2 * Copyright (c) 2007,2011 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
23 #include "SecCodeHost.h"
24 #include "SecCodeHostLib.h"
25 #include <Security/Security.h>
26 #include <Security/AuthSession.h>
27 #include <securityd_client/ucsp.h>
28 #include <servers/bootstrap.h>
34 mach_port_t gServerPort
;
35 SecCSFlags gInitFlags
;
39 // Framing macros and facilities
41 #define UCSP_ARGS gServerPort, mig_get_reply_port(), &securitydCreds, &rcode
42 #define ATTRDATA(attr) (void *)(attr), (attr) ? strlen((attr)) : 0
45 security_token_t securitydCreds; \
47 if (KERN_SUCCESS != func) \
48 return errSecCSInternalError; \
49 if (securitydCreds.val[0] != 0) \
50 return CSSM_ERRCODE_VERIFICATION_FAILURE; \
56 // Mandatory initialization call
58 OSStatus
SecHostLibInit(SecCSFlags flags
)
60 if (gServerPort
!= MACH_PORT_NULL
) // re-initialization attempt
61 return errSecCSInternalError
;
63 mach_port_t bootstrapPort
;
64 if (KERN_SUCCESS
!= task_get_bootstrap_port(mach_task_self(), &bootstrapPort
))
65 return errSecCSInternalError
;
66 static char serverName
[BOOTSTRAP_MAX_NAME_LEN
] = SECURITYSERVER_BOOTSTRAP_NAME
;
67 if (KERN_SUCCESS
!= bootstrap_look_up(bootstrapPort
, serverName
, &gServerPort
))
68 return errSecCSInternalError
;
70 ClientSetupInfo info
= { 0x1234, SSPROTOVERSION
};
71 CALL(ucsp_client_setup(UCSP_ARGS
, mach_task_self(), info
, "?:unspecified"));
77 // At this time, this ONLY supports the creation of (one) dedicated guest.
79 OSStatus
SecHostLibCreateGuest(SecGuestRef host
,
80 uint32_t status
, const char *path
, const char *attributeXML
,
81 SecCSFlags flags
, SecGuestRef
*newGuest
)
83 return SecHostLibCreateGuest2(host
, status
, path
, "", 0, attributeXML
, flags
, newGuest
);
86 OSStatus
SecHostLibCreateGuest2(SecGuestRef host
,
87 uint32_t status
, const char *path
, const void *cdhash
, size_t cdhashLength
, const char *attributeXML
,
88 SecCSFlags flags
, SecGuestRef
*newGuest
)
90 if (flags
!= kSecCSDedicatedHost
)
91 return errSecCSInvalidFlags
;
93 CALL(ucsp_client_createGuest(UCSP_ARGS
, host
, status
, path
,
94 (void *)cdhash
, cdhashLength
, ATTRDATA(attributeXML
), flags
, newGuest
));
99 // Update the status of a guest.
101 OSStatus
SecHostLibSetGuestStatus(SecGuestRef guestRef
,
102 uint32_t status
, const char *attributeXML
,
105 CALL(ucsp_client_setGuestStatus(UCSP_ARGS
, guestRef
, status
, ATTRDATA(attributeXML
)));
110 // Enable dynamic hosting mode.
112 OSStatus
SecHostSetHostingPort(mach_port_t hostingPort
, SecCSFlags flags
)
114 CALL(ucsp_client_registerHosting(UCSP_ARGS
, hostingPort
, flags
));
119 // Helper for checked incorporation of code.
121 OSStatus
SecHostLibCheckLoad(const char *path
, SecRequirementType type
)
123 CALL(ucsp_client_helpCheckLoad(UCSP_ARGS
, path
, type
));
projects / apple / security.git / blob