securityd/src/session.h

   1 /*
   2  * Copyright (c) 2000-2010,2012-2013 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 //
  26 // session - authentication session domains
  27 //
  28 #ifndef _H_SESSION
  29 #define _H_SESSION
  30
  31 #include "structure.h"
  32 #include "acls.h"
  33 #include "authority.h"
  34 #include "authhost.h"
  35 #include <Security/AuthSession.h>
  36 #include <security_utilities/ccaudit.h>
  37 #include <security_cdsa_utilities/handletemplates_defs.h>
  38 #include <security_cdsa_utilities/u32handleobject.h>
  39 #include <security_cdsa_utilities/cssmdb.h>
  40 #include <bsm/audit.h>
  41 #include <bsm/audit_session.h>
  42 #include <sys/event.h>
  43 #include "securityd_service/securityd_service/securityd_service_client.h"
  44
  45 class Key;
  46 class Connection;
  47 class Server;
  48 class AuthHostInstance;
  49
  50 enum {
  51     session_keybag_locked           = 0,
  52     session_keybag_unlocked         = 1 << 0,
  53     session_keybag_check_master_key = 1 << 1,
  54     session_keybag_loaded           = 1 << 2,
  55 };
  56
  57 //
  58 // A Session object represents one or more Connections that are known to
  59 // belong to the same authentication domain. Informally this means just
  60 // about "the same user", for the right definition of "user." The upshot
  61 // is that global credentials can be shared by Connections of one Session
  62 // with a modicum of security, and so Sessions are the natural nexus of
  63 // single-sign-on functionality.
  64 //
  65 class Session : public PerSession {
  66 public:
  67         typedef au_asid_t SessionId;                    // internal session identifier (audit session id)
  68
  69     Session(const CommonCriteria::AuditInfo &audit, Server &server);
  70         virtual ~Session();
  71
  72         Server &server() const;
  73
  74         SessionId sessionId() const { return mAudit.sessionId(); }
  75         CommonCriteria::AuditInfo &auditInfo() { return mAudit; }
  76
  77         IFDUMP(virtual void dumpNode());
  78
  79 public:
  80     static const SessionAttributeBits settableAttributes =
  81         sessionHasGraphicAccess | sessionHasTTY | sessionIsRemote | AU_SESSION_FLAG_HAS_AUTHENTICATED;
  82
  83     SessionAttributeBits attributes() const                     { updateAudit(); return mAudit.ai_flags; }
  84     bool attribute(SessionAttributeBits bits) const     { return attributes() & bits; }
  85         void setAttributes(SessionAttributeBits bits);
  86
  87     virtual void setupAttributes(SessionCreationFlags flags, SessionAttributeBits attrs);
  88
  89         virtual uid_t originatorUid();
  90
  91         virtual CFDataRef copyUserPrefs() = 0;
  92
  93         static const char kUsername[];
  94     static const char kRealname[];
  95
  96 public:
  97         const CredentialSet &authCredentials() const    { return mSessionCreds; }
  98
  99     //
 100     // For external Authorization clients
 101     //
 102         OSStatus authCreate(const AuthItemSet &rights, const AuthItemSet &environment,
 103                 AuthorizationFlags flags, AuthorizationBlob &newHandle, const audit_token_t &auditToken);
 104         void authFree(const AuthorizationBlob &auth, AuthorizationFlags flags);
 105         static OSStatus authGetRights(const AuthorizationBlob &auth,
 106                 const AuthItemSet &requestedRights, const AuthItemSet &environment,
 107                 AuthorizationFlags flags, AuthItemSet &grantedRights);
 108         OSStatus authGetInfo(const AuthorizationBlob &auth, const char *tag, AuthItemSet &contextInfo);
 109
 110         OSStatus authExternalize(const AuthorizationBlob &auth, AuthorizationExternalForm &extForm);
 111         OSStatus authInternalize(const AuthorizationExternalForm &extForm, AuthorizationBlob &auth);
 112
 113         OSStatus authorizationdbGet(AuthorizationString inRightName, CFDictionaryRef *rightDict);
 114         OSStatus authorizationdbSet(const AuthorizationBlob &authBlob, AuthorizationString inRightName, CFDictionaryRef rightDict);
 115         OSStatus authorizationdbRemove(const AuthorizationBlob &authBlob, AuthorizationString inRightName);
 116
 117     //
 118     // Authorization methods for securityd's internal use
 119     //
 120     OSStatus authCheckRight(string &rightName, Connection &connection, bool allowUI);
 121     // authCheckRight() with exception-handling and Boolean return semantics
 122     bool isRightAuthorized(string &rightName, Connection &connection, bool allowUI);
 123
 124 protected:
 125         void updateAudit() const;
 126
 127 private:
 128     struct AuthorizationExternalBlob {
 129         AuthorizationBlob blob;
 130                 uint32_t session;
 131     };
 132
 133 protected:
 134     static AuthorizationToken &authorization(const AuthorizationBlob &blob);
 135         OSStatus authGetRights(AuthorizationToken &auth,
 136                 const AuthItemSet &requestedRights, const AuthItemSet &environment,
 137                 AuthorizationFlags flags, AuthItemSet &grantedRights);
 138         void mergeCredentials(CredentialSet &creds);
 139
 140 public:
 141     void invalidateSessionAuthHosts();      // invalidate auth hosts in this session
 142     static void invalidateAuthHosts();      // invalidate auth hosts in all sessions
 143
 144         static void processSystemSleep();
 145         void processLockAll();
 146
 147         RefPointer<AuthHostInstance> authhost(const AuthHostType hostType = securityAgent, const bool restart = false);
 148
 149 protected:
 150         mutable CommonCriteria::AuditInfo mAudit;
 151
 152         mutable Mutex mCredsLock;                               // lock for mSessionCreds
 153         CredentialSet mSessionCreds;                    // shared session authorization credentials
 154
 155         mutable Mutex mAuthHostLock;
 156         AuthHostInstance *mSecurityAgent;
 157         AuthHostInstance *mAuthHost;
 158
 159         CFRef<CFDataRef> mSessionAgentPrefs;
 160     Credential mOriginatorCredential;
 161
 162         void kill();
 163
 164 public:
 165     void verifyKeyStorePassphrase(int32_t retries);
 166     void changeKeyStorePassphrase();
 167     void resetKeyStorePassphrase(const CssmData &passphrase);
 168     service_context_t get_current_service_context();
 169     void keybagClearState(int state);
 170     void keybagSetState(int state);
 171     bool keybagGetState(int state);
 172 private:
 173     int mKeybagState;
 174
 175 public:
 176         static Session &find(SessionId id, bool create);        // find and optionally create
 177     template <class SessionType> static SessionType &find(SecuritySessionId id);
 178         static void destroy(SessionId id);
 179
 180 protected:
 181         typedef std::map<SessionId, RefPointer<Session> > SessionMap;
 182         static SessionMap mSessions;
 183         static Mutex mSessionLock;
 184 };
 185
 186
 187 template <class SessionType>
 188 SessionType &Session::find(SecuritySessionId id)
 189 {
 190         if (SessionType *ssn = dynamic_cast<SessionType *>(&find(id, false)))
 191                 return *ssn;
 192         else
 193                 MacOSError::throwMe(errSessionInvalidId);
 194 }
 195
 196
 197 //
 198 // The RootSession is the session of all code that originates from system startup processing
 199 // and does not belong to any particular login origin. (Or, if you prefer, whose login origin
 200 // is the system itself.)
 201 //
 202 class RootSession : public Session {
 203 public:
 204     RootSession(uint64_t attributes, Server &server);
 205
 206         CFDataRef copyUserPrefs()           { return NULL; }
 207 };
 208
 209
 210 //
 211 // A DynamicSession object represents a session that is dynamically constructed
 212 // when we first encounter it. These sessions are actually created in client
 213 // space using the audit session APIs.
 214 // We tear down a DynamicSession when the system reports (via kevents) that the
 215 // kernel audit session object has been destroyed.
 216 //
 217 class DynamicSession : private ReceivePort, public Session {
 218 public:
 219     DynamicSession(const CommonCriteria::AuditInfo &audit);
 220
 221         void setUserPrefs(CFDataRef userPrefsDict);
 222         CFDataRef copyUserPrefs();
 223 };
 224
 225
 226 #endif //_H_SESSION