securityd/src/authhost.cpp

   1 /*
   2  * Copyright (c) 2000-2007,2009-2010,2012 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #include <paths.h>
  25 #include <fcntl.h>
  26 #include "authhost.h"
  27 #include "server.h"
  28 #include <security_utilities/logging.h>
  29 #include <security_utilities/debugging.h>
  30 #include <bsm/audit.h>
  31 #include <bootstrap_priv.h>
  32
  33 #include <grp.h>
  34 #include <pwd.h>
  35 #include <sys/types.h>
  36 #include <sys/sysctl.h>
  37 #include <syslog.h>
  38 #include <pthread.h>
  39
  40 static pthread_once_t agent_cred_init = PTHREAD_ONCE_INIT;
  41 static gid_t agent_gid = 92;
  42 static uid_t agent_uid = 92;
  43
  44 void initialize_agent_creds()
  45 {
  46     struct passwd *agentUser = getpwnam("securityagent");
  47     if (agentUser)
  48     {
  49         agent_uid = agentUser->pw_uid;
  50         agent_gid = agentUser->pw_gid;
  51         endpwent();
  52     }
  53 }
  54
  55 AuthHostInstance::AuthHostInstance(Session &session, AuthHostType host) :
  56         mHostType(host)
  57 {
  58         secdebug("authhost", "authhost born (%p)", this);
  59         referent(session);
  60         session.addReference(*this);
  61     if (host == securityAgent)
  62         pthread_once(&agent_cred_init, initialize_agent_creds);
  63 }
  64
  65 AuthHostInstance::~AuthHostInstance()
  66 {
  67         secdebug("authhost", "authhost died (%p)", this);
  68 }
  69
  70 Session &AuthHostInstance::session() const
  71 {
  72         return referent<Session>();
  73 }
  74
  75 bool AuthHostInstance::inDarkWake()
  76 {
  77         return session().server().inDarkWake();
  78 }
  79
  80 void
  81 AuthHostInstance::childAction()
  82 {
  83         secdebug("AuthHostInstance", "authhostinstance not supported");
  84         // Unconditional suicide follows.
  85         _exit(1);
  86 }
  87
  88 // @@@  these definitions and the logic in lookup() should move into
  89 // libsecurity_agent
  90 #define SECURITYAGENT_BOOTSTRAP_NAME_BASE       "com.apple.SecurityAgent"
  91 #define AUTHORIZATIONHOST_BOOTSTRAP_NAME_BASE   "com.apple.authorizationhost"
  92
  93 mach_port_t
  94 AuthHostInstance::lookup()
  95 {
  96         CssmError::throwMe(CSSM_ERRCODE_INTERNAL_ERROR);
  97 }
  98
  99 Port AuthHostInstance::activate()
 100 {
 101         CssmError::throwMe(CSSM_ERRCODE_INTERNAL_ERROR);
 102 }