SecurityServer/session.h

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 //
  20 // session - authentication session domains
  21 //
  22 #ifndef _H_SESSION
  23 #define _H_SESSION
  24
  25 #include "securityserver.h"
  26 #include "acls.h"
  27 #include "authority.h"
  28 #include <Security/AuthSession.h>
  29 #include <Security/utilities.h>
  30 #include <Security/handleobject.h>
  31 #include <Security/cssmdb.h>
  32
  33 #if __GNUC__ > 2
  34 #include <ext/hash_map>
  35 using __gnu_cxx::hash_map;
  36 #else
  37 #include <hash_map>
  38 #endif
  39
  40
  41 class Key;
  42 class Connection;
  43 class Database;
  44 class Database::CommonMap;
  45
  46
  47 //
  48 // A Session object represents one or more Connections that are known to
  49 // belong to the same authentication domain. Informally this means just
  50 // about "the same user", for the right definition of "user." The upshot
  51 // is that global credentials can be shared by Connections of one Session
  52 // with a modicum of security, and so Sessions are the natural nexus of
  53 // single-sign-on functionality.
  54 //
  55 class Session : public HandleObject {
  56 public:
  57     typedef MachPlusPlus::Bootstrap Bootstrap;
  58
  59     Session(Bootstrap bootstrap, Port servicePort, SessionAttributeBits attrs = 0);
  60         virtual ~Session();
  61
  62     Bootstrap bootstrapPort() const             { return mBootstrap; }
  63         Port servicePort() const                        { return mServicePort; }
  64
  65     void addProcess(Process *proc);
  66     bool removeProcess(Process *proc);
  67
  68         virtual void release();
  69
  70     void addAuthorization(AuthorizationToken *auth);
  71     bool removeAuthorization(AuthorizationToken *auth);
  72
  73 public:
  74     static const SessionAttributeBits settableAttributes =
  75         sessionHasGraphicAccess | sessionHasTTY | sessionIsRemote;
  76
  77     SessionAttributeBits attributes() const                     { return mAttributes; }
  78     bool attribute(SessionAttributeBits bits) const     { return mAttributes & bits; }
  79
  80     static void setup(SessionCreationFlags flags, SessionAttributeBits attrs);
  81     void setupAttributes(SessionAttributeBits attrs);
  82
  83 protected:
  84     void setAttributes(SessionAttributeBits attrs)      { mAttributes |= attrs; }
  85
  86 public:
  87         const CredentialSet &authCredentials() const    { return mSessionCreds; }
  88
  89         OSStatus authCreate(const AuthItemSet &rights, const AuthItemSet &environment,
  90                 AuthorizationFlags flags, AuthorizationBlob &newHandle, const audit_token_t &auditToken);
  91         void authFree(const AuthorizationBlob &auth, AuthorizationFlags flags);
  92         OSStatus authGetRights(const AuthorizationBlob &auth,
  93                 const AuthItemSet &requestedRights, const AuthItemSet &environment,
  94                 AuthorizationFlags flags, AuthItemSet &grantedRights);
  95         OSStatus authGetInfo(const AuthorizationBlob &auth, const char *tag, AuthItemSet &contextInfo);
  96
  97         OSStatus authExternalize(const AuthorizationBlob &auth, AuthorizationExternalForm &extForm);
  98         OSStatus authInternalize(const AuthorizationExternalForm &extForm, AuthorizationBlob &auth);
  99
 100         OSStatus authorizationdbGet(AuthorizationString inRightName, CFDictionaryRef *rightDict);
 101         OSStatus authorizationdbSet(const AuthorizationBlob &authBlob, AuthorizationString inRightName, CFDictionaryRef rightDict);
 102         OSStatus authorizationdbRemove(const AuthorizationBlob &authBlob, AuthorizationString inRightName);
 103
 104 private:
 105     struct AuthorizationExternalBlob {
 106         AuthorizationBlob blob;
 107         mach_port_t session;
 108     };
 109
 110 protected:
 111     AuthorizationToken &authorization(const AuthorizationBlob &blob);
 112         void mergeCredentials(CredentialSet &creds);
 113
 114     bool clearResources();
 115
 116 public:
 117     static Session &find(Port servPort);
 118     static Session &find(SecuritySessionId id);
 119     static void eliminate(Port servPort);
 120
 121         static void lockAllDatabases(bool forSleep = false);
 122
 123 protected:
 124         mutable Mutex mLock;                    // object lock
 125
 126     Bootstrap mBootstrap;                       // session bootstrap port
 127         Port mServicePort;                              // SecurityServer service port for this session
 128     SessionAttributeBits mAttributes; // attribute bits (see AuthSession.h)
 129     unsigned int mProcessCount;         // number of active processes in session
 130     unsigned int mAuthCount;            // number of AuthorizationTokens belonging to us
 131     bool mDying;                                        // session is dying
 132
 133     mutable Mutex mCredsLock;   // lock for mSessionCreds
 134         CredentialSet mSessionCreds;    // shared session authorization credentials
 135
 136 private:
 137     typedef map<mach_port_t, Session *> SessionMap;
 138     static SessionMap sessionMap;
 139     static Mutex sessionMapLock;
 140
 141 public:
 142     typedef SessionMap::iterator Iterator;
 143     static Iterator begin()             { return sessionMap.begin(); }
 144     static Iterator end()               { return sessionMap.end(); }
 145
 146 private:
 147         Database::CommonMap mCommons;   // all database commons open in this session
 148
 149 public:
 150         Database::CommonMap &databases()
 151                 { return mCommons; }
 152 };
 153
 154
 155 //
 156 // The RootSession is the session (i.e. bootstrap dictionary) of system daemons that are
 157 // started early and don't belong to anything more restrictive. The RootSession is considered
 158 // immortal.
 159 // Currently, telnet sessions et al also default into this session, but this will change
 160 // (we hope).
 161 //
 162 class RootSession : public Session {
 163 public:
 164     RootSession(Port servicePort, SessionAttributeBits attrs = 0);
 165 };
 166
 167
 168 //
 169 // A DynamicSession is the default type of session object. We create one when a new
 170 // Connection initializes whose bootstrap port we haven't seen before. These Sessions
 171 // are torn down when their bootstrap object disappears (which happens when mach_init
 172 // destroys it due to its requestor referent vanishing).
 173 //
 174 class DynamicSession : private ReceivePort, public Session {
 175 public:
 176     DynamicSession(const Bootstrap &bootstrap);
 177         ~DynamicSession();
 178
 179 protected:
 180         void release();
 181 };
 182
 183
 184 #endif //_H_SESSION