2 * Copyright (c) 2018 Apple Inc. All Rights Reserved.
4 * @APPLE_LICENSE_HEADER_START@
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
21 * @APPLE_LICENSE_HEADER_END@
27 let containerMap = ContainerMap(invocableCreator: CKCodeCuttlefishInvocableCreator())
29 class ServiceDelegate: NSObject, NSXPCListenerDelegate {
30 func listener(_ listener: NSXPCListener, shouldAcceptNewConnection newConnection: NSXPCConnection) -> Bool {
31 let tphEntitlement = "com.apple.private.trustedpeershelper.client"
33 os_log("Received a new client: %{public}@", log: tplogDebug, type: .default, newConnection)
34 switch newConnection.value(forEntitlement: tphEntitlement) {
36 os_log("client has entitlement '%{public}@'", log: tplogDebug, type: .default, tphEntitlement)
38 os_log("client has entitlement '%{public}@'", log: tplogDebug, type: .default, tphEntitlement)
40 case let someInt as Int:
41 os_log("client(%{public}@) has wrong integer value for '%{public}@' (%d), rejecting", log: tplogDebug, type: .default, newConnection, tphEntitlement, someInt)
44 case let someBool as Bool:
45 os_log("client(%{public}@) has wrong boolean value for '%{public}@' (%d), rejecting", log: tplogDebug, type: .default, newConnection, tphEntitlement, someBool)
49 os_log("client(%{public}@) is missing entitlement '%{public}@', rejecting", log: tplogDebug, type: .default, newConnection, tphEntitlement)
53 newConnection.exportedInterface = TrustedPeersHelperSetupProtocol(NSXPCInterface(with: TrustedPeersHelperProtocol.self))
54 let exportedObject = Client(endpoint: newConnection.endpoint, containerMap: containerMap)
55 newConnection.exportedObject = exportedObject
56 newConnection.resume()
63 public func withArrayOfCStrings<R>(
65 _ body: ([UnsafePointer<CChar>?]) -> R
67 var mutableCStrings = args.map { strdup($0) }
68 mutableCStrings.append(nil)
70 let cStrings = mutableCStrings.map { UnsafePointer($0) }
73 mutableCStrings.forEach { free($0) }
78 withArrayOfCStrings(["HOME", NSHomeDirectory()]) { parameters in
79 var sandboxErrors: UnsafeMutablePointer<CChar>?
81 let rc = sandbox_init_with_parameters("com.apple.TrustedPeersHelper", UInt64(SANDBOX_NAMED), parameters, &sandboxErrors)
83 let printableMessage = sandboxErrors.map { String(cString: $0 ) }
84 os_log("Unable to enter sandbox. Error code:%d message: %@", log: tplogDebug, type: .default, rc, printableMessage ?? "no printable message")
85 sandbox_free_error(sandboxErrors)
88 os_log("Sandbox entered", log: tplogDebug, type: .default)
92 os_log("Starting up", log: tplogDebug, type: .default)
94 ValueTransformer.setValueTransformer(SetValueTransformer(), forName: SetValueTransformer.name)
96 let delegate = ServiceDelegate()
97 let listener = NSXPCListener.service()
99 listener.delegate = delegate
projects / apple / security.git / blob