UnixPlusPlus::StaticForkMonitor ClientSession::mHasForked;
ModuleNexus<ClientSession::Global> ClientSession::mGlobal;
const char *ClientSession::mContactName;
-SecGuestRef ClientSession::mDedicatedGuest = kSecNoGuest;
//
// (that has not exec'ed), our apparent connection to SecurityServer
// is just a mirage, and we better reset it.
if (mHasForked()) {
- secdebug("SSclnt", "process has forked (now pid=%d) - resetting connection object", getpid());
+ secinfo("SSclnt", "process has forked (now pid=%d) - resetting connection object", getpid());
mGlobal.reset();
}
// first time for this thread - use abbreviated registration
IPCN(ucsp_client_setupThread(UCSP_ARGS, mach_task_self()));
thread.registered = true;
- secdebug("SSclnt", "Thread registered with %s", mContactName);
+ secinfo("SSclnt", "Thread registered with %s", mContactName);
}
- // if the thread's guest state has changed, tell securityd
- if (thread.currentGuest != thread.lastGuest) {
- IPCN(ucsp_client_setGuest(UCSP_ARGS, thread.currentGuest, kSecCSDefaultFlags));
- thread.lastGuest = thread.currentGuest;
- secdebug("SSclnt", "switched guest state to 0x%x", thread.currentGuest);
- }
}
-
//
// The contactName method allows the caller to explicitly override the bootstrap
// name under which SecurityServer is located. Use this only with great caution,
serverPort = findSecurityd();
mach_port_t originPort = MACH_PORT_NULL;
- IPCN(ucsp_client_verifyPrivileged2(serverPort.port(), mig_get_reply_port(), &securitydCreds, &rcode, &originPort));
+ IPCBASIC(ucsp_client_verifyPrivileged2(serverPort.port(), mig_get_reply_port(), &securitydCreds, &rcode, &originPort));
if (originPort != serverPort.port())
CssmError::throwMe(CSSM_ERRCODE_VERIFICATION_FAILURE);
mach_port_mod_refs(mach_task_self(), originPort, MACH_PORT_RIGHT_SEND, -1);
// cannot use UCSP_ARGS here because it uses mGlobal() -> deadlock
Thread &thread = this->thread();
- IPCN(ucsp_client_setup(serverPort, thread.replyPort, &securitydCreds, &rcode,
+ IPCBASIC(ucsp_client_setup(serverPort, thread.replyPort, &securitydCreds, &rcode,
mach_task_self(), info, extForm));
thread.registered = true; // as a side-effect of setup call above
IFDEBUG(serverPort.requestNotify(thread.replyPort));
- secdebug("SSclnt", "contact with %s established", mContactName);
+ secinfo("SSclnt", "contact with %s established", mContactName);
}
//
void ClientSession::reset()
{
- secdebug("SSclnt", "resetting client state (OUCH)");
+ secinfo("SSclnt", "resetting client state (OUCH)");
mGlobal.reset();
}
mContactName = SECURITYSERVER_BOOTSTRAP_NAME;
}
- secdebug("SSclnt", "Locating %s", mContactName);
+ secinfo("SSclnt", "Locating %s", mContactName);
Port serverPort = Bootstrap().lookup2(mContactName);
- secdebug("SSclnt", "contacting %s at port %d (version %d)",
+ secinfo("SSclnt", "contacting %s at port %d (version %d)",
mContactName, serverPort.port(), SSPROTOVERSION);
return serverPort;
}
if (originPort != securitydPort.port())
CssmError::throwMe(CSSM_ERRCODE_VERIFICATION_FAILURE);
mach_port_mod_refs(mach_task_self(), originPort, MACH_PORT_RIGHT_SEND, -1);
- check(ucsp_client_childCheckIn(securitydPort, serverPort, taskPort));
+ check(ucsp_client_childCheckIn(securitydPort, serverPort, MACH_PORT_NULL));
}
void ClientSession::notifyAclChange(KeyHandle key, CSSM_ACL_AUTHORIZATION_TAG tag)
{
if (mCallback) {
- secdebug("keyacl", "ACL change key %u operation %u", key, tag);
+ secinfo("keyacl", "ACL change key %u operation %u", key, tag);
mCallback(mCallbackContext, *this, key, tag);
} else
- secdebug("keyacl", "dropped ACL change notice for key %u operation %u",
+ secinfo("keyacl", "dropped ACL change notice for key %u operation %u",
key, tag);
}
projects / apple / security.git / blobdiff