2 File: PrivilegedOperations.c
4 Abstract: Interface to "ddnswriteconfig" setuid root tool.
6 Copyright: (c) Copyright 2005 Apple Computer, Inc. All rights reserved.
8 Disclaimer: IMPORTANT: This Apple software is supplied to you by Apple Computer, Inc.
9 ("Apple") in consideration of your agreement to the following terms, and your
10 use, installation, modification or redistribution of this Apple software
11 constitutes acceptance of these terms. If you do not agree with these terms,
12 please do not use, install, modify or redistribute this Apple software.
14 In consideration of your agreement to abide by the following terms, and subject
15 to these terms, Apple grants you a personal, non-exclusive license, under Apple's
16 copyrights in this original Apple software (the "Apple Software"), to use,
17 reproduce, modify and redistribute the Apple Software, with or without
18 modifications, in source and/or binary forms; provided that if you redistribute
19 the Apple Software in its entirety and without modifications, you must retain
20 this notice and the following text and disclaimers in all such redistributions of
21 the Apple Software. Neither the name, trademarks, service marks or logos of
22 Apple Computer, Inc. may be used to endorse or promote products derived from the
23 Apple Software without specific prior written permission from Apple. Except as
24 expressly stated in this notice, no other rights or licenses, express or implied,
25 are granted by Apple herein, including but not limited to any patent rights that
26 may be infringed by your derivative works or by other works in which the Apple
27 Software may be incorporated.
29 The Apple Software is provided by Apple on an "AS IS" basis. APPLE MAKES NO
30 WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION THE IMPLIED
31 WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY AND FITNESS FOR A PARTICULAR
32 PURPOSE, REGARDING THE APPLE SOFTWARE OR ITS USE AND OPERATION ALONE OR IN
33 COMBINATION WITH YOUR PRODUCTS.
35 IN NO EVENT SHALL APPLE BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL OR
36 CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
37 GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38 ARISING IN ANY WAY OUT OF THE USE, REPRODUCTION, MODIFICATION AND/OR DISTRIBUTION
39 OF THE APPLE SOFTWARE, HOWEVER CAUSED AND WHETHER UNDER THEORY OF CONTRACT, TORT
40 (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, EVEN IF APPLE HAS BEEN
41 ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
43 Change History (most recent first):
44 $Log: PrivilegedOperations.c,v $
45 Revision 1.3 2005/06/04 04:50:00 cheshire
46 <rdar://problem/4138070> ddnswriteconfig (Bonjour PreferencePane) vulnerability
47 Use installtool instead of requiring ddnswriteconfig to self-install
49 Revision 1.2 2005/02/10 22:35:20 cheshire
50 <rdar://problem/3727944> Update name
52 Revision 1.1 2005/02/05 01:59:19 cheshire
53 Add Preference Pane to facilitate testing of DDNS & wide-area features
57 #include "PrivilegedOperations.h"
58 #include "ConfigurationAuthority.h"
59 #include <CoreFoundation/CoreFoundation.h>
60 #include <SystemConfiguration/SystemConfiguration.h>
66 #include <AssertMacros.h>
67 #include <Security/Security.h>
69 Boolean gToolApproved
= false;
71 pid_t
execTool(const char *args
[])
72 // fork/exec and return new pid
79 execv(args
[0], (char *const *)args
);
80 printf("exec of %s failed; errno = %d\n", args
[0], errno
);
81 _exit(-1); // exec failed
87 OSStatus
EnsureToolInstalled(void)
88 // Make sure that the tool is installed in the right place, with the right privs, and the right version.
94 const char *args
[] = { kToolPath
, "0", "V", NULL
};
95 char toolSourcePath
[PATH_MAX
] = {};
96 char toolInstallerPath
[PATH_MAX
] = {};
101 // Check version of installed tool
102 toolPID
= execTool(args
);
105 waitpid(toolPID
, &status
, 0);
106 if (WIFEXITED(status
) && WEXITSTATUS(status
) == PRIV_OP_TOOL_VERS
)
110 // Locate our in-bundle copy of privop tool
111 bundleURL
= CFBundleCopyBundleURL(CFBundleGetBundleWithIdentifier(CFSTR("com.apple.preference.bonjour")) );
112 if (bundleURL
!= NULL
)
114 CFURLGetFileSystemRepresentation(bundleURL
, false, (UInt8
*) toolSourcePath
, sizeof toolSourcePath
);
115 if (strlcat(toolSourcePath
, "/Contents/Resources/" kToolName
, sizeof toolSourcePath
) >= sizeof toolSourcePath
) return(-1);
116 CFURLGetFileSystemRepresentation(bundleURL
, false, (UInt8
*) toolInstallerPath
, sizeof toolInstallerPath
);
117 if (strlcat(toolInstallerPath
, "/Contents/Resources/" kToolInstaller
, sizeof toolInstallerPath
) >= sizeof toolInstallerPath
) return(-1);
120 return coreFoundationUnknownErr
;
122 // Obtain authorization and run in-bundle copy as root to install it
124 AuthorizationItem aewpRight
= { kAuthorizationRightExecute
, strlen(toolInstallerPath
), toolInstallerPath
, 0 };
125 AuthorizationItemSet rights
= { 1, &aewpRight
};
126 AuthorizationRef authRef
;
128 err
= AuthorizationCreate(&rights
, (AuthorizationEnvironment
*) NULL
,
129 kAuthorizationFlagInteractionAllowed
| kAuthorizationFlagExtendRights
|
130 kAuthorizationFlagPreAuthorize
, &authRef
);
133 char *installerargs
[] = { toolSourcePath
, NULL
};
134 err
= AuthorizationExecuteWithPrivileges(authRef
, toolInstallerPath
, 0, installerargs
, (FILE**) NULL
);
136 gToolApproved
= true;
137 (void) AuthorizationFree(authRef
, kAuthorizationFlagDestroyRights
);
145 static OSStatus
ExecWithCmdAndParam(const char *subCmd
, CFDataRef paramData
)
146 // Execute our privop tool with the supplied subCmd and parameter
148 OSStatus err
= noErr
;
154 const char *args
[] = { kToolPath
, NULL
, "A", NULL
, NULL
};
155 AuthorizationExternalForm authExt
;
157 err
= ExternalizeAuthority(&authExt
);
158 require_noerr(err
, AuthFailed
);
160 dataLen
= CFDataGetLength(paramData
);
161 buff
= (UInt8
*) malloc(dataLen
* sizeof(UInt8
));
162 require_action(buff
!= NULL
, AllocBuffFailed
, err
=memFullErr
;);
164 CFRange all
= { 0, dataLen
};
165 CFDataGetBytes(paramData
, all
, buff
);
168 commFD
= fileno(tmpfile());
169 sprintf(fileNum
, "%d", commFD
);
173 // write authority to pipe
174 len
= 0; // tag, unused
175 write(commFD
, &len
, sizeof len
);
176 len
= sizeof authExt
; // len
177 write(commFD
, &len
, sizeof len
);
178 write(commFD
, &authExt
, len
);
180 // write parameter to pipe
181 len
= 0; // tag, unused
182 write(commFD
, &len
, sizeof len
);
183 len
= dataLen
; // len
184 write(commFD
, &len
, sizeof len
);
185 write(commFD
, buff
, len
);
187 child
= execTool(args
);
190 waitpid(child
, &status
, 0);
191 if (WIFEXITED(status
))
192 err
= WEXITSTATUS(status
);
193 //fprintf(stderr, "child exited; status = %d (%ld)\n", status, err);
205 WriteBrowseDomain(CFDataRef domainArrayData
)
207 if (!CurrentlyAuthorized())
209 return ExecWithCmdAndParam("Wb", domainArrayData
);
213 WriteRegistrationDomain(CFDataRef domainArrayData
)
215 if (!CurrentlyAuthorized())
217 return ExecWithCmdAndParam("Wd", domainArrayData
);
221 WriteHostname(CFDataRef domainArrayData
)
223 if (!CurrentlyAuthorized())
225 return ExecWithCmdAndParam("Wh", domainArrayData
);
229 SetKeyForDomain(CFDataRef secretData
)
231 if (!CurrentlyAuthorized())
233 return ExecWithCmdAndParam("Wk", secretData
);
projects / apple / mdnsresponder.git / blob