]> git.saurik.com Git - apple/security.git/blobdiff - OSX/libsecurity_codesigning/CodeSigningHelper/main.cpp
projects / apple / security.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security-59754.80.3.tar.gz
[apple/security.git] / OSX / libsecurity_codesigning / CodeSigningHelper / main.cpp
diff --git a/OSX/libsecurity_codesigning/CodeSigningHelper/main.cpp b/OSX/libsecurity_codesigning/CodeSigningHelper/main.cpp
index be200db38dcb20992a5935a1252693c64340672a..10465dff236a8a31942f99a1b01dabee8366ab4f 100644 (file)
--- a/OSX/libsecurity_codesigning/CodeSigningHelper/main.cpp
+++ b/OSX/libsecurity_codesigning/CodeSigningHelper/main.cpp
@@ -34,23 +34,36 @@
 static void
 request(xpc_connection_t peer, xpc_object_t event)
 {
-       OSStatus rc;
-       
        pid_t pid = (pid_t)xpc_dictionary_get_int64(event, "pid");
        if (pid <= 0)
                return;
        
+       size_t audit_size;
+       audit_token_t const *audit =
+               (audit_token_t const *)xpc_dictionary_get_data(event, "audit", &audit_size);
+       
+       if (audit != NULL && audit_size != sizeof(audit_token_t)) {
+               Syslog::error("audit token has unexpected size %zu", audit_size);
+               return;
+       }
+       
        xpc_object_t reply = xpc_dictionary_create_reply(event);
        if (reply == NULL)
                return;
        
-       CFTemp<CFDictionaryRef> attributes("{%O=%d}", kSecGuestAttributePid, pid);
+       CFTemp<CFMutableDictionaryRef> attributes("{%O=%d}", kSecGuestAttributePid, pid);
+    
+       if (audit != NULL) {
+               CFRef<CFDataRef> auditData = makeCFData(audit, audit_size);
+               CFDictionaryAddValue(attributes.get(), kSecGuestAttributeAudit,
+                                                        auditData);
+       }
        CFRef<SecCodeRef> code;
-       if ((rc = SecCodeCopyGuestWithAttributes(NULL, attributes, kSecCSDefaultFlags, &code.aref())) == noErr) {
+       if (SecCodeCopyGuestWithAttributes(NULL, attributes, kSecCSDefaultFlags, &code.aref()) == noErr) {
                
                // path to base of client code
                CFRef<CFURLRef> codePath;
-               if ((rc = SecCodeCopyPath(code, kSecCSDefaultFlags, &codePath.aref())) == noErr) {
+               if (SecCodeCopyPath(code, kSecCSDefaultFlags, &codePath.aref()) == noErr) {
                        CFRef<CFDataRef> data = CFURLCreateData(NULL, codePath, kCFStringEncodingUTF8, true);
                        xpc_dictionary_set_data(reply, "bundleURL", CFDataGetBytePtr(data), CFDataGetLength(data));
                }
mirror of Security