+++ /dev/null
-/*
- * Copyright (c) 2003-2004,2006-2007,2009-2010,2012-2014 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- *
- * authz.c
- */
-
-#include <getopt.h>
-#include <stdio.h>
-#include <Security/AuthorizationPriv.h>
-#include <utilities/SecCFRelease.h>
-
-#include "authz.h"
-#include "security_tool.h"
-
-// AEWP?
-
-static AuthorizationRef
-read_auth_ref_from_stdin()
-{
- AuthorizationRef auth_ref = NULL;
- AuthorizationExternalForm extform;
- ssize_t bytes_read;
-
- while (kAuthorizationExternalFormLength != (bytes_read = read(STDIN_FILENO, &extform, kAuthorizationExternalFormLength)))
- {
- if ((bytes_read == -1) && ((errno != EAGAIN) || (errno != EINTR)))
- break;
- }
- if (bytes_read != kAuthorizationExternalFormLength)
- fprintf(stderr, "ERR: Failed to read authref\n");
- else
- if (AuthorizationCreateFromExternalForm(&extform, &auth_ref))
- fprintf(stderr, "ERR: Failed to internalize authref\n");
-
- close(0);
-
- return auth_ref;
-}
-
-static int
-write_auth_ref_to_stdout(AuthorizationRef auth_ref)
-{
- AuthorizationExternalForm extform;
- ssize_t bytes_written;
-
- if (AuthorizationMakeExternalForm(auth_ref, &extform))
- return -1;
-
- while (kAuthorizationExternalFormLength != (bytes_written = write(STDOUT_FILENO, &extform, kAuthorizationExternalFormLength)))
- {
- if ((bytes_written == -1) && ((errno != EAGAIN) || (errno != EINTR)))
- break;
- }
-
- if (bytes_written == kAuthorizationExternalFormLength)
- return 0;
-
- return -1;
-}
-
-static void
-write_dict_to_stdout(CFDictionaryRef dict)
-{
- if (!dict)
- return;
-
- CFDataRef right_definition_xml = CFPropertyListCreateXMLData(NULL, dict);
-
- if (!right_definition_xml)
- return;
-
- write(STDOUT_FILENO, CFDataGetBytePtr(right_definition_xml), CFDataGetLength(right_definition_xml));
- CFRelease(right_definition_xml);
-}
-
-static CFDictionaryRef CF_RETURNS_RETAINED
-read_dict_from_stdin()
-{
- ssize_t bytes_read = 0;
- uint8_t buffer[4096];
- CFMutableDataRef data = CFDataCreateMutable(kCFAllocatorDefault, 0);
- CFErrorRef err = NULL;
-
- if (!data)
- return NULL;
-
- while ((bytes_read = read(STDIN_FILENO, (void *)buffer, sizeof(buffer))))
- {
- if (bytes_read == -1)
- break;
- else
- CFDataAppendBytes(data, buffer, bytes_read);
- }
-
- CFDictionaryRef right_dict = (CFDictionaryRef)CFPropertyListCreateWithData(kCFAllocatorDefault, data, kCFPropertyListImmutable, NULL, &err);
- CFRelease(data);
-
- if (NULL == right_dict) {
- CFShow(err);
- return NULL;
- }
-
- if (CFGetTypeID(right_dict) != CFDictionaryGetTypeID())
- {
- fprintf(stderr, "This is not a dictionary.\n");
- CFRelease(right_dict);
- return NULL;
- }
- return right_dict;
-}
-
-static CFPropertyListRef CF_RETURNS_RETAINED
-read_plist_from_file(CFStringRef filePath)
-{
- CFTypeRef property = NULL;
- CFPropertyListRef propertyList = NULL;
- CFURLRef fileURL = NULL;
- CFErrorRef errorString = NULL;
- CFDataRef resourceData = NULL;
- Boolean status = FALSE;
- SInt32 errorCode = -1;
-
- // Convert the path to a URL.
- fileURL = CFURLCreateWithFileSystemPath(kCFAllocatorDefault, filePath, kCFURLPOSIXPathStyle, false);
- if (NULL == fileURL) {
- goto bail;
- }
- property = CFURLCreatePropertyFromResource(kCFAllocatorDefault, fileURL, kCFURLFileExists, NULL);
- if (NULL == property) {
- goto bail;
- }
- status = CFBooleanGetValue(property);
- if (!status) {
- fprintf(stderr, "The file does not exist.\n");
- goto bail;
- }
-
- // Read the XML file.
- status = CFURLCreateDataAndPropertiesFromResource(kCFAllocatorDefault, fileURL, &resourceData, NULL, NULL, &errorCode);
- if (!status) {
- fprintf(stderr, "Error (%d) reading the file.\n", (int)errorCode);
- goto bail;
- }
-
- // Reconstitute the dictionary using the XML data.
- propertyList = CFPropertyListCreateWithData(kCFAllocatorDefault, resourceData, kCFPropertyListImmutable, NULL, &errorString);
- if (NULL == propertyList) {
- CFShow(errorString);
- goto bail;
- }
-
- // Some error checking.
- if (!CFPropertyListIsValid(propertyList, kCFPropertyListXMLFormat_v1_0) || CFGetTypeID(propertyList) != CFDictionaryGetTypeID()) {
- fprintf(stderr, "The file is invalid.\n");
- CFRelease(propertyList);
- propertyList = NULL;
- goto bail;
- }
-
-bail:
- if (NULL != fileURL)
- CFRelease(fileURL);
- if (NULL != property)
- CFRelease(property);
- if (NULL != resourceData)
- CFRelease(resourceData);
-
- return propertyList;
-}
-
-static Boolean
-write_plist_to_file(CFPropertyListRef propertyList, CFStringRef filePath)
-{
- CFTypeRef property = NULL;
- CFURLRef fileURL = NULL;
- CFDataRef xmlData = NULL;
- Boolean status = FALSE;
- SInt32 errorCode = -1;
- CFErrorRef errorRef = NULL;
-
- // Convert the path to a URL.
- fileURL = CFURLCreateWithFileSystemPath(kCFAllocatorDefault, filePath, kCFURLPOSIXPathStyle, false);
- if (NULL == fileURL) {
- goto bail;
- }
- property = CFURLCreatePropertyFromResource(kCFAllocatorDefault, fileURL, kCFURLFileExists, NULL);
- if (NULL == property) {
- goto bail;
- }
- if (!CFBooleanGetValue(property)) {
- fprintf(stderr, "The file does not exist.\n");
- goto bail;
- }
-
- // Convert the property list into XML data.
- xmlData = CFPropertyListCreateData(kCFAllocatorDefault, propertyList, kCFPropertyListXMLFormat_v1_0, 0, &errorRef);
- if (errorRef) {
- fprintf(stderr, "The file could not be written.\n");
- goto bail;
- }
-
- // Write the XML data to the file.
- if (!CFURLWriteDataAndPropertiesToResource(fileURL, xmlData, NULL, &errorCode)) {
- fprintf(stderr, "The file could not be written.\n");
- goto bail;
- }
-
- status = TRUE;
-bail:
- CFReleaseNull(property);
- if (NULL != xmlData)
- CFRelease(xmlData);
- if (NULL != fileURL)
- CFRelease(fileURL);
-
- return status;
-}
-
-static void merge_dictionaries(const void *key, const void *value, void *mergeDict)
-{
- CFDictionarySetValue(mergeDict, key, value);
-}
-
-int
-authorizationdb(int argc, char * const * argv)
-{
- AuthorizationRef auth_ref = NULL;
- int ch;
- while ((ch = getopt(argc, argv, "i")) != -1)
- {
- switch (ch)
- {
- case 'i':
- auth_ref = read_auth_ref_from_stdin();
- break;
- case '?':
- default:
- return SHOW_USAGE_MESSAGE;
- }
- }
-
- argc -= optind;
- argv += optind;
-
- if (argc == 0)
- return SHOW_USAGE_MESSAGE; // required right parameter(s)
-
- OSStatus status;
-
- if (argc > 1)
- {
- if (!auth_ref && AuthorizationCreate(NULL, NULL, 0, &auth_ref))
- return -1;
-
- if (!strcmp("read", argv[0]))
- {
- CFDictionaryRef right_definition;
- status = AuthorizationRightGet(argv[1], &right_definition);
- if (!status)
- {
- write_dict_to_stdout(right_definition);
- CFRelease(right_definition);
- }
- }
- else if (!strcmp("write", argv[0]))
- {
- if (argc == 2)
- {
- CFDictionaryRef right_definition = read_dict_from_stdin();
- if (!right_definition)
- return -1;
- status = AuthorizationRightSet(auth_ref, argv[1], right_definition, NULL, NULL, NULL);
- CFRelease(right_definition);
- }
- else if (argc == 3)
- {
- // argv[2] is shortcut string
- CFStringRef shortcut_definition = CFStringCreateWithCStringNoCopy(NULL, argv[2], kCFStringEncodingUTF8, kCFAllocatorNull);
- if (!shortcut_definition)
- return -1;
- status = AuthorizationRightSet(auth_ref, argv[1], shortcut_definition, NULL, NULL, NULL);
- CFRelease(shortcut_definition);
- }
- else
- return SHOW_USAGE_MESSAGE; // take one optional argument - no more
-
- }
- else if (!strcmp("remove", argv[0]))
- {
- status = AuthorizationRightRemove(auth_ref, argv[1]);
- }
- else if (!strcmp("smartcard", argv[0]))
- {
- if (argc == 2)
- {
- if(!strcmp("status", argv[1]))
- {
- const CFStringRef SMARTCARD_LINE = CFSTR("builtin:smartcard-sniffer,privileged");
- const CFStringRef MECHANISMS = CFSTR("mechanisms");
- const CFStringRef BUILTIN_LINE = CFSTR("builtin:policy-banner");
- const char* SYSTEM_LOGIN_CONSOLE = "system.login.console";
- const char* AUTHENTICATE = "authenticate";
-
- CFIndex requiredLine1 = -1;
- CFIndex requiredLine2 = -1;
-
- CFDictionaryRef right_definition;
- status = AuthorizationRightGet(SYSTEM_LOGIN_CONSOLE, &right_definition);
- if(!status)
- {
- CFArrayRef mechanisms;
-
- Boolean res = CFDictionaryGetValueIfPresent(right_definition, MECHANISMS, (void*)&mechanisms);
- if(res)
- {
- // now parse all array elements until "builtin:policy-banner" is found
- CFIndex c = CFArrayGetCount(mechanisms);
- CFStringRef mechanismName;
-
- for (CFIndex i = 0; i < c; ++i)
- {
- mechanismName = CFArrayGetValueAtIndex(mechanisms, i);
- if(CFStringCompare(mechanismName, BUILTIN_LINE, 0) == kCFCompareEqualTo)
- {
- if(i + 1 < c)
- {
- mechanismName = CFArrayGetValueAtIndex(mechanisms, i + 1);
- if(CFStringCompare(mechanismName, SMARTCARD_LINE, 0) == kCFCompareEqualTo)
- {
- requiredLine1 = i + 1;
- }
- break;
- }
- }
- }
- }
- CFRelease(right_definition);
- }
- status = AuthorizationRightGet(AUTHENTICATE, &right_definition);
- if(!status)
- {
- CFArrayRef mechanisms;
-
- Boolean res = CFDictionaryGetValueIfPresent(right_definition, MECHANISMS, (void*)&mechanisms);
- if(res)
- {
- // now parse all array elements until "builtin:policy-banner" is found
- CFIndex c = CFArrayGetCount(mechanisms);
- CFStringRef mechanismName;
-
- if(c > 0)
- {
- mechanismName = CFArrayGetValueAtIndex(mechanisms, 0);
- if(CFStringCompare(mechanismName, SMARTCARD_LINE, 0) == kCFCompareEqualTo)
- {
- requiredLine2 = 0;
- }
- }
- }
- CFRelease(right_definition);
- }
- printf("Current smartcard login state: %s (system.login.console %s, authentication rule %s)\n", requiredLine1 != -1 && requiredLine2 != -1 ?"enabled":"disabled", requiredLine1 != -1 ? "enabled":"disabled", requiredLine2 != -1 ? "enabled":"disabled");
-
- }
- else if(!strcmp("disable", argv[1]))
- status = AuthorizationEnableSmartCard(auth_ref, FALSE);
- else if(!strcmp("enable", argv[1]))
- status = AuthorizationEnableSmartCard(auth_ref, TRUE);
- else
- return SHOW_USAGE_MESSAGE; // unrecognized parameter
- }
- else
- return SHOW_USAGE_MESSAGE; // required parameter missing
- }
- else if (!strcmp("merge", argv[0])) {
- status = 1;
- CFStringRef sourcePath = NULL;
- CFStringRef destPath = NULL;
- CFPropertyListRef sourcePlist = NULL;
- CFPropertyListRef destPlist = NULL;
- CFDictionaryRef sourceRights = NULL;
- CFDictionaryRef sourceRules = NULL;
- CFDictionaryRef destRights = NULL;
- CFDictionaryRef destRules = NULL;
- CFIndex rightsCount = 0;
- CFIndex rulesCount = 0;
- CFMutableDictionaryRef mergeRights = NULL;
- CFMutableDictionaryRef mergeRules = NULL;
- CFMutableDictionaryRef outDict = NULL;
-
- if (argc < 2 || argc > 3)
- return SHOW_USAGE_MESSAGE;
-
- if (!strcmp("-", argv[1])) {
- // Merging from <STDIN>.
- sourcePlist = read_dict_from_stdin();
- } else {
- sourcePath = CFStringCreateWithCString(kCFAllocatorDefault, argv[1], kCFStringEncodingUTF8);
- if (NULL == sourcePath) {
- goto bail;
- }
- sourcePlist = read_plist_from_file(sourcePath);
- }
- if (NULL == sourcePlist)
- goto bail;
- if (argc == 2) {
- // Merging to /etc/authorization.
- destPath = CFStringCreateWithCString(kCFAllocatorDefault, "/etc/authorization", kCFStringEncodingUTF8);
- } else {
- destPath = CFStringCreateWithCString(kCFAllocatorDefault, argv[2], kCFStringEncodingUTF8);
- }
- if (NULL == destPath) {
- goto bail;
- }
- destPlist = read_plist_from_file(destPath);
- if (NULL == destPlist)
- goto bail;
-
- sourceRights = CFDictionaryGetValue(sourcePlist, CFSTR("rights"));
- sourceRules = CFDictionaryGetValue(sourcePlist, CFSTR("rules"));
- destRights = CFDictionaryGetValue(destPlist, CFSTR("rights"));
- destRules = CFDictionaryGetValue(destPlist, CFSTR("rules"));
- if (sourceRights)
- rightsCount += CFDictionaryGetCount(sourceRights);
- if (destRights)
- rightsCount += CFDictionaryGetCount(destRights);
- mergeRights = CFDictionaryCreateMutable(NULL, rightsCount, &kCFCopyStringDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
- if (NULL == mergeRights) {
- goto bail;
- }
- if (sourceRules)
- rulesCount += CFDictionaryGetCount(sourceRules);
- if (destRules)
- rulesCount += CFDictionaryGetCount(destRules);
- mergeRules = CFDictionaryCreateMutable(NULL, rulesCount, &kCFCopyStringDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
- if (NULL == mergeRules) {
- goto bail;
- }
-
- if (destRights)
- CFDictionaryApplyFunction(destRights, merge_dictionaries, mergeRights);
- if (destRules)
- CFDictionaryApplyFunction(destRules, merge_dictionaries, mergeRules);
- if (sourceRights)
- CFDictionaryApplyFunction(sourceRights, merge_dictionaries, mergeRights);
- if (sourceRules)
- CFDictionaryApplyFunction(sourceRules, merge_dictionaries, mergeRules);
-
- outDict = CFDictionaryCreateMutable(NULL, 3, &kCFCopyStringDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
- if (NULL == outDict) {
- goto bail;
- }
- if (CFDictionaryContainsKey(sourcePlist, CFSTR("comment")))
- CFDictionaryAddValue(outDict, CFSTR("comment"), CFDictionaryGetValue(sourcePlist, CFSTR("comment")));
- else if (CFDictionaryContainsKey(destPlist, CFSTR("comment")))
- CFDictionaryAddValue(outDict, CFSTR("comment"), CFDictionaryGetValue(destPlist, CFSTR("comment")));
- CFDictionaryAddValue(outDict, CFSTR("rights"), mergeRights);
- CFDictionaryAddValue(outDict, CFSTR("rules"), mergeRules);
- if (!write_plist_to_file(outDict, destPath))
- goto bail;
-
- status = noErr;
-bail:
- if (sourcePath)
- CFRelease(sourcePath);
- if (destPath)
- CFRelease(destPath);
- if (sourcePlist)
- CFRelease(sourcePlist);
- if (destPlist)
- CFRelease(destPlist);
- if (outDict)
- CFRelease(outDict);
- }
- else
- return SHOW_USAGE_MESSAGE;
- }
- else
- return SHOW_USAGE_MESSAGE;
-
- if (auth_ref)
- AuthorizationFree(auth_ref, 0);
-
- if (!do_quiet)
- fprintf(stderr, "%s (%d)\n", status ? "NO" : "YES", (int)status);
-
- return (status ? -1 : 0);
-}
-
-int
-authorize(int argc, char * const *argv)
-{
- int ch;
- int retval = 1;
- OSStatus status;
-
- Boolean user_interaction_allowed = FALSE, extend_rights = TRUE;
- Boolean partial_rights = FALSE, destroy_rights = FALSE;
- Boolean pre_authorize = FALSE, internalize = FALSE, externalize = FALSE;
- Boolean wait = FALSE, explicit_credentials = FALSE;
- Boolean isolate_explicit_credentials = FALSE, least_privileged = FALSE;
- char *login = NULL;
-
- while ((ch = getopt(argc, argv, "ucC:EpdPieqwxl")) != -1)
- {
- switch (ch)
- {
- case 'u':
- user_interaction_allowed = TRUE;
- break;
- case 'c':
- explicit_credentials = TRUE;
- break;
- case 'C':
- explicit_credentials = TRUE;
- login = optarg;
- break;
- case 'e':
- externalize = TRUE;
- break;
- case 'E':
- extend_rights = FALSE;
- break;
- case 'p':
- partial_rights = TRUE;
- break;
- case 'd':
- destroy_rights = TRUE;
- break;
- case 'P':
- pre_authorize = TRUE;
- break;
- case 'i':
- internalize = TRUE;
- break;
- case 'w':
- wait = TRUE;
- externalize = TRUE;
- break;
- case 'x':
- isolate_explicit_credentials = TRUE;
- break;
- case 'l':
- least_privileged = TRUE;
- break;
- case '?':
- default:
- return SHOW_USAGE_MESSAGE;
- }
- }
-
- argc -= optind;
- argv += optind;
-
- if (argc == 0)
- return SHOW_USAGE_MESSAGE; // required right parameter(s)
-
-// set up AuthorizationFlags
- AuthorizationFlags flags = kAuthorizationFlagDefaults |
- (user_interaction_allowed ? kAuthorizationFlagInteractionAllowed : 0) |
- (extend_rights ? kAuthorizationFlagExtendRights : 0) |
- (partial_rights ? kAuthorizationFlagPartialRights : 0) |
- (pre_authorize ? kAuthorizationFlagPreAuthorize : 0) |
- (least_privileged ? kAuthorizationFlagLeastPrivileged : 0);
-
-// set up AuthorizationRightSet
- AuthorizationItem *rights = malloc(argc * sizeof(AuthorizationItem));
- if (!rights) {
- fprintf(stderr, "Out of memory\n");
- retval = 1;
- goto bail;
- }
- memset(rights, '\0', argc * sizeof(AuthorizationItem));
- AuthorizationItemSet rightset = { argc, rights };
- while (argc > 0)
- rights[--argc].name = *argv++;
-
- AuthorizationRef auth_ref = NULL;
-
-// internalize AuthorizationRef
- if (internalize)
- {
- auth_ref = read_auth_ref_from_stdin();
- if (!auth_ref) {
- retval = 1;
- goto bail;
- }
- }
-
- if (!auth_ref && AuthorizationCreate(NULL, NULL,
- (least_privileged ? kAuthorizationFlagLeastPrivileged : 0),
- &auth_ref)) {
- retval = -1;
- goto bail;
- }
-
-// prepare environment if needed
- AuthorizationEnvironment *envp = NULL;
- if (explicit_credentials) {
- if (!login)
- login = getlogin();
- char *pass = getpass("Password:");
- if (!(login && pass)) {
- retval = 1;
- goto bail;
- }
- static AuthorizationItem authenv[] = {
- { kAuthorizationEnvironmentUsername },
- { kAuthorizationEnvironmentPassword },
- { kAuthorizationEnvironmentShared } // optional (see below)
- };
- static AuthorizationEnvironment env = { 0, authenv };
- authenv[0].valueLength = strlen(login);
- authenv[0].value = login;
- authenv[1].valueLength = strlen(pass);
- authenv[1].value = pass;
- if (isolate_explicit_credentials)
- env.count = 2; // do not send kAuthorizationEnvironmentShared
- else
- env.count = 3; // do send kAuthorizationEnvironmentShared
- envp = &env;
- }
-
-// perform Authorization
- AuthorizationRights *granted_rights = NULL;
- status = AuthorizationCopyRights(auth_ref, &rightset, envp, flags, &granted_rights);
-
-// externalize AuthorizationRef
- if (externalize)
- write_auth_ref_to_stdout(auth_ref);
-
- if (!do_quiet)
- fprintf(stderr, "%s (%d) ", status ? "NO" : "YES", (int)status);
-
- if (!do_quiet && !status && granted_rights)
- {
- uint32_t index;
- fprintf(stderr, "{ %d: ", (int)granted_rights->count);
- for (index = 0; index < granted_rights->count; index++)
- {
- fprintf(stderr, "\"%s\"%s %c ", granted_rights->items[index].name,
- (kAuthorizationFlagCanNotPreAuthorize & granted_rights->items[index].flags) ? " (cannot-preauthorize)" : "",
- (index+1 != granted_rights->count) ? ',' : '}');
- }
- AuthorizationFreeItemSet(granted_rights);
- }
-
- if (!do_quiet)
- fprintf(stderr, "\n");
-
-// wait for client to pick up AuthorizationRef
- if (externalize && wait)
- while (-1 != write(STDOUT_FILENO, NULL, 0))
- usleep(100);
-
-// drop AuthorizationRef
- if (auth_ref)
- AuthorizationFree(auth_ref, destroy_rights ? kAuthorizationFlagDestroyRights : 0);
-
- retval = (status ? -1 : 0);
-bail:
- if (rights)
- free(rights);
-
- return retval;
-}
-
-
-int
-execute_with_privileges(int argc, char * const *argv)
-{
- AuthorizationRef auth_ref = NULL;
- int ch;
- while ((ch = getopt(argc, argv, "i")) != -1)
- {
- switch (ch)
- {
- case 'i':
- auth_ref = read_auth_ref_from_stdin();
- break;
- case '?':
- default:
- return SHOW_USAGE_MESSAGE;
- }
- }
-
- argc -= optind;
- argv += optind;
-
- if (argc == 0)
- return SHOW_USAGE_MESSAGE; // required tool parameter(s)
-
- OSStatus status;
-
- if (!auth_ref && AuthorizationCreate(NULL, NULL, 0, &auth_ref))
- return -1;
-
- FILE *communications_pipe = NULL;
-
- status = AuthorizationExecuteWithPrivileges(auth_ref,argv[0], 0, (argc > 1) ? &argv[1] : NULL, &communications_pipe);
-
- if (!do_quiet)
- fprintf(stderr, "%s (%d) ", status ? "NO" : "YES", (int)status);
-
- if (!status)
- {
- ssize_t bytes_read = 0;
- uint8_t buffer[4096];
-
- while ((bytes_read = read(STDIN_FILENO, &buffer, sizeof(buffer))))
- {
- if ((bytes_read == -1) && ((errno != EAGAIN) || (errno != EINTR)))
- break;
- else
- while ((-1 == write(fileno(communications_pipe), buffer, bytes_read)) &&
- ((errno == EAGAIN) || (errno == EINTR)))
- usleep(100);
- }
- }
-
- return (status ? -1 : 0);
-}
-
projects / apple / security.git / blobdiff