2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
20 // server - the actual Server object
25 #include "securityserver.h"
26 #include <Security/machserver.h>
27 #include <Security/powerwatch.h>
28 #include <Security/cssmclient.h>
29 #include <Security/cspclient.h>
30 #include <Security/osxsigner.h>
31 #include <Security/devrandom.h>
32 #include <Security/uniformrandom.h>
33 #include "connection.h"
35 #include "xdatabase.h"
36 #include "authority.h"
40 class Server
: public MachPlusPlus::MachServer
,
41 public UniformRandomBlobs
<DevRandomGenerator
> {
43 Server(Authority
&myAuthority
, const char *bootstrapName
);
46 // run the server until it shuts down
50 // Retrieve pieces of the Server's object web.
51 // These are all static methods that use the active() Server of this thread.
53 static Server
&active() { return safer_cast
<Server
&>(MachServer::active()); }
55 static Connection
&connection(mach_port_t replyPort
);
56 static Connection
&connection(bool tolerant
= false);
57 static void requestComplete();
59 static Key
&key(KeyHandle key
)
60 { return findHandle
<Key
>(key
, CSSMERR_CSP_INVALID_KEY
); }
61 static Key
*optionalKey(KeyHandle k
) { return (k
== noKey
) ? NULL
: &key(k
); }
62 static Database
&database(DbHandle db
)
63 { return findHandle
<Database
>(db
, CSSMERR_DL_INVALID_DB_HANDLE
); }
64 static Database
*optionalDatabase(DbHandle db
) { return db
? &database(db
) : NULL
; }
65 static Authority
&authority() { return active().mAuthority
; }
66 static CodeSigning::OSXSigner
&signer() { return active().mSigner
; }
67 static SecurityServerAcl
&aclBearer(AclKind kind
, CSSM_HANDLE handle
);
68 static CssmClient::CSP
&csp() { return active().getCsp(); }
70 void loadCssm() { getCsp(); }
73 void setupConnection(Port replyPort
, Port taskPort
,
74 const security_token_t
&securityToken
, const char *executablePath
);
75 Process
*resetConnection();
76 void endConnection(Port replyPort
);
78 static void releaseWhenDone(CssmAllocator
&alloc
, void *memory
)
79 { MachServer::active().releaseWhenDone(alloc
, memory
); }
80 static void releaseWhenDone(void *memory
)
81 { releaseWhenDone(CssmAllocator::standard(), memory
); }
84 // implementation methods of MachServer
85 boolean_t
handle(mach_msg_header_t
*in
, mach_msg_header_t
*out
);
86 void notifyDeadName(Port port
);
89 class SleepWatcher
: public MachPlusPlus::PortPowerWatcher
{
91 void systemWillSleep();
93 SleepWatcher sleepWatcher
;
96 Mutex lock
; // master lock
98 // map of connections (by client reply port)
99 typedef map
<mach_port_t
, Connection
*> ConnectionMap
;
100 ConnectionMap connections
;
102 // map of processes (by process task port)
103 typedef map
<mach_port_t
, Process
*> ProcessMap
;
104 ProcessMap processes
;
106 // Current connection, if any (per thread).
107 // Set as a side effect of calling the connection() method.
108 PerThreadPointer
<Connection
> mCurrentConnection
;
111 CssmClient::Cssm mCssm
;
112 CssmClient::Module mCSPModule
;
113 CssmClient::CSP mCSP
;
114 CssmClient::CSP
&getCsp();
116 Authority
&mAuthority
;
117 CodeSigning::OSXSigner mSigner
;
projects / apple / security.git / blob