+++ /dev/null
-/*
- * Copyright (c) 2006-2008,2010 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-
-//
-// csproxy - Code Signing Hosting Proxy
-//
-#ifndef _H_CSPROXY
-#define _H_CSPROXY
-
-#include <security_utilities/casts.h>
-#include <security_utilities/cfutilities.h>
-#include <security_utilities/debugging_internal.h>
-#include <security_cdsa_utilities/handleobject.h>
-#include <security_utilities/mach++.h>
-#include <security_utilities/machserver.h>
-#include <security_cdsa_utilities/cssmdata.h>
-#include <securityd_client/cshosting.h>
-#include <Security/SecCodeHost.h>
-#include <string>
-#include <map>
-
-using MachPlusPlus::Port;
-using MachPlusPlus::MachServer;
-
-
-//
-// CodeSigningHost is a mix-in for an object representing a primary
-// Code Signing host object. It performs two notionally separate functions:
-// (1) Register a hosting port.
-// (2) Optionally, maintain a guest registry to offload the host's work.
-//
-class CodeSigningHost : private MachServer::Handler {
-public:
- CodeSigningHost();
- ~CodeSigningHost();
- void reset();
-
- enum HostingState {
- noHosting, // is not a host (yet), could go either way
- dynamicHosting, // gave us its own hosting port to keep
- proxyHosting // we act as a proxy for it
- };
-
- enum GuestCheck {
- strict, // direct guest relationship required
- loose // indirect or identity is okay (prefix check)
- };
-
- struct Guest : public RefCount, public HandleObject {
- public:
- Guest();
- ~Guest();
- std::vector<SecGuestRef> guestPath; // guest chain to this guest
- uint32_t status; // dynamic status
- std::string path; // canonical code path
- CFRef<CFDictionaryRef> attributes; // matching attributes set
- CFRef<CFDataRef> cdhash; // hash of CodeDirectory as specified by host
- bool dedicated; // host is dedicated (and this is the only guest)
-
- operator bool() const { return attributes; } // exists
- SecGuestRef guestRef() const { return int_cast<long, SecGuestRef>(handle()); }
- void setAttributes(const CssmData &attrData);
- uint8_t const *attrData() const { createAttrData(); return mAttrData; };
- CFIndex attrDataLength() const { createAttrData(); return mAttrDataLength; };
- void setHash(const CssmData &given, bool generate);
-
- bool isGuestOf(Guest *host, GuestCheck check) const;
- bool matches(CFIndex count, CFTypeRef keys[], CFTypeRef values[]) const;
-
- IFDUMP(void dump() const);
-
- private:
- void createAttrData() const;
-
- mutable uint8_t *mAttrData; // XML form of attributes (vm_allocate'd, must live until guest destruction)
- mutable CFIndex mAttrDataLength;
- };
-
- void registerCodeSigning(mach_port_t hostingPort, SecCSFlags flags);
- Port hostingPort() const { return mHostingPort; }
-
- SecGuestRef createGuest(SecGuestRef guest,
- uint32_t status, const char *path,
- const CssmData &cdhash, const CssmData &attributes, SecCSFlags flags);
- void setGuestStatus(SecGuestRef guest, uint32_t status, const CssmData &attributes);
- void removeGuest(SecGuestRef host, SecGuestRef guest);
-
-public:
- IFDUMP(void dump() const);
-
-public:
- // internal use only (public for use by MIG handlers)
- Guest *findHost(SecGuestRef hostRef); // find most dedicated guest of this host
- Guest *findGuest(Guest *host, const CssmData &attrData); // by host and attributes
- Guest *findGuest(SecGuestRef guestRef, bool hostOk = false); // by guest reference
- Guest *findGuest(Guest *host); // any guest of this host
-
- class Lock;
- friend class Lock;
-
-private:
- boolean_t handle(mach_msg_header_t *in, mach_msg_header_t *out);
- void eraseGuest(Guest *guest);
-
-private:
- mutable Mutex mLock; // protects everything below
-
- // host port registry
- HostingState mHostingState; // status of hosting support
- Port mHostingPort; // his or ours or NULL
-
- // guest map (only used if mHostingState == proxyHosting)
- typedef std::map<SecGuestRef, RefPointer<Guest> > GuestMap;
- GuestMap mGuests;
-};
-
-
-//
-// Proxy implementation of Code Signing Hosting protocol
-//
-#define CSH_ARGS mach_port_t servicePort, mach_port_t replyPort, OSStatus *rcode
-
-#define DATA_IN(base) void *base, mach_msg_type_number_t base##Length
-#define DATA_OUT(base) void **base, mach_msg_type_number_t *base##Length
-#define DATA(base) CssmData(base, base##Length)
-
-//
-// Find a guest by arbitrary attribute set.
-//
-// This returns an array of canonical guest references describing the path
-// from the host given to the guest found. If the host itself is returned
-// as a guest, this will be an empty array (zero length).
-//
-// The subhost return argument may in the future return the hosting port for
-// a guest who dynamically manages its hosting (thus breaking out of proxy mode),
-// but this is not yet implemented.
-//
-kern_return_t cshosting_server_findGuest(CSH_ARGS, SecGuestRef hostRef,
- DATA_IN(attributes),
- GuestChain *foundGuest, mach_msg_type_number_t *depth, mach_port_t *subhost);
-
-//
-// Retrieve the path to a guest specified by canonical reference.
-//
-kern_return_t cshosting_server_identifyGuest(CSH_ARGS, SecGuestRef guestRef,
- char *path, char *hash, uint32_t *hashLength, DATA_OUT(attributes));
-
-//
-// Retrieve the status word for a guest specified by canonical reference.
-//
-kern_return_t cshosting_server_guestStatus(CSH_ARGS, SecGuestRef guestRef, uint32_t *status);
-
-#undef CSH_ARGS
-#undef DATA_IN
-#undef DATA_OUT
-#undef DATA
-
-#endif //_H_CSPROXY
projects / apple / security.git / blobdiff