X-Git-Url: https://git.saurik.com/apple/securityd.git/blobdiff_plain/569135f537d6bd5118fa29c2fb4b6d4d436e066e..4cd1cad0dea00daa03e1b54fdf2797a02373ad5b:/src/credential.cpp diff --git a/src/credential.cpp b/src/credential.cpp index 5eaa6a1..dcb38c2 100644 --- a/src/credential.cpp +++ b/src/credential.cpp @@ -32,16 +32,16 @@ extern "C" int checkpw_internal( const struct passwd *pw, const char* password ) namespace Authorization { // default credential: invalid for everything, needed as a default session credential -CredentialImpl::CredentialImpl() : mShared(false), mRight(false), mRightName(""), mGroupName(""), mUid(0), mUserName(""), mRealName(""), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(false) +CredentialImpl::CredentialImpl() : mShared(false), mRight(false), mUid(0), mName(""), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(false) { } // only for testing whether this credential is usable -CredentialImpl::CredentialImpl(const uid_t uid, const string &username, const string &realname, const string &groupname, bool shared) : mShared(shared), mRight(false), mRightName(""), mGroupName(groupname), mUid(uid), mUserName(username), mRealName(realname), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(true) +CredentialImpl::CredentialImpl(const uid_t uid, const string &username, const string &realname, bool shared) : mShared(shared), mRight(false), mUid(uid), mName(username), mRealName(realname), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(true) { } -CredentialImpl::CredentialImpl(const string &username, const string &password, bool shared) : mShared(shared), mRight(false), mRightName(""), mGroupName(""), mUserName(username), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(false) +CredentialImpl::CredentialImpl(const string &username, const string &password, bool shared) : mShared(shared), mRight(false), mName(username), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(false) { Server::active().longTermActivity(); const char *user = username.c_str(); @@ -54,7 +54,7 @@ CredentialImpl::CredentialImpl(const string &username, const string &password, b } mUid = pw->pw_uid; - mUserName = pw->pw_name; + mName = pw->pw_name; mRealName = pw->pw_gecos; const char *passwd = password.c_str(); @@ -76,7 +76,7 @@ CredentialImpl::CredentialImpl(const string &username, const string &password, b // least-privilege // @@@ arguably we don't care about the UID any more and should not // require it in this ctor -CredentialImpl::CredentialImpl(const string &right, const uid_t uid, bool shared) : mShared(shared), mRight(true), mRightName(right), mGroupName(""), mUid(uid), mUserName(""), mRealName(""), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(true) +CredentialImpl::CredentialImpl(const string &right, bool shared) : mShared(shared), mRight(true), mUid(-2), mName(right), mRealName(""), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(true) { } @@ -87,32 +87,36 @@ CredentialImpl::~CredentialImpl() bool CredentialImpl::operator < (const CredentialImpl &other) const { - // Desired ordering characteristics: + // all shared creds are placed into mSessionCreds + // all non shared creds are placed into AuthorizationToken // - // - unshared before shared - // - least privilege before non-least privilege - // - for least privilege credentials with the same sharing characteristics, - // order on the basis of right strings - // - orthographic order of group names - // - // UID used to be the primary distinguishing element, but it can't be - // trusted--it's gathered as a side effect, potentially by an external - // process. - // - // Nothing is sacred about this ordering; we just had to pick something. + // There are 2 types of credentials UID and Right + // UID = Authenticated Identity + // Right = Rights which were previously authenticated by a uid credential + // Right Credentials are only used during kAuthorizationFlagLeastPrivileged + // operations and should not have a valid uid set + + // this allows shared and none shared co-exist in the same container + // used when processing multiple rights shared vs non-shared during evaluation if (!mShared && other.mShared) return true; if (!other.mShared && mShared) return false; + + // this allows uids and rights co-exist in the same container + // used when holding onto Rights inside of the AuthorizationToken if (mRight && !other.mRight) return true; if (!mRight && other.mRight) return false; - if (mRight && other.mRight) - return mRightName < other.mRightName; - else - return mGroupName < other.mGroupName; + + // this is the actual comparision + if (mRight) { + return mName < other.mName; + } else { + return mUid < other.mUid; + } } // Returns true if this CredentialImpl should be shared. @@ -129,9 +133,9 @@ CredentialImpl::merge(const CredentialImpl &other) // try to ensure that the credentials are the same type assert(mRight == other.mRight); if (mRight) - assert(mRightName == other.mRightName); - else - assert(mGroupName == other.mGroupName); + assert(mName == other.mName); + else + assert(mUid == other.mUid); if (other.mValid && (!mValid || mCreationTime < other.mCreationTime)) { @@ -173,8 +177,8 @@ RefPointer(impl) { } -Credential::Credential(const uid_t uid, const string &username, const string &realname, const string &groupname, bool shared) : -RefPointer(new CredentialImpl(uid, username, realname, groupname, shared)) +Credential::Credential(const uid_t uid, const string &username, const string &realname, bool shared) : +RefPointer(new CredentialImpl(uid, username, realname, shared)) { } @@ -182,7 +186,7 @@ Credential::Credential(const string &username, const string &password, bool shar { } -Credential::Credential(const string &right, const uid_t uid, bool shared) : RefPointer(new CredentialImpl(right, uid, shared)) +Credential::Credential(const string &right, bool shared) : RefPointer(new CredentialImpl(right, shared)) { }