SecurityServer/ssclient.cpp

   1 /*
   2  * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * The contents of this file constitute Original Code as defined in and are
   5  * subject to the Apple Public Source License Version 1.2 (the 'License').
   6  * You may not use this file except in compliance with the License. Please obtain
   7  * a copy of the License at http://www.apple.com/publicsource and read it before
   8  * using this file.
   9  *
  10  * This Original Code and all software distributed under the License are
  11  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
  12  * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
  13  * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
  14  * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
  15  * specific language governing rights and limitations under the License.
  16  */
  17
  18
  19 //
  20 // ssclient - SecurityServer client interface library
  21 //
  22 #include "sstransit.h"
  23 #include <servers/netname.h>
  24 #include <Security/debugging.h>
  25
  26 using MachPlusPlus::check;
  27 using MachPlusPlus::Bootstrap;
  28 using CodeSigning::OSXCode;
  29
  30
  31 namespace Security
  32 {
  33
  34 namespace SecurityServer
  35 {
  36
  37 //
  38 // The process-global object
  39 //
  40 ModuleNexus<ClientSession::Global> ClientSession::mGlobal;
  41
  42
  43 //
  44 // Construct a client session
  45 //
  46 ClientSession::ClientSession(CssmAllocator &std, CssmAllocator &rtn)
  47 : internalAllocator(std), returnAllocator(rtn)
  48 { }
  49
  50
  51 //
  52 // Destroy a session
  53 //
  54 ClientSession::~ClientSession()
  55 { }
  56
  57
  58 //
  59 // Activate a session: This connects to the SecurityServer and executes
  60 // application authentication
  61 //
  62 void ClientSession::activate()
  63 {
  64         Global &global = mGlobal();
  65     Thread &thread = global.thread();
  66     if (!thread) {
  67                 // first time for this thread - use abbreviated registration
  68                 IPCN(ucsp_client_setup(UCSP_ARGS, mach_task_self(), ""));
  69         thread.registered = true;
  70         global.serverPort.requestNotify(thread.replyPort, MACH_NOTIFY_DEAD_NAME, true);
  71         debug("SSclnt", "Thread registered with SecurityServer");
  72         }
  73 }
  74
  75 // Caution: you can't use mGlobal() inside Global::Global (deadlock)
  76 ClientSession::Global::Global()
  77 {
  78     debug("SSclnt", "Initial process setup");
  79
  80     // find server port
  81     serverPort = Bootstrap().lookup("SecurityServer");
  82
  83     // send identification/setup message
  84     string extForm;
  85     try {
  86         myself = OSXCode::main();
  87         extForm = myself->encode();
  88         debug("SSclnt", "my OSXCode extForm=%s", extForm.c_str());
  89     } catch (...) {
  90         myself = NULL;
  91         // leave extForm empty
  92         debug("SSclnt", "failed to obtain my own OSXCode");
  93     }
  94     // cannot use UCSP_ARGS here because it uses mGlobal()
  95     IPCN(ucsp_client_setup(serverPort, mig_get_reply_port(), &rcode,
  96         mach_task_self(), extForm.c_str()));
  97     Thread &thread = this->thread();
  98     thread.registered = true;   // as a side-effect of setup call above
  99         serverPort.requestNotify(thread.replyPort, MACH_NOTIFY_DEAD_NAME, true);
 100     debug("SSclnt", "Process registered with SecurityServer");
 101 }
 102
 103
 104 //
 105 // Terminate a session. This is called by the session destructor, or explicitly.
 106 //
 107 void ClientSession::terminate()
 108 {
 109         // currently defunct
 110         debug("SSclnt", "ClientSession::terminate() call ignored");
 111 }
 112
 113
 114 } // end namespace SecurityServer
 115
 116 } // end namespace Security