[AltDaemon] Initial version

AltDaemon allows AltStore to install and refresh apps without a computer on jailbroken devices. AltDaemon has the necessary entitlements to perform the same actions AltServer normally does over WiFi, and uses the same AltServer request logic to handle local requests.

AltDaemon/AltDaemon-Bridging-Header.h

@@ -0,0 +1,36 @@
+//
+//  Use this file to import your target's public headers that you would like to expose to Swift.
+//
+
+#import <Foundation/Foundation.h>
+
+NS_ASSUME_NONNULL_BEGIN
+
+@interface AKDevice : NSObject
+
+@property (class, readonly) AKDevice *currentDevice;
+
+@property (strong, readonly) NSString *serialNumber;
+@property (strong, readonly) NSString *uniqueDeviceIdentifier;
+@property (strong, readonly) NSString *serverFriendlyDescription;
+
+@end
+
+@interface AKAppleIDSession : NSObject
+
+- (instancetype)initWithIdentifier:(NSString *)identifier;
+
+- (NSDictionary<NSString *, NSString *> *)appleIDHeadersForRequest:(NSURLRequest *)request;
+
+@end
+
+@interface LSApplicationWorkspace : NSObject
+
+@property (class, readonly) LSApplicationWorkspace *defaultWorkspace;
+
+- (BOOL)installApplication:(NSURL *)fileURL withOptions:(nullable NSDictionary<NSString *, id> *)options error:(NSError *_Nullable *)error;
+- (BOOL)uninstallApplication:(NSString *)bundleIdentifier withOptions:(nullable NSDictionary *)options;
+
+@end
+
+NS_ASSUME_NONNULL_END

AltDaemon/AltDaemon.entitlements

@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>application-identifier</key>
+	<string>6XVY5G3U44.com.rileytestut.AltDaemon</string>
+	<key>get-task-allow</key>
+	<true/>
+	<key>platform-application</key>
+	<true/>
+	<key>com.apple.authkit.client.private</key>
+	<true/>
+	<key>com.apple.private.mobileinstall.allowedSPI</key>
+	<array>
+		<string>Install</string>
+		<string>Uninstall</string>
+		<string>InstallForLaunchServices</string>
+		<string>UninstallForLaunchServices</string>
+		<string>InstallLocalProvisioned</string>
+	</array>
+</dict>
+</plist>

AltDaemon/AnisetteDataManager.swift

@@ -0,0 +1,65 @@
+//
+//  AnisetteDataManager.swift
+//  AltDaemon
+//
+//  Created by Riley Testut on 6/1/20.
+//  Copyright © 2020 Riley Testut. All rights reserved.
+//
+
+import Foundation
+
+import AltSign
+
+private extension UserDefaults
+{
+    @objc var localUserID: String? {
+        get { return self.string(forKey: #keyPath(UserDefaults.localUserID)) }
+        set { self.set(newValue, forKey: #keyPath(UserDefaults.localUserID)) }
+    }
+}
+
+struct AnisetteDataManager
+{
+    static let shared = AnisetteDataManager()
+    
+    private let dateFormatter = ISO8601DateFormatter()
+    
+    private init()
+    {
+        dlopen("/System/Library/PrivateFrameworks/AuthKit.framework/AuthKit", RTLD_NOW);
+    }
+    
+    func requestAnisetteData() throws -> ALTAnisetteData
+    {
+        var request = URLRequest(url: URL(string: "https://developerservices2.apple.com/services/QH65B2/listTeams.action?clientId=XABBG36SBA")!)
+        request.httpMethod = "POST"
+        
+        let akAppleIDSession = unsafeBitCast(NSClassFromString("AKAppleIDSession")!, to: AKAppleIDSession.Type.self)
+        let akDevice = unsafeBitCast(NSClassFromString("AKDevice")!, to: AKDevice.Type.self)
+        
+        let session = akAppleIDSession.init(identifier: "com.apple.gs.xcode.auth")
+        let headers = session.appleIDHeaders(for: request)
+        
+        let device = akDevice.current
+        let date = self.dateFormatter.date(from: headers["X-Apple-I-Client-Time"] ?? "") ?? Date()
+        
+        var localUserID = UserDefaults.standard.localUserID
+        if localUserID == nil
+        {
+            localUserID = UUID().uuidString
+            UserDefaults.standard.localUserID = localUserID
+        }
+        
+        let anisetteData = ALTAnisetteData(machineID: headers["X-Apple-I-MD-M"] ?? "",
+                                           oneTimePassword: headers["X-Apple-I-MD"] ?? "",
+                                           localUserID: headers["X-Apple-I-MD-LU"] ?? localUserID ?? "",
+                                           routingInfo: UInt64(headers["X-Apple-I-MD-RINFO"] ?? "") ?? 0,
+                                           deviceUniqueIdentifier: device.uniqueDeviceIdentifier,
+                                           deviceSerialNumber: device.serialNumber,
+                                           deviceDescription: "<MacBookPro15,1> <Mac OS X;10.15.2;19C57> <com.apple.AuthKit/1 (com.apple.dt.Xcode/3594.4.19)>",
+                                           date: date,
+                                           locale: .current,
+                                           timeZone: .current)
+        return anisetteData
+    }
+}

AltDaemon/AppManager.swift

@@ -0,0 +1,82 @@
+//
+//  AppManager.swift
+//  AltDaemon
+//
+//  Created by Riley Testut on 6/1/20.
+//  Copyright © 2020 Riley Testut. All rights reserved.
+//
+
+import Foundation
+
+import AltSign
+
+private extension URL
+{
+    static let profilesDirectoryURL = URL(fileURLWithPath: "/var/MobileDevice/ProvisioningProfiles", isDirectory: true)
+}
+
+struct AppManager
+{
+    static let shared = AppManager()
+    
+    private init()
+    {
+    }
+    
+    func installApp(at fileURL: URL, bundleIdentifier: String, activeProfiles: Set<String>?) throws
+    {
+        let lsApplicationWorkspace = unsafeBitCast(NSClassFromString("LSApplicationWorkspace")!, to: LSApplicationWorkspace.Type.self)
+        
+        let options = ["CFBundleIdentifier": bundleIdentifier, "AllowInstallLocalProvisioned": NSNumber(value: true)] as [String : Any]
+        try lsApplicationWorkspace.default.installApplication(fileURL, withOptions: options)
+    }
+    
+    func removeApp(forBundleIdentifier bundleIdentifier: String)
+    {
+        let lsApplicationWorkspace = unsafeBitCast(NSClassFromString("LSApplicationWorkspace")!, to: LSApplicationWorkspace.Type.self)
+        lsApplicationWorkspace.default.uninstallApplication(bundleIdentifier, withOptions: nil)
+    }
+    
+    func install(_ profiles: Set<ALTProvisioningProfile>, activeProfiles: Set<String>?) throws
+    {
+        let installingBundleIDs = Set(profiles.map(\.bundleIdentifier))
+        
+        let profileURLs = try FileManager.default.contentsOfDirectory(at: .profilesDirectoryURL, includingPropertiesForKeys: nil, options: [])
+        
+        // Remove all inactive profiles (if active profiles are provided), and the previous profiles.
+        for fileURL in profileURLs
+        {
+            guard let profile = ALTProvisioningProfile(url: fileURL) else { continue }
+            
+            if installingBundleIDs.contains(profile.bundleIdentifier) || (activeProfiles?.contains(profile.bundleIdentifier) == false && profile.isFreeProvisioningProfile)
+            {
+                try FileManager.default.removeItem(at: fileURL)
+            }
+            else
+            {
+                print("Ignoring:", profile.bundleIdentifier, profile.uuid)
+            }
+        }
+        
+        for profile in profiles
+        {
+            let destinationURL = URL.profilesDirectoryURL.appendingPathComponent(profile.uuid.uuidString.lowercased())
+            try profile.data.write(to: destinationURL, options: .atomic)
+        }
+    }
+    
+    func removeProvisioningProfiles(forBundleIdentifiers bundleIdentifiers: Set<String>) throws
+    {
+        let profileURLs = try FileManager.default.contentsOfDirectory(at: .profilesDirectoryURL, includingPropertiesForKeys: nil, options: [])
+        
+        for fileURL in profileURLs
+        {
+            guard let profile = ALTProvisioningProfile(url: fileURL) else { continue }
+            
+            if bundleIdentifiers.contains(profile.bundleIdentifier)
+            {
+                try FileManager.default.removeItem(at: fileURL)
+            }
+        }
+    }
+}

AltDaemon/LocalConnectionHandler.swift

@@ -0,0 +1,110 @@
+//
+//  LocalConnectionHandler.swift
+//  AltDaemon
+//
+//  Created by Riley Testut on 6/2/20.
+//  Copyright © 2020 Riley Testut. All rights reserved.
+//
+
+import Foundation
+import Network
+
+import AltKit
+
+private let ReceivedLocalServerConnectionRequest: @convention(c) (CFNotificationCenter?, UnsafeMutableRawPointer?, CFNotificationName?, UnsafeRawPointer?, CFDictionary?) -> Void =
+{ (center, observer, name, object, userInfo) in
+    guard let name = name, let observer = observer else { return }
+    
+    let connection = unsafeBitCast(observer, to: LocalConnectionHandler.self)
+    connection.handle(name)
+}
+
+class LocalConnectionHandler: ConnectionHandler
+{
+    var connectionHandler: ((Connection) -> Void)?
+    var disconnectionHandler: ((Connection) -> Void)?
+    
+    private let dispatchQueue = DispatchQueue(label: "io.altstore.LocalConnectionListener", qos: .utility)
+    
+    deinit
+    {
+        self.stopListening()
+    }
+        
+    func startListening()
+    {
+        let notificationCenter = CFNotificationCenterGetDarwinNotifyCenter()
+        let observer = Unmanaged.passUnretained(self).toOpaque()
+        
+        CFNotificationCenterAddObserver(notificationCenter, observer, ReceivedLocalServerConnectionRequest, CFNotificationName.localServerConnectionAvailableRequest.rawValue, nil, .deliverImmediately)
+        CFNotificationCenterAddObserver(notificationCenter, observer, ReceivedLocalServerConnectionRequest, CFNotificationName.localServerConnectionStartRequest.rawValue, nil, .deliverImmediately)
+    }
+    
+    func stopListening()
+    {
+        let notificationCenter = CFNotificationCenterGetDarwinNotifyCenter()
+        let observer = Unmanaged.passUnretained(self).toOpaque()
+        
+        CFNotificationCenterRemoveObserver(notificationCenter, observer, .localServerConnectionAvailableRequest, nil)
+        CFNotificationCenterRemoveObserver(notificationCenter, observer, .localServerConnectionStartRequest, nil)
+    }
+    
+    fileprivate func handle(_ notification: CFNotificationName)
+    {
+        switch notification
+        {
+        case .localServerConnectionAvailableRequest:
+            let notificationCenter = CFNotificationCenterGetDarwinNotifyCenter()
+            CFNotificationCenterPostNotification(notificationCenter, .localServerConnectionAvailableResponse, nil, nil, true)
+
+        case .localServerConnectionStartRequest:
+            let connection = NWConnection(host: "localhost", port: NWEndpoint.Port(rawValue: ALTDeviceListeningSocket)!, using: .tcp)
+            self.start(connection)
+
+        default: break
+        }
+    }
+}
+
+private extension LocalConnectionHandler
+{
+    func start(_ nwConnection: NWConnection)
+    {
+        print("Starting connection to:", nwConnection)
+        
+        // Use same instance for all callbacks.
+        let connection = NetworkConnection(nwConnection)
+        
+        nwConnection.stateUpdateHandler = { [weak self] (state) in
+            switch state
+            {
+            case .setup, .preparing: break
+                
+            case .ready:
+                print("Connected to client:", nwConnection.endpoint)
+                self?.connectionHandler?(connection)
+                
+            case .waiting:
+                print("Waiting for connection...")
+                
+            case .failed(let error):
+                print("Failed to connect to service \(nwConnection.endpoint).", error)
+                self?.disconnect(connection)
+                
+            case .cancelled:
+                self?.disconnect(connection)
+                
+            @unknown default: break
+            }
+        }
+        
+        nwConnection.start(queue: self.dispatchQueue)
+    }
+    
+    func disconnect(_ connection: Connection)
+    {
+        connection.disconnect()
+        
+        self.disconnectionHandler?(connection)
+    }
+}

AltDaemon/RequestHandler.swift

@@ -0,0 +1,116 @@
+//
+//  ConnectionManager.swift
+//  AltServer
+//
+//  Created by Riley Testut on 6/1/20.
+//  Copyright © 2019 Riley Testut. All rights reserved.
+//
+
+import Foundation
+import AltKit
+
+typealias ConnectionManager = AltKit.ConnectionManager<RequestHandler>
+
+private let connectionManager = ConnectionManager(requestHandler: RequestHandler(),
+                                                  connectionHandlers: [LocalConnectionHandler()])
+
+extension ConnectionManager
+{
+    static var shared: ConnectionManager {
+        return connectionManager
+    }
+}
+
+struct RequestHandler: AltKit.RequestHandler
+{
+    func handleAnisetteDataRequest(_ request: AnisetteDataRequest, for connection: Connection, completionHandler: @escaping (Result<AnisetteDataResponse, Error>) -> Void)
+    {
+        do
+        {
+            let anisetteData = try AnisetteDataManager.shared.requestAnisetteData()
+            
+            let response = AnisetteDataResponse(anisetteData: anisetteData)
+            completionHandler(.success(response))
+        }
+        catch
+        {
+            completionHandler(.failure(error))
+        }
+    }
+    
+    func handlePrepareAppRequest(_ request: PrepareAppRequest, for connection: Connection, completionHandler: @escaping (Result<InstallationProgressResponse, Error>) -> Void)
+    {
+        guard let fileURL = request.fileURL else { return completionHandler(.failure(ALTServerError(.invalidRequest))) }
+        
+        print("Awaiting begin installation request...")
+        
+        connection.receiveRequest() { (result) in
+            print("Received begin installation request with result:", result)
+            
+            do
+            {
+                guard case .beginInstallation(let request) = try result.get() else { throw ALTServerError(.unknownRequest) }
+                guard let bundleIdentifier = request.bundleIdentifier else { throw ALTServerError(.invalidRequest) }
+                
+                try AppManager.shared.installApp(at: fileURL, bundleIdentifier: bundleIdentifier, activeProfiles: request.activeProfiles)
+
+                print("Installed app with result:", result)
+                
+                let response = InstallationProgressResponse(progress: 1.0)
+                completionHandler(.success(response))
+            }
+            catch
+            {
+                completionHandler(.failure(error))
+            }
+        }
+    }
+    
+    func handleInstallProvisioningProfilesRequest(_ request: InstallProvisioningProfilesRequest, for connection: Connection,
+                                                  completionHandler: @escaping (Result<InstallProvisioningProfilesResponse, Error>) -> Void)
+    {
+        do
+        {
+            try AppManager.shared.install(request.provisioningProfiles, activeProfiles: request.activeProfiles)
+            
+            print("Installed profiles:", request.provisioningProfiles.map { $0.bundleIdentifier })
+            
+            let response = InstallProvisioningProfilesResponse()
+            completionHandler(.success(response))
+        }
+        catch
+        {
+            print("Failed to install profiles \(request.provisioningProfiles.map { $0.bundleIdentifier }):", error)
+            completionHandler(.failure(error))
+        }
+    }
+    
+    func handleRemoveProvisioningProfilesRequest(_ request: RemoveProvisioningProfilesRequest, for connection: Connection,
+                                                 completionHandler: @escaping (Result<RemoveProvisioningProfilesResponse, Error>) -> Void)
+    {
+        do
+        {
+            try AppManager.shared.removeProvisioningProfiles(forBundleIdentifiers: request.bundleIdentifiers)
+            
+            print("Removed profiles:", request.bundleIdentifiers)
+            
+            let response = RemoveProvisioningProfilesResponse()
+            completionHandler(.success(response))
+        }
+        catch
+        {
+            print("Failed to remove profiles \(request.bundleIdentifiers):", error)
+            completionHandler(.failure(error))
+        }
+    }
+    
+    func handleRemoveAppRequest(_ request: RemoveAppRequest, for connection: Connection, completionHandler: @escaping (Result<RemoveAppResponse, Error>) -> Void)
+    {
+        AppManager.shared.removeApp(forBundleIdentifier: request.bundleIdentifier)
+        
+        print("Removed app:", request.bundleIdentifier)
+        
+        let response = RemoveAppResponse()
+        completionHandler(.success(response))
+    }
+}

AltDaemon/main.swift

@@ -0,0 +1,12 @@
+//
+//  main.swift
+//  AltDaemon
+//
+//  Created by Riley Testut on 6/2/20.
+//  Copyright © 2020 Riley Testut. All rights reserved.
+//
+
+import Foundation
+
+ConnectionManager.shared.start()
+RunLoop.current.run()

AltDaemon/package/DEBIAN/control

@@ -0,0 +1,10 @@
+Package: com.rileytestut.altdaemon
+Name: AltDaemon
+Depends:
+Version: 0.1
+Architecture: iphoneos-arm
+Description: AltDaemon allows AltStore to install and refresh apps without a computer.
+Maintainer: Riley Testut
+Author: Riley Testut
+Homepage: https://altstore.io
+Section: System

AltDaemon/package/DEBIAN/postinst

@@ -0,0 +1,2 @@
+#!/bin/sh
+launchctl load /Library/LaunchDaemons/com.rileytestut.altdaemon.plist

AltDaemon/package/DEBIAN/preinst

@@ -0,0 +1,2 @@
+#!/bin/sh
+launchctl unload /Library/LaunchDaemons/com.rileytestut.altdaemon.plist >> /dev/null 2>&1

AltDaemon/package/DEBIAN/prerm

@@ -0,0 +1,2 @@
+#!/bin/sh
+launchctl unload /Library/LaunchDaemons/com.rileytestut.altdaemon.plist

AltDaemon/package/Library/LaunchDaemons/com.rileytestut.altdaemon.plist

@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>Label</key>
+	<string>com.rileytestut.altdaemon</string>
+	<key>ProgramArguments</key>
+	<array>
+		<string>/usr/bin/AltDaemon</string>
+	</array>
+	<key>UserName</key>
+	<string>mobile</string>
+	<key>KeepAlive</key>
+    <true/>
+	<key>RunAtLoad</key>
+    <true/>
+</dict>
+</plist>