]> git.saurik.com Git - apple/security.git/blob - SecurityServer/session.h
projects / apple / security.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Security-29.tar.gz
[apple/security.git] / SecurityServer / session.h
1 /*
2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved.
3 *
4 * The contents of this file constitute Original Code as defined in and are
5 * subject to the Apple Public Source License Version 1.2 (the 'License').
6 * You may not use this file except in compliance with the License. Please obtain
7 * a copy of the License at http://www.apple.com/publicsource and read it before
8 * using this file.
9 *
10 * This Original Code and all software distributed under the License are
11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS
12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT
13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the
15 * specific language governing rights and limitations under the License.
16 */
17
18
19 //
20 // session - authentication session domains
21 //
22 #ifndef _H_SESSION
23 #define _H_SESSION
24
25 #include "securityserver.h"
26 #include "acls.h"
27 #include "authority.h"
28 #include <Security/AuthSession.h>
29 #include <Security/utilities.h>
30 #include <Security/handleobject.h>
31 #include <Security/cssmdb.h>
32 #include <hash_map>
33
34
35 class Key;
36 class Connection;
37
38
39 //
40 // A Session object represents one or more Connections that are known to
41 // belong to the same authentication domain. Informally this means just
42 // about "the same user", for the right definition of "user." The upshot
43 // is that global credentials can be shared by Connections of one Session
44 // with a modicum of security, and so Sessions are the natural nexus of
45 // single-sign-on functionality.
46 //
47 class Session : public HandleObject {
48 typedef MachPlusPlus::Bootstrap Bootstrap;
49 public:
50 Session(Bootstrap bootstrap, SessionAttributeBits attrs = 0);
51 virtual ~Session();
52
53 Bootstrap bootstrapPort() const { return mBootstrap; }
54
55 void addProcess(Process *proc);
56 bool removeProcess(Process *proc);
57
58 void addAuthorization(AuthorizationToken *auth);
59 bool removeAuthorization(AuthorizationToken *auth);
60
61 public:
62 static const SessionAttributeBits settableAttributes =
63 sessionHasGraphicAccess | sessionHasTTY | sessionIsRemote;
64
65 SessionAttributeBits attributes() const { return mAttributes; }
66 bool attribute(SessionAttributeBits bits) const { return mAttributes & bits; }
67
68 static void setup(SessionCreationFlags flags, SessionAttributeBits attrs);
69 void setupAttributes(SessionAttributeBits attrs);
70
71 protected:
72 void setAttributes(SessionAttributeBits attrs) { mAttributes |= attrs; }
73
74 public:
75 const CredentialSet &authCredentials() const { return mSessionCreds; }
76
77 OSStatus authCreate(const RightSet &rights, const AuthorizationEnvironment *environment,
78 AuthorizationFlags flags, AuthorizationBlob &newHandle);
79 void authFree(const AuthorizationBlob &auth, AuthorizationFlags flags);
80 OSStatus authGetRights(const AuthorizationBlob &auth,
81 const RightSet &requestedRights, const AuthorizationEnvironment *environment,
82 AuthorizationFlags flags, MutableRightSet &grantedRights);
83 OSStatus authGetInfo(const AuthorizationBlob &auth, const char *tag, MutableRightSet &info);
84 OSStatus authExternalize(const AuthorizationBlob &auth, AuthorizationExternalForm &extForm);
85 OSStatus authInternalize(const AuthorizationExternalForm &extForm, AuthorizationBlob &auth);
86
87 private:
88 struct AuthorizationExternalBlob {
89 AuthorizationBlob blob;
90 mach_port_t session;
91 };
92
93 protected:
94 AuthorizationToken &authorization(const AuthorizationBlob &blob);
95 void mergeCredentials(CredentialSet &creds);
96
97 bool clearResources();
98
99 public:
100 static Session &find(Bootstrap bootstrap, bool makeNew = true);
101 static Session &find(SecuritySessionId id);
102 static void eliminate(Bootstrap bootstrap);
103
104 protected:
105 mutable Mutex mLock; // object lock
106
107 Bootstrap mBootstrap; // session bootstrap port
108 SessionAttributeBits mAttributes; // attribute bits (see AuthSession.h)
109 unsigned int mProcessCount; // number of active processes in session
110 unsigned int mAuthCount; // number of AuthorizationTokens belonging to us
111 bool mDying; // session is dying
112
113 CredentialSet mSessionCreds; // shared session authorization credentials
114
115 private:
116 typedef map<mach_port_t, Session *> SessionMap;
117 static SessionMap sessionMap;
118 static Mutex sessionMapLock;
119
120 public:
121 typedef SessionMap::iterator Iterator;
122 static Iterator begin() { return sessionMap.begin(); }
123 static Iterator end() { return sessionMap.end(); }
124 };
125
126
127 //
128 // The RootSession is the session (i.e. bootstrap dictionary) of system daemons that are
129 // started early and don't belong to anything more restrictive. The RootSession is considered
130 // immortal.
131 // Currently, telnet sessions et al also default into this session, but this will change
132 // (we hope).
133 //
134 class RootSession : public Session {
135 public:
136 RootSession();
137 };
138
139
140 //
141 // A DynamicSession is the default type of session object. We create one when a new
142 // Connection initializes whose bootstrap port we haven't seen before. These Sessions
143 // are torn down when their bootstrap object disappears (which happens when mach_init
144 // destroys it due to its requestor referent vanishing).
145 //
146 class DynamicSession : public Session {
147 public:
148 DynamicSession(Bootstrap bootstrap);
149 };
150
151
152 #endif //_H_SESSION
mirror of Security