From 0cb907e2adcfd84a08de5740c4c9c3b98db80cd3 Mon Sep 17 00:00:00 2001 From: James Magahern Date: Tue, 22 Jan 2019 23:31:36 -0800 Subject: [PATCH] Experimental SSL support --- MessagesBridge.xcodeproj/project.pbxproj | 66 +++++++++++ .../xcschemes/kordophoned.xcscheme | 2 +- README.md | 25 ++++ agentHook/hookAgent.sh | 1 + kordophone/Bridge/MBIMBridge.h | 6 +- kordophone/Bridge/MBIMBridge.m | 107 ++++++++++++++---- kordophone/Bridge/MBIMBridge_Private.h | 14 +++ kordophone/Bridge/MBIMHTTPConnection.m | 13 +++ .../Operations/MBIMFetchAttachmentOperation.m | 8 +- .../Bridge/Operations/MBIMMarkOperation.m | 4 +- .../Operations/MBIMMessagesListOperation.m | 4 +- .../Operations/MBIMSendMessageOperation.m | 2 +- .../MBIMUploadAttachmentOperation.m | 8 +- kordophone/Hooking/hooking.m | 6 +- kordophone/KPServer.pch | 14 +++ kordophone/Utilities/MBIMLogging.h | 34 ++++++ kordophone/Utilities/MBIMLogging.m | 44 +++++++ kordophone/main.m | 59 ++++++++-- 18 files changed, 370 insertions(+), 47 deletions(-) create mode 100644 kordophone/Bridge/MBIMBridge_Private.h create mode 100644 kordophone/KPServer.pch create mode 100644 kordophone/Utilities/MBIMLogging.h create mode 100644 kordophone/Utilities/MBIMLogging.m diff --git a/MessagesBridge.xcodeproj/project.pbxproj b/MessagesBridge.xcodeproj/project.pbxproj index d556933..3e6ee3e 100644 --- a/MessagesBridge.xcodeproj/project.pbxproj +++ b/MessagesBridge.xcodeproj/project.pbxproj @@ -10,6 +10,9 @@ 1AA43E8F219EBB2D00EDF1A7 /* MBIMJSONDataResponse.m in Sources */ = {isa = PBXBuildFile; fileRef = 1AA43E8E219EBB2D00EDF1A7 /* MBIMJSONDataResponse.m */; }; 1AA43E91219EBC2C00EDF1A7 /* MBIMHTTPConnection.m in Sources */ = {isa = PBXBuildFile; fileRef = 1ACFCFE3219EB45300E2C237 /* MBIMHTTPConnection.m */; }; 1AA43E95219EC38E00EDF1A7 /* MBIMHTTPUtilities.m in Sources */ = {isa = PBXBuildFile; fileRef = 1AA43E94219EC38E00EDF1A7 /* MBIMHTTPUtilities.m */; }; + 1AAB32B121F82EB7004A2A72 /* MBIMLogging.m in Sources */ = {isa = PBXBuildFile; fileRef = 1AAB32B021F82EB7004A2A72 /* MBIMLogging.m */; }; + 1AAB32B421F837BB004A2A72 /* hookAgent.sh in CopyFiles */ = {isa = PBXBuildFile; fileRef = CD83E1B5219BF78E00F4CCEA /* hookAgent.sh */; }; + 1AAB32B621F83B68004A2A72 /* Security.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 1AAB32B521F83B68004A2A72 /* Security.framework */; }; 1ACFCF2A219EB2AC00E2C237 /* HTTPConnection.h in Headers */ = {isa = PBXBuildFile; fileRef = 1ACFCE00219EB2AB00E2C237 /* HTTPConnection.h */; settings = {ATTRIBUTES = (Public, ); }; }; 1ACFCF2B219EB2AC00E2C237 /* HTTPLogging.h in Headers */ = {isa = PBXBuildFile; fileRef = 1ACFCE01219EB2AB00E2C237 /* HTTPLogging.h */; settings = {ATTRIBUTES = (Public, ); }; }; 1ACFCF2C219EB2AC00E2C237 /* HTTPMessage.h in Headers */ = {isa = PBXBuildFile; fileRef = 1ACFCE02219EB2AB00E2C237 /* HTTPMessage.h */; settings = {ATTRIBUTES = (Public, ); }; }; @@ -106,6 +109,16 @@ /* End PBXContainerItemProxy section */ /* Begin PBXCopyFilesBuildPhase section */ + 1AAB32B321F837AF004A2A72 /* CopyFiles */ = { + isa = PBXCopyFilesBuildPhase; + buildActionMask = 2147483647; + dstPath = ""; + dstSubfolderSpec = 7; + files = ( + 1AAB32B421F837BB004A2A72 /* hookAgent.sh in CopyFiles */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; CDF62330219A895D00690038 /* CopyFiles */ = { isa = PBXCopyFilesBuildPhase; buildActionMask = 2147483647; @@ -135,6 +148,11 @@ 1AA43E8E219EBB2D00EDF1A7 /* MBIMJSONDataResponse.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = MBIMJSONDataResponse.m; sourceTree = ""; }; 1AA43E93219EC38E00EDF1A7 /* MBIMHTTPUtilities.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MBIMHTTPUtilities.h; sourceTree = ""; }; 1AA43E94219EC38E00EDF1A7 /* MBIMHTTPUtilities.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = MBIMHTTPUtilities.m; sourceTree = ""; }; + 1AAB32AC21F8212E004A2A72 /* MBIMBridge_Private.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MBIMBridge_Private.h; sourceTree = ""; }; + 1AAB32AF21F82EB7004A2A72 /* MBIMLogging.h */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = MBIMLogging.h; sourceTree = ""; }; + 1AAB32B021F82EB7004A2A72 /* MBIMLogging.m */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.objc; path = MBIMLogging.m; sourceTree = ""; }; + 1AAB32B221F835BD004A2A72 /* KPServer.pch */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.c.h; path = KPServer.pch; sourceTree = ""; }; + 1AAB32B521F83B68004A2A72 /* Security.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = Security.framework; path = Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.14.Internal.sdk/System/Library/Frameworks/Security.framework; sourceTree = DEVELOPER_DIR; }; 1ACFCDE2219EB28A00E2C237 /* CocoaHTTPServer.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = CocoaHTTPServer.framework; sourceTree = BUILT_PRODUCTS_DIR; }; 1ACFCDFC219EB2AB00E2C237 /* LICENSE.txt */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; path = LICENSE.txt; sourceTree = ""; }; 1ACFCDFE219EB2AB00E2C237 /* README.markdown */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = net.daringfireball.markdown; path = README.markdown; sourceTree = ""; }; @@ -262,6 +280,7 @@ isa = PBXFrameworksBuildPhase; buildActionMask = 2147483647; files = ( + 1AAB32B621F83B68004A2A72 /* Security.framework in Frameworks */, CD14F1A7219FF2F400E7DD22 /* IMSharedUtilities.framework in Frameworks */, 1ACFCFDF219EB31400E2C237 /* CocoaHTTPServer.framework in Frameworks */, CDF62343219A9BE200690038 /* ContactsFoundation.framework in Frameworks */, @@ -310,6 +329,7 @@ 1A0C445E219A45B400F2AC00 /* Frameworks */ = { isa = PBXGroup; children = ( + 1AAB32B521F83B68004A2A72 /* Security.framework */, CD14F1A6219FF2F400E7DD22 /* IMSharedUtilities.framework */, CDF62342219A9BE200690038 /* ContactsFoundation.framework */, CDF62340219A9AAA00690038 /* EmailFoundation.framework */, @@ -327,6 +347,7 @@ children = ( CD60204C219B5D710024D9C5 /* Operations */, 1A0C4469219A4BC300F2AC00 /* MBIMBridge.h */, + 1AAB32AC21F8212E004A2A72 /* MBIMBridge_Private.h */, 1A0C446A219A4BC300F2AC00 /* MBIMBridge.m */, CD14F1A8219FF3B800E7DD22 /* MBIMUpdateQueue.h */, CD14F1A9219FF3B800E7DD22 /* MBIMUpdateQueue.m */, @@ -334,6 +355,7 @@ CD14F1AC219FFAE100E7DD22 /* MBIMConcurrentHTTPServer.m */, 1ACFCFE2219EB45300E2C237 /* MBIMHTTPConnection.h */, 1ACFCFE3219EB45300E2C237 /* MBIMHTTPConnection.m */, + 1AAB32A921F81AD0004A2A72 /* Security */, ); path = Bridge; sourceTree = ""; @@ -362,6 +384,22 @@ path = Utilities; sourceTree = ""; }; + 1AAB32A921F81AD0004A2A72 /* Security */ = { + isa = PBXGroup; + children = ( + ); + path = Security; + sourceTree = ""; + }; + 1AAB32AE21F82E73004A2A72 /* Utilities */ = { + isa = PBXGroup; + children = ( + 1AAB32AF21F82EB7004A2A72 /* MBIMLogging.h */, + 1AAB32B021F82EB7004A2A72 /* MBIMLogging.m */, + ); + path = Utilities; + sourceTree = ""; + }; 1ACFCDE3219EB28A00E2C237 /* CocoaHTTPServer */ = { isa = PBXGroup; children = ( @@ -555,10 +593,12 @@ CDF62333219A895D00690038 /* kordophone */ = { isa = PBXGroup; children = ( + 1AAB32AE21F82E73004A2A72 /* Utilities */, CD14F1A5219FF22B00E7DD22 /* Categories */, CD83E150219BDB4F00F4CCEA /* Hooking */, 1A0C446D219A4BCD00F2AC00 /* Bridge */, CDF62334219A895D00690038 /* main.m */, + 1AAB32B221F835BD004A2A72 /* KPServer.pch */, ); path = kordophone; sourceTree = ""; @@ -652,6 +692,7 @@ CD83E15D219BE91500F4CCEA /* Headers */, CD83E15E219BE91500F4CCEA /* Sources */, CD83E15F219BE91500F4CCEA /* Frameworks */, + 1AAB32B321F837AF004A2A72 /* CopyFiles */, ); buildRules = ( ); @@ -669,6 +710,7 @@ CDF6232E219A895D00690038 /* Sources */, CDF6232F219A895D00690038 /* Frameworks */, CDF62330219A895D00690038 /* CopyFiles */, + 1AAB32AD21F8245D004A2A72 /* Add current directory to rpath */, ); buildRules = ( ); @@ -743,6 +785,27 @@ }; /* End PBXResourcesBuildPhase section */ +/* Begin PBXShellScriptBuildPhase section */ + 1AAB32AD21F8245D004A2A72 /* Add current directory to rpath */ = { + isa = PBXShellScriptBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + inputFileListPaths = ( + ); + inputPaths = ( + ); + name = "Add current directory to rpath"; + outputFileListPaths = ( + ); + outputPaths = ( + ); + runOnlyForDeploymentPostprocessing = 0; + shellPath = /bin/sh; + shellScript = "# Type a script or drag a script file from your workspace to insert its path.\n\nRESULT=$(install_name_tool -delete_rpath $BUILT_PRODUCTS_DIR $BUILT_PRODUCTS_DIR/$EXECUTABLE_NAME 2> /dev/null)\n\ninstall_name_tool -add_rpath $BUILT_PRODUCTS_DIR $BUILT_PRODUCTS_DIR/$EXECUTABLE_NAME\n"; + }; +/* End PBXShellScriptBuildPhase section */ + /* Begin PBXSourcesBuildPhase section */ 1ACFCDDD219EB28A00E2C237 /* Sources */ = { isa = PBXSourcesBuildPhase; @@ -802,6 +865,7 @@ 1AA43E95219EC38E00EDF1A7 /* MBIMHTTPUtilities.m in Sources */, CDE455A421A5308D0041F5DD /* MBIMFetchAttachmentOperation.m in Sources */, CD83E156219BE10A00F4CCEA /* hooking.m in Sources */, + 1AAB32B121F82EB7004A2A72 /* MBIMLogging.m in Sources */, 1AD8936E21EFD986009B599A /* MBIMUploadAttachmentOperation.m in Sources */, CDF6233A219A8A5600690038 /* MBIMBridge.m in Sources */, CDF62335219A895D00690038 /* main.m in Sources */, @@ -1082,6 +1146,7 @@ buildSettings = { CLANG_ENABLE_MODULES = NO; CODE_SIGN_STYLE = Automatic; + GCC_PREFIX_HEADER = kordophone/KPServer.pch; PRODUCT_NAME = "$(TARGET_NAME)"; SDKROOT = macosx.internal; SYSTEM_FRAMEWORK_SEARCH_PATHS = ( @@ -1096,6 +1161,7 @@ buildSettings = { CLANG_ENABLE_MODULES = NO; CODE_SIGN_STYLE = Automatic; + GCC_PREFIX_HEADER = kordophone/KPServer.pch; PRODUCT_NAME = "$(TARGET_NAME)"; SDKROOT = macosx.internal; SYSTEM_FRAMEWORK_SEARCH_PATHS = ( diff --git a/MessagesBridge.xcodeproj/xcshareddata/xcschemes/kordophoned.xcscheme b/MessagesBridge.xcodeproj/xcshareddata/xcschemes/kordophoned.xcscheme index d87e6eb..d505b12 100644 --- a/MessagesBridge.xcodeproj/xcshareddata/xcschemes/kordophoned.xcscheme +++ b/MessagesBridge.xcodeproj/xcshareddata/xcschemes/kordophoned.xcscheme @@ -63,7 +63,7 @@ diff --git a/README.md b/README.md index e657bef..e8c32a4 100644 --- a/README.md +++ b/README.md @@ -15,3 +15,28 @@ If you get dyld errors running from the command line, use `install_name_tool` to ## Running You need to hook imagent first to bypass entitlements check. Look at `hookAgent.sh` + + +## SSL +If you want to run with SSL, you have to generate a self-signed certificate, and have the Mac trust the root cert. + +### Generate a root cert +1. Generate root key + `openssl genrsa -out Kordophone-root.key 4096` +2. Generate root certificate + `openssl req -x509 -new -nodes -key Kordophone-root.key -sha256 -days 1024 -out Kordophone-root.crt` + +### Create signing certificate by signing a new cert with the root cert +1. Generate signing key + `openssl genrsa -out kp.localhost.key 2048` +2. Create certificate signing request + `openssl req -new -key kp.localhost.key -out kp.localhost.csr` +3. Sign the cert with the root cert + `openssl x509 -req -in kp.localhost.csr -CA Kordophone-root.crt -CAkey Kordophone-root.key -CAcreateserial -out kp.localhost.crt -days 365 -sha256` +4. kordophoned works with a signing cert in PKCS12 format. Convert the cert and the privkey to PKCS12 + `openssl pkcs12 -export -in kp.localhost.crt -inkey kp.localhost.key -out certificate.p12 -name "Kordophone"` + +### Start kordophone with the SSL options and provide the p12 +`kordophoned -s -c certificate.p12` + + diff --git a/agentHook/hookAgent.sh b/agentHook/hookAgent.sh index 5631265..3c6541b 100755 --- a/agentHook/hookAgent.sh +++ b/agentHook/hookAgent.sh @@ -16,4 +16,5 @@ echo "Telling imagent to launch with inserted libraries for uid $EUID" sudo launchctl debug gui/$EUID/com.apple.imagent --environment DYLD_INSERT_LIBRARIES=$LIB_PATH launchctl kill SIGKILL gui/501/com.apple.imagent +echo "\nYou might have to kill imagent for changes to take effect (killall imagent)" diff --git a/kordophone/Bridge/MBIMBridge.h b/kordophone/Bridge/MBIMBridge.h index a6a5572..d44ce62 100644 --- a/kordophone/Bridge/MBIMBridge.h +++ b/kordophone/Bridge/MBIMBridge.h @@ -14,9 +14,13 @@ NS_ASSUME_NONNULL_BEGIN @interface MBIMBridge : NSObject -@property (nonatomic, assign) const char *dylibPath; +@property (nonatomic, strong) NSString *dylibPath; +@property (nonatomic, assign) UInt16 port; @property (nonatomic, readonly) NSOperationQueue *operationQueue; +@property (nonatomic, assign) BOOL usesSSL; +@property (nonatomic, strong) NSString *sslCertPath; + + (instancetype)sharedInstance; - (instancetype)init NS_UNAVAILABLE; diff --git a/kordophone/Bridge/MBIMBridge.m b/kordophone/Bridge/MBIMBridge.m index ff2e01a..1a88222 100644 --- a/kordophone/Bridge/MBIMBridge.m +++ b/kordophone/Bridge/MBIMBridge.m @@ -7,6 +7,7 @@ // #import "MBIMBridge.h" +#import "MBIMBridge_Private.h" #import "MBIMBridgeOperation.h" #import "MBIMConcurrentHTTPServer.h" #import "MBIMHTTPConnection.h" @@ -21,9 +22,14 @@ #import #import +static const UInt16 kDefaultPort = 5738; + static NSString *const MBIMBridgeToken = @"net.buzzert.kordophone"; -@interface MBIMBridge (/* INTERNAL */) +@interface MBIMBridge (/* INTERNAL */) { + __strong NSArray *_sslCertificateAndIdentity; +} + @property (nonatomic, strong) MBIMConcurrentHTTPServer *httpServer; @property (nonatomic, strong) NSOperationQueue *operationQueue; @@ -47,11 +53,7 @@ static NSString *const MBIMBridgeToken = @"net.buzzert.kordophone"; { self = [super init]; if (self) { - [self registerForNotifications]; - [self startWebServer]; - - [sDaemonController setDelegate:self]; - [sDaemonListener addHandler:self]; + self.port = kDefaultPort; _operationQueue = [[NSOperationQueue alloc] init]; _operationQueue.maxConcurrentOperationCount = 5; @@ -63,7 +65,58 @@ static NSString *const MBIMBridgeToken = @"net.buzzert.kordophone"; - (void)_terminate { // *shrug* - exit(0); + exit(1); +} + +- (NSArray *)sslCertificateAndIdentity +{ + if (!_sslCertificateAndIdentity && self.sslCertPath) { + // Get the p12 + NSError *error = nil; + NSData *certData = [NSData dataWithContentsOfFile:self.sslCertPath options:0 error:&error]; + if (!certData || error) { + MBIMLogError(@"Unable to load SSL certificate from file: %@", [error localizedDescription]); + return nil; + } + + CFArrayRef items = nil; + OSStatus status = SecPKCS12Import( + (__bridge CFDataRef)certData, + (__bridge CFDictionaryRef) @{ + (__bridge id)kSecImportExportPassphrase : @"xNAq3vn)^PNu}[&gyQ4MZeV?J" + }, + &items + ); + + if (status != noErr) { + MBIMLogError(@"Error importing PKCS12: SecPKCS12Import status: %d", status); + return nil; + } + + CFDictionaryRef certDict = CFArrayGetValueAtIndex(items, 0); + if (!certDict) { + MBIMLogError(@"Error parsing the SSL certificate"); + return nil; + } + + SecIdentityRef identity = (SecIdentityRef)CFDictionaryGetValue(certDict, kSecImportItemIdentity); + _sslCertificateAndIdentity = @[ (__bridge id)identity ]; + } + + return _sslCertificateAndIdentity; +} + +- (void)checkSSLCertificate +{ + if (self.usesSSL) { + NSArray *certAndIdentity = [self sslCertificateAndIdentity]; + if ([certAndIdentity count]) { + MBIMLogInfo(@"SSL Certificate looks okay"); + } else { + MBIMLogFatal(@"Wasn't able to load SSL certificate. Bailing..."); + [self _terminate]; + } + } } #pragma mark - @@ -76,18 +129,26 @@ static NSString *const MBIMBridgeToken = @"net.buzzert.kordophone"; BOOL hooked = HookIMAgent(self.dylibPath, &errorString); if (!hooked) { NSString *errorNSString = [NSString stringWithUTF8String:errorString]; - NSLog(@"Error hooking imagent: %@", errorNSString); + MBIMLogInfo(@"Error hooking imagent: %@", errorNSString); return; } #endif - if (![sDaemonController hasListenerForID: MBIMBridgeToken]) { + [self registerForNotifications]; + + [sDaemonController setDelegate:self]; + [sDaemonListener addHandler:self]; + + if (![sDaemonController hasListenerForID:MBIMBridgeToken]) { if (![sDaemonController addListenerID:MBIMBridgeToken capabilities:(kFZListenerCapFileTransfers | kFZListenerCapManageStatus | kFZListenerCapChats | kFZListenerCapMessageHistory | kFZListenerCapIDQueries | kFZListenerCapSendMessages)]) { - NSLog(@"Failed to connect to imagent"); + MBIMLogFatal(@"Failed to connect to imagent"); [self _terminate]; } } + + [self checkSSLCertificate]; + [self startWebServer]; } - (void)disconnect @@ -116,7 +177,7 @@ static NSString *const MBIMBridgeToken = @"net.buzzert.kordophone"; - (void)_messageReceived:(NSNotification *)notification { - NSLog(@"Received message from chat with GUID: %@", [[notification object] guid]); + MBIMLogInfo(@"Received message from chat with GUID: %@", [[notification object] guid]); IMChat *chat = [notification object]; IMMessage *message = [[notification userInfo] objectForKey:IMChatValueKey]; @@ -135,14 +196,14 @@ static NSString *const MBIMBridgeToken = @"net.buzzert.kordophone"; - (void)_chatRegistryDidLoad:(NSNotification *)notification { - NSLog(@"Loaded chat registry. %lu existing chats", (unsigned long)[sChatRegistry numberOfExistingChats]); + MBIMLogInfo(@"Loaded chat registry. %lu existing chats", (unsigned long)[sChatRegistry numberOfExistingChats]); } - (void)_chatItemsDidChange:(NSNotification *)notification { IMChat *chat = [notification object]; if (chat) { - NSLog(@"Chat items change for GUID: %@", [chat guid]); + MBIMLogInfo(@"Chat items change for GUID: %@", [chat guid]); MBIMUpdateItem *updateItem = [[MBIMUpdateItem alloc] init]; updateItem.changedChat = chat; @@ -157,11 +218,13 @@ static NSString *const MBIMBridgeToken = @"net.buzzert.kordophone"; { self.httpServer = [[MBIMConcurrentHTTPServer alloc] init]; [self.httpServer setConnectionClass:[MBIMHTTPConnection class]]; - [self.httpServer setPort:8080]; + [self.httpServer setPort:self.port]; NSError *error = nil; if (![self.httpServer start:&error]) { - NSLog(@"Error starting HTTP server: %@", [error localizedDescription]); + MBIMLogError(@"Error starting HTTP server: %@", [error localizedDescription]); + } else { + MBIMLogNotify(@"Started Kordophone HTTP server on port %u", self.port); } } @@ -170,31 +233,31 @@ static NSString *const MBIMBridgeToken = @"net.buzzert.kordophone"; - (void)daemonControllerWillConnect { - NSLog(@"Connecting to imagent..."); + MBIMLogInfo(@"Connecting to imagent..."); } - (void)daemonControllerDidConnect { - NSLog(@"imagent responded."); + MBIMLogInfo(@"imagent responded."); IMAccount *iMessageAccount = [[IMAccountController sharedInstance] bestAccountForService:[IMServiceImpl iMessageService]]; if (iMessageAccount) { - NSLog(@"Successfully got accounts from imagent"); - NSLog(@"iMessage account connected: %@", iMessageAccount); + MBIMLogInfo(@"Successfully got accounts from imagent"); + MBIMLogInfo(@"iMessage account connected: %@", iMessageAccount); } else { - NSLog(@"imagent returned no accounts (not entitled?)"); + MBIMLogFatal(@"ERROR: imagent returned no accounts (not entitled? speak with Agent Hook)"); [self _terminate]; } } - (void)daemonControllerDidDisconnect { - NSLog(@"Disconnected from imagent"); + MBIMLogInfo(@"Disconnected from imagent"); } - (void)daemonConnectionLost { - NSLog(@"Connection lost to imagent"); + MBIMLogError(@"Connection lost to imagent"); } @end diff --git a/kordophone/Bridge/MBIMBridge_Private.h b/kordophone/Bridge/MBIMBridge_Private.h new file mode 100644 index 0000000..8d1b80d --- /dev/null +++ b/kordophone/Bridge/MBIMBridge_Private.h @@ -0,0 +1,14 @@ +// +// MBIMBridge_Private.h +// MessagesBridge +// +// Created by James Magahern on 1/22/19. +// Copyright © 2019 James Magahern. All rights reserved. +// + +#import "MBIMBridge.h" + +@interface MBIMBridge (/*PRIVATE*/) +- (NSArray *)sslCertificateAndIdentity; + +@end diff --git a/kordophone/Bridge/MBIMHTTPConnection.m b/kordophone/Bridge/MBIMHTTPConnection.m index 5773681..da32de6 100644 --- a/kordophone/Bridge/MBIMHTTPConnection.m +++ b/kordophone/Bridge/MBIMHTTPConnection.m @@ -9,13 +9,26 @@ #import "MBIMHTTPConnection.h" #import "MBIMBridge.h" +#import "MBIMBridge_Private.h" #import "MBIMBridgeOperation.h" +#import + @implementation MBIMHTTPConnection { NSMutableData *_bodyData; MBIMBridgeOperation *_currentOperation; } +- (BOOL)isSecureServer +{ + return [[MBIMBridge sharedInstance] usesSSL]; +} + +- (NSArray *)sslIdentityAndCertificates +{ + return [[MBIMBridge sharedInstance] sslCertificateAndIdentity]; +} + - (BOOL)supportsMethod:(NSString *)method atPath:(NSString *)path { if ([method isEqualToString:@"GET"] || [method isEqualToString:@"POST"]) { diff --git a/kordophone/Bridge/Operations/MBIMFetchAttachmentOperation.m b/kordophone/Bridge/Operations/MBIMFetchAttachmentOperation.m index 8d167a0..114afd0 100644 --- a/kordophone/Bridge/Operations/MBIMFetchAttachmentOperation.m +++ b/kordophone/Bridge/Operations/MBIMFetchAttachmentOperation.m @@ -27,20 +27,20 @@ NSString *guid = [self valueForQueryItemWithName:@"guid"]; if (!guid) { - NSLog(@"No query item provided"); + MBIMLogInfo(@"No query item provided"); response = [[HTTPErrorResponse alloc] initWithErrorCode:500]; break; } IMFileTransfer *transfer = [[IMFileTransferCenter sharedInstance] transferForGUID:guid]; if (!transfer) { - NSLog(@"No transfer found for guid: %@", guid); + MBIMLogInfo(@"No transfer found for guid: %@", guid); response = [[HTTPErrorResponse alloc] initWithErrorCode:404]; break; } if (![transfer existsAtLocalPath]) { - NSLog(@"We don't have the file for this yet (still downloading to server?)"); + MBIMLogInfo(@"We don't have the file for this yet (still downloading to server?)"); response = [[HTTPErrorResponse alloc] initWithErrorCode:404]; break; } @@ -48,7 +48,7 @@ NSString *localPath = [transfer localPath]; NSData *responseData = [NSData dataWithContentsOfFile:localPath]; if (!responseData) { - NSLog(@"Wasn't able to load data from local path: %@", localPath); + MBIMLogInfo(@"Wasn't able to load data from local path: %@", localPath); response = [[HTTPErrorResponse alloc] initWithErrorCode:404]; break; } diff --git a/kordophone/Bridge/Operations/MBIMMarkOperation.m b/kordophone/Bridge/Operations/MBIMMarkOperation.m index 5e5f091..08992c7 100644 --- a/kordophone/Bridge/Operations/MBIMMarkOperation.m +++ b/kordophone/Bridge/Operations/MBIMMarkOperation.m @@ -25,7 +25,7 @@ NSString *guid = [self valueForQueryItemWithName:@"guid"]; if (!guid) { - NSLog(@"No query item provided"); + MBIMLogInfo(@"No query item provided"); response = [[HTTPErrorResponse alloc] initWithErrorCode:500]; break; } @@ -33,7 +33,7 @@ dispatch_sync([[self class] sharedIMAccessQueue], ^{ IMChat *chat = [sChatRegistry existingChatWithGUID:guid]; if (!chat) { - NSLog(@"Chat with guid: %@ not found", guid); + MBIMLogInfo(@"Chat with guid: %@ not found", guid); response = [[HTTPErrorResponse alloc] initWithErrorCode:500]; } else { // TODO: be smarter about this and mark individual messages as read? Could lead diff --git a/kordophone/Bridge/Operations/MBIMMessagesListOperation.m b/kordophone/Bridge/Operations/MBIMMessagesListOperation.m index 2c5b04f..e15e121 100644 --- a/kordophone/Bridge/Operations/MBIMMessagesListOperation.m +++ b/kordophone/Bridge/Operations/MBIMMessagesListOperation.m @@ -28,7 +28,7 @@ NSString *guid = [self valueForQueryItemWithName:@"guid"]; if (!guid) { - NSLog(@"No query item provided"); + MBIMLogInfo(@"No query item provided"); response = [[HTTPErrorResponse alloc] initWithErrorCode:500]; break; } @@ -37,7 +37,7 @@ dispatch_sync([[self class] sharedIMAccessQueue], ^{ IMChat *chat = [sChatRegistry existingChatWithGUID:guid]; if (!chat) { - NSLog(@"Chat with guid: %@ not found", guid); + MBIMLogInfo(@"Chat with guid: %@ not found", guid); response = [[HTTPErrorResponse alloc] initWithErrorCode:500]; } else { // Load messages diff --git a/kordophone/Bridge/Operations/MBIMSendMessageOperation.m b/kordophone/Bridge/Operations/MBIMSendMessageOperation.m index 0d1202b..a69e21e 100644 --- a/kordophone/Bridge/Operations/MBIMSendMessageOperation.m +++ b/kordophone/Bridge/Operations/MBIMSendMessageOperation.m @@ -44,7 +44,7 @@ } if (!chat) { - NSLog(@"Chat does not exist: %@", chatGUID); + MBIMLogInfo(@"Chat does not exist: %@", chatGUID); result = NO; } else { [chat sendMessage:reply]; diff --git a/kordophone/Bridge/Operations/MBIMUploadAttachmentOperation.m b/kordophone/Bridge/Operations/MBIMUploadAttachmentOperation.m index 09db295..b77832e 100644 --- a/kordophone/Bridge/Operations/MBIMUploadAttachmentOperation.m +++ b/kordophone/Bridge/Operations/MBIMUploadAttachmentOperation.m @@ -26,14 +26,14 @@ do { NSString *filename = [self valueForQueryItemWithName:@"filename"]; if ([filename length] == 0) { - NSLog(@"No filename provided"); + MBIMLogInfo(@"No filename provided"); response = [[HTTPErrorResponse alloc] initWithErrorCode:500]; break; } NSData *attachmentData = self.requestBodyData; if ([attachmentData length] == 0) { - NSLog(@"No attachment data in request"); + MBIMLogInfo(@"No attachment data in request"); response = [[HTTPErrorResponse alloc] initWithErrorCode:500]; break; } @@ -42,14 +42,14 @@ NSURL *localURL = [NSURL fileURLWithPath:localPath]; BOOL success = [attachmentData writeToURL:localURL atomically:NO]; if (!success) { - NSLog(@"Error writing attachment to temporary directory"); + MBIMLogInfo(@"Error writing attachment to temporary directory"); response = [[HTTPErrorResponse alloc] initWithErrorCode:500]; break; } NSString *guid = [[IMFileTransferCenter sharedInstance] guidForNewOutgoingTransferWithLocalURL:localURL]; if (!guid) { - NSLog(@"There was some problem shuttling the file to IMCore"); + MBIMLogInfo(@"There was some problem shuttling the file to IMCore"); response = [[HTTPErrorResponse alloc] initWithErrorCode:500]; break; } diff --git a/kordophone/Hooking/hooking.m b/kordophone/Hooking/hooking.m index 3b98af6..0921629 100644 --- a/kordophone/Hooking/hooking.m +++ b/kordophone/Hooking/hooking.m @@ -13,7 +13,7 @@ BOOL HookIMAgent(const char *relativeDylibPath, char **errorString) { - NSLog(@"Hooking imagent"); + MBIMLogInfo(@"Hooking imagent"); const char *hookDylibPath = realpath(relativeDylibPath, NULL); @@ -61,10 +61,10 @@ BOOL HookIMAgent(const char *relativeDylibPath, char **errorString) return NO; } - NSLog(@"Successfully setup environment variables"); + MBIMLogInfo(@"Successfully setup environment variables"); // Kill imagent so the new one has the loaded bundle - NSLog(@"Killing imagent..."); + MBIMLogInfo(@"Killing imagent..."); int killAgentSuccess = system("killall imagent"); dispatch_after(dispatch_time(DISPATCH_TIME_NOW, (int64_t)(0.5 * NSEC_PER_SEC)), dispatch_get_main_queue(), ^{ diff --git a/kordophone/KPServer.pch b/kordophone/KPServer.pch new file mode 100644 index 0000000..bb2f752 --- /dev/null +++ b/kordophone/KPServer.pch @@ -0,0 +1,14 @@ +// +// KPServer.pch +// MessagesBridge +// +// Created by James Magahern on 1/22/19. +// Copyright © 2019 James Magahern. All rights reserved. +// + +#ifndef KPServer_h +#define KPServer_h + +#include "MBIMLogging.h" + +#endif /* KPServer_h */ diff --git a/kordophone/Utilities/MBIMLogging.h b/kordophone/Utilities/MBIMLogging.h new file mode 100644 index 0000000..31ce4b9 --- /dev/null +++ b/kordophone/Utilities/MBIMLogging.h @@ -0,0 +1,34 @@ +// +// MBIMLogging.h +// kordophoned +// +// Created by James Magahern on 1/22/19. +// Copyright © 2019 James Magahern. All rights reserved. +// + +#import + +NS_ASSUME_NONNULL_BEGIN + +typedef enum { + ML_INFO, + ML_NOTIFY, + ML_ERROR, + ML_FATAL +} MBIMLogLevel; + +extern void __MBIMLogCommon(MBIMLogLevel level, NSString *format, ...); + +#define MBIMLogInfo(format, ...) \ + __MBIMLogCommon(ML_INFO, format, ##__VA_ARGS__) + +#define MBIMLogNotify(format, ...) \ + __MBIMLogCommon(ML_NOTIFY, format, ##__VA_ARGS__) + +#define MBIMLogError(format, ...) \ + __MBIMLogCommon(ML_ERROR, format, ##__VA_ARGS__) + +#define MBIMLogFatal(format, ...) \ + __MBIMLogCommon(ML_FATAL, format, ##__VA_ARGS__) + +NS_ASSUME_NONNULL_END diff --git a/kordophone/Utilities/MBIMLogging.m b/kordophone/Utilities/MBIMLogging.m new file mode 100644 index 0000000..d089e26 --- /dev/null +++ b/kordophone/Utilities/MBIMLogging.m @@ -0,0 +1,44 @@ +// +// MBIMLogging.m +// kordophoned +// +// Created by James Magahern on 1/22/19. +// Copyright © 2019 James Magahern. All rights reserved. +// + +#import "MBIMLogging.h" + +#define ESC(inner) "\033[" inner "m" +#define CLR ESC("0") +#define BLD "1;" +#define RED "31;" + +extern void __MBIMLogCommon(MBIMLogLevel level, NSString *format, ...) +{ + static dispatch_once_t onceToken; + static NSDateFormatter *dateFormatter = nil; + dispatch_once(&onceToken, ^{ + dateFormatter = [[NSDateFormatter alloc] init]; + dateFormatter.dateFormat = @"Y-MM-d HH:mm:ss"; + }); + + va_list args; + va_start(args, format); + NSString *message = [[NSString alloc] initWithFormat:format arguments:args]; + va_end(args); + + const char *c_fmt = "%s"; + if (level == ML_NOTIFY) { + // BOLD + c_fmt = ESC(BLD) "%s"; + } else if (level == ML_ERROR) { + c_fmt = ESC(RED) "%s"; + } else if (level == ML_FATAL) { + c_fmt = ESC(BLD RED) "%s"; + } + + NSString *dateStr = [dateFormatter stringFromDate:[NSDate date]]; + fprintf(stdout, "%s: ", [dateStr UTF8String]); + fprintf(stdout, c_fmt, [message UTF8String]); + fprintf(stdout, CLR "\n"); +} diff --git a/kordophone/main.m b/kordophone/main.m index 8e90311..a9a4e22 100644 --- a/kordophone/main.m +++ b/kordophone/main.m @@ -10,18 +10,62 @@ #import "MBIMBridge.h" -int main(int argc, const char * argv[]) { +void printUsage() +{ + fprintf(stderr, "Usage: kordophoned [-h] [-s | -c (certificate.p12)]\n"); + fprintf(stderr, "\t-h \t Show this help message\n"); + fprintf(stderr, "\t-s \t Use SSL (requires -c option)\n"); + fprintf(stderr, "\t-c \t SSL certificate path encoded as pkcs12\n"); +} + +int main(int argc, char *const argv[]) { @autoreleasepool { - MBIMBridge *bridge = [MBIMBridge sharedInstance]; + BOOL usesSSL = NO; + BOOL showHelp = NO; + const char *certPath = NULL; -#if HOOK_IMAGENT - if (argc < 2) { - fprintf(stderr, "Usage: kordophoned agentHook.dylib\n"); + int c = -1; + while ( (c = getopt(argc, argv, "hsc:")) != -1 ) { + switch (c) { + case 's': + usesSSL = YES; + break; + case 'c': + certPath = optarg; + break; + case 'h': + showHelp = YES; + break; + case '?': + if (optopt == 'c') { + fprintf (stderr, "Option -%c requires an argument.\n", optopt); + } else if (isprint(optopt)) { + fprintf (stderr, "Unknown option `-%c'.\n", optopt); + } else { + fprintf (stderr, "Unknown option character `\\x%x'.\n", optopt); + return 1; + } + default: + abort (); + } + } + + if (showHelp) { + printUsage(); return 1; } - bridge.dylibPath = argv[1]; -#endif + if (usesSSL && certPath == NULL) { + fprintf(stderr, "Error: wants SSL (-s) but no ssl certificate path (-c) provided\n"); + return 1; + } + + MBIMBridge *bridge = [MBIMBridge sharedInstance]; + + if (usesSSL && certPath != NULL) { + bridge.usesSSL = YES; + bridge.sslCertPath = [NSString stringWithCString:certPath encoding:NSASCIIStringEncoding]; + } [bridge connect]; @@ -30,5 +74,6 @@ int main(int argc, const char * argv[]) { [[NSRunLoop currentRunLoop] run]; } } + return 0; }