2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
20 // sstransit - SecurityServer client library transition code.
22 // These are the functions that implement CssmClient methods in terms of
23 // MIG IPC client calls, plus their supporting machinery.
25 // WARNING! HERE BE DRAGONS!
26 // This code involves moderately arcane magic including (but not limited to)
27 // dancing macros paired off with self-maintaining stack objects. Don't take
28 // anything for granted! Be very afraid of ALL-CAPS names. Your best bet is
29 // probably to stick with the existing patterns.
35 #include <Security/mach++.h>
36 #include <Security/cssmwalkers.h>
37 #include <Security/AuthorizationWalkers.h>
43 // stock leading argument profile used by all calls
44 #define UCSP_ARGS mGlobal().serverPort, mGlobal().thread().replyPort, &rcode
46 // IPC/IPCN wrap the actual Mach IPC call. IPC also activates the connection first
47 #define IPCN(statement) \
48 { CSSM_RETURN rcode; check(statement); if (rcode != CSSM_OK) CssmError::throwMe(rcode); }
49 #define IPC(statement) { activate(); IPCN(statement); }
50 #define IPCKEY(statement, key, tag) \
54 for (bool retried = false;; retried = true) \
57 if (retried || rcode != CSSMERR_CSP_APPLE_ADD_APPLICATION_ACL_SUBJECT) \
59 addApplicationAclSubject(key, tag); \
61 if (rcode != CSSM_OK) \
62 CssmError::throwMe(rcode); \
65 // pass mandatory or optional CssmData arguments into an IPC call
66 #define DATA(arg) arg.data(), arg.length()
67 #define OPTIONALDATA(arg) (arg ? arg->data() : NULL), (arg ? arg->length() : 0)
69 // pass structured arguments in/out of IPC calls. See "data walkers" for details
70 #define COPY(copy) copy, copy.length(), copy
71 #define COPY_OUT(copy) ©, ©##Length, ©##Base
72 #define COPY_OUT_DECL(type,name) type *name, *name##Base; mach_msg_type_number_t name##Length
76 // DataOutput manages an output CssmData argument.
80 DataOutput(CssmData
&arg
, CssmAllocator
&alloc
)
81 : argument(arg
), allocator(alloc
) { mData
= NULL
; mLength
= 0; }
84 void **data() { return &mData
; }
85 mach_msg_type_number_t
*length() { return &mLength
; }
88 CssmAllocator
&allocator
;
92 mach_msg_type_number_t mLength
;
97 // Bundle up an AccessCredentials meant for a database, parsing it for
98 // "special" samples that need extra evidence to be passed along.
100 class DatabaseAccessCredentials
: public Copier
<AccessCredentials
> {
102 DatabaseAccessCredentials(const AccessCredentials
*creds
, CssmAllocator
&alloc
);
105 void mapKeySample(CSSM_CSP_HANDLE
&cspHandle
, CssmKey
&key
);
110 // Bundle up a Context for IPC transmission
114 SendContext(const Context
&ctx
);
115 ~SendContext() { CssmAllocator::standard().free(attributes
); }
117 const Context
&context
;
118 CSSM_CONTEXT_ATTRIBUTE
*attributes
;
119 size_t attributeSize
;
122 #define CONTEXT(ctx) ctx.context, ctx.attributes, ctx.attributes, ctx.attributeSize
124 } // end namespace Security
126 #endif //_H_SSTRANSIT
projects / apple / security.git / blob