]> git.saurik.com Git - apple/security.git/blob - sectask/regressions/sectask-10-sectask.c
Security-58286.230.21.tar.gz
[apple/security.git] / sectask / regressions / sectask-10-sectask.c
1 /*
2 * Copyright (c) 2007-2009,2013-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25
26 #include <stdio.h>
27 #include <CoreFoundation/CoreFoundation.h>
28 #include <Security/SecTask.h>
29 #include <Security/SecEntitlements.h>
30 #include <AssertMacros.h>
31 #include <TargetConditionals.h>
32 #include <sys/sysctl.h>
33
34 #include "utilities/SecCFRelease.h"
35
36 #include "sectask_regressions.h"
37
38 /* IPC stuff:
39
40 This is a hack to get our own audittoken:
41 We send a simple request with no argument to our mach port.
42 The mach port callback copy the audittoken to a global.
43 */
44
45 #include <mach/mach.h>
46 #include <mach/message.h>
47 #include "sectask_ipc.h"
48
49 static audit_token_t g_self_audittoken = {{0}};
50
51 kern_return_t sectask_server_request(mach_port_t receiver,
52 audit_token_t auditToken);
53 kern_return_t sectask_server_request(mach_port_t receiver,
54 audit_token_t auditToken)
55 {
56 memcpy(&g_self_audittoken, &auditToken, sizeof(g_self_audittoken));
57
58 CFRunLoopStop(CFRunLoopGetCurrent());
59
60 return 0;
61 }
62
63 extern boolean_t sectask_ipc_server(mach_msg_header_t *InHeadP, mach_msg_header_t *OutHeadP);
64
65 union max_msg_size_union {
66 union __RequestUnion__sectask_client_sectask_ipc_subsystem reply;
67 };
68
69 static uint8_t reply_buffer[sizeof(union max_msg_size_union) + MAX_TRAILER_SIZE];
70
71 static void server_callback(CFMachPortRef port, void *msg, CFIndex size, void *info)
72 {
73 mach_msg_header_t *message = (mach_msg_header_t *)msg;
74 mach_msg_header_t *reply = (mach_msg_header_t *)reply_buffer;
75
76 sectask_ipc_server(message, reply);
77
78 }
79
80 static
81 void init_self_audittoken(void)
82 {
83 /* create a mach port and an event source */
84 CFMachPortRef server_port = CFMachPortCreate (NULL, server_callback, NULL, false);
85 CFRunLoopSourceRef server_source = CFMachPortCreateRunLoopSource(NULL, server_port, 0/*order*/);
86
87 /* add the source to the current run loop */
88 CFRunLoopAddSource(CFRunLoopGetCurrent(), server_source, kCFRunLoopDefaultMode);
89 CFRelease(server_source);
90
91 /* Send the request */
92 sectask_client_request(CFMachPortGetPort(server_port));
93
94 /* Run the loop to process the message */
95 CFRunLoopRun();
96
97 /* done */
98 CFRelease(server_port);
99
100 }
101
102 static
103 CFStringRef copyProcName(pid_t pid) {
104 const char *task_name;
105 int mib[] = {CTL_KERN, KERN_PROC, KERN_PROC_PID, pid};
106 struct kinfo_proc kp;
107 size_t len = sizeof(kp);
108 if (sysctl(mib, 4, &kp, &len, NULL, 0) == -1 || len == 0)
109 task_name = strerror(errno);
110 else
111 task_name = kp.kp_proc.p_comm;
112 return CFStringCreateWithCString(kCFAllocatorDefault, task_name, kCFStringEncodingASCII);
113 }
114
115 /* Actual test code */
116
117 int sectask_10_sectask_self(int argc, char *const *argv)
118 {
119 SecTaskRef task=NULL;
120 CFStringRef appId=NULL;
121 CFStringRef signingIdentifier=NULL;
122 plan_tests(7);
123
124 ok(task=SecTaskCreateFromSelf(kCFAllocatorDefault), "SecTaskCreateFromSelf");
125 require(task, out);
126
127 /* TODO: remove the todo once xcode signs simulator binaries */
128 SKIP: {
129 #if TARGET_IPHONE_SIMULATOR
130 todo("no entitlements in the simulator binaries yet, until <rdar://problem/12194625>");
131 #endif
132 ok(appId=SecTaskCopyValueForEntitlement(task, kSecEntitlementApplicationIdentifier, NULL), "SecTaskCopyValueForEntitlement");
133 skip("appId is NULL", 1, appId);
134 ok(CFEqual(appId, CFSTR("com.apple.security.regressions")), "Application Identifier match");
135
136 ok(signingIdentifier=SecTaskCopySigningIdentifier(task, NULL), "SecTaskCopySigningIdentifier");
137 ok(CFEqual(signingIdentifier, CFBundleGetIdentifier(CFBundleGetMainBundle())), "CodeSigning Identifier match");
138 }
139
140 pid_t pid = getpid();
141 CFStringRef name = copyProcName(pid);
142 CFStringRef pidstr = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("[%d]"), pid);
143 CFStringRef desc = CFCopyDescription(task);
144
145 ok(CFStringFind(desc, name, 0).location != kCFNotFound, "didn't find name: %@ vs %@", desc, name);
146 ok(CFStringFind(desc, pidstr, 0).location != kCFNotFound, "didn't find pidstr: %@ vs %@", desc, pidstr);
147
148 CFReleaseSafe(name);
149 CFReleaseSafe(desc);
150 CFReleaseSafe(pidstr);
151
152 out:
153 CFReleaseSafe(task);
154 CFReleaseSafe(appId);
155 CFReleaseSafe(signingIdentifier);
156
157 return 0;
158 }
159
160 int sectask_10_sectask(int argc, char *const *argv)
161 {
162 SecTaskRef task=NULL;
163 CFStringRef appId=NULL;
164 CFStringRef signingIdentifier=NULL;
165
166 plan_tests(7);
167
168 init_self_audittoken();
169
170 ok(task=SecTaskCreateWithAuditToken(kCFAllocatorDefault, g_self_audittoken), "SecTaskCreateFromAuditToken");
171 require(task, out);
172
173 /* TODO: remove the todo once xcode signs simulator binaries */
174 SKIP: {
175 #if TARGET_IPHONE_SIMULATOR
176 todo("no entitlements in the simulator binaries yet, until <rdar://problem/12194625>");
177 #endif
178 ok(appId=SecTaskCopyValueForEntitlement(task, kSecEntitlementApplicationIdentifier, NULL), "SecTaskCopyValueForEntitlement");
179 skip("appId is NULL", 1, appId);
180 ok(CFEqual(appId, CFSTR("com.apple.security.regressions")), "Application Identifier match");
181 ok(signingIdentifier=SecTaskCopySigningIdentifier(task, NULL), "SecTaskCopySigningIdentifier");
182 ok(CFEqual(signingIdentifier, CFBundleGetIdentifier(CFBundleGetMainBundle())), "CodeSigning Identifier match");
183 }
184
185 pid_t pid = getpid();
186 CFStringRef name = copyProcName(pid);
187 CFStringRef pidstr = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("[%d]"), pid);
188 CFStringRef desc = CFCopyDescription(task);
189
190 ok(CFStringFind(desc, name, 0).location != kCFNotFound, "didn't find name: %@ vs %@", desc, name);
191 ok(CFStringFind(desc, pidstr, 0).location != kCFNotFound, "didn't find pidstr: %@ vs %@", desc, pidstr);
192
193 CFReleaseSafe(name);
194 CFReleaseSafe(desc);
195 CFReleaseSafe(pidstr);
196
197 out:
198 CFReleaseSafe(task);
199 CFReleaseSafe(appId);
200 CFReleaseSafe(signingIdentifier);
201
202 return 0;
203 }