X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/fa7225c82381bac4432a6edf16f53b5370238d85..refs/heads/master:/OSX/libsecurity_codesigning/CodeSigningHelper/main.cpp

diff --git a/OSX/libsecurity_codesigning/CodeSigningHelper/main.cpp b/OSX/libsecurity_codesigning/CodeSigningHelper/main.cpp
index be200db3..10465dff 100644
--- a/OSX/libsecurity_codesigning/CodeSigningHelper/main.cpp
+++ b/OSX/libsecurity_codesigning/CodeSigningHelper/main.cpp
@@ -34,23 +34,36 @@
 static void
 request(xpc_connection_t peer, xpc_object_t event)
 {
-	OSStatus rc;
-	
 	pid_t pid = (pid_t)xpc_dictionary_get_int64(event, "pid");
 	if (pid <= 0)
 		return;
 	
+	size_t audit_size;
+	audit_token_t const *audit =
+		(audit_token_t const *)xpc_dictionary_get_data(event, "audit", &audit_size);
+	
+	if (audit != NULL && audit_size != sizeof(audit_token_t)) {
+		Syslog::error("audit token has unexpected size %zu", audit_size);
+		return;
+	}
+	
 	xpc_object_t reply = xpc_dictionary_create_reply(event);
 	if (reply == NULL)
 		return;
 	
-	CFTemp<CFDictionaryRef> attributes("{%O=%d}", kSecGuestAttributePid, pid);
+	CFTemp<CFMutableDictionaryRef> attributes("{%O=%d}", kSecGuestAttributePid, pid);
+    
+	if (audit != NULL) {
+		CFRef<CFDataRef> auditData = makeCFData(audit, audit_size);
+		CFDictionaryAddValue(attributes.get(), kSecGuestAttributeAudit,
+							 auditData);
+	}
 	CFRef<SecCodeRef> code;
-	if ((rc = SecCodeCopyGuestWithAttributes(NULL, attributes, kSecCSDefaultFlags, &code.aref())) == noErr) {
+	if (SecCodeCopyGuestWithAttributes(NULL, attributes, kSecCSDefaultFlags, &code.aref()) == noErr) {
 		
 		// path to base of client code
 		CFRef<CFURLRef> codePath;
-		if ((rc = SecCodeCopyPath(code, kSecCSDefaultFlags, &codePath.aref())) == noErr) {
+		if (SecCodeCopyPath(code, kSecCSDefaultFlags, &codePath.aref()) == noErr) {
 			CFRef<CFDataRef> data = CFURLCreateData(NULL, codePath, kCFStringEncodingUTF8, true);
 			xpc_dictionary_set_data(reply, "bundleURL", CFDataGetBytePtr(data), CFDataGetLength(data));
 		}