]> git.saurik.com Git - apple/securityd.git/blob - src/tokencache.h
projects / apple / securityd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
securityd-26232.tar.gz
[apple/securityd.git] / src / tokencache.h
1 /*
2 * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 //
26 // tokencache - persistent (on-disk) hardware token directory
27 //
28 #ifndef _H_TOKENCACHE
29 #define _H_TOKENCACHE
30
31 #include <security_utilities/refcount.h>
32 #include <Security/cssm.h>
33
34
35 //
36 // A little helper
37 //
38 class Rooted {
39 public:
40 Rooted() { }
41 Rooted(const char *root) : mRoot(root) { }
42 Rooted(const string &root) : mRoot(root) { }
43
44 string root() const { return mRoot; }
45 string path(const char *sub) const;
46 string path(const string &sub) const { return path(sub.c_str()); }
47
48 protected:
49 void root(const string &s);
50
51 private:
52 string mRoot; // root of this tree
53 };
54
55
56 //
57 // An on-disk cache area.
58 // You'll only want a single one, though nothing keeps you from
59 // making multiples if you like.
60 //
61 class TokenCache : public Rooted {
62 public:
63 TokenCache(const char *root);
64 ~TokenCache();
65
66 uid_t tokendUid() const { return mTokendUid; }
67 gid_t tokendGid() const { return mTokendGid; }
68
69 public:
70 class Token : public RefCount, public Rooted {
71 public:
72 friend class TokenCache;
73 Token(TokenCache &cache, const std::string &uid);
74 Token(TokenCache &cache);
75 ~Token();
76
77 enum Type { existing, created, temporary };
78 Type type() const { return mType; }
79
80 TokenCache &cache;
81 uint32 subservice() const { return mSubservice; }
82 string workPath() const;
83 string cachePath() const;
84
85 string printName() const;
86 void printName(const string &name);
87
88 uid_t tokendUid() const { return cache.tokendUid(); }
89 gid_t tokendGid() const { return cache.tokendGid(); }
90
91 protected:
92 void init(Type type);
93
94 private:
95 uint32 mSubservice; // subservice id assigned
96 Type mType; // type of Token cache entry
97 };
98
99 public:
100 uint32 allocateSubservice();
101
102 private:
103 enum Owner { securityd, tokend };
104 void makedir(const char *path, int flags, mode_t mode, Owner owner);
105 void makedir(const string &path, int flags, mode_t mode, Owner owner)
106 { return makedir(path.c_str(), flags, mode, owner); }
107
108 private:
109 uint32 mLastSubservice; // last subservice id issued
110
111 uid_t mTokendUid; // uid of daemons accessing this token cache
112 gid_t mTokendGid; // gid of daemons accessing this token cache
113 };
114
115
116 #endif //_H_TOKENCACHE
mirror of securityd