X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/80e2389990082500d76eb566d4946be3e786c3ef..d8f41ccd20de16f8ebe2ccc84d47bf1cb2b26bbb:/sec/ipc/client.c diff --git a/sec/ipc/client.c b/sec/ipc/client.c deleted file mode 100644 index 96dafb04..00000000 --- a/sec/ipc/client.c +++ /dev/null @@ -1,187 +0,0 @@ -/* - * Copyright (c) 2007-2009 Apple Inc. All Rights Reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * This file contains Original Code and/or Modifications of Original Code - * as defined in and that are subject to the Apple Public Source License - * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this - * file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. - * Please see the License for the specific language governing rights and - * limitations under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - -#include -#include -#include - -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include // TODO Fixme this gets us SecError(). -#include "securityd_client.h" -#include "SecuritydXPC.h" - -struct securityd *gSecurityd; - -// -// MARK: XPC IPC. -// - -/* Hardcoded Access Groups for the server itself */ -static CFArrayRef SecServerCopyAccessGroups(void) { - return CFArrayCreateForCFTypes(kCFAllocatorDefault, -#if NO_SERVER - CFSTR("test"), - CFSTR("apple"), - CFSTR("lockdown-identities"), -#else - CFSTR("sync"), -#endif - CFSTR("com.apple.security.sos"), - NULL); -} - -CFArrayRef SecAccessGroupsGetCurrent(void) { - static CFArrayRef gSecServerAccessGroups; - static dispatch_once_t only_do_this_once; - dispatch_once(&only_do_this_once, ^{ - gSecServerAccessGroups = SecServerCopyAccessGroups(); - assert(gSecServerAccessGroups); - }); - return gSecServerAccessGroups; -} - -static xpc_connection_t securityd_create_connection(const char *name) { - if (!name) - name = kSecuritydXPCServiceName; - xpc_connection_t connection; - connection = xpc_connection_create_mach_service(name, NULL, 0); - xpc_connection_set_event_handler(connection, ^(xpc_object_t event) { - const char *description = xpc_dictionary_get_string(event, XPC_ERROR_KEY_DESCRIPTION); - secnotice("xpc", "got event: %s", description); - }); - xpc_connection_resume(connection); - return connection; -} - -static xpc_connection_t sSecuritydConnection; - -static xpc_connection_t securityd_connection(void) { - static dispatch_once_t once; - dispatch_once(&once, ^{ - sSecuritydConnection = securityd_create_connection(NULL); - }); - return sSecuritydConnection; -} - -// NOTE: This is not thread safe, but this SPI is for testing only. -void SecServerSetMachServiceName(const char *name) { - // Make sure sSecXPCServer.queue exists. - securityd_connection(); - - xpc_connection_t oldConection = sSecuritydConnection; - sSecuritydConnection = securityd_create_connection(name); - if (oldConection) - xpc_release(oldConection); -} - -xpc_object_t -securityd_message_with_reply_sync(xpc_object_t message, CFErrorRef *error) -{ - xpc_object_t reply = NULL; - xpc_connection_t connection = securityd_connection(); - - for (int try = 1; try <= 2; ++try) { - reply = xpc_connection_send_message_with_reply_sync(connection, message); - if (try == 1 && reply == XPC_ERROR_CONNECTION_INTERRUPTED) { - xpc_release(reply); - } else { - break; - } - } - - if (xpc_get_type(reply) == XPC_TYPE_ERROR) { - CFIndex code = 0; - if (reply == XPC_ERROR_CONNECTION_INTERRUPTED || reply == XPC_ERROR_CONNECTION_INVALID) - code = kSecXPCErrorConnectionFailed; - else if (reply == XPC_ERROR_TERMINATION_IMMINENT) - code = kSecXPCErrorUnknown; - else - code = kSecXPCErrorUnknown; - - char *conn_desc = xpc_copy_description(connection); - const char *description = xpc_dictionary_get_string(reply, XPC_ERROR_KEY_DESCRIPTION); - SecCFCreateErrorWithFormat(code, sSecXPCErrorDomain, NULL, error, NULL, CFSTR("%s: %s"), conn_desc, description); - free(conn_desc); - xpc_release(reply); - reply = NULL; - } - - return reply; -} - -xpc_object_t securityd_create_message(enum SecXPCOperation op, CFErrorRef* error) -{ - xpc_object_t message = xpc_dictionary_create(NULL, NULL, 0); - if (message) { - xpc_dictionary_set_uint64(message, kSecXPCKeyOperation, op); - } else { - SecCFCreateError(kSecXPCErrorConnectionFailed, sSecXPCErrorDomain, - CFSTR("xpc_dictionary_create returned NULL"), NULL, error); - } - return message; -} - -// Return true if there is no error in message, return false and set *error if there is. -bool securityd_message_no_error(xpc_object_t message, CFErrorRef *error) { - xpc_object_t xpc_error = xpc_dictionary_get_value(message, kSecXPCKeyError); - if (xpc_error == NULL) - return true; - - if (error) { - *error = SecCreateCFErrorWithXPCObject(xpc_error); - } - return false; -} - -bool securityd_send_sync_and_do(enum SecXPCOperation op, CFErrorRef *error, - bool (^add_to_message)(xpc_object_t message, CFErrorRef* error), - bool (^handle_response)(xpc_object_t response, CFErrorRef* error)) { - xpc_object_t message = securityd_create_message(op, error); - bool ok = false; - if (message) { - if (!add_to_message || add_to_message(message, error)) { - xpc_object_t response = securityd_message_with_reply_sync(message, error); - if (response) { - if (securityd_message_no_error(response, error)) { - ok = (!handle_response || handle_response(response, error)); - } - xpc_release(response); - } - } - xpc_release(message); - } - - return ok; -} - - -/* vi:set ts=4 sw=4 et: */