+++ /dev/null
-/*
- * Copyright (c) 2006-2010,2012-2014 Apple Inc. All Rights Reserved.
- *
- * @APPLE_LICENSE_HEADER_START@
- *
- * This file contains Original Code and/or Modifications of Original Code
- * as defined in and that are subject to the Apple Public Source License
- * Version 2.0 (the 'License'). You may not use this file except in
- * compliance with the License. Please obtain a copy of the License at
- * http://www.opensource.apple.com/apsl/ and read it before using this
- * file.
- *
- * The Original Code and all software distributed under the License are
- * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
- * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
- * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
- * Please see the License for the specific language governing rights and
- * limitations under the License.
- *
- * @APPLE_LICENSE_HEADER_END@
- */
-
-
-/*
- * debugging.c - non-trivial debug support
- */
-#include "utilities/debugging.h"
-#include "utilities/debugging_test.h"
-#include "utilities/SecCFWrappers.h"
-#include <CoreFoundation/CFSet.h>
-#include <CoreFoundation/CFString.h>
-#include <CoreFoundation/CFPreferences.h>
-
-#include <dispatch/dispatch.h>
-
-#include <stdarg.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <pthread.h>
-#include <asl.h>
-
-
-const CFStringRef kStringNegate = CFSTR("-");
-const CFStringRef kStringAll = CFSTR("all");
-
-const CFStringRef kAPIScope = CFSTR("api");
-
-static CFMutableArrayRef sLogSettings = NULL; /* Either sets or dictionaries of level => set. */
-
-static dispatch_queue_t GetDispatchControlQueue(void) {
- static dispatch_queue_t sLoggingScopeControlQueue;
- static dispatch_once_t onceToken;
- dispatch_once(&onceToken, ^{
- sLoggingScopeControlQueue = dispatch_queue_create("security scope control", DISPATCH_QUEUE_CONCURRENT);
- });
- return sLoggingScopeControlQueue;
-}
-
-static void with_scopes_read(dispatch_block_t action) {
- dispatch_sync(GetDispatchControlQueue(), action);
-}
-
-static void with_scopes_write(dispatch_block_t action) {
- dispatch_barrier_sync(GetDispatchControlQueue(), action);
-}
-
-bool IsScopeActive(int level, CFStringRef scope)
-{
- if (scope == NULL)
- return true;
-
- CFNumberRef level_number = CFNumberCreate(kCFAllocatorDefault, kCFNumberIntType, &level);
-
- __block bool isActive = false;
- with_scopes_read(^{
- if (sLogSettings) {
- CFArrayForEach(sLogSettings, ^(const void *value) {
- CFSetRef setToCheck = NULL;
-
- if (isSet(value)) {
- setToCheck = (CFSetRef) value;
- } else if (isDictionary(value)) {
- CFDictionaryRef levels = (CFDictionaryRef) value;
-
- setToCheck = CFDictionaryGetValue(levels, level_number);
-
- if (!isSet(setToCheck))
- setToCheck = NULL;
- }
-
- if (setToCheck != NULL && !isActive) {
- bool negated = CFSetContainsValue(setToCheck, kStringNegate);
- bool inSet = CFSetContainsValue(setToCheck, scope);
-
- isActive = negated ^ inSet;
- }
- });
- }
- });
-
- CFReleaseNull(level_number);
-
- return isActive;
-}
-
-bool IsScopeActiveC(int level, const char *scope)
-{
- CFStringRef scopeString = CFStringCreateWithBytes(kCFAllocatorDefault, (const uint8_t*)scope, strlen(scope), kCFStringEncodingUTF8, false);
- bool isActive = IsScopeActive(level, scopeString);
- CFReleaseNull(scopeString);
-
- return isActive;
-}
-
-
-
-static CFStringRef copyScopeName(const char *scope, CFIndex scopeLen) {
- return CFStringCreateWithBytes(kCFAllocatorDefault, (const UInt8 *)scope,
- scopeLen, kCFStringEncodingUTF8, false);
-}
-
-static CFMutableSetRef CopyScopesFromScopeList(CFStringRef scopes) {
- CFMutableSetRef resultSet = CFSetCreateMutableForCFTypes(kCFAllocatorDefault);
-
- CFStringRef allocated_scope_list = NULL;
- CFStringRef clean_scope_list = scopes;
- bool add_negate = false;
-
- if (CFStringHasPrefix(scopes, kStringNegate)) {
- allocated_scope_list = CFStringCreateWithSubstring(kCFAllocatorDefault, scopes, CFRangeMake(CFStringGetLength(kStringNegate), CFStringGetLength(scopes) - 1));
- clean_scope_list = allocated_scope_list;
- add_negate = true;
- }
-
- CFArrayRef commaArray = CFStringCreateArrayBySeparatingStrings(kCFAllocatorDefault, clean_scope_list, CFSTR(","));
-
- if (commaArray) {
- CFArrayForEach(commaArray, ^(const void *value) {
- if (isString(value)) {
- CFMutableStringRef copy = CFStringCreateMutableCopy(kCFAllocatorDefault, 0, (CFStringRef) value);
- CFStringTrimWhitespace(copy);
- CFSetSetValue(resultSet, copy);
- CFReleaseNull(copy);
- }
- });
- }
-
- CFSetRemoveValue(resultSet, CFSTR("none"));
- CFSetRemoveValue(resultSet, CFSTR(""));
-
- if (CFSetContainsValue(resultSet, CFSTR("all"))) {
- CFSetRemoveAllValues(resultSet);
- add_negate = !add_negate;
- }
-
- if (add_negate)
- CFSetSetValue(resultSet, kStringNegate);
-
- CFReleaseNull(commaArray);
- CFReleaseNull(allocated_scope_list);
-
- return resultSet;
-}
-
-static CFMutableArrayRef CFArrayCreateMutableForCFTypesFilledWithCFNull(CFAllocatorRef allocator, CFIndex capacity) {
- CFMutableArrayRef result = CFArrayCreateMutableForCFTypesWithCapacity(kCFAllocatorDefault, kScopeIDMax);
-
- for(int count = 0; count <= capacity; ++count)
- CFArrayAppendValue(result, kCFNull);
-
- return result;
-}
-
-static bool CFArrayIsAll(CFArrayRef array, const void *value)
-{
- return CFArrayGetCountOfValue(array, CFRangeMake(0, CFArrayGetCount(array)), value) == CFArrayGetCount(array);
-}
-
-static void SetNthScopeSet(int nth, CFTypeRef collection)
-{
- with_scopes_write(^{
- if (sLogSettings == NULL) {
- sLogSettings = CFArrayCreateMutableForCFTypesFilledWithCFNull(kCFAllocatorDefault, kScopeIDMax);
- }
-
- CFArraySetValueAtIndex(sLogSettings, nth, collection);
-
- if (CFArrayIsAll(sLogSettings, kCFNull)) {
- CFReleaseNull(sLogSettings);
- }
- });
-}
-
-static int string_to_log_level(CFStringRef string) {
- if (CFEqual(string, CFSTR(ASL_STRING_EMERG)))
- return ASL_LEVEL_EMERG;
- else if (CFEqual(string, CFSTR(ASL_STRING_ALERT)))
- return ASL_LEVEL_ALERT;
- else if (CFEqual(string, CFSTR(ASL_STRING_CRIT)))
- return ASL_LEVEL_CRIT;
- else if (CFEqual(string, CFSTR(ASL_STRING_ERR)))
- return ASL_LEVEL_ERR;
- else if (CFEqual(string, CFSTR(ASL_STRING_WARNING)))
- return ASL_LEVEL_WARNING;
- else if (CFEqual(string, CFSTR(ASL_STRING_NOTICE)))
- return ASL_LEVEL_NOTICE;
- else if (CFEqual(string, CFSTR(ASL_STRING_INFO)))
- return ASL_LEVEL_INFO;
- else if (CFEqual(string, CFSTR(ASL_STRING_DEBUG)))
- return ASL_LEVEL_DEBUG;
- else
- return -1;
-}
-
-static void CFSetAppendValues(CFSetRef set, CFMutableArrayRef appendTo)
-{
- CFSetForEach(set, ^(const void *value) {
- CFArrayAppendValue(appendTo, value);
- });
-}
-
-static CFMutableArrayRef CFSetOfCFObjectsCopyValues(CFSetRef setOfCFs)
-{
- CFMutableArrayRef result = CFArrayCreateMutableForCFTypes(kCFAllocatorDefault);
-
- CFSetForEach(setOfCFs, ^(const void *value) {
- CFArrayAppendValue(result, value);
- });
-
- return result;
-}
-
-CFPropertyListRef CopyCurrentScopePlist(void)
-{
- CFMutableArrayRef result = CFArrayCreateMutableForCFTypes(kCFAllocatorDefault);
- with_scopes_read(^{
- CFArrayForEach(sLogSettings, ^(const void *value) {
- if (isSet(value)) {
- CFArrayRef values = CFSetOfCFObjectsCopyValues((CFSetRef) value);
- CFArrayAppendValue(result, values);
- CFReleaseNull(values);
- } else if (isDictionary(value)) {
- CFMutableDictionaryRef levels = CFDictionaryCreateMutableForCFTypes(kCFAllocatorDefault);
-
- CFDictionaryForEach((CFDictionaryRef) value, ^(const void *key, const void *value) {
- if (isSet(value)) {
- CFArrayRef values = CFSetOfCFObjectsCopyValues((CFSetRef) value);
- CFDictionaryAddValue(levels, key, values);
- CFReleaseNull(values);
- }
- });
-
- CFArrayAppendValue(result, levels);
- } else {
- CFArrayAppendValue(result, kCFNull);
- }
- });
- });
- return result;
-}
-
-void ApplyScopeDictionaryForID(CFDictionaryRef scopeDictionary, SecDebugScopeID whichID)
-{
- CFMutableDictionaryRef dictionary_for_id = CFDictionaryCreateMutableForCFTypes(kCFAllocatorDefault);
-
- CFDictionaryForEach(scopeDictionary, ^(const void *key, const void *value) {
- CFSetRef scope_set = NULL;
- CFNumberRef key_number = NULL;
- if (isString(key)) {
- int level = string_to_log_level((CFStringRef) key);
-
- if (level >= 0)
- key_number = CFNumberCreate(kCFAllocatorDefault, kCFNumberIntType, &level);
- } else if (isNumber(key)) {
- key_number = CFRetainSafe(key);
- }
-
- if (isString(value)) {
- scope_set = CopyScopesFromScopeList(value);
- }
-
- if (key_number && scope_set)
- CFDictionaryAddValue(dictionary_for_id, key_number, scope_set);
-
- CFReleaseNull(key_number);
- CFReleaseNull(scope_set);
- });
-
- if (CFDictionaryGetCount(dictionary_for_id) > 0) {
- SetNthScopeSet(whichID, dictionary_for_id);
- }
-
- CFReleaseNull(dictionary_for_id);
-}
-
-void ApplyScopeListForID(CFStringRef scopeList, SecDebugScopeID whichID)
-{
- CFMutableSetRef scopesToUse = CopyScopesFromScopeList(scopeList);
-
- SetNthScopeSet(whichID, scopesToUse);
-
- CFReleaseNull(scopesToUse);
-}
-
-void ApplyScopeListForIDC(const char *scopeList, SecDebugScopeID whichID) {
- CFStringRef scope_string = CFStringCreateWithCStringNoCopy(kCFAllocatorDefault, scopeList, kCFStringEncodingUTF8, kCFAllocatorNull);
-
- ApplyScopeListForID(scope_string, whichID);
-
- CFReleaseNull(scope_string);
-}
-
-#pragma mark - Log Handlers to catch log information
-
-static CFMutableArrayRef sSecurityLogHandlers;
-
-#if TARGET_OS_IPHONE
-
-/*
- * Instead of using CFPropertyListReadFromFile we use a
- * CFPropertyListCreateWithStream directly
- * here. CFPropertyListReadFromFile() uses
- * CFURLCopyResourcePropertyForKey() andCF pulls in CoreServices for
- * CFURLCopyResourcePropertyForKey() and that doesn't work in install
- * enviroment.
- */
-
-static CFPropertyListRef
-CopyPlistFromFile(CFURLRef url)
-{
- CFDictionaryRef d = NULL;
- CFReadStreamRef s = CFReadStreamCreateWithFile(kCFAllocatorDefault, url);
- if (s && CFReadStreamOpen(s)) {
- d = (CFDictionaryRef)CFPropertyListCreateWithStream(kCFAllocatorDefault, s, 0, kCFPropertyListImmutable, NULL, NULL);
- }
- CFReleaseSafe(s);
-
- return d;
-}
-#endif
-
-static void ApplyScopeByTypeForID(CFPropertyListRef scopes, SecDebugScopeID whichID) {
- if (isDictionary(scopes)) {
- ApplyScopeDictionaryForID(scopes, whichID);
- } else if (isString(scopes)) {
- ApplyScopeListForID(scopes, whichID);
- }
-}
-
-static void setup_config_settings() {
-#if TARGET_OS_IPHONE
- CFURLRef prefURL = CFURLCreateWithFileSystemPath(kCFAllocatorDefault, CFSTR("/Library/Managed Preferences/mobile/.GlobalPreferences.plist"), kCFURLPOSIXPathStyle, false);
- if(prefURL) {
- CFPropertyListRef plist = CopyPlistFromFile(prefURL);
- if (plist) {
- ApplyScopeByTypeForID(CFDictionaryGetValue(plist, CFSTR("SecLogging")), kScopeIDConfig);
- }
- CFReleaseSafe(plist);
- }
- CFReleaseSafe(prefURL);
-#endif
-}
-
-static void setup_defaults_settings() {
- CFPropertyListRef scopes_value = CFPreferencesCopyValue(CFSTR("Logging"), CFSTR("com.apple.security"), kCFPreferencesAnyUser, kCFPreferencesCurrentHost);
-
- ApplyScopeByTypeForID(scopes_value, kScopeIDDefaults);
-
- CFReleaseSafe(scopes_value);
-}
-
-static void setup_environment_scopes() {
- const char *cur_scope = getenv("DEBUGSCOPE");
- if (cur_scope == NULL)
- cur_scope = "";
-
- ApplyScopeListForIDC(cur_scope, kScopeIDEnvironment);
-}
-
-void __security_debug_init(void) {
- static dispatch_once_t sdOnceToken;
-
- dispatch_once(&sdOnceToken, ^{
- setup_environment_scopes();
- setup_config_settings();
- setup_defaults_settings();
- });
-}
-
-
-// MARK: Log handler recording (e.g. grabbing security logging and sending it to test results).
-static void clean_aslclient(void *client)
-{
- asl_close(client);
-}
-
-static aslclient get_aslclient()
-{
- static dispatch_once_t once;
- static pthread_key_t asl_client_key;
- dispatch_once(&once, ^{
- pthread_key_create(&asl_client_key, clean_aslclient);
- });
- aslclient client = pthread_getspecific(asl_client_key);
- if (!client) {
- client = asl_open(NULL, "SecLogging", 0);
- asl_set_filter(client, ASL_FILTER_MASK_UPTO(ASL_LEVEL_DEBUG));
- pthread_setspecific(asl_client_key, client);
- }
-
- return client;
-}
-
-static CFMutableArrayRef get_log_handlers()
-{
- static dispatch_once_t handlers_once;
-
- dispatch_once(&handlers_once, ^{
- sSecurityLogHandlers = CFArrayCreateMutableForCFTypes(kCFAllocatorDefault);
-
- CFArrayAppendValue(sSecurityLogHandlers, ^(int level, CFStringRef scope, const char *function,
- const char *file, int line, CFStringRef message){
- CFStringRef logStr = CFStringCreateWithFormat(kCFAllocatorDefault, NULL, CFSTR("%@ %s %@\n"), scope ? scope : CFSTR(""), function, message);
- CFStringPerformWithCString(logStr, ^(const char *logMsg) {
- aslmsg msg = asl_new(ASL_TYPE_MSG);
- if (scope) {
- CFStringPerformWithCString(scope, ^(const char *scopeStr) {
- asl_set(msg, ASL_KEY_FACILITY, scopeStr);
- });
- }
- asl_log(get_aslclient(), msg, level, "%s", logMsg);
- asl_free(msg);
- });
- CFReleaseSafe(logStr);
- });
- });
-
- return sSecurityLogHandlers;
-}
-
-static void log_api_trace_v(const char *api, const char *caller_info, CFStringRef format, va_list args)
-{
- aslmsg msg = asl_new(ASL_TYPE_MSG);
- asl_set(msg, ASL_KEY_LEVEL, ASL_STRING_DEBUG);
- CFStringPerformWithCString(kAPIScope, ^(const char *scopeStr) {
- asl_set(msg, ASL_KEY_FACILITY, scopeStr);
- });
- asl_set(msg, "SecAPITrace", api);
- asl_set(msg, caller_info ? "ENTER" : "RETURN", "");
-
- if (format) {
- CFStringRef message = CFStringCreateWithFormatAndArguments(kCFAllocatorDefault, NULL, format, args);
- CFStringPerformWithCString(message, ^(const char *utf8Str) {
- asl_set(msg, ASL_KEY_MSG, utf8Str);
- });
- CFReleaseSafe(message);
- }
-
- if (caller_info) {
- asl_set(msg, "CALLER", caller_info);
- }
-
- asl_send(get_aslclient(), msg);
- asl_free(msg);
-}
-
-void __security_trace_enter_api(const char *api, CFStringRef format, ...)
-{
- if (!IsScopeActive(ASL_LEVEL_DEBUG, kAPIScope))
- return;
-
- va_list args;
- va_start(args, format);
-
- {
- char stack_info[80];
-
- snprintf(stack_info, sizeof(stack_info), "C%p F%p", __builtin_return_address(1), __builtin_frame_address(2));
-
- log_api_trace_v(api, stack_info, format, args);
- }
-
- va_end(args);
-}
-
-void __security_trace_return_api(const char *api, CFStringRef format, ...)
-{
- if (!IsScopeActive(ASL_LEVEL_DEBUG, kAPIScope))
- return;
-
- va_list args;
- va_start(args, format);
-
- log_api_trace_v(api, NULL, format, args);
-
- va_end(args);
-}
-
-
-void add_security_log_handler(security_log_handler handler)
-{
- CFArrayAppendValue(get_log_handlers(), handler);
-}
-
-void remove_security_log_handler(security_log_handler handler)
-{
- CFArrayRemoveAllValue(get_log_handlers(), handler);
-}
-
-static void __security_post_msg(int level, CFStringRef scope, const char *function,
- const char *file, int line, CFStringRef message)
-{
- CFArrayForEach(get_log_handlers(), ^(const void *value) {
- security_log_handler handler = (security_log_handler) value;
-
- handler(level, scope, function, file, line, message);
- });
-}
-
-static void __security_log_msg_v(int level, CFStringRef scope, const char *function,
- const char *file, int line, CFStringRef format, va_list args)
-{
- __security_debug_init();
-
- if (!IsScopeActive(level, scope))
- return;
-
- CFStringRef message = CFStringCreateWithFormatAndArguments(kCFAllocatorDefault, NULL, format, args);
- __security_post_msg(level, scope, function, file, line, message);
- CFRelease(message);
-
-}
-
-void __security_debug(CFStringRef scope, const char *function,
- const char *file, int line, CFStringRef format, ...)
-{
- va_list args;
- va_start(args, format);
-
- __security_log_msg_v(ASL_LEVEL_DEBUG, scope, function, file, line, format, args);
-
- va_end(args);
-}
-
-void __security_log(int level, CFStringRef scope, const char *function,
- const char *file, int line, CFStringRef format, ...)
-{
- va_list args;
- va_start(args, format);
-
- __security_log_msg_v(level, scope, function, file, line, format, args);
-
- va_end(args);
-}
projects / apple / security.git / blobdiff