configd.tproj/session.h

   1 /*
   2  * Copyright (c) 2000, 2001, 2005-2007, 2009-2012, 2014, 2016-2019 Apple Inc. All rights reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 /*
  25  * Modification History
  26  *
  27  * June 1, 2001                 Allan Nathanson <ajn@apple.com>
  28  * - public API conversion
  29  *
  30  * March 24, 2000               Allan Nathanson <ajn@apple.com>
  31  * - initial revision
  32  */
  33
  34 #ifndef _S_SESSION_H
  35 #define _S_SESSION_H
  36
  37 #include <sys/cdefs.h>
  38 #include <os/availability.h>
  39 #include <TargetConditionals.h>
  40
  41 #define DISPATCH_MACH_SPI 1
  42 #import <dispatch/private.h>
  43
  44 /*
  45  * SCDynamicStore write access entitlement
  46  *
  47  *   Key   : "com.apple.SystemConfiguration.SCDynamicStore-write-access"
  48  *   Value : Boolean
  49  *             TRUE == allow SCDynamicStore write access for this process
  50  *
  51  *           Dictionary
  52  *             Key   : "keys"
  53  *             Value : <array> of CFString with write access allowed for
  54  *                     each SCDynamicStore key matching the string(s)
  55  *
  56  *             Key   : "patterns"
  57  *             Value : <array> of CFString with write access allowed for
  58  *                     each SCDynamicStore key matching the regex pattern(s)
  59  */
  60 #define kSCWriteEntitlementName CFSTR("com.apple.SystemConfiguration.SCDynamicStore-write-access")
  61
  62
  63 typedef enum { NO = 0, YES, UNKNOWN } lazyBoolean;
  64
  65
  66 /* Per client server state */
  67 typedef struct {
  68
  69         // base CFType information
  70         CFRuntimeBase           cfBase;
  71
  72         /* mach port used as the key to this session */
  73         mach_port_t             key;
  74
  75         /* mach channel associated with this session */
  76         dispatch_mach_t         serverChannel;
  77
  78         /* data associated with this "open" session */
  79         CFMutableArrayRef       changedKeys;
  80         CFStringRef             name;
  81         CFMutableArrayRef       sessionKeys;
  82         SCDynamicStoreRef       store;
  83
  84         /* credentials associated with this "open" session */
  85         uid_t                   callerEUID;
  86
  87         /* Mach security audit trailer for evaluating credentials */
  88         audit_token_t           auditToken;
  89
  90         /* root access credential associated with this "open" session */
  91         lazyBoolean             callerRootAccess;
  92
  93         /*
  94          * write access entitlement associated with this "open" session
  95          *
  96          *   kCFNull            caller entitlements unknown (need to fetch)
  97          *   NULL               no entitlement
  98          *   CFBoolean          true/false
  99          *   CFDictionary       "keys"     = CFArray[writable keys]
 100          *                      "patterns" = CFArray[writable patterns]
 101          */
 102         CFTypeRef               callerWriteEntitlement;
 103
 104 } serverSession, *serverSessionRef;
 105
 106 __BEGIN_DECLS
 107
 108 serverSessionRef        addClient       (mach_port_t    server,
 109                                          audit_token_t  audit_token);
 110
 111 serverSessionRef        addServer       (mach_port_t    server);
 112
 113 serverSessionRef        getSession      (mach_port_t    server);
 114
 115 serverSessionRef        getSessionNum   (CFNumberRef    serverKey);
 116
 117 serverSessionRef        getSessionStr   (CFStringRef    serverKey);
 118
 119 serverSessionRef        tempSession     (mach_port_t    server,
 120                                          CFStringRef    name,
 121                                          audit_token_t  auditToken);
 122
 123 void                    cleanupSession  (serverSessionRef       session);
 124
 125 void                    closeSession    (serverSessionRef       session);
 126
 127 void                    listSessions    (FILE           *f);
 128
 129 Boolean                 hasRootAccess   (serverSessionRef       session);
 130
 131 Boolean                 hasWriteAccess  (serverSessionRef       session,
 132                                          const char             *op,
 133                                          CFStringRef            key);
 134
 135 Boolean                 hasPathAccess   (serverSessionRef       session,
 136                                          const char             *path);
 137
 138 __END_DECLS
 139
 140 #endif  /* !_S_SESSION_H */