]> git.saurik.com Git - apple/security.git/blob - SecurityTool/user_trust_enable.cpp
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-58286.20.16.tar.gz
[apple/security.git] / SecurityTool / user_trust_enable.cpp
1 /*
2 * Copyright (c) 2003-2004,2006,2008-2009,2012,2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 *
23 * user_trust_enable.cpp
24 */
25
26 #include "user_trust_enable.h"
27 #include <errno.h>
28 #include <unistd.h>
29 #include <security_utilities/simpleprefs.h>
30 #include <Security/TrustSettingsSchema.h> /* private SPI */
31 #include <CoreFoundation/CFNumber.h>
32
33 typedef enum {
34 utoSet = 0,
35 utoShow
36 } UserTrustOp;
37
38 int
39 user_trust_enable(int argc, char * const *argv)
40 {
41 extern int optind;
42 int arg;
43 UserTrustOp op = utoShow;
44 CFBooleanRef disabledBool = kCFBooleanFalse; /* what we write to prefs */
45 optind = 1;
46 int ourRtn = 0;
47
48 while ((arg = getopt(argc, argv, "deh")) != -1) {
49 switch (arg) {
50 case 'd':
51 op = utoSet;
52 disabledBool = kCFBooleanTrue;
53 break;
54 case 'e':
55 op = utoSet;
56 disabledBool = kCFBooleanFalse;
57 break;
58 default:
59 case 'h':
60 return 2; /* @@@ Return 2 triggers usage message. */
61 }
62 }
63 if(optind != argc) {
64 return 2; /* @@@ Return 2 triggers usage message. */
65 }
66
67 if(op == utoShow) {
68 bool utDisable = false;
69
70 #if !defined MAC_OS_X_VERSION_10_6 || MAC_OS_X_VERSION_MAX_ALLOWED < MAC_OS_X_VERSION_10_6
71 Dictionary* prefsDict = new Dictionary(kSecTrustSettingsPrefsDomain, Dictionary::US_System);
72 #else
73 Dictionary* prefsDict = Dictionary::CreateDictionary(kSecTrustSettingsPrefsDomain, Dictionary::US_System);
74 #endif
75 if (prefsDict != NULL)
76 {
77 utDisable = prefsDict->getBoolValue(kSecTrustSettingsDisableUserTrustSettings);
78 delete prefsDict;
79 }
80
81 fprintf(stdout, "User-level Trust Settings are %s\n",
82 utDisable ? "Disabled" : "Enabled");
83 return 0;
84 }
85
86 /* set the pref... */
87 if(geteuid() != 0) {
88 fprintf(stderr, "You must be root to set this preference.\n");
89 return 1;
90 }
91
92 /* get a mutable copy of the existing prefs, or a fresh empty one */
93 #if !defined MAC_OS_X_VERSION_10_6 || MAC_OS_X_VERSION_MAX_ALLOWED < MAC_OS_X_VERSION_10_6
94 MutableDictionary *prefsDict = new MutableDictionary(kSecTrustSettingsPrefsDomain, Dictionary::US_System);
95 #else
96 MutableDictionary *prefsDict = MutableDictionary::CreateMutableDictionary(kSecTrustSettingsPrefsDomain, Dictionary::US_System);
97 #endif
98 if (prefsDict == NULL)
99 {
100 prefsDict = new MutableDictionary();
101 }
102
103 prefsDict->setValue(kSecTrustSettingsDisableUserTrustSettings, disabledBool);
104 if(prefsDict->writePlistToPrefs(kSecTrustSettingsPrefsDomain, Dictionary::US_System)) {
105 fprintf(stdout, "...User-level Trust Settings are %s\n",
106 (disabledBool == kCFBooleanTrue) ? "Disabled" : "Enabled");
107 }
108 else {
109 fprintf(stderr, "Could not write system preferences.\n");
110 ourRtn = 1;
111 }
112 delete prefsDict;
113 return ourRtn;
114 }
mirror of Security