]> git.saurik.com Git - apple/security.git/blobdiff - securityd/src/transition.cpp
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-59754.80.3.tar.gz
[apple/security.git] / securityd / src / transition.cpp
diff --git a/securityd/src/transition.cpp b/securityd/src/transition.cpp
index ff606b4c825618d199e8c07e6f29b20815e1f992..b2bd64d136c71631f99b40fcaf1e9e6888a7ea82 100644 (file)
--- a/securityd/src/transition.cpp
+++ b/securityd/src/transition.cpp
@@ -51,6 +51,7 @@
 #include <Security/AuthorizationTagsPriv.h>
 #include <AssertMacros.h>
 #include <security_utilities/errors.h>
+#include <Security/SecEntitlements.h>
 
 #include <CoreFoundation/CFNumber.h>
 #include <CoreFoundation/CFDictionary.h>
@@ -65,7 +66,7 @@
 #define BEGIN_IPCN     *rcode = CSSM_OK; try {
 #define BEGIN_IPC(name)        BEGIN_IPCN RefPointer<Connection> connRef(&Server::connection(replyPort, auditToken)); \
                Connection &connection __attribute__((unused)) = *connRef; \
-        secinfo("SecServer", "request entry " #name " (pid:%d ession:%d)", connection.process().pid(), connection.session().sessionId());
+        secinfo("SecServer", "request entry " #name " (pid:%d session:%d)", connection.process().pid(), connection.session().sessionId());
 
 #define END_IPC(base)  END_IPCN(base) Server::requestComplete(*rcode); return KERN_SUCCESS;
 #define END_IPCN(base)         secinfo("SecServer", "request return: %d", *(rcode)); \
@@ -244,6 +245,7 @@ kern_return_t ucsp_server_setup(UCSP_ARGS, mach_port_t taskPort, ClientSetupInfo
        END_IPCN(CSSM)
        if (*rcode)
                Syslog::notice("setup(%s) failed rcode=%d", identity ? identity : "<NULL>", *rcode);
+       mach_port_deallocate(mach_task_self(), taskPort);
        return KERN_SUCCESS;
 }
 
@@ -256,6 +258,7 @@ kern_return_t ucsp_server_setupThread(UCSP_ARGS, mach_port_t taskPort)
        END_IPCN(CSSM)
        if (*rcode)
                Syslog::notice("setupThread failed rcode=%d", *rcode);
+       mach_port_deallocate(mach_task_self(), taskPort);
        return KERN_SUCCESS;
 }
 
@@ -735,7 +738,7 @@ static void check_stash_entitlement(Process & proc)
     }
     require(entitlements != NULL, done);
 
-    if (CFDictionaryGetValueIfPresent(entitlements, CFSTR("com.apple.private.securityd.stash"), &value)) {
+    if (CFDictionaryGetValueIfPresent(entitlements, kSecEntitlementPrivateStash, &value)) {
         if (CFGetTypeID(value) && CFBooleanGetTypeID()) {
             entitled = CFBooleanGetValue((CFBooleanRef)value);
         }
mirror of Security