configd.tproj/session.h

   1 /*
   2  * Copyright (c) 2000, 2001, 2005-2007, 2009-2012, 2014, 2016, 2017 Apple Inc. All rights reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /*
  25  * Modification History
  26  *
  27  * June 1, 2001                 Allan Nathanson <ajn@apple.com>
  28  * - public API conversion
  29  *
  30  * March 24, 2000               Allan Nathanson <ajn@apple.com>
  31  * - initial revision
  32  */
  33
  34 #ifndef _S_SESSION_H
  35 #define _S_SESSION_H
  36
  37 #include <sys/cdefs.h>
  38 #include <Availability.h>
  39 #include <TargetConditionals.h>
  40
  41
  42 /*
  43  * SCDynamicStore write access entitlement
  44  *
  45  *   Key   : "com.apple.SystemConfiguration.SCDynamicStore-write-access"
  46  *   Value : Boolean
  47  *             TRUE == allow SCDynamicStore write access for this process
  48  *
  49  *           Dictionary
  50  *             Key   : "keys"
  51  *             Value : <array> of CFString with write access allowed for
  52  *                     each SCDynamicStore key matching the string(s)
  53  *
  54  *             Key   : "patterns"
  55  *             Value : <array> of CFString with write access allowed for
  56  *                     each SCDynamicStore key matching the regex pattern(s)
  57  */
  58 #define kSCWriteEntitlementName CFSTR("com.apple.SystemConfiguration.SCDynamicStore-write-access")
  59
  60
  61 typedef enum { NO = 0, YES, UNKNOWN } lazyBoolean;
  62
  63
  64 /* Per client server state */
  65 typedef struct {
  66
  67         /* mach port used as the key to this session */
  68         mach_port_t             key;
  69
  70         /* mach port associated with this session */
  71         CFMachPortRef           serverPort;
  72         CFRunLoopSourceRef      serverRunLoopSource;
  73
  74         /* data associated with this "open" session */
  75         SCDynamicStoreRef       store;
  76
  77         /* caller's activity */
  78         os_activity_t           activity;
  79
  80         /* credentials associated with this "open" session */
  81         uid_t                   callerEUID;
  82
  83         /* Mach security audit trailer for evaluating credentials */
  84         audit_token_t           auditToken;
  85
  86         /* root access credential associated with this "open" session */
  87         lazyBoolean             callerRootAccess;
  88
  89         /*
  90          * write access entitlement associated with this "open" session
  91          *
  92          *   kCFNull            caller entitlements unknown (need to fetch)
  93          *   NULL               no entitlement
  94          *   CFBoolean          true/false
  95          *   CFDictionary       "keys"     = CFArray[writable keys]
  96          *                      "patterns" = CFArray[writable patterns]
  97          */
  98         CFTypeRef               callerWriteEntitlement;
  99
 100 } serverSession, *serverSessionRef;
 101
 102 __BEGIN_DECLS
 103
 104 serverSessionRef        getSession      (mach_port_t    server);
 105
 106 serverSessionRef        tempSession     (mach_port_t    server,
 107                                          CFStringRef    name,
 108                                          audit_token_t  auditToken);
 109
 110 serverSessionRef        addSession      (mach_port_t    server,
 111                                          CFStringRef    (*copyDescription)(const void *info));
 112
 113 void                    cleanupSession  (mach_port_t    server);
 114
 115 void                    listSessions    (FILE           *f);
 116
 117 Boolean                 hasRootAccess   (serverSessionRef       session);
 118
 119 Boolean                 hasWriteAccess  (serverSessionRef       session,
 120                                          const char             *op,
 121                                          CFStringRef            key);
 122
 123 Boolean                 hasPathAccess   (serverSessionRef       session,
 124                                          const char             *path);
 125
 126 __END_DECLS
 127
 128 #endif /* !_S_SESSION_H */