]> git.saurik.com Git - apple/security.git/blob - SecurityServer/Authorization/trampolineServer.cpp
Security-164.1.tar.gz
[apple/security.git] / SecurityServer / Authorization / trampolineServer.cpp
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 //
20 // trampolineServer.cpp - tool-side trampoline support functions
21 //
22 #include <cstdlib>
23 #include <unistd.h>
24 #include <Security/Authorization.h>
25
26
27 //
28 // In a tool launched via AuthorizationCopyPrivilegedReference, retrieve a copy
29 // of the AuthorizationRef that started it all.
30 //
31 OSStatus AuthorizationCopyPrivilegedReference(AuthorizationRef *authorization,
32 AuthorizationFlags flags)
33 {
34 // flags are currently reserved
35 if (flags != 0)
36 return errAuthorizationInvalidFlags;
37
38 // retrieve hex form of external form from environment
39 const char *mboxFdText = getenv("__AUTHORIZATION");
40 if (!mboxFdText)
41 return errAuthorizationInvalidRef;
42
43 // retrieve mailbox file and read external form
44 AuthorizationExternalForm extForm;
45 int fd;
46 if (sscanf(mboxFdText, "auth %d", &fd) != 1)
47 return errAuthorizationInvalidRef;
48 if (lseek(fd, 0, SEEK_SET) ||
49 read(fd, &extForm, sizeof(extForm)) != sizeof(extForm)) {
50 close(fd);
51 return errAuthorizationInvalidRef;
52 }
53
54 // internalize the authorization
55 AuthorizationRef auth;
56 if (OSStatus error = AuthorizationCreateFromExternalForm(&extForm, &auth))
57 return error;
58
59 // well, here you go
60 *authorization = auth;
61 return noErr;
62 }