X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/5c19dc3ae3bd8e40a9c028b0deddd50ff337692c..7e6b461318c8a779d91381531435a68ee4e8b6ed:/OSX/libsecurityd/lib/ssclient.cpp?ds=inline diff --git a/OSX/libsecurityd/lib/ssclient.cpp b/OSX/libsecurityd/lib/ssclient.cpp index 37951004..a6341b12 100644 --- a/OSX/libsecurityd/lib/ssclient.cpp +++ b/OSX/libsecurityd/lib/ssclient.cpp @@ -43,7 +43,6 @@ namespace SecurityServer { UnixPlusPlus::StaticForkMonitor ClientSession::mHasForked; ModuleNexus ClientSession::mGlobal; const char *ClientSession::mContactName; -SecGuestRef ClientSession::mDedicatedGuest = kSecNoGuest; // @@ -79,7 +78,7 @@ void ClientSession::activate() // (that has not exec'ed), our apparent connection to SecurityServer // is just a mirage, and we better reset it. if (mHasForked()) { - secdebug("SSclnt", "process has forked (now pid=%d) - resetting connection object", getpid()); + secinfo("SSclnt", "process has forked (now pid=%d) - resetting connection object", getpid()); mGlobal.reset(); } @@ -90,18 +89,11 @@ void ClientSession::activate() // first time for this thread - use abbreviated registration IPCN(ucsp_client_setupThread(UCSP_ARGS, mach_task_self())); thread.registered = true; - secdebug("SSclnt", "Thread registered with %s", mContactName); + secinfo("SSclnt", "Thread registered with %s", mContactName); } - // if the thread's guest state has changed, tell securityd - if (thread.currentGuest != thread.lastGuest) { - IPCN(ucsp_client_setGuest(UCSP_ARGS, thread.currentGuest, kSecCSDefaultFlags)); - thread.lastGuest = thread.currentGuest; - secdebug("SSclnt", "switched guest state to 0x%x", thread.currentGuest); - } } - // // The contactName method allows the caller to explicitly override the bootstrap // name under which SecurityServer is located. Use this only with great caution, @@ -131,7 +123,7 @@ ClientSession::Global::Global() serverPort = findSecurityd(); mach_port_t originPort = MACH_PORT_NULL; - IPCN(ucsp_client_verifyPrivileged2(serverPort.port(), mig_get_reply_port(), &securitydCreds, &rcode, &originPort)); + IPCBASIC(ucsp_client_verifyPrivileged2(serverPort.port(), mig_get_reply_port(), &securitydCreds, &rcode, &originPort)); if (originPort != serverPort.port()) CssmError::throwMe(CSSM_ERRCODE_VERIFICATION_FAILURE); mach_port_mod_refs(mach_task_self(), originPort, MACH_PORT_RIGHT_SEND, -1); @@ -143,11 +135,11 @@ ClientSession::Global::Global() // cannot use UCSP_ARGS here because it uses mGlobal() -> deadlock Thread &thread = this->thread(); - IPCN(ucsp_client_setup(serverPort, thread.replyPort, &securitydCreds, &rcode, + IPCBASIC(ucsp_client_setup(serverPort, thread.replyPort, &securitydCreds, &rcode, mach_task_self(), info, extForm)); thread.registered = true; // as a side-effect of setup call above IFDEBUG(serverPort.requestNotify(thread.replyPort)); - secdebug("SSclnt", "contact with %s established", mContactName); + secinfo("SSclnt", "contact with %s established", mContactName); } @@ -160,7 +152,7 @@ ClientSession::Global::Global() // void ClientSession::reset() { - secdebug("SSclnt", "resetting client state (OUCH)"); + secinfo("SSclnt", "resetting client state (OUCH)"); mGlobal.reset(); } @@ -179,9 +171,9 @@ Port ClientSession::findSecurityd() mContactName = SECURITYSERVER_BOOTSTRAP_NAME; } - secdebug("SSclnt", "Locating %s", mContactName); + secinfo("SSclnt", "Locating %s", mContactName); Port serverPort = Bootstrap().lookup2(mContactName); - secdebug("SSclnt", "contacting %s at port %d (version %d)", + secinfo("SSclnt", "contacting %s at port %d (version %d)", mContactName, serverPort.port(), SSPROTOVERSION); return serverPort; } @@ -199,7 +191,7 @@ void ClientSession::childCheckIn(Port serverPort, Port taskPort) if (originPort != securitydPort.port()) CssmError::throwMe(CSSM_ERRCODE_VERIFICATION_FAILURE); mach_port_mod_refs(mach_task_self(), originPort, MACH_PORT_RIGHT_SEND, -1); - check(ucsp_client_childCheckIn(securitydPort, serverPort, taskPort)); + check(ucsp_client_childCheckIn(securitydPort, serverPort, MACH_PORT_NULL)); } @@ -211,10 +203,10 @@ void ClientSession::childCheckIn(Port serverPort, Port taskPort) void ClientSession::notifyAclChange(KeyHandle key, CSSM_ACL_AUTHORIZATION_TAG tag) { if (mCallback) { - secdebug("keyacl", "ACL change key %u operation %u", key, tag); + secinfo("keyacl", "ACL change key %u operation %u", key, tag); mCallback(mCallbackContext, *this, key, tag); } else - secdebug("keyacl", "dropped ACL change notice for key %u operation %u", + secinfo("keyacl", "dropped ACL change notice for key %u operation %u", key, tag); }