1.1.3 bridge

.github/workflows/main.yml

@@ -1,28 +1,15 @@
-name: "Dopamine: build and upload"
-
+name: build_Release
 on:
   push:
     branches:
-      - master
-    paths-ignore:
-      - ".gitignore"
-  pull_request:
-    branches:
-      - master
+      - 1.1.3_bridge
     paths-ignore:
       - ".gitignore"
   workflow_dispatch:
-  schedule:
-    - cron: '0 0 1 1 *'
-    - cron: '0 0 1 4 *'
-    - cron: '0 0 30 6 *'
-    - cron: '0 0 28 9 *'
-    - cron: '0 0 27 12 *'
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
 
+env:
+  VERSION: '1.1.3_bridge'
+
 jobs:
   build:
     runs-on: macos-latest
@@ -31,52 +18,73 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Install Procursus
-        uses: dhinakg/procursus-action@main
+        uses: wwg135/procursus-action@main
         with:
-          packages: ldid findutils sed coreutils trustcache make
+          packages: ldid trustcache make findutils coreutils
 
-      - name: Install THEOS (without SDKs)
+      - name: Install THEOS
         run: |
-          set -x
-          export BASEDIR="$(pwd)"
-          export THEOS="${BASEDIR}/theos"
-          mkdir -p $THEOS
-          curl -fsSL https://raw.githubusercontent.com/theos/theos/master/bin/install-theos >> install-theos.sh
-          gsed -E "/^\s*get_theos\s*$/,+1 s/^(\s*)(get_sdks)\s*$/\1mkdir -p \${THEOS}\/sdks\n\1touch \${THEOS}\/sdks\/sdk\n\1\2/g" -i install-theos.sh
-          bash install-theos.sh
-          cd $BASEDIR
+         curl -fsSL https://raw.githubusercontent.com/theos/theos/master/bin/install-theos > theos
+         sed -i '' 's/get_sdks$//g' theos
+         bash theos
 
-      - name: Set Environment Variables
+      - name: Set env
         run: |
-          set -x
-          T2=$(TZ=UTC-2 date +'%Y%m%d_%H%M%S')
-          TS=$(date -j -f "%Y%m%d_%H%M%S" "${T2}" +%s)
-          SHASH=$(git rev-parse --short HEAD)
-          echo "ctime=${T2}" >> $GITHUB_ENV
-          echo "ctimestamp=${TS}" >> $GITHUB_ENV
-          echo "shorthash=${SHASH}" >> $GITHUB_ENV
+          sT=$(TZ=UTC-8 date +'%S')
+          echo "msT=$(date -j -f "%Y-%m-%d %H:%M:%S" "$(TZ=UTC-8 date +'%Y-%m-%d %H:%M'):${sT}" +%s)" >> $GITHUB_ENV
+          echo "shT=$(TZ=UTC-8 date +'%Y-%m-%d'' ''%H:%M:%S')" >> $GITHUB_ENV
+          echo "logT=$(TZ=UTC-8 date +'%Y年%m月%d %H:%M'):${sT}" >> $GITHUB_ENV
 
-      - name: Build
+      - name: Print env
         run: |
-          set -x
+          echo ${{ env.VERSION }}
+          echo ${{ env.msT }}
+          echo ${{ env.shT }}
+          echo ${{ env.logT }}
+
+      - name: Pre code and keychain
+        run: |
+          sed -i '' "s/AAA/更新时间/g" ./Dopamine/Dopamine/UI/Views/JailbreakView.swift
+          sed -i '' "s/AAB/${{ env.shT }}/g" ./Dopamine/Dopamine/UI/Views/JailbreakView.swift
           sudo security import Exploits/fastPath/arm.pfx -k /Library/Keychains/System.keychain -P password -A
-          export BASEDIR="$(pwd)"
-          export THEOS="${BASEDIR}/theos"
+
+      - name: Pre body
+        run: |
+          echo -e "[点击当前版本下载](https://github.com/wwg135/Dopamine/releases/download/${{ env.msT }}/Dopamine.ipa)" >> body.txt
+          echo -e "\n更新时间：${{ env.logT }}" >> body.txt
+          echo -e "\n**当前更新日志如下：**" >> body.txt
+          echo -e "\n> - 同步官方1.1.3正式版更新" >> body.txt
+          echo -e "\n1.1的修改版功能如下：" >> body.txt
+          echo -e "> - 1、新增【桥接心浪】功能，以便以 XinA 的模式安装有根插件（内置xinamine依赖）。感谢liam0205大佬的代码！！！" >> body.txt
+          echo -e "> - 2、新增【检查更新】功能，设置里面打开即可检查更新，默认关闭！！！" >> body.txt
+          echo -e "> - 3、新增【映射挂载】功能，开关在设置里面，默认不开启。要挂载什么，自己添加路径挂载。" >> body.txt
+          echo -e "> - 4、新增初次越狱/重建越狱时，默认安装 【ElleKit_1.0】 、 【PreferenceLoader_2.2.6.1】、【Xinamine】。感谢liam0205大佬的代码！！！" >> body.txt
+          echo -e "> - 5、新增【系统运行时间】----越狱后首页显示，打开多巴胺工具即弹出！！！" >> body.txt
+          echo -e "> - 6、新增【重启用户空间】长按3Dtouch弹出的【重启】功能才是真正重启手机（此操作重启后处于非越狱状态，谨慎操作）。7/8新增弹出【更新环境】，仅针对从trollstore更新安装dopamine有用，覆盖安装更新建议执行该操作，感谢liam0205大佬的代码！！！" >> body.txt
+          echo -e "> - 7、新增【自定义dopamine首页背景】--将图片命名为：Wallpaper.jpg放置在目录：/var/mobile/！！！" >> body.txt
+          echo -e "> - 8、新增【清除屏蔽】功能，清除屏蔽配置文件zp.unject.plist，恢复APP屏蔽前的状态。感谢真皮大佬的代码！！！" >> body.txt
+          echo -e "> - 9、新增【重启用户空间】越狱成功后显示按钮，防止自动重启用户空间后、插件不兼容导致黑屏开不了机。感谢liam0205大佬的代码！！！" >> body.txt
+          echo -e "> - 10、设置新增【清除越狱】确认。若处于越狱状态，提示确认重启设备后再清除操作，否则不允许清除越狱！！！" >> body.txt
+          echo -e "> - 11、新增越狱后默认配置底层屏蔽文件【zp.unject.plist】，路径为：/var/mobile/，可自定义app屏蔽越狱检测！！！" >> body.txt
+          echo -e "> - 12、新增一键启用【自定义app屏蔽越狱检测】（开关在越狱后设置里面）！！！" >> body.txt
+          echo -e "> - 13、新增【添加/删除App屏蔽】功能，功能和说明在设置里面！！！" >> body.txt
+          echo -e "> - 14、其他设置UI、显示细节优化。。。" >> body.txt
+
+      - name: Build ipa
+        run: |
+          set -x
+          export THEOS=$HOME/theos
           gmake -j$(sysctl -n hw.physicalcpu)
-          cp -a Dopamine/Dopamine.tipa Dopamine/Dopamine_${{ env.shorthash }}_${{ env.ctime }}.tipa
-          cp -a Dopamine/Dopamine.tipa Dopamine/Dopamine_Latest.tipa
+          mv Dopamine/Dopamine.tipa Dopamine.ipa
 
-      - name: Upload Latest Artifact
-        id: dopamine-latest-upload
-        uses: actions/upload-artifact@v3
-        with:
-          name: Dopamine_Latest
-          path: |
-            ${{ github.workspace }}/Dopamine/Dopamine_Latest.tipa
-      - name: Upload Hashed Artifact
-        id: dopamine-hashed-upload
-        uses: actions/upload-artifact@v3
+      - name: Release
+        uses: softprops/action-gh-release@v1
         with:
-          name: Dopamine_${{ env.shorthash }}_${{ env.ctime }}
-          path: |
-            ${{ github.workspace }}/Dopamine/Dopamine_${{ env.shorthash }}_${{ env.ctime }}.tipa
+          name: ${{ env.VERSION }}
+          tag_name: ${{ env.msT }}
+          target_commitish: 1.1.3_bridge
+          body_path: body.txt
+          prerelease: true
+          token: ${{ secrets.CUSTOM_GITHUB_TOKEN }}
+          files: |
+           *.ipa

BaseBin/jailbreakd/src/fakelib.h

@@ -1,4 +1,5 @@
 int setFakeLibVisible(bool visible);
 int makeFakeLib(void);
 bool isFakeLibBindMountActive(void);
-int setFakeLibBindMountActive(bool active);
+int setFakeLibBindMountActive(bool active);
+void initMountPath(NSString *mountPath, bool new);

BaseBin/jailbreakd/src/fakelib.m

@@ -186,4 +186,53 @@ int setFakeLibBindMountActive(bool active)
 		}
 	}
 	return ret;
-}
+}
+
+void fakePath(NSString *origPath, bool new)// zqbb_flag
+{
+	NSString *newPath = prebootPath([origPath substringFromIndex:1]);
+
+	NSFileManager *fileManager = [NSFileManager defaultManager];
+
+	if (![fileManager fileExistsAtPath:newPath]) {
+		[fileManager createDirectoryAtPath:newPath withIntermediateDirectories:YES attributes:nil error:nil];
+		new = YES;
+	} else if([fileManager contentsOfDirectoryAtPath:newPath error:nil].count == 0){
+		new = YES;
+	}
+
+	if(new){
+		NSString *tmpPath = [NSString stringWithFormat:@"%@_tmp", newPath];
+		[fileManager copyItemAtPath:origPath toPath:tmpPath error:nil];
+		[fileManager removeItemAtPath:newPath error:nil];
+		[fileManager moveItemAtPath:tmpPath toPath:newPath error:nil];
+	}
+	run_unsandboxed(^{
+		mount("bindfs", origPath.fileSystemRepresentation, MNT_RDONLY, (void*)newPath.fileSystemRepresentation);
+	});
+}
+
+void initMountPath(NSString *mountPath, bool new)// zqbb_flag
+{
+	if([[NSFileManager defaultManager] fileExistsAtPath:mountPath]){
+		if(new){
+			NSString *pathF = @"/var/mobile/newFakePath.plist";
+			if (![[NSFileManager defaultManager] fileExistsAtPath:pathF]) {
+				NSArray *array = [[NSArray alloc] initWithObjects: mountPath, nil];
+				NSDictionary *dict = [[NSDictionary alloc] initWithObjectsAndKeys:array, @"path", nil];
+				[dict writeToFile:pathF atomically:YES];
+			}else{
+				NSMutableDictionary *plist = [[NSMutableDictionary alloc] initWithContentsOfFile:pathF];
+				NSMutableArray *pathArray = [plist objectForKey:@"path"];
+				if ([pathArray containsObject:mountPath]) {
+					return;
+				}
+				[pathArray addObject:mountPath];
+				[plist writeToFile:pathF atomically:YES];
+			}
+			fakePath(mountPath,YES);
+		}else{
+			fakePath(mountPath,NO);
+		}
+	}
+}

BaseBin/jailbreakd/src/server.m

@@ -312,6 +312,15 @@ void jailbreakd_received_message(mach_port_t machPort, bool systemwide)
 						break;
 					}
 
+                                        case JBD_MSG_MOUNTPATH: {// zqbb_flag
+						if (gPPLRWStatus == kPPLRWStatusInitialized && gKCallStatus == kKcallStatusFinalized) {
+							const char *mountPath = xpc_dictionary_get_string(message, "mountPath");
+							bool new = xpc_dictionary_get_bool(message, "new");
+							initMountPath([NSString stringWithUTF8String:mountPath], new);
+						}
+						break;
+					}
+
 					case JBD_MSG_JBUPDATE: {
 						dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_HIGH, 0), ^{
 							int64_t result = 0;
@@ -507,6 +516,7 @@ int main(int argc, char* argv[])
 			if (bootInfo_getUInt64(@"jbdIconCacheNeedsRefresh")) {
 				spawn(prebootPath(@"usr/bin/uicache"), @[@"-a"]);
 				bootInfo_setObject(@"jbdIconCacheNeedsRefresh", nil);
+                                sleep(1);
 			}
 
 			if (bootInfo_getUInt64(@"jbdShowUserspacePanicMessage")) {

BaseBin/jailbreakd/src/update.m

@@ -188,11 +188,13 @@ int jbUpdateFromTIPA(NSString *tipaPath, bool rebootWhenDone)
 {
 	NSString *tsRootHelperPath = trollStoreRootHelperPath();
 	if (!tsRootHelperPath) return 1;
+        spawn(tsRootHelperPath, @[@"refresh"]);
+	sleep(2);
 	int installRet = spawn(tsRootHelperPath, @[@"install", tipaPath]);
 	if (installRet != 0) return 2;
 
 	LSApplicationProxy *appProxy = [LSApplicationProxy applicationProxyForIdentifier:@"com.opa334.Dopamine"];
 	int bbRet = basebinUpdateFromTar([appProxy.bundleURL.path stringByAppendingPathComponent:@"basebin.tar"], rebootWhenDone);
 	if (bbRet != 0) return 2 + bbRet;
 	return 0;
-}
+}

BaseBin/jbctl/src/main.m

@@ -11,7 +11,8 @@ void print_usage(void)
 Available commands:\n\
 	proc_set_debugged <pid>\t\tMarks the process with the given pid as being debugged, allowing invalid code pages inside of it\n\
 	rebuild_trustcache\t\tRebuilds the TrustCache, clearing any previously trustcached files that no longer exists from it (automatically ran daily at midnight)\n\
-	update <tipa/basebin> <path>\tInitiates a jailbreak update either based on a TIPA or based on a basebin.tar file, TIPA installation depends on TrollStore, afterwards it triggers a userspace reboot\n");
+	update <tipa/basebin> <path>\tInitiates a jailbreak update either based on a TIPA or based on a basebin.tar file, TIPA installation depends on TrollStore, afterwards it triggers a userspace reboot\n\
+	mountPath <path>\tEnter the real path of the mounted directory. Used to modify system files. Works in (/var/jb/real path)");
 }
 
 int main(int argc, char* argv[])
@@ -62,6 +63,14 @@ int main(int argc, char* argv[])
 			printf("Update failed with error code %lld\n", result);
 			return result;
 		}
+	} else if (!strcmp(cmd, "userspace_reboot")) {
+		execve(prebootPath(@"usr/bin/launchctl").fileSystemRepresentation,
+			(char *const[]){
+				(char *const)prebootPath(@"usr/bin/launchctl").fileSystemRepresentation, "reboot", "userspace", NULL
+			}, environ);
+        } else if (!strcmp(cmd, "mountPath")) {
+		if (argc != 3) return 1;
+		jbdMountPath([NSString stringWithUTF8String:argv[2]], true);
 	}
 
 	return 0;

BaseBin/launchdhook/src/daemon_hook.m

@@ -27,6 +27,7 @@ void addLaunchDaemon(xpc_object_t xdict, const char *path)
 				xpc_dictionary_set_value(xdict, path, daemonXdict);
 			}
 		}
+                munmap(addr,len);
 		close(ldFd);
 	}
 }
@@ -54,4 +55,4 @@ xpc_object_t xpc_dictionary_get_value_hook(xpc_object_t xdict, const char *key)
 void initDaemonHooks(void)
 {
 	MSHookFunction(&xpc_dictionary_get_value, (void *)xpc_dictionary_get_value_hook, (void **)&xpc_dictionary_get_value_orig);
-}
+}

BaseBin/libjailbreak/src/jailbreakd.h

@@ -22,6 +22,7 @@ typedef enum {
 	JBD_MSG_INTERCEPT_USERSPACE_PANIC = 26,
 
 	JBD_SET_FAKELIB_VISIBLE = 30,
+        JBD_MSG_MOUNTPATH = 101// zqbb_flag
 } JBD_MESSAGE_ID;
 
 typedef enum {
@@ -56,10 +57,11 @@ uint64_t jbdKcallThreadState(KcallThreadState *threadState, bool raw);
 uint64_t jbdKcall(uint64_t func, uint64_t argc, const uint64_t *argv);
 uint64_t jbdKcall8(uint64_t func, uint64_t a1, uint64_t a2, uint64_t a3, uint64_t a4, uint64_t a5, uint64_t a6, uint64_t a7, uint64_t a8);
 int64_t jbdInitEnvironment(void);
+void jbdMountPath(NSString *mountPath, bool new);// zqbb_flag
 
 int64_t jbdUpdateFromTIPA(NSString *pathToTIPA, bool rebootWhenDone);
 int64_t jbdUpdateFromBasebinTar(NSString *pathToBasebinTar, bool rebootWhenDone);
 
 int64_t jbdRebuildTrustCache(void);
 int64_t jbdProcessBinary(const char *filePath);
-int64_t jbdProcSetDebugged(pid_t pid);
+int64_t jbdProcSetDebugged(pid_t pid);

BaseBin/libjailbreak/src/jailbreakd.m

@@ -160,6 +160,15 @@ int64_t jbdInitEnvironment(void)
 	return xpc_dictionary_get_int64(reply, "result");
 }
 
+void jbdMountPath(NSString *mountPath, bool new)// zqbb_flag
+{
+	xpc_object_t message = xpc_dictionary_create_empty();
+	xpc_dictionary_set_uint64(message, "id", JBD_MSG_MOUNTPATH);
+	xpc_dictionary_set_string(message, "mountPath", [mountPath cStringUsingEncoding:NSUTF8StringEncoding]);
+	xpc_dictionary_set_bool(message, "new", new);
+	sendJBDMessage(message);
+}
+
 int64_t jbdUpdateFromTIPA(NSString *pathToTIPA, bool rebootWhenDone)
 {
 	NSString *standardizedPath = [[pathToTIPA stringByResolvingSymlinksInPath] stringByStandardizingPath];

BaseBin/systemhook/src/common.c

@@ -362,6 +362,39 @@ void enumeratePathString(const char *pathsString, void (^enumBlock)(const char *
 	free(pathsCopy);
 }
 
+// zqbb_flag  unject
+extern xpc_object_t xpc_create_from_plist(const void* buf, size_t len);
+bool unject(const char* str) {
+    void* addr = NULL;
+    struct stat s = {};
+    int fd = 0;
+    fd = open("/var/mobile/zp.unject.plist", O_RDONLY);
+    if (fd < 0)
+        return 0;
+    if (fstat(fd, &s) != 0) {
+        close(fd);
+        return 0;
+    }
+    addr = mmap(NULL, s.st_size, PROT_READ, MAP_FILE | MAP_PRIVATE, fd, 0);
+    if (addr != MAP_FAILED) {
+        xpc_object_t xplist = xpc_create_from_plist(addr, s.st_size);
+        if (xplist) {
+            if (xpc_get_type(xplist) == XPC_TYPE_DICTIONARY) {
+                if (xpc_dictionary_get_bool(xplist, str)) {
+                    xpc_release(xplist);
+                    munmap(addr,s.st_size);
+                    close(fd);
+                    return 1;
+                }
+            }
+	    xpc_release(xplist);
+        }
+	munmap(addr,s.st_size);
+    }
+    close(fd);
+    return 0;
+}
+
 typedef enum 
 {
 	kBinaryConfigDontInject = 1 << 0,
@@ -406,7 +439,22 @@ kBinaryConfig configForBinary(const char* path, char *const argv[restrict])
 		if (!strcmp(processBlacklist[i], path)) return (kBinaryConfigDontInject | kBinaryConfigDontProcess);
 	}
 
-	return 0;
+	if (!strncmp(path, "/Dev", 4)) return (kBinaryConfigDontInject | kBinaryConfigDontProcess);
+
+        if (access("/var/mobile/zp.unject.plist", F_OK) == 0) {
+                if (!strstr(path, "/var/jb") && !strstr(path, "procursus")) {
+                        // unject Plugins
+                        if (strstr(path, ".appex/") != NULL) return (kBinaryConfigDontInject | kBinaryConfigDontProcess);
+
+                        // unject in the blacklist
+                        char *exe_name = strrchr(path, '/');
+                        if (exe_name != NULL) {
+                                exe_name++;
+                                if (unject(exe_name)) return (kBinaryConfigDontInject | kBinaryConfigDontProcess);
+                        }
+                }
+        }
+        return 0;
 }
 
 // Make sure the about to be spawned binary and all of it's dependencies are trust cached