uint8_t spare1;
uint8_t pageSize;
uint32_t spare2;
+ uint32_t scatterOffset;
+ uint32_t teamIDOffset;
+ uint32_t spare3;
+ uint64_t codeLimit64;
} _packed;
#ifndef LDID_NOFLAGT
namespace ldid {
void Sign(const void *idata, size_t isize, std::streambuf &output, const std::string &identifier, const std::string &entitlements, const std::string &key, const Slots &slots) {
+ std::string team;
+
+#ifndef LDID_NOSMIME
+ if (!key.empty()) {
+ std::stringbuf data;
+ Stuff stuff(key);
+ auto name(X509_get_subject_name(stuff));
+ _assert(name != NULL);
+ auto index(X509_NAME_get_index_by_NID(name, NID_organizationalUnitName, -1));
+ _assert(index >= 0);
+ auto next(X509_NAME_get_index_by_NID(name, NID_organizationalUnitName, index));
+ _assert(next == -1);
+ auto entry(X509_NAME_get_entry(name, index));
+ _assert(entry != NULL);
+ auto asn(X509_NAME_ENTRY_get_data(entry));
+ _assert(asn != NULL);
+ team.assign(reinterpret_cast<char *>(ASN1_STRING_data(asn)), ASN1_STRING_length(asn));
+ }
+#endif
+
Allocate(idata, isize, output, fun([&](const MachHeader &mach_header, size_t size) -> size_t {
size_t alloc(sizeof(struct SuperBlob));
alloc += sizeof(struct CodeDirectory);
alloc += identifier.size() + 1;
+ if (!team.empty())
+ alloc += team.size() + 1;
+
if (!key.empty()) {
alloc += sizeof(struct BlobIndex);
alloc += sizeof(struct Blob);
uint32_t normal((limit + PageSize_ - 1) / PageSize_);
CodeDirectory directory;
- directory.version = Swap(uint32_t(0x00020001));
+ directory.version = Swap(uint32_t(0x00020200));
directory.flags = Swap(uint32_t(0));
- directory.hashOffset = Swap(uint32_t(sizeof(Blob) + sizeof(CodeDirectory) + identifier.size() + 1 + LDID_SHA1_DIGEST_LENGTH * special));
- directory.identOffset = Swap(uint32_t(sizeof(Blob) + sizeof(CodeDirectory)));
directory.nSpecialSlots = Swap(special);
directory.codeLimit = Swap(uint32_t(limit));
directory.nCodeSlots = Swap(normal);
directory.spare1 = 0x00;
directory.pageSize = PageShift_;
directory.spare2 = Swap(uint32_t(0));
+ directory.scatterOffset = Swap(uint32_t(0));
+ directory.spare3 = Swap(uint32_t(0));
+ directory.codeLimit64 = Swap(uint64_t(0));
+
+ uint32_t offset(sizeof(Blob) + sizeof(CodeDirectory));
+
+ directory.identOffset = Swap(uint32_t(offset));
+ offset += identifier.size() + 1;
+
+ if (team.empty())
+ directory.teamIDOffset = Swap(uint32_t(0));
+ else {
+ directory.teamIDOffset = Swap(uint32_t(offset));
+ offset += team.size() + 1;
+ }
+
+ offset += LDID_SHA1_DIGEST_LENGTH * special;
+ directory.hashOffset = Swap(uint32_t(offset));
+ offset += LDID_SHA1_DIGEST_LENGTH * normal;
+
put(data, &directory, sizeof(directory));
put(data, identifier.c_str(), identifier.size() + 1);
+ put(data, team.c_str(), team.size() + 1);
uint8_t storage[special + normal][LDID_SHA1_DIGEST_LENGTH];
uint8_t (*hashes)[LDID_SHA1_DIGEST_LENGTH] = storage + special;
else
code(base + name, fun([&](const Functor<void (std::streambuf &, std::streambuf &)> &code) {
std::string access(root + base + name);
- _assert_(Open(access, fun([&](std::streambuf &data) {
+ _assert_(Open(access, fun([&](std::streambuf &data, const void *flag) {
NullBuffer save;
code(data, save);
})), "open(): %s", access.c_str());
}
}
-void DiskFolder::Save(const std::string &path, const Functor<void (std::streambuf &)> &code) {
+void DiskFolder::Save(const std::string &path, const void *flag, const Functor<void (std::streambuf &)> &code) {
std::filebuf save;
auto from(Path(path));
commit_[from] = Temporary(save, from);
code(save);
}
-bool DiskFolder::Open(const std::string &path, const Functor<void (std::streambuf &)> &code) {
+bool DiskFolder::Open(const std::string &path, const Functor<void (std::streambuf &, const void *)> &code) {
std::filebuf data;
auto result(data.open(Path(path).c_str(), std::ios::binary | std::ios::in));
if (result == NULL)
return false;
_assert(result == &data);
- code(data);
+ code(data, NULL);
return true;
}
{
}
-void SubFolder::Save(const std::string &path, const Functor<void (std::streambuf &)> &code) {
- return parent_.Save(path_ + path, code);
+void SubFolder::Save(const std::string &path, const void *flag, const Functor<void (std::streambuf &)> &code) {
+ return parent_.Save(path_ + path, flag, code);
}
-bool SubFolder::Open(const std::string &path, const Functor<void (std::streambuf &)> &code) {
+bool SubFolder::Open(const std::string &path, const Functor<void (std::streambuf &, const void *)> &code) {
return parent_.Open(path_ + path, code);
}
return parent_.Find(path_ + path, code);
}
+std::string UnionFolder::Map(const std::string &path) {
+ auto remap(remaps_.find(path));
+ if (remap == remaps_.end())
+ return path;
+ return remap->second;
+}
+
+void UnionFolder::Map(const std::string &path, const Functor<void (const std::string &, const Functor<void (const Functor<void (std::streambuf &, std::streambuf &)> &)> &)> &code, const std::string &file, const Functor<void (const Functor<void (std::streambuf &, const void *)> &)> &save) {
+ if (file.size() >= path.size() && file.substr(0, path.size()) == path)
+ code(file.substr(path.size()), fun([&](const Functor<void (std::streambuf &, std::streambuf &)> &code) {
+ save(fun([&](std::streambuf &data, const void *flag) {
+ parent_.Save(file, flag, fun([&](std::streambuf &save) {
+ code(data, save);
+ }));
+ }));
+ }));
+}
+
UnionFolder::UnionFolder(Folder &parent) :
parent_(parent)
{
}
-void UnionFolder::Save(const std::string &path, const Functor<void (std::streambuf &)> &code) {
- return parent_.Save(path, code);
+void UnionFolder::Save(const std::string &path, const void *flag, const Functor<void (std::streambuf &)> &code) {
+ return parent_.Save(Map(path), flag, code);
}
-bool UnionFolder::Open(const std::string &path, const Functor<void (std::streambuf &)> &code) {
- auto file(files_.find(path));
- if (file == files_.end())
- return parent_.Open(path, code);
+bool UnionFolder::Open(const std::string &path, const Functor<void (std::streambuf &, const void *)> &code) {
+ auto file(resets_.find(path));
+ if (file == resets_.end())
+ return parent_.Open(Map(path), code);
+ auto &entry(file->second);
- auto &data(file->second);
+ auto &data(entry.first);
data.pubseekpos(0, std::ios::in);
- code(data);
+ code(data, entry.second);
return true;
}
void UnionFolder::Find(const std::string &path, const Functor<void (const std::string &, const Functor<void (const Functor<void (std::streambuf &, std::streambuf &)> &)> &)> &code) {
parent_.Find(path, fun([&](const std::string &name, const Functor<void (const Functor<void (std::streambuf &, std::streambuf &)> &)> &save) {
- if (files_.find(path + name) == files_.end())
+ if (deletes_.find(path + name) == deletes_.end())
code(name, save);
}));
- for (auto &file : files_)
- if (file.first.size() >= path.size() && file.first.substr(0, path.size()) == path)
- code(file.first.substr(path.size()), fun([&](const Functor<void (std::streambuf &, std::streambuf &)> &code) {
- parent_.Save(file.first, fun([&](std::streambuf &save) {
- file.second.pubseekpos(0, std::ios::in);
- code(file.second, save);
- }));
+ for (auto &reset : resets_)
+ Map(path, code, reset.first, fun([&](const Functor<void (std::streambuf &, const void *)> &code) {
+ auto &entry(reset.second);
+ entry.first.pubseekpos(0, std::ios::in);
+ code(entry.first, entry.second);
+ }));
+
+ for (auto &remap : remaps_)
+ Map(path, code, remap.first, fun([&](const Functor<void (std::streambuf &, const void *)> &code) {
+ parent_.Open(remap.second, fun([&](std::streambuf &data, const void *flag) {
+ code(data, flag);
}));
+ }));
}
#ifndef LDID_NOTOOLS
};
#ifndef LDID_NOPLIST
+void Sign(std::streambuf &buffer, std::vector<char> &hash, std::streambuf &save, const std::string &identifier, const std::string &entitlements, const std::string &key, const Slots &slots) {
+ // XXX: this is a miserable fail
+ std::stringbuf temp;
+ copy(buffer, temp);
+ auto data(temp.str());
+
+ HashProxy proxy(hash, save);
+ Sign(data.data(), data.size(), proxy, identifier, entitlements, key, slots);
+}
+
std::string Bundle(const std::string &root, Folder &folder, const std::string &key, std::map<std::string, std::vector<char>> &remote, const std::string &entitlements) {
std::string executable;
std::string identifier;
static const std::string info("Info.plist");
- _assert_(folder.Open(info, fun([&](std::streambuf &buffer) {
+ _assert_(folder.Open(info, fun([&](std::streambuf &buffer, const void *flag) {
plist_d(buffer, fun([&](plist_t node) {
executable = plist_s(plist_dict_get_item(node, "CFBundleExecutable"));
identifier = plist_s(plist_dict_get_item(node, "CFBundleIdentifier"));
auto &rules1(versions[""]);
auto &rules2(versions["2"]);
- folder.Open(signature, fun([&](std::streambuf &buffer) {
+ folder.Open(signature, fun([&](std::streambuf &buffer, const void *) {
plist_d(buffer, fun([&](plist_t node) {
// XXX: maybe attempt to preserve existing rules
}));
std::map<std::string, std::vector<char>> local;
static Expression nested("^PlugIns/[^/]*\\.appex/Info\\.plist$");
+ static Expression dylib("^[^/]*\\.dylib$");
folder.Find("", fun([&](const std::string &name, const Functor<void (const Functor<void (std::streambuf &, std::streambuf &)> &)> &code) {
if (!nested(name))
return;
code(fun([&](std::streambuf &data, std::streambuf &save) {
- HashProxy proxy(hash, save);
- copy(data, proxy);
+ if (dylib(name)) {
+ Slots slots;
+ Sign(data, hash, save, identifier, "", key, slots);
+ } else {
+ HashProxy proxy(hash, save);
+ copy(data, proxy);
+ }
}));
_assert(hash.size() == LDID_SHA1_DIGEST_LENGTH);
}
}
- folder.Save(signature, fun([&](std::streambuf &save) {
+ folder.Save(signature, NULL, fun([&](std::streambuf &save) {
HashProxy proxy(local[signature], save);
char *xml(NULL);
uint32_t size;
put(proxy, xml, size);
}));
- folder.Open(executable, fun([&](std::streambuf &buffer) {
- // XXX: this is a miserable fail
- std::stringbuf temp;
- copy(buffer, temp);
- auto data(temp.str());
-
- folder.Save(executable, fun([&](std::streambuf &save) {
+ folder.Open(executable, fun([&](std::streambuf &buffer, const void *flag) {
+ folder.Save(executable, flag, fun([&](std::streambuf &save) {
Slots slots;
slots[1] = local.at(info);
slots[3] = local.at(signature);
-
- HashProxy proxy(local[executable], save);
- Sign(data.data(), data.size(), proxy, identifier, entitlements, key, slots);
+ Sign(buffer, local[executable], save, identifier, entitlements, key, slots);
}));
}));
projects / ldid.git / blobdiff