| | 1 | /* |
| | 2 | * Copyright (c) 2000, 2001, 2005-2007, 2009-2012, 2014, 2016-2019 Apple Inc. All rights reserved. |
| | 3 | * |
| | 4 | * @APPLE_LICENSE_HEADER_START@ |
| | 5 | * |
| | 6 | * This file contains Original Code and/or Modifications of Original Code |
| | 7 | * as defined in and that are subject to the Apple Public Source License |
| | 8 | * Version 2.0 (the 'License'). You may not use this file except in |
| | 9 | * compliance with the License. Please obtain a copy of the License at |
| | 10 | * http://www.opensource.apple.com/apsl/ and read it before using this |
| | 11 | * file. |
| | 12 | * |
| | 13 | * The Original Code and all software distributed under the License are |
| | 14 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER |
| | 15 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, |
| | 16 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, |
| | 17 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. |
| | 18 | * Please see the License for the specific language governing rights and |
| | 19 | * limitations under the License. |
| | 20 | * |
| | 21 | * @APPLE_LICENSE_HEADER_END@ |
| | 22 | */ |
| | 23 | |
| | 24 | /* |
| | 25 | * Modification History |
| | 26 | * |
| | 27 | * June 1, 2001 Allan Nathanson <ajn@apple.com> |
| | 28 | * - public API conversion |
| | 29 | * |
| | 30 | * March 24, 2000 Allan Nathanson <ajn@apple.com> |
| | 31 | * - initial revision |
| | 32 | */ |
| | 33 | |
| | 34 | #ifndef _S_SESSION_H |
| | 35 | #define _S_SESSION_H |
| | 36 | |
| | 37 | #include <sys/cdefs.h> |
| | 38 | #include <os/availability.h> |
| | 39 | #include <TargetConditionals.h> |
| | 40 | |
| | 41 | #define DISPATCH_MACH_SPI 1 |
| | 42 | #import <dispatch/private.h> |
| | 43 | |
| | 44 | /* |
| | 45 | * SCDynamicStore write access entitlement |
| | 46 | * |
| | 47 | * Key : "com.apple.SystemConfiguration.SCDynamicStore-write-access" |
| | 48 | * Value : Boolean |
| | 49 | * TRUE == allow SCDynamicStore write access for this process |
| | 50 | * |
| | 51 | * Dictionary |
| | 52 | * Key : "keys" |
| | 53 | * Value : <array> of CFString with write access allowed for |
| | 54 | * each SCDynamicStore key matching the string(s) |
| | 55 | * |
| | 56 | * Key : "patterns" |
| | 57 | * Value : <array> of CFString with write access allowed for |
| | 58 | * each SCDynamicStore key matching the regex pattern(s) |
| | 59 | */ |
| | 60 | #define kSCWriteEntitlementName CFSTR("com.apple.SystemConfiguration.SCDynamicStore-write-access") |
| | 61 | |
| | 62 | |
| | 63 | typedef enum { NO = 0, YES, UNKNOWN } lazyBoolean; |
| | 64 | |
| | 65 | |
| | 66 | /* Per client server state */ |
| | 67 | typedef struct { |
| | 68 | |
| | 69 | // base CFType information |
| | 70 | CFRuntimeBase cfBase; |
| | 71 | |
| | 72 | /* mach port used as the key to this session */ |
| | 73 | mach_port_t key; |
| | 74 | |
| | 75 | /* mach channel associated with this session */ |
| | 76 | dispatch_mach_t serverChannel; |
| | 77 | |
| | 78 | /* data associated with this "open" session */ |
| | 79 | CFMutableArrayRef changedKeys; |
| | 80 | CFStringRef name; |
| | 81 | CFMutableArrayRef sessionKeys; |
| | 82 | SCDynamicStoreRef store; |
| | 83 | |
| | 84 | /* credentials associated with this "open" session */ |
| | 85 | uid_t callerEUID; |
| | 86 | |
| | 87 | /* Mach security audit trailer for evaluating credentials */ |
| | 88 | audit_token_t auditToken; |
| | 89 | |
| | 90 | /* root access credential associated with this "open" session */ |
| | 91 | lazyBoolean callerRootAccess; |
| | 92 | |
| | 93 | /* |
| | 94 | * write access entitlement associated with this "open" session |
| | 95 | * |
| | 96 | * kCFNull caller entitlements unknown (need to fetch) |
| | 97 | * NULL no entitlement |
| | 98 | * CFBoolean true/false |
| | 99 | * CFDictionary "keys" = CFArray[writable keys] |
| | 100 | * "patterns" = CFArray[writable patterns] |
| | 101 | */ |
| | 102 | CFTypeRef callerWriteEntitlement; |
| | 103 | |
| | 104 | } serverSession, *serverSessionRef; |
| | 105 | |
| | 106 | __BEGIN_DECLS |
| | 107 | |
| | 108 | serverSessionRef addClient (mach_port_t server, |
| | 109 | audit_token_t audit_token); |
| | 110 | |
| | 111 | serverSessionRef addServer (mach_port_t server); |
| | 112 | |
| | 113 | serverSessionRef getSession (mach_port_t server); |
| | 114 | |
| | 115 | serverSessionRef getSessionNum (CFNumberRef serverKey); |
| | 116 | |
| | 117 | serverSessionRef getSessionStr (CFStringRef serverKey); |
| | 118 | |
| | 119 | serverSessionRef tempSession (mach_port_t server, |
| | 120 | CFStringRef name, |
| | 121 | audit_token_t auditToken); |
| | 122 | |
| | 123 | void cleanupSession (serverSessionRef session); |
| | 124 | |
| | 125 | void closeSession (serverSessionRef session); |
| | 126 | |
| | 127 | void listSessions (FILE *f); |
| | 128 | |
| | 129 | Boolean hasRootAccess (serverSessionRef session); |
| | 130 | |
| | 131 | Boolean hasWriteAccess (serverSessionRef session, |
| | 132 | const char *op, |
| | 133 | CFStringRef key); |
| | 134 | |
| | 135 | Boolean hasPathAccess (serverSessionRef session, |
| | 136 | const char *path); |
| | 137 | |
| | 138 | __END_DECLS |
| | 139 | |
| | 140 | #endif /* !_S_SESSION_H */ |
projects / apple / configd.git / blame_incremental