diff options
| author | Rasmus Thomsen <oss@cogitri.dev> | 2019-05-11 14:50:54 +0200 |
|---|---|---|
| committer | Kevin Daudt <kdaudt@alpinelinux.org> | 2019-06-02 15:18:54 +0000 |
| commit | f55f02836c1c99a815f30191557049b93b808167 (patch) | |
| tree | e823cbf850a96f2468ba0c7a327874e61899a8c2 /community | |
| parent | 14f65b6fd3049eaed3cfe7a11a1d280c6a5ab991 (diff) | |
| download | aports-f55f02836c1c99a815f30191557049b93b808167.tar.bz2 aports-f55f02836c1c99a815f30191557049b93b808167.tar.xz | |
community/libimobiledevice: move from community
* Modernize APKBUILD
* Fix license
* Add two upstream patches, fixing OpenSSLv1.1.x build & runtime
Closes GH-7597
Diffstat (limited to 'community')
3 files changed, 160 insertions, 0 deletions
diff --git a/community/libimobiledevice/02a0e03e24bc96bba2e5ea2438c30baf803fd137.patch b/community/libimobiledevice/02a0e03e24bc96bba2e5ea2438c30baf803fd137.patch new file mode 100644 index 0000000000..74263fe52e --- /dev/null +++ b/community/libimobiledevice/02a0e03e24bc96bba2e5ea2438c30baf803fd137.patch @@ -0,0 +1,95 @@ +Upstream: Yes +From 02a0e03e24bc96bba2e5ea2438c30baf803fd137 Mon Sep 17 00:00:00 2001 +From: Christophe Fergeau +Date: Tue, 25 Apr 2017 14:09:48 +0200 +Subject: Avoid double free with OpenSSL 1.1.0 + +Since commit OpenSSL_1_1_0-pre3~178 +https://github.com/openssl/openssl/commit/b184e3ef73200cb3b7914a603b43a5b8a074c85f +OpenSSL automatically cleans up some of its internal data when the +program exits. This conflicts with some similar clean up +libimobiledevice attempts to do, which causes a double-free. +SSL_COMP_free_compression_methods() was available in OpenSSL 1.0.2, +and is still there in 1.1.0 as a no-op, so we can use that to free +the compression methods. + +This bug can be hit with a simple idevicebackup2 --help + +==14299== Invalid read of size 4 +==14299== at 0x547AEBC: OPENSSL_sk_pop_free (stack.c:263) +==14299== by 0x508B848: ssl_library_stop (ssl_init.c:182) +==14299== by 0x5424D11: OPENSSL_cleanup (init.c:402) +==14299== by 0x5DC3134: __cxa_finalize (cxa_finalize.c:56) +==14299== by 0x53332B2: ??? (in /usr/lib64/libcrypto.so.1.1.0e) +==14299== by 0x4011232: _dl_fini (dl-fini.c:235) +==14299== by 0x5DC2DC7: __run_exit_handlers (exit.c:83) +==14299== by 0x5DC2E19: exit (exit.c:105) +==14299== by 0x5DA8604: (below main) (libc-start.c:329) +==14299== Address 0x6585590 is 0 bytes inside a block of size 40 free'd +==14299== at 0x4C2FCC8: free (vg_replace_malloc.c:530) +==14299== by 0x4E43381: sk_SSL_COMP_free (ssl.h:830) +==14299== by 0x4E434E7: internal_idevice_deinit (idevice.c:103) +==14299== by 0x5B79643: __pthread_once_slow (pthread_once.c:116) +==14299== by 0x4E5663A: thread_once (thread.c:104) +==14299== by 0x4E43525: libimobiledevice_deinitialize (idevice.c:140) +==14299== by 0x4011232: _dl_fini (dl-fini.c:235) +==14299== by 0x5DC2DC7: __run_exit_handlers (exit.c:83) +==14299== by 0x5DC2E19: exit (exit.c:105) +==14299== by 0x5DA8604: (below main) (libc-start.c:329) +==14299== Block was alloc'd at +==14299== at 0x4C2EB1B: malloc (vg_replace_malloc.c:299) +==14299== by 0x5428908: CRYPTO_zalloc (mem.c:100) +==14299== by 0x547A9AE: OPENSSL_sk_new (stack.c:108) +==14299== by 0x5087D43: sk_SSL_COMP_new (ssl.h:830) +==14299== by 0x5087D43: do_load_builtin_compressions (ssl_ciph.c:482) +==14299== by 0x5087D43: do_load_builtin_compressions_ossl_ (ssl_ciph.c:476) +==14299== by 0x5B79643: __pthread_once_slow (pthread_once.c:116) +==14299== by 0x547B198: CRYPTO_THREAD_run_once (threads_pthread.c:106) +==14299== by 0x5089F96: load_builtin_compressions (ssl_ciph.c:500) +==14299== by 0x5089F96: SSL_COMP_get_compression_methods (ssl_ciph.c:1845) +==14299== by 0x508B68B: ossl_init_ssl_base (ssl_init.c:125) +==14299== by 0x508B68B: ossl_init_ssl_base_ossl_ (ssl_init.c:25) +==14299== by 0x5B79643: __pthread_once_slow (pthread_once.c:116) +==14299== by 0x547B198: CRYPTO_THREAD_run_once (threads_pthread.c:106) +==14299== by 0x508B90A: OPENSSL_init_ssl (ssl_init.c:227) +==14299== by 0x4E43416: internal_idevice_init (idevice.c:73) += + +Signed-off-by: Christophe Fergeau <cfergeau@redhat.com> +--- + src/idevice.c | 10 +++++++++- + 1 file changed, 9 insertions(+), 1 deletion(-) + +(limited to 'src/idevice.c') + +diff --git a/src/idevice.c b/src/idevice.c +index 913038e..d1f13cb 100644 +--- a/src/idevice.c ++++ b/src/idevice.c +@@ -51,6 +51,14 @@ + #include "common/debug.h" + + #ifdef HAVE_OPENSSL ++ ++#if OPENSSL_VERSION_NUMBER < 0x10002000L ++static void SSL_COMP_free_compression_methods(void) ++{ ++ sk_SSL_COMP_free(SSL_COMP_get_compression_methods()); ++} ++#endif ++ + static mutex_t *mutex_buf = NULL; + static void locking_function(int mode, int n, const char* file, int line) + { +@@ -100,7 +108,7 @@ static void internal_idevice_deinit(void) + + EVP_cleanup(); + CRYPTO_cleanup_all_ex_data(); +- sk_SSL_COMP_free(SSL_COMP_get_compression_methods()); ++ SSL_COMP_free_compression_methods(); + #ifdef HAVE_ERR_REMOVE_THREAD_STATE + ERR_remove_thread_state(NULL); + #else +-- +cgit v1.1-32-gdbae + diff --git a/community/libimobiledevice/13bf235cac2201747de11652cf14fe2714ca0718.patch b/community/libimobiledevice/13bf235cac2201747de11652cf14fe2714ca0718.patch new file mode 100644 index 0000000000..55d004e6f5 --- /dev/null +++ b/community/libimobiledevice/13bf235cac2201747de11652cf14fe2714ca0718.patch @@ -0,0 +1,31 @@ +Upstream: Yes +From 13bf235cac2201747de11652cf14fe2714ca0718 Mon Sep 17 00:00:00 2001 +From: David Weinstein +Date: Mon, 21 Mar 2016 17:45:59 -0400 +Subject: Fix SSL version negotiation for newer versions of OpenSSL + +Depending on the OpenSSL version (and custom distribution patches), `SSLv3_method()` +would return NULL on some systems and also `SSLv23_method()` fails with some older +iOS versions... +--- + src/idevice.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +(limited to 'src/idevice.c') + +diff --git a/src/idevice.c b/src/idevice.c +index f2de6a3..1dcdae2 100644 +--- a/src/idevice.c ++++ b/src/idevice.c +@@ -703,7 +703,7 @@ LIBIMOBILEDEVICE_API idevice_error_t idevice_connection_enable_ssl(idevice_conne + } + BIO_set_fd(ssl_bio, (int)(long)connection->data, BIO_NOCLOSE); + +- SSL_CTX *ssl_ctx = SSL_CTX_new(SSLv3_method()); ++ SSL_CTX *ssl_ctx = SSL_CTX_new(TLSv1_method()); + if (ssl_ctx == NULL) { + debug_info("ERROR: Could not create SSL context."); + BIO_free(ssl_bio); +-- +cgit v1.1-32-gdbae + diff --git a/community/libimobiledevice/APKBUILD b/community/libimobiledevice/APKBUILD new file mode 100644 index 0000000000..80f8085250 --- /dev/null +++ b/community/libimobiledevice/APKBUILD @@ -0,0 +1,34 @@ +# Contributor: Francesco Colista <fcolista@alpinelinux.org> +# Maintainer: Francesco Colista <fcolista@alpinelinux.org> +pkgname=libimobiledevice +pkgver=1.2.0 +pkgrel=3 +pkgdesc="Library that talks the protocols to support iPhone and iPod Touch devices on Linux" +url="http://libimobiledevice.org/" +arch="all" +license="LGPL-2.1-or-later" +makedepends="openssl-dev libusbmuxd-dev libplist-dev" +subpackages="$pkgname-dev $pkgname-doc" +source="http://libimobiledevice.org/downloads/$pkgname-$pkgver.tar.bz2 + 13bf235cac2201747de11652cf14fe2714ca0718.patch + 02a0e03e24bc96bba2e5ea2438c30baf803fd137.patch" + +build() { + ./configure \ + --prefix=/usr \ + --disable-static \ + --without-cython + make +} + +check() { + make check +} + +package() { + make DESTDIR="$pkgdir" install +} + +sha512sums="0de5f768aeb5d62445892855d84ceaff776f6667733c351ed6c34bf9d500802762d1a06e5efdf57f33cafc9ee788041cd9b6748fb9bad6c2e4ae2f9b9aa93589 libimobiledevice-1.2.0.tar.bz2 +bd2d16c033796573baab41deac4b84850328103e9218e0afee500a2ae83aa4b97a9d2e5d3cf66ad8c9f120dc2fbf434b374994b2b3438c6c595ffbd39bf50da3 13bf235cac2201747de11652cf14fe2714ca0718.patch +50668350cc0540cab56c1f7ece2c7e48f49113c01cdfb5c2e0c8d3b8b4593edd4dceb170df97bb7f077d6af7ec7234f525d0fbcb8b9f0f03d5c36a9a9751f600 02a0e03e24bc96bba2e5ea2438c30baf803fd137.patch" |