Cooler ssh payload - mount script; load from rc.boot (not from /sbin/…

…reboot)

Don't redownload files if orig files are present (only rebuild)
Mux lib doesn't call reboot() on restore mode devs now.

java/gui/src/Background.java

@@ -201,11 +201,15 @@ String downloadAndProcessFile(String zipPath)
 		String downloadPath = finalPath;
 		if (needsDecrypting)
 			downloadPath = finalPath + ".orig";
-		if (!getFileFromZip(ipswUrl, zipPath, downloadPath)) {
-			gui.error("Download failed! %1s [%2s] -> %3s", ipswUrl, zipPath, downloadPath);
-			return null;
+		if (new File(downloadPath).exists()) {
+			gui.trace("Skipping download of %1s, file already exists!", finalPath);
+		} else {
+			if (!getFileFromZip(ipswUrl, zipPath, downloadPath)) {
+				gui.error("Download failed! %1s [%2s] -> %3s", ipswUrl, zipPath, downloadPath);
+				return null;
+			}
+			gui.trace("Downloaded to %1s", downloadPath);
 		}
-		gui.trace("Downloaded to %1s", downloadPath);
 
 		if (needsDecrypting) {
 			String decryptedPath = finalPath + ".dec";

java/gui/src/res/all_keys.plist

@@ -40,7 +40,7 @@
 		<key>build</key>
 		<string>8A400</string>
 	</dict>
-	<key>n88ap.bak</key>
+	<key>n88ap</key>
 	<dict>
 		<key>device</key>
 		<string>iphone21</string>
@@ -277,7 +277,7 @@
 		<key>restoredmg</key>
 		<string>038-3848-002</string>
 	</dict>
-	<key>n88ap</key>
+	<key>n88ap.435</key>
 	<dict>
 		<key>ramdisknotencrypted</key>
 		<string>true</string>

java/gui/sshtar/bin/mount.sh

@@ -0,0 +1,69 @@
+#!/bin/sh
+
+# Script to mount the volumes..
+
+MOUNTS=$(mount)
+
+while read LINE
+do 
+    set $LINE
+    if [ $3 == "/mnt1" ]
+    then 
+        MNT1=$1
+    else 
+        if [ $3 == "/mnt2" ]
+        then
+            MNT2=$1
+        fi
+    fi
+done <<< "$MOUNTS"
+
+if [ -z $MNT1 ]
+then
+    if [ -b /dev/disk0s1s1 ]
+    then # iOS5
+        echo "Mounting /dev/disk0s1s1 on /mnt1 .."
+        mount_hfs /dev/disk0s1s1 /mnt1
+    else
+        if [ -b /dev/disk0s1 ]
+        then
+            echo "Checking /dev/disk0s1 .."
+            fsck_hfs /dev/disk0s1
+
+            echo "Mounting /dev/disk0s1 on /mnt1 .."
+            mount_hfs /dev/disk0s1 /mnt1
+        else
+            echo "Could not mount system volume; retry later or file a bug."
+        fi
+    fi
+else
+    echo "$MNT1 already mounted on /mnt1"
+fi
+
+if [ -z $MNT2 ]
+then
+    if [ -b /dev/disk0s1s2 ]
+    then # iOS5
+        echo "Mounting /dev/disk0s1s2 on /mnt2 .."
+        mount_hfs /dev/disk0s1s2 /mnt2
+    else
+        if [ -b /dev/disk0s2s1 ]
+        then # iOS 4
+            echo "Mounting /dev/disk0s2s1 on /mnt2 .."
+            mount_hfs /dev/disk0s2s1 /mnt2
+        else 
+            if [ -b /dev/disk0s2 ]
+            then # iOS3 .. maybe?
+                echo "Checking /dev/disk0s2 .."
+                fsck_hfs /dev/disk0s2
+
+                echo "Mounting /dev/disk0s2 on /mnt2 .."
+                mount_hfs /dev/disk0s2 /mnt2
+            else
+                echo "Could not mount user data volume; retry later or file a bug."
+            fi
+        fi
+    fi
+else
+    echo "$MNT2 already mounted on /mnt2"
+fi

java/gui/sshtar/bin/sh

@@ -0,0 +1 @@
+bash

java/gui/sshtar/etc/rc.boot

@@ -0,0 +1,27 @@
+#!/bin/sh
+
+# remount r/w
+
+mount /
+
+# free space
+
+rm /usr/local/standalone/firmware/*
+rm /usr/standalone/firmware/*
+mv /sbin/reboot /sbin/reboot_bak
+
+# Fix the auto-boot
+
+nvram auto-boot=1
+
+# Start SSHD
+
+/sbin/sshd
+
+# Do the stuff original rc.boot did 
+
+/usr/local/bin/restored_external
+/usr/local/bin/restored_update
+/usr/local/bin/restored
+/usr/libexec/ramrod/ramrod
+

java/gui/sshtar/etc/ssh/ssh_config

@@ -0,0 +1,47 @@
+#	$OpenBSD: ssh_config,v 1.23 2007/06/08 04:40:40 pvalchev Exp $
+
+# This is the ssh client system-wide configuration file.  See
+# ssh_config(5) for more information.  This file provides defaults for
+# users, and the values can be changed in per-user configuration files
+# or on the command line.
+
+# Configuration data is parsed as follows:
+#  1. command line options
+#  2. user-specific file
+#  3. system-wide file
+# Any configuration value is only changed the first time it is set.
+# Thus, host-specific definitions should be at the beginning of the
+# configuration file, and defaults at the end.
+
+# Site-wide defaults for some commonly used options.  For a comprehensive
+# list of available options, their meanings and defaults, please see the
+# ssh_config(5) man page.
+
+Host *
+#   ForwardAgent no
+    ForwardX11 yes
+#   RhostsRSAAuthentication no
+#   RSAAuthentication yes
+#   PasswordAuthentication yes
+#   HostbasedAuthentication no
+#   GSSAPIAuthentication no
+#   GSSAPIDelegateCredentials no
+#   BatchMode no
+#   CheckHostIP yes
+#   AddressFamily any
+#   ConnectTimeout 0
+#   StrictHostKeyChecking ask
+#   IdentityFile ~/.ssh/identity
+#   IdentityFile ~/.ssh/id_rsa
+#   IdentityFile ~/.ssh/id_dsa
+#   Port 22
+#   Protocol 2,1
+#   Cipher 3des
+#   Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
+#   MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
+#   EscapeChar ~
+#   Tunnel no
+#   TunnelDevice any:any
+#   PermitLocalCommand no
+    SendEnv LANG LC_*
+    HashKnownHosts yes

java/gui/sshtar/etc/ssh/ssh_host_dsa_key

@@ -0,0 +1,12 @@
+-----BEGIN DSA PRIVATE KEY-----
+MIIBugIBAAKBgQCRAGVU3NY06gtd07VcxT7aSIAsGi0qIBf2r28iyfCJPpSh3LR4
+xebYsSc001qAbk7B1D3gjXcaQbG8zhkGAF5UhhgRoYNx++E5AdGWL6f3N2SQGRg0
+ELEDeo9uhYrKj38EWSVz5W/DSxdGxezUQkOrGdF/zyM6HWMMJMe+JviHhQIVAK1k
+B5keEFfXSkdZLwJiJNSMAwsTAoGAd0Si4TUTtbfA2q7vg7erjkE/lQ2aYqyxXycH
+ldhe9maAuDop9pLvPF88AH3FU/QOSRzl8ANm27qDfqz4X5Pj4aVezPDCte8JTPCY
+Y7UJBlG23suXOz7oZ5mT4lWiWxHkf2pA929WYKAqpA5Yku0mvezWTYIndi7aEvIQ
+qinwGZQCgYBGA/No8/0tsIxfueku6kZVtHJezEHA/DXK3VtZQhJqpQSDmc6ac6RK
+hbSaV9Q9SISxUQoermq2mC3563hfadTdDonbdS4hHsfp8GYw2XWWKTKMJIfQfBh0
+n4tH543Sfdvo+irLNRkw7kms5P96cPp0ec/JTbQjkAhXEMc1hcJBKQIUcefuKx6J
+CgXM1qqWQzmh6Yxvp44=
+-----END DSA PRIVATE KEY-----

java/gui/sshtar/etc/ssh/ssh_host_dsa_key.pub

@@ -0,0 +1 @@
+ssh-dss AAAAB3NzaC1kc3MAAACBAJEAZVTc1jTqC13TtVzFPtpIgCwaLSogF/avbyLJ8Ik+lKHctHjF5tixJzTTWoBuTsHUPeCNdxpBsbzOGQYAXlSGGBGhg3H74TkB0ZYvp/c3ZJAZGDQQsQN6j26FisqPfwRZJXPlb8NLF0bF7NRCQ6sZ0X/PIzodYwwkx74m+IeFAAAAFQCtZAeZHhBX10pHWS8CYiTUjAMLEwAAAIB3RKLhNRO1t8Daru+Dt6uOQT+VDZpirLFfJweV2F72ZoC4Oin2ku88XzwAfcVT9A5JHOXwA2bbuoN+rPhfk+PhpV7M8MK17wlM8JhjtQkGUbbey5c7PuhnmZPiVaJbEeR/akD3b1ZgoCqkDliS7Sa97NZNgid2LtoS8hCqKfAZlAAAAIBGA/No8/0tsIxfueku6kZVtHJezEHA/DXK3VtZQhJqpQSDmc6ac6RKhbSaV9Q9SISxUQoermq2mC3563hfadTdDonbdS4hHsfp8GYw2XWWKTKMJIfQfBh0n4tH543Sfdvo+irLNRkw7kms5P96cPp0ec/JTbQjkAhXEMc1hcJBKQ== 

java/gui/sshtar/etc/ssh/ssh_host_key.pub

@@ -0,0 +1 @@
+2048 35 22863403230363057125532901483959995158868052839666613720599479194710030969172147032959644887283078830728500539623709376627438782032771781595220937403576634513232890638595884855084246146357583313382920882057560292771475701073821506174328657604317895714543986206409151751401624273829061903988579532242057650995520642546244563005719964188009546754533467012348670726995734592541512005893158644642786626175694267614564858079634794858330219528225263688040182596119868879012127383607951411330777391710206320353489654717094177647385845429359394250782827001403846845707041142751913977688452721668771730938187972599951378392229 

java/gui/sshtar/etc/ssh/ssh_host_rsa_key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEoQIBAAKCAQEAu+DAGUQcHutfXVzLNbqC7oU96K/wO7UIKXzJNAuN9yRROVhb
+KyrPv2v8YmXjWY+IlE6DUCbcPYi62mkC9AFs3cu5hrxeM+5OHRdPvIhNXQWyx/BH
+6gnYkYFkLsd4H8UshT2Z/vzRmOdW3KVj/l2VXeSdxc7EeBWLfgj1cTuoX8oCWIB4
+q+KYXciWJ19RAh5EIZ6WNjODf0VfHab7DJ/a/xp6TrDAfGcIvwOq5iIYH1PH8zdb
+XgaV9zOAvtq9TG6zR1P2gJ2CwBvysbrdka5njv0Wm7HyaS2dttVY7RqJE+LZ5FWI
+OB3TR1j9GNkIldNbV4yDAr73TNo4+1BIxL5DOwIBIwKCAQAKvGK/nX3zI2SI/fz7
+wYPTHY6CUzJMjgB3ZjdiD0nw3YD79mucERMvgoNzVkeBdeqMIb5cWf304z3gmElP
+xZExPtdmyO9wroge62OkX49kZrnCSD6fqMqL+MPlanvkjuyZ5kNQZjfc2gT2ql18
+P9ymR5P8rLrFCIugzU/albHZlmq3xQWAlJNv+t47YSqHRaWPwIOICt8hwQsHQ/4r
+ARYE4JnRSK/0jToQYWa5mWYKgir9x/GmE0/2WNnX8ON0gxDbtQuGeKQAe+XpWEWN
+FZAknzEA9WUwrAT9yLyzNJESJfEKI+AHZu9SjJydrv9jP7lmCQeR00gICXpSFQWE
+sNsLAoGBAOFjRMIJlf9XqgTRigb7H0svPseJo175AIl8pNCVJF8FxdLDa3RjaLGg
+Z84gHokxeQQFn14mXGuKQb8GMwTL6D1ozmzMFYoua/XsNaVh9X+jtnGSHo+HVNsT
+mJ+abznoZW2b7GqjZBPX9SYvy1qJbfCF9+14XYIiuhUqoAwyB2shAoGBANVlQ9ZY
+JITeeGBGsOHHvCeettDf0eO3kpSh3EqG6Hqj+iO8zUThVt7/81cWBxU19NOUbPhd
+WDMV3t11sCwJkM7ZpUADSMKJN8VR/HcKv41qZMt4zPgOFmtKA9MSk2Rt5XIW9U0T
+MGNKxyIhlzjDij5X9pEScAidekc0QFwAn97bAoGBAK3e3UU6mEiitlt9ErTtm8xJ
+BItM675LDwr5wPitkRYaZWgTGGEZfKZIipeyYLL6R2mAriQO9tad2vJyfyD1Ej4A
+ZLpUSyF0RKfE2O1LkX+4zpIgQ3YJUBa3WHsfXR4LDGp/mR8QVIRWI4PbuiFFchFR
+Z3ytT3ME2LE+I7Gi78erAoGANt+GePIYBOi/3j4QOg7J+482Uve5oPSwqeB6eZBn
+qoHv3U3OYitQ2kHQ2+EXw6ApAzTLkFKEZOhd4SzkKJS+1hq1dtxF6OF0vbX/F0vo
+HQy61TxR9qSJbAu31zCpjtpuM0e7a5c4VAvqEBdEJIoNmwCtHf1tRAs8szlSYMz1
+6NkCgYAErhEe9BgUvnvB8Iprr3kpdd70GxYS/1AKgAPo1rmxJfcbbcvkfJwkoHGd
+V62UZ8VUhhnx32q0VCIS5Ay39T74eQLwABqV8ZUGTnZx2F0zhlLIUEeGvs4TGKxq
+D5RhVB5J3QDgpLZv0tM9JWmXcY2K46XLkVj3pVLSoyQwZBHWZw==
+-----END RSA PRIVATE KEY-----

java/gui/sshtar/etc/ssh/ssh_host_rsa_key.pub

@@ -0,0 +1 @@
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu+DAGUQcHutfXVzLNbqC7oU96K/wO7UIKXzJNAuN9yRROVhbKyrPv2v8YmXjWY+IlE6DUCbcPYi62mkC9AFs3cu5hrxeM+5OHRdPvIhNXQWyx/BH6gnYkYFkLsd4H8UshT2Z/vzRmOdW3KVj/l2VXeSdxc7EeBWLfgj1cTuoX8oCWIB4q+KYXciWJ19RAh5EIZ6WNjODf0VfHab7DJ/a/xp6TrDAfGcIvwOq5iIYH1PH8zdbXgaV9zOAvtq9TG6zR1P2gJ2CwBvysbrdka5njv0Wm7HyaS2dttVY7RqJE+LZ5FWIOB3TR1j9GNkIldNbV4yDAr73TNo4+1BIxL5DOw== 

java/gui/sshtar/etc/ssh/sshd_config

@@ -0,0 +1,116 @@
+#	$OpenBSD: sshd_config,v 1.75 2007/03/19 01:01:29 djm Exp $
+
+# This is the sshd server system-wide configuration file.  See
+# sshd_config(5) for more information.
+
+# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
+
+# The strategy used for options in the default sshd_config shipped with
+# OpenSSH is to specify options with their default value where
+# possible, but leave them commented.  Uncommented options change a
+# default value.
+
+#Port 22
+#AddressFamily any
+#ListenAddress 0.0.0.0
+#ListenAddress ::
+
+# Disable legacy (protocol version 1) support in the server for new
+# installations. In future the default will change to require explicit
+# activation of protocol 1
+Protocol 2
+
+# HostKey for protocol version 1
+HostKey /etc/ssh/ssh_host_key
+# HostKeys for protocol version 2
+HostKey /etc/ssh/ssh_host_rsa_key
+HostKey /etc/ssh/ssh_host_dsa_key
+
+# Lifetime and size of ephemeral version 1 server key
+#KeyRegenerationInterval 1h
+#ServerKeyBits 768
+
+# Logging
+# obsoletes QuietMode and FascistLogging
+#SyslogFacility AUTH
+#LogLevel INFO
+
+# Authentication:
+
+#LoginGraceTime 2m
+PermitRootLogin yes 
+#StrictModes yes
+#MaxAuthTries 6
+
+#RSAAuthentication yes
+#PubkeyAuthentication yes
+#AuthorizedKeysFile	.ssh/authorized_keys
+
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
+#RhostsRSAAuthentication no
+# similar for protocol version 2
+#HostbasedAuthentication no
+# Change to yes if you don't trust ~/.ssh/known_hosts for
+# RhostsRSAAuthentication and HostbasedAuthentication
+#IgnoreUserKnownHosts no
+# Don't read the user's ~/.rhosts and ~/.shosts files
+#IgnoreRhosts yes
+
+# To disable tunneled clear text passwords, change to no here!
+PasswordAuthentication yes 
+PermitEmptyPasswords yes
+
+# Change to no to disable s/key passwords
+#ChallengeResponseAuthentication yes
+
+# Kerberos options
+#KerberosAuthentication no
+#KerberosOrLocalPasswd yes
+#KerberosTicketCleanup yes
+#KerberosGetAFSToken no
+
+# GSSAPI options
+#GSSAPIAuthentication no
+#GSSAPICleanupCredentials yes
+
+# Set this to 'yes' to enable PAM authentication, account processing, 
+# and session processing. If this is enabled, PAM authentication will 
+# be allowed through the ChallengeResponseAuthentication and
+# PasswordAuthentication.  Depending on your PAM configuration,
+# PAM authentication via ChallengeResponseAuthentication may bypass
+# the setting of "PermitRootLogin without-password".
+# If you just want the PAM account and session checks to run without
+# PAM authentication, then enable this but set PasswordAuthentication
+# and ChallengeResponseAuthentication to 'no'.
+#UsePAM no
+
+#AllowTcpForwarding yes
+GatewayPorts clientspecified
+X11Forwarding yes
+#X11DisplayOffset 10
+#X11UseLocalhost yes
+#PrintMotd yes
+#PrintLastLog yes
+#TCPKeepAlive yes
+#UseLogin no
+UsePrivilegeSeparation no
+#PermitUserEnvironment no
+#Compression delayed
+#ClientAliveInterval 0
+#ClientAliveCountMax 3
+UseDNS no
+#PidFile /var/run/sshd.pid
+#MaxStartups 10
+#PermitTunnel no
+
+# no default banner path
+#Banner /some/path
+
+# override default of no subsystems
+Subsystem	sftp	/usr/libexec/sftp-server
+
+# Example of overriding settings on a per-user basis
+#Match User anoncvs
+#	X11Forwarding no
+#	AllowTcpForwarding no
+#	ForceCommand cvs server

java/gui/sshtar/mktar.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+BASEDIR=$(dirname "$0")
+tar --owner=root -cvf "$BASEDIR/../src/res/ssh.tar" --exclude=.DS_Store -C "$BASEDIR" .

java/gui/sshtar/usr/lib/libncurses.5.dylib

@@ -0,0 +1 @@
+libncurses.5.4.dylib

java/gui/sshtar/var/root/.profile

@@ -0,0 +1,8 @@
+# Set path to support running tools from /mnt1
+export PATH=/usr/bin:/bin:/usr/sbin:/sbin:/mnt1/usr/bin:/mnt1/bin:/mnt1/usr/sbin:/mnt1/sbin
+
+# and also some libs (not frameworks though :/ )
+export DYLD_LIBRARY_PATH=/usr/lib:/mnt1/usr/lib
+
+echo Use 'mount.sh' script to mount the partitions
+echo Use 'reboot_bak' to reboot

mux_redux/mux.c

@@ -188,12 +188,12 @@ void* THREADPROCATTR wait_for_device(void* arg)
 				muxconn_t mux_tmp = AMDeviceGetConnectionID(s_target_device);
                fprintf(stderr, "muxConnTmp = %X\n", mux_tmp);
                 muxConn = mux_tmp;
-                restore_dev = AMRestoreModeDeviceCreate(0, mux_tmp, 0);
-                fprintf(stderr, "restore_dev = %p\n", restore_dev);
-                if (restore_dev != NULL) {
-                    AMRestoreModeDeviceReboot(restore_dev);
-                    Sleep(5 * 1000);
-                } 
+//                restore_dev = AMRestoreModeDeviceCreate(0, mux_tmp, 0);
+//                fprintf(stderr, "restore_dev = %p\n", restore_dev);
+//                if (restore_dev != NULL) {
+//                    AMRestoreModeDeviceReboot(restore_dev);
+//                    Sleep(5 * 1000);
+//                } 
 			} else if (ret == -402653083) { // after we call 'reboot', api host is down
                 muxconn_t mux_tmp = AMDeviceGetConnectionID(s_target_device);
                 fprintf(stderr, "muxConnTmp = %X\n", mux_tmp);