]> git.saurik.com Git - apple/securityd.git/blob - src/session.h
projects / apple / securityd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
securityd-55111.tar.gz
[apple/securityd.git] / src / session.h
1 /*
2 * Copyright (c) 2000-2004,2008 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25 //
26 // session - authentication session domains
27 //
28 #ifndef _H_SESSION
29 #define _H_SESSION
30
31 #include "structure.h"
32 #include "acls.h"
33 #include "authority.h"
34 #include "authhost.h"
35 #include <Security/AuthSession.h>
36 #include <security_utilities/ccaudit.h>
37 #include <security_cdsa_utilities/handletemplates_defs.h>
38 #include <security_cdsa_utilities/u32handleobject.h>
39 #include <security_cdsa_utilities/cssmdb.h>
40 #include <bsm/audit.h>
41 #include <bsm/audit_session.h>
42 #include <sys/event.h>
43
44 class Key;
45 class Connection;
46 class Server;
47 class AuthHostInstance;
48
49 //
50 // A Session object represents one or more Connections that are known to
51 // belong to the same authentication domain. Informally this means just
52 // about "the same user", for the right definition of "user." The upshot
53 // is that global credentials can be shared by Connections of one Session
54 // with a modicum of security, and so Sessions are the natural nexus of
55 // single-sign-on functionality.
56 //
57 class Session : public PerSession {
58 public:
59 typedef au_asid_t SessionId; // internal session identifier (audit session id)
60
61 Session(const CommonCriteria::AuditInfo &audit, Server &server);
62 virtual ~Session();
63
64 SessionId sessionId() const { return mAudit.sessionId(); }
65 CommonCriteria::AuditInfo &auditInfo() { return mAudit; }
66
67 IFDUMP(virtual void dumpNode());
68
69 public:
70 static const SessionAttributeBits settableAttributes =
71 sessionHasGraphicAccess | sessionHasTTY | sessionIsRemote | AU_SESSION_FLAG_HAS_AUTHENTICATED;
72
73 SessionAttributeBits attributes() const { updateAudit(); return mAudit.ai_flags; }
74 bool attribute(SessionAttributeBits bits) const { return attributes() & bits; }
75 void setAttributes(SessionAttributeBits bits);
76
77 virtual void setupAttributes(SessionCreationFlags flags, SessionAttributeBits attrs);
78
79 virtual uid_t originatorUid() const { updateAudit(); return mAudit.uid(); }
80
81 virtual CFDataRef copyUserPrefs() = 0;
82
83 static const char kUsername[];
84 static const char kRealname[];
85
86 public:
87 const CredentialSet &authCredentials() const { return mSessionCreds; }
88
89 //
90 // For external Authorization clients
91 //
92 OSStatus authCreate(const AuthItemSet &rights, const AuthItemSet &environment,
93 AuthorizationFlags flags, AuthorizationBlob &newHandle, const audit_token_t &auditToken);
94 void authFree(const AuthorizationBlob &auth, AuthorizationFlags flags);
95 static OSStatus authGetRights(const AuthorizationBlob &auth,
96 const AuthItemSet &requestedRights, const AuthItemSet &environment,
97 AuthorizationFlags flags, AuthItemSet &grantedRights);
98 OSStatus authGetInfo(const AuthorizationBlob &auth, const char *tag, AuthItemSet &contextInfo);
99
100 OSStatus authExternalize(const AuthorizationBlob &auth, AuthorizationExternalForm &extForm);
101 OSStatus authInternalize(const AuthorizationExternalForm &extForm, AuthorizationBlob &auth);
102
103 OSStatus authorizationdbGet(AuthorizationString inRightName, CFDictionaryRef *rightDict);
104 OSStatus authorizationdbSet(const AuthorizationBlob &authBlob, AuthorizationString inRightName, CFDictionaryRef rightDict);
105 OSStatus authorizationdbRemove(const AuthorizationBlob &authBlob, AuthorizationString inRightName);
106
107 //
108 // Authorization methods for securityd's internal use
109 //
110 OSStatus authCheckRight(string &rightName, Connection &connection, bool allowUI);
111 // authCheckRight() with exception-handling and Boolean return semantics
112 bool isRightAuthorized(string &rightName, Connection &connection, bool allowUI);
113
114 protected:
115 void updateAudit() const;
116
117 private:
118 struct AuthorizationExternalBlob {
119 AuthorizationBlob blob;
120 uint32_t session;
121 };
122
123 protected:
124 static AuthorizationToken &authorization(const AuthorizationBlob &blob);
125 OSStatus authGetRights(AuthorizationToken &auth,
126 const AuthItemSet &requestedRights, const AuthItemSet &environment,
127 AuthorizationFlags flags, AuthItemSet &grantedRights);
128 void mergeCredentials(CredentialSet &creds);
129
130 public:
131 void invalidateSessionAuthHosts(); // invalidate auth hosts in this session
132 static void invalidateAuthHosts(); // invalidate auth hosts in all sessions
133
134 static void processSystemSleep();
135 void processLockAll();
136
137 RefPointer<AuthHostInstance> authhost(const AuthHostType hostType = securityAgent, const bool restart = false);
138
139 protected:
140 mutable CommonCriteria::AuditInfo mAudit;
141
142 mutable Mutex mCredsLock; // lock for mSessionCreds
143 CredentialSet mSessionCreds; // shared session authorization credentials
144
145 mutable Mutex mAuthHostLock;
146 AuthHostInstance *mSecurityAgent;
147 AuthHostInstance *mAuthHost;
148
149 CFRef<CFDataRef> mSessionAgentPrefs;
150 Credential mOriginatorCredential;
151
152 void kill();
153
154 public:
155 static Session &find(SessionId id, bool create); // find and optionally create
156 template <class SessionType> static SessionType &find(SecuritySessionId id);
157 static void destroy(SessionId id);
158
159 protected:
160 typedef std::map<SessionId, RefPointer<Session> > SessionMap;
161 static SessionMap mSessions;
162 static Mutex mSessionLock;
163 };
164
165
166 template <class SessionType>
167 SessionType &Session::find(SecuritySessionId id)
168 {
169 if (SessionType *ssn = dynamic_cast<SessionType *>(&find(id, false)))
170 return *ssn;
171 else
172 MacOSError::throwMe(errSessionInvalidId);
173 }
174
175
176 //
177 // The RootSession is the session of all code that originates from system startup processing
178 // and does not belong to any particular login origin. (Or, if you prefer, whose login origin
179 // is the system itself.)
180 //
181 class RootSession : public Session {
182 public:
183 RootSession(uint64_t attributes, Server &server);
184
185 CFDataRef copyUserPrefs() { return NULL; }
186 };
187
188
189 //
190 // A DynamicSession object represents a session that is dynamically constructed
191 // when we first encounter it. These sessions are actually created in client
192 // space using the audit session APIs.
193 // We tear down a DynamicSession when the system reports (via kevents) that the
194 // kernel audit session object has been destroyed.
195 //
196 class DynamicSession : private ReceivePort, public Session {
197 public:
198 DynamicSession(const CommonCriteria::AuditInfo &audit);
199
200 void setUserPrefs(CFDataRef userPrefsDict);
201 CFDataRef copyUserPrefs();
202 };
203
204
205 #endif //_H_SESSION
mirror of securityd