SecurityServer/server.h

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 //
  20 // server - the actual Server object
  21 //
  22 #ifndef _H_SERVER
  23 #define _H_SERVER
  24
  25 #include "securityserver.h"
  26 #include <Security/machserver.h>
  27 #include <Security/powerwatch.h>
  28 #include <Security/cssmclient.h>
  29 #include <Security/cspclient.h>
  30 #include <Security/osxsigner.h>
  31 #include <Security/devrandom.h>
  32 #include <Security/uniformrandom.h>
  33 #include "connection.h"
  34 #include "key.h"
  35 #include "xdatabase.h"
  36 #include "authority.h"
  37 #include <map>
  38
  39
  40 class Server : public MachPlusPlus::MachServer,
  41                public UniformRandomBlobs<DevRandomGenerator> {
  42 public:
  43         Server(Authority &myAuthority, const char *bootstrapName);
  44         ~Server();
  45
  46     // run the server until it shuts down
  47         void run();
  48
  49     //
  50     // Retrieve pieces of the Server's object web.
  51     // These are all static methods that use the active() Server of this thread.
  52     //
  53         static Server &active() { return safer_cast<Server &>(MachServer::active()); }
  54         static const char *bootstrapName() { return active().mBootstrapName.c_str(); }
  55
  56         static Connection &connection(mach_port_t replyPort);
  57         static Connection &connection(bool tolerant = false);
  58         static void requestComplete();
  59
  60         static Key &key(KeyHandle key)
  61         { return findHandle<Key>(key, CSSMERR_CSP_INVALID_KEY); }
  62     static Key *optionalKey(KeyHandle k) { return (k == noKey) ? NULL : &key(k); }
  63         static Database &database(DbHandle db)
  64         { return findHandle<Database>(db, CSSMERR_DL_INVALID_DB_HANDLE); }
  65         static Database *optionalDatabase(DbHandle db) { return db ? &database(db) : NULL; }
  66     static Authority &authority() { return active().mAuthority; }
  67         static CodeSigning::OSXSigner &signer() { return active().mSigner; }
  68         static SecurityServerAcl &aclBearer(AclKind kind, CSSM_HANDLE handle);
  69         static CssmClient::CSP &csp() { return active().getCsp(); }
  70
  71         void loadCssm();
  72
  73 public:
  74         void setupConnection(Port servicePort, Port replyPort, Port taskPort,
  75         const security_token_t &securityToken, const char *executablePath);
  76 #if 0
  77     Process *resetConnection();
  78 #endif
  79         void endConnection(Port replyPort);
  80
  81         static void releaseWhenDone(CssmAllocator &alloc, void *memory)
  82         { MachServer::active().releaseWhenDone(alloc, memory); }
  83         static void releaseWhenDone(void *memory)
  84         { releaseWhenDone(CssmAllocator::standard(), memory); }
  85
  86 protected:
  87     // implementation methods of MachServer
  88         boolean_t handle(mach_msg_header_t *in, mach_msg_header_t *out);
  89         void notifyDeadName(Port port);
  90         void notifyNoSenders(Port port, mach_port_mscount_t);
  91
  92 private:
  93     class SleepWatcher : public MachPlusPlus::PortPowerWatcher {
  94     public:
  95         void systemWillSleep();
  96     };
  97     SleepWatcher sleepWatcher;
  98
  99 private:
 100         Mutex lock;                                     // master lock
 101
 102         // mach bootstrap registration name
 103         std::string mBootstrapName;
 104
 105         // map of connections (by client reply port)
 106         typedef map<mach_port_t, Connection *> ConnectionMap;
 107         ConnectionMap connections;
 108
 109         // map of processes (by process task port)
 110         typedef map<mach_port_t, Process *> ProcessMap;
 111         ProcessMap processes;
 112
 113         // Current connection, if any (per thread).
 114         // Set as a side effect of calling the connection() method.
 115         PerThreadPointer<Connection> mCurrentConnection;
 116
 117     // CSSM components
 118     CssmClient::Cssm mCssm;
 119     CssmClient::Module mCSPModule;
 120         CssmClient::CSP mCSP;
 121     CssmClient::CSP &getCsp();
 122
 123         Authority &mAuthority;
 124         CodeSigning::OSXSigner mSigner;
 125 };
 126
 127 #endif //_H_SERVER