]> git.saurik.com Git - apple/securityd.git/blob - src/session.h
securityd-55130.10.tar.gz
[apple/securityd.git] / src / session.h
1 /*
2 * Copyright (c) 2000-2004,2008 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 //
26 // session - authentication session domains
27 //
28 #ifndef _H_SESSION
29 #define _H_SESSION
30
31 #include "structure.h"
32 #include "acls.h"
33 #include "authority.h"
34 #include "authhost.h"
35 #include <Security/AuthSession.h>
36 #include <security_utilities/ccaudit.h>
37 #include <security_cdsa_utilities/handletemplates_defs.h>
38 #include <security_cdsa_utilities/u32handleobject.h>
39 #include <security_cdsa_utilities/cssmdb.h>
40 #include <bsm/audit.h>
41 #include <bsm/audit_session.h>
42 #include <sys/event.h>
43
44 class Key;
45 class Connection;
46 class Server;
47 class AuthHostInstance;
48
49 //
50 // A Session object represents one or more Connections that are known to
51 // belong to the same authentication domain. Informally this means just
52 // about "the same user", for the right definition of "user." The upshot
53 // is that global credentials can be shared by Connections of one Session
54 // with a modicum of security, and so Sessions are the natural nexus of
55 // single-sign-on functionality.
56 //
57 class Session : public PerSession {
58 public:
59 typedef au_asid_t SessionId; // internal session identifier (audit session id)
60
61 Session(const CommonCriteria::AuditInfo &audit, Server &server);
62 virtual ~Session();
63
64 Server &server() const;
65
66 SessionId sessionId() const { return mAudit.sessionId(); }
67 CommonCriteria::AuditInfo &auditInfo() { return mAudit; }
68
69 IFDUMP(virtual void dumpNode());
70
71 public:
72 static const SessionAttributeBits settableAttributes =
73 sessionHasGraphicAccess | sessionHasTTY | sessionIsRemote | AU_SESSION_FLAG_HAS_AUTHENTICATED;
74
75 SessionAttributeBits attributes() const { updateAudit(); return mAudit.ai_flags; }
76 bool attribute(SessionAttributeBits bits) const { return attributes() & bits; }
77 void setAttributes(SessionAttributeBits bits);
78
79 virtual void setupAttributes(SessionCreationFlags flags, SessionAttributeBits attrs);
80
81 virtual uid_t originatorUid() const { updateAudit(); return mAudit.uid(); }
82
83 virtual CFDataRef copyUserPrefs() = 0;
84
85 static const char kUsername[];
86 static const char kRealname[];
87
88 public:
89 const CredentialSet &authCredentials() const { return mSessionCreds; }
90
91 //
92 // For external Authorization clients
93 //
94 OSStatus authCreate(const AuthItemSet &rights, const AuthItemSet &environment,
95 AuthorizationFlags flags, AuthorizationBlob &newHandle, const audit_token_t &auditToken);
96 void authFree(const AuthorizationBlob &auth, AuthorizationFlags flags);
97 static OSStatus authGetRights(const AuthorizationBlob &auth,
98 const AuthItemSet &requestedRights, const AuthItemSet &environment,
99 AuthorizationFlags flags, AuthItemSet &grantedRights);
100 OSStatus authGetInfo(const AuthorizationBlob &auth, const char *tag, AuthItemSet &contextInfo);
101
102 OSStatus authExternalize(const AuthorizationBlob &auth, AuthorizationExternalForm &extForm);
103 OSStatus authInternalize(const AuthorizationExternalForm &extForm, AuthorizationBlob &auth);
104
105 OSStatus authorizationdbGet(AuthorizationString inRightName, CFDictionaryRef *rightDict);
106 OSStatus authorizationdbSet(const AuthorizationBlob &authBlob, AuthorizationString inRightName, CFDictionaryRef rightDict);
107 OSStatus authorizationdbRemove(const AuthorizationBlob &authBlob, AuthorizationString inRightName);
108
109 //
110 // Authorization methods for securityd's internal use
111 //
112 OSStatus authCheckRight(string &rightName, Connection &connection, bool allowUI);
113 // authCheckRight() with exception-handling and Boolean return semantics
114 bool isRightAuthorized(string &rightName, Connection &connection, bool allowUI);
115
116 protected:
117 void updateAudit() const;
118
119 private:
120 struct AuthorizationExternalBlob {
121 AuthorizationBlob blob;
122 uint32_t session;
123 };
124
125 protected:
126 static AuthorizationToken &authorization(const AuthorizationBlob &blob);
127 OSStatus authGetRights(AuthorizationToken &auth,
128 const AuthItemSet &requestedRights, const AuthItemSet &environment,
129 AuthorizationFlags flags, AuthItemSet &grantedRights);
130 void mergeCredentials(CredentialSet &creds);
131
132 public:
133 void invalidateSessionAuthHosts(); // invalidate auth hosts in this session
134 static void invalidateAuthHosts(); // invalidate auth hosts in all sessions
135
136 static void processSystemSleep();
137 void processLockAll();
138
139 RefPointer<AuthHostInstance> authhost(const AuthHostType hostType = securityAgent, const bool restart = false);
140
141 protected:
142 mutable CommonCriteria::AuditInfo mAudit;
143
144 mutable Mutex mCredsLock; // lock for mSessionCreds
145 CredentialSet mSessionCreds; // shared session authorization credentials
146
147 mutable Mutex mAuthHostLock;
148 AuthHostInstance *mSecurityAgent;
149 AuthHostInstance *mAuthHost;
150
151 CFRef<CFDataRef> mSessionAgentPrefs;
152 Credential mOriginatorCredential;
153
154 void kill();
155
156 public:
157 static Session &find(SessionId id, bool create); // find and optionally create
158 template <class SessionType> static SessionType &find(SecuritySessionId id);
159 static void destroy(SessionId id);
160
161 protected:
162 typedef std::map<SessionId, RefPointer<Session> > SessionMap;
163 static SessionMap mSessions;
164 static Mutex mSessionLock;
165 };
166
167
168 template <class SessionType>
169 SessionType &Session::find(SecuritySessionId id)
170 {
171 if (SessionType *ssn = dynamic_cast<SessionType *>(&find(id, false)))
172 return *ssn;
173 else
174 MacOSError::throwMe(errSessionInvalidId);
175 }
176
177
178 //
179 // The RootSession is the session of all code that originates from system startup processing
180 // and does not belong to any particular login origin. (Or, if you prefer, whose login origin
181 // is the system itself.)
182 //
183 class RootSession : public Session {
184 public:
185 RootSession(uint64_t attributes, Server &server);
186
187 CFDataRef copyUserPrefs() { return NULL; }
188 };
189
190
191 //
192 // A DynamicSession object represents a session that is dynamically constructed
193 // when we first encounter it. These sessions are actually created in client
194 // space using the audit session APIs.
195 // We tear down a DynamicSession when the system reports (via kevents) that the
196 // kernel audit session object has been destroyed.
197 //
198 class DynamicSession : private ReceivePort, public Session {
199 public:
200 DynamicSession(const CommonCriteria::AuditInfo &audit);
201
202 void setUserPrefs(CFDataRef userPrefsDict);
203 CFDataRef copyUserPrefs();
204 };
205
206
207 #endif //_H_SESSION