEPATH)/CoreOS/ReleaseControl/BSDCommon.make

 mobile_inject: mobile_inject.c
-	$(CC) -o mobile_inject mobile_inject.c -Wall -dead_strip -limobiledevice -lplist
+	$(CC) -o mobile_inject mobile_inject.c -Wall -limobiledevice -lplist

+clean:
+	rm mobile_inject


 # after_install:

--- a/mobile_inject.c
+++ b/mobile_inject.c
@@ -10,9 +10,9 @@
 #include <libimobiledevice/libimobiledevice.h>
 #include <libimobiledevice/lockdown.h>
 #include <libimobiledevice/afc.h>
-#include <libimobiledevice/mobile_image_mounter.h>
+#include <libimobiledevice/property_list_service.h>

-static char *real_dmg, *real_dmg_signature, *ddi_dmg;
+static char *real_dmg, *real_dmg_signature, *root_dmg;
 int timesl;

 // Taken from
@@ -75,17 +75,18 @@ Retry:	{}
    // Now we create the directory to mount our DMGs.
    assert(!afc_make_directory(afc_client, "PublicStaging"));
    afc_remove_path(afc_client, "PublicStaging/staging.dimage");
+		afc_remove_path(afc_client, "PublicStaging/root.dimage");
    qwrite(afc_client, real_dmg, "PublicStaging/staging.dimage");
-    qwrite(afc_client, ddi_dmg, "PublicStaging/ddi.dimage");
+    qwrite(afc_client, root_dmg, "PublicStaging/root.dimage");

    // Ask to start up the image mounting daemon.
    printf("Asking to mount DMGs...\n");

-		mobile_image_mounter_client_t mim_client = 0;
+		// Shortly here we'll be sending plists.
+		property_list_service_client_t mim_client = 0;
 		lockdownd_service_descriptor_t mim_descriptor = 0;
 		assert(!lockdownd_start_service(lockdown_client, "com.apple.mobile.mobile_image_mounter", &mim_descriptor));
-		assert(!mobile_image_mounter_new(dev, mim_descriptor, &mim_client));
-
+		assert(!property_list_service_client_new(dev, mim_descriptor, &mim_client));
 		// Get real DMG signature
 		int fd = open(real_dmg_signature, O_RDONLY);
 		assert(fd != -1);
@@ -93,73 +94,69 @@ Retry:	{}
 		assert(read(fd, sig, sizeof(sig)) == sizeof(sig));
 		close(fd);

+		// Formulate mount request
+		plist_t mount_request_dict = plist_new_dict();
+		plist_dict_set_item(mount_request_dict, "Command", plist_new_string("MountImage"));
+		plist_dict_set_item(mount_request_dict, "ImagePath", plist_new_string("/var/mobile/Media/PublicStaging/staging.dimage"));
+		plist_dict_set_item(mount_request_dict, "ImageType", plist_new_string("Developer"));
+		printf("%s\n", (const char*)sig);
+		plist_dict_set_item(mount_request_dict, "ImageSignature", plist_new_data((const char*)sig, sizeof(sig)));
+		print_xml(mount_request_dict);
+
+		property_list_service_error_t plist_send_err = property_list_service_send_xml_plist(mim_client, mount_request_dict);
+		if (plist_send_err != PROPERTY_LIST_SERVICE_E_SUCCESS) {
+			printf("Failed sending mount request: %d\n", plist_send_err);
+			return;
+		}
+		plist_free(mount_request_dict);
+
+		printf("Waiting %dms for lockdownd...\n", timesl);
+		usleep(timesl);
+		printf("Switching DMG signatures...\n");
+		assert(!afc_rename_path(afc_client, "PublicStaging/root.dimage", "PublicStaging/staging.dimage"));
+
+		printf("Reading response from lockdownd...\n");
 		plist_t mount_result_dict = 0;
-		mobile_image_mounter_error_t mim_err = mobile_image_mounter_mount_image(mim_client, "/var/mobile/Media/PublicStaging/staging.dimage", (const char*)sig, sizeof(sig), "Developer", &mount_result_dict);
+		property_list_service_error_t plist_recv_err = property_list_service_receive_plist(mim_client, &mount_result_dict);
+
+		if (plist_recv_err != PROPERTY_LIST_SERVICE_E_SUCCESS) {
+			printf("Failed reading mount request response: %d\n", plist_recv_err);
+			return;
+		}

-		// The following is heavily adapted from
-		// https://github.com/libimobiledevice/libimobiledevice/blob/00f8e5733f716da8032606566eac7a9e2e49514d/tools/ideviceimagemounter.c#L373-L430
 		char *status = NULL;
-		if (mim_err == MOBILE_IMAGE_MOUNTER_E_SUCCESS) {
-			if (mount_result_dict) {
-				plist_t node = plist_dict_get_item(mount_result_dict, "Status");
-				if (node) {
+		if (mount_result_dict) {
+			plist_t node = plist_dict_get_item(mount_result_dict, "Status");
+			if (node) {
 					plist_get_string_val(node, &status);
-					if (status) {
-						if (!strcmp(status, "Complete")) {
-							printf("Done.\n");
-						} else {
-							printf("unexpected status value:\n");
-							print_xml(mount_result_dict);
-							return;
-						}
-					} else {
-						printf("unexpected result:\n");
+					if (!status) {
+						printf("Error: Seems like the status given wasn't a string:\n");
 						print_xml(mount_result_dict);
 						return;
 					}
-				}
-				node = plist_dict_get_item(mount_result_dict, "Error");
-				if (node) {
-					char *error = NULL;
-					plist_get_string_val(node, &error);
-					if (error) {
-						printf("Error: %s\n", error);
-					} else {
-						printf("unexpected result:\n");
-						print_xml(mount_result_dict);
-						return;
-					}
-
-				} else {
-					print_xml(mount_result_dict);
-				}
+			} else {
+				printf("Error: Doesn't seem there was any status given:\n");
+				print_xml(mount_result_dict);
+				status = "";
 			}
 		} else {
-			printf("Failed to mount faux staging image: %d\n", err);
+			printf("Error: Doesn't seem we got any response whatsoever...\n");
 			return;
 		}
-		mobile_image_mounter_hangup(mim_client);
-		mobile_image_mounter_free(mim_client);
-
-    // Wait for lockdownd to handle mounting internally.
-    usleep(timesl);
-
-    printf("Switching DMG signatures...\n");
-    assert(!afc_rename_path(afc_client, "PublicStaging/ddi.dimage", "PublicStaging/staging.dimage"));

 		// At this point, we know it was mounted succesfully.
 		if (!strcmp(status, "Complete")) {
-		  lockdownd_service_descriptor_t helper_socket = 0;
-		  sleep(2);
-		  printf("Image mounted, running helper...\n");
-		  err = lockdownd_start_service(lockdown_client, "CopyIt", &helper_socket);
+			lockdownd_service_descriptor_t helper_socket = 0;
+			sleep(2);
+			printf("Image mounted, running helper...\n");
+			err = lockdownd_start_service(lockdown_client, "CopyIt", &helper_socket);
 			if (err != LOCKDOWN_E_SUCCESS) {
 				printf("Failed to start helper service: %d\n", err);
 				return;
 			}
-	    assert(!fcntl(helper_socket, F_SETFL, O_NONBLOCK));
-	    assert(!fcntl(0, F_SETFL, O_NONBLOCK));
-    } else {
+			assert(!fcntl(helper_socket, F_SETFL, O_NONBLOCK));
+			assert(!fcntl(0, F_SETFL, O_NONBLOCK));
+		} else {
 			printf("Failed to inject image, trying again... (if it fails, try a different time), delay ... %dus\n", timesl);
 			timesl += 1000;
 			goto Retry;
@@ -178,7 +175,7 @@ int main(int argc, char **argv)

 	real_dmg = argv[1];
 	real_dmg_signature = argv[2];
-	ddi_dmg = argv[3];
+	root_dmg = argv[3];

  assert(!idevice_event_subscribe(cb, NULL));
  // I guess loop