securityd-33082.tar.gz

diff --git a/securityd.xcodeproj/project.pbxproj b/securityd.xcodeproj/project.pbxproj
index 1dcd18c15965548c3759048f4af0a828f664aaaa..1466aa34b3b615d492e4f22819888e33c5016d71 100644 (file)
--- a/securityd.xcodeproj/project.pbxproj
+++ b/securityd.xcodeproj/project.pbxproj
@@ -897,7 +897,7 @@
                                BUILD_VARIANTS = debug;
                                COPY_PHASE_STRIP = NO;
                                CSSM_HEADERS = "$(BUILT_PRODUCTS_DIR)/Security.framework/Headers:$(SYSTEM_LIBRARY_DIR)/Frameworks/Security.framework/Headers";
                                BUILD_VARIANTS = debug;
                                COPY_PHASE_STRIP = NO;
                                CSSM_HEADERS = "$(BUILT_PRODUCTS_DIR)/Security.framework/Headers:$(SYSTEM_LIBRARY_DIR)/Frameworks/Security.framework/Headers";

-                               CURRENT_PROJECT_VERSION = 32661;
+                               CURRENT_PROJECT_VERSION = 33082;

                                FRAMEWORK_SEARCH_PATHS = (
                                        /usr/local/SecurityPieces/Frameworks,
                                        /usr/local/SecurityPieces/Components/securityd,
                                FRAMEWORK_SEARCH_PATHS = (
                                        /usr/local/SecurityPieces/Frameworks,
                                        /usr/local/SecurityPieces/Components/securityd,


@@ -959,7 +959,7 @@
                                        debug,
                                );
                                CSSM_HEADERS = "$(BUILT_PRODUCTS_DIR)/Security.framework/Headers:$(SYSTEM_LIBRARY_DIR)/Frameworks/Security.framework/Headers";
                                        debug,
                                );
                                CSSM_HEADERS = "$(BUILT_PRODUCTS_DIR)/Security.framework/Headers:$(SYSTEM_LIBRARY_DIR)/Frameworks/Security.framework/Headers";

-                               CURRENT_PROJECT_VERSION = 32661;
+                               CURRENT_PROJECT_VERSION = 33082;

                                DEAD_CODE_STRIPPING = YES;
                                EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/securityd.exp";
                                FRAMEWORK_SEARCH_PATHS = (
                                DEAD_CODE_STRIPPING = YES;
                                EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/securityd.exp";
                                FRAMEWORK_SEARCH_PATHS = (


@@ -1018,7 +1018,7 @@
                        buildSettings = {
                                BUILD_VARIANTS = normal;
                                COPY_PHASE_STRIP = NO;
                        buildSettings = {
                                BUILD_VARIANTS = normal;
                                COPY_PHASE_STRIP = NO;

-                               CURRENT_PROJECT_VERSION = 32661;
+                               CURRENT_PROJECT_VERSION = 33082;

                                EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/securityd.exp";
                                FRAMEWORK_SEARCH_PATHS = (
                                        /usr/local/SecurityPieces/Frameworks,
                                EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/securityd.exp";
                                FRAMEWORK_SEARCH_PATHS = (
                                        /usr/local/SecurityPieces/Frameworks,


@@ -1075,7 +1075,7 @@
                                        normal,
                                        debug,
                                );
                                        normal,
                                        debug,
                                );

-                               CURRENT_PROJECT_VERSION = 32661;
+                               CURRENT_PROJECT_VERSION = 33082;

                                EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/securityd.exp";
                                FRAMEWORK_SEARCH_PATHS = (
                                        /usr/local/SecurityPieces/Frameworks,
                                EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/securityd.exp";
                                FRAMEWORK_SEARCH_PATHS = (
                                        /usr/local/SecurityPieces/Frameworks,

diff --git a/src/SharedMemoryServer.cpp b/src/SharedMemoryServer.cpp
index 46bc1dc4cb7de1115aa0ff75992ff589ebe2d434..0b86779642ccd1276e48cf02efe37280e56f3751 100644 (file)
--- a/src/SharedMemoryServer.cpp
+++ b/src/SharedMemoryServer.cpp
@@ -3,13 +3,27 @@
 #include <sys/mman.h>
 #include <fcntl.h>
 #include <machine/byte_order.h>
 #include <sys/mman.h>
 #include <fcntl.h>
 #include <machine/byte_order.h>

+#include <string>
+#include <sys/stat.h>
+#include <security_utilities/crc.h>

 
 

+static const char* kPrefix = "/private/var/tmp/mds/messages/se_";

 
 SharedMemoryServer::SharedMemoryServer (const char* segmentName, SegmentOffsetType segmentSize) :
        mSegmentName (segmentName), mSegmentSize (segmentSize)
 {
 
 SharedMemoryServer::SharedMemoryServer (const char* segmentName, SegmentOffsetType segmentSize) :
        mSegmentName (segmentName), mSegmentSize (segmentSize)
 {

+       mFileName = kPrefix;
+       mFileName += segmentName;
+       
+       // make the mds directory, just in case it doesn't exist
+       mkdir("/var/tmp/mds/messages", 0755);
+       
+       // make the file name
+       // clean any old file away
+       unlink (mFileName.c_str ());
+       

        // open the file
        // open the file

-       int segmentDescriptor = shm_open (segmentName, O_RDWR | O_CREAT, S_IRWXU | S_IRGRP | S_IROTH);
+       int segmentDescriptor = open (mFileName.c_str (), O_RDWR | O_CREAT, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);

        if (segmentDescriptor < 0)
        {
                return;
        if (segmentDescriptor < 0)
        {
                return;


@@ -25,10 +39,13 @@ SharedMemoryServer::SharedMemoryServer (const char* segmentName, SegmentOffsetTy
        if (mSegment == (u_int8_t*) -1) // can't map the memory?
        {
                mSegment = NULL;
        if (mSegment == (u_int8_t*) -1) // can't map the memory?
        {
                mSegment = NULL;

-               shm_unlink (segmentName);
+               unlink (mFileName.c_str());

        }
        
        }
        

-       SetProducerCount (0);
+       mDataPtr = mDataArea = mSegment + sizeof(SegmentOffsetType);
+       mDataMax = mSegment + segmentSize;;
+       
+       SetProducerOffset (0);

 }
 
 
 }
 
 


@@ -45,42 +62,41 @@ SharedMemoryServer::~SharedMemoryServer ()
        munmap (mSegment, mSegmentSize);
        
        // mark the segment for deletion
        munmap (mSegment, mSegmentSize);
        
        // mark the segment for deletion

-       shm_unlink (mSegmentName.c_str ());
+       unlink (mFileName.c_str ());

 }
 
 
 
 const SegmentOffsetType
        kSegmentLength = 0,
 }
 
 
 
 const SegmentOffsetType
        kSegmentLength = 0,

-       kDomainOffset = kSegmentLength + sizeof (SegmentOffsetType),
-       kEventTypeOffset = kDomainOffset + sizeof (SegmentOffsetType),
-       kHeaderLength = kEventTypeOffset + sizeof (SegmentOffsetType);
+       kCRCOffset = kSegmentLength + sizeof(SegmentOffsetType),
+       kDomainOffset = kCRCOffset + sizeof(SegmentOffsetType),
+       kEventTypeOffset = kDomainOffset + sizeof(SegmentOffsetType),
+       kHeaderLength = kEventTypeOffset + sizeof(SegmentOffsetType) - kCRCOffset;

 
 void SharedMemoryServer::WriteMessage (SegmentOffsetType domain, SegmentOffsetType event, const void *message, SegmentOffsetType messageLength)
 {
 
 void SharedMemoryServer::WriteMessage (SegmentOffsetType domain, SegmentOffsetType event, const void *message, SegmentOffsetType messageLength)
 {

-       // get the current producer count
-       SegmentOffsetType pCount = GetProducerCount ();
+       // assemble the final message
+       ssize_t messageSize = kHeaderLength + messageLength;
+       u_int8_t finalMessage[messageSize];
+       SegmentOffsetType *fm  = (SegmentOffsetType*) finalMessage;
+       fm[0] = OSSwapHostToBigInt32(domain);
+       fm[1] = OSSwapHostToBigInt32(event);
+       memcpy(&fm[2], message, messageLength);

        
        

-       SegmentOffsetType actualLength = messageLength + kHeaderLength;
-
-       // for now, write a 0 for the length -- this will give clients the opportunity to not process an
-       // incomplete message
-       WriteOffsetAtOffset (pCount, 0);
+       SegmentOffsetType crc = CalculateCRC(finalMessage, messageSize);

        
        

-       // extend the overall write count by enough data to hold the message length and message
-       SetProducerCount (pCount + actualLength);
+       // write the length
+       WriteOffset(messageSize);

        
        

-       // write the data
-       WriteDataAtOffset (pCount + kHeaderLength, message, messageLength);
+       // write the crc
+       WriteOffset(crc);

        
        

-       // write the domain
-       WriteOffsetAtOffset (pCount + kDomainOffset, domain);
+       // write the data
+       WriteData (finalMessage, messageSize);

        
        

-       // write the event type
-       WriteOffsetAtOffset (pCount + kEventTypeOffset, event);
-

        // write the data count
        // write the data count

-       WriteOffsetAtOffset (pCount, actualLength);
+       SetProducerOffset(mDataPtr - mDataArea);

 }
 
 
 }
 
 


@@ -99,52 +115,53 @@ size_t SharedMemoryServer::GetSegmentSize ()
 
 
 
 
 
 

-SegmentOffsetType SharedMemoryServer::GetProducerCount ()
+SegmentOffsetType SharedMemoryServer::GetProducerOffset ()

 {
        // the data is stored in the buffer in network byte order
 {
        // the data is stored in the buffer in network byte order

-       u_int32_t pCount = *(u_int32_t*) mSegment;
+       u_int32_t pCount = OSSwapBigToHostInt32 (*(u_int32_t*) mSegment);

        return OSSwapHostToBigInt32 (pCount);
 }
 
 
 
        return OSSwapHostToBigInt32 (pCount);
 }
 
 
 

-void SharedMemoryServer::SetProducerCount (SegmentOffsetType producerCount)
+void SharedMemoryServer::SetProducerOffset (SegmentOffsetType producerCount)

 {
 {

-       *((u_int32_t*) mSegment) = OSSwapHostToBigInt32 (producerCount);
+       *((SegmentOffsetType*) mSegment) = OSSwapHostToBigInt32 (producerCount);

 }
 
 
 
 }
 
 
 

-void SharedMemoryServer::WriteOffsetAtOffset (SegmentOffsetType offset, SegmentOffsetType data)
+void SharedMemoryServer::WriteOffset(SegmentOffsetType offset)

 {
 {

-       // convert data to network byte order

        u_int8_t buffer[4];
        u_int8_t buffer[4];

-       *((u_int32_t*) buffer) = OSSwapHostToBigInt32 (data);
-       
-       WriteDataAtOffset (offset, buffer, sizeof (buffer));
+       *((u_int32_t*) buffer) = OSSwapHostToBigInt32(offset);
+       WriteData(buffer, 4);

 }
 
 
 
 }
 
 
 

-void SharedMemoryServer::WriteDataAtOffset (SegmentOffsetType offset, const void* data, SegmentOffsetType length)
+void SharedMemoryServer::WriteData(const void* data, SegmentOffsetType length)

 {
        // figure out where in the buffer we actually need to write the data
 {
        // figure out where in the buffer we actually need to write the data

-       SegmentOffsetType realOffset = offset % kPoolAvailableForData;
-       

        // figure out how many bytes we can write without overflowing the buffer
        // figure out how many bytes we can write without overflowing the buffer

-       SegmentOffsetType bytesToEnd = kPoolAvailableForData - realOffset;
+       const u_int8_t* dp = (const u_int8_t*) data;
+       SegmentOffsetType bytesToEnd = mDataMax - mDataPtr;

        
        // figure out how many bytes we can write
        
        // figure out how many bytes we can write

-       SegmentOffsetType bytesToWrite = bytesToEnd < length ? bytesToEnd : length;
-       
+       SegmentOffsetType bytesToWrite = (length <= bytesToEnd) ? length : bytesToEnd;
+

        // move the first part of the data, making sure to skip the producer pointer
        // move the first part of the data, making sure to skip the producer pointer

-       memmove (mSegment + sizeof (SegmentOffsetType) + realOffset, data, bytesToWrite);
+       memcpy (mDataPtr, dp, bytesToWrite);
+       mDataPtr += bytesToWrite;
+       dp += bytesToWrite;

        
        // deduct the bytes just written
        length -= bytesToWrite;
        
        if (length != 0) // did we wrap around?
        {
        
        // deduct the bytes just written
        length -= bytesToWrite;
        
        if (length != 0) // did we wrap around?
        {

-               memmove (mSegment + sizeof (SegmentOffsetType), ((u_int8_t*) data) + bytesToWrite, length);
+               mDataPtr = mDataArea;
+               memcpy (mDataPtr, dp, length);
+               mDataPtr += length;

        }
 }
        }
 }

diff --git a/src/SharedMemoryServer.h b/src/SharedMemoryServer.h
index 27958a4d797a62ce80809475fa564513ea104b69..6e17b35adbae927d1d1c932887a8235399992a84 100644 (file)
--- a/src/SharedMemoryServer.h
+++ b/src/SharedMemoryServer.h
@@ -10,14 +10,17 @@
 class SharedMemoryServer
 {
 protected:
 class SharedMemoryServer
 {
 protected:

-       std::string mSegmentName;
+       std::string mSegmentName, mFileName;

        size_t mSegmentSize;
        
        u_int8_t* mSegment;
        size_t mSegmentSize;
        
        u_int8_t* mSegment;

-
-       void WriteOffsetAtOffset (SegmentOffsetType offset, SegmentOffsetType data);
-       void WriteDataAtOffset (SegmentOffsetType offset, const void* data, SegmentOffsetType length);
-
+       u_int8_t* mDataArea;
+       u_int8_t* mDataPtr;
+       u_int8_t* mDataMax;
+       
+       void WriteOffset (SegmentOffsetType offset);
+       void WriteData (const void* data, SegmentOffsetType length);
+       

 public:
        SharedMemoryServer (const char* segmentName, SegmentOffsetType segmentSize);
        virtual ~SharedMemoryServer ();
 public:
        SharedMemoryServer (const char* segmentName, SegmentOffsetType segmentSize);
        virtual ~SharedMemoryServer ();


@@ -27,8 +30,8 @@ public:
        const char* GetSegmentName ();
        size_t GetSegmentSize ();
        
        const char* GetSegmentName ();
        size_t GetSegmentSize ();
        

-       SegmentOffsetType GetProducerCount ();
-       void SetProducerCount (SegmentOffsetType producerCount);
+       SegmentOffsetType GetProducerOffset ();
+       void SetProducerOffset (SegmentOffsetType producerOffset);

 };
 
 
 };
 
 

diff --git a/src/main.cpp b/src/main.cpp
index d61e3092b004eb4e30987d919dbb600fbbe869ec..683a907b41dd5ecbf62a706078144e303482dc6a 100644 (file)
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -240,9 +240,6 @@ int main(int argc, char *argv[])
         secdebug("SS", "Cannot handle SIGHUP: errno=%d", errno);
 #endif //NDEBUG
 
         secdebug("SS", "Cannot handle SIGHUP: errno=%d", errno);
 #endif //NDEBUG
 

-       // create the shared memory notification hub
-       new SharedMemoryListener(messagingName, kSharedMemoryPoolSize);
-       

        // create an Authorization engine
        Authority authority(authorizationConfig);
        
        // create an Authorization engine
        Authority authority(authorizationConfig);
        


@@ -299,6 +296,9 @@ int main(int argc, char *argv[])
     // install MDS and initialize the local CSSM
     server.loadCssm();
     
     // install MDS and initialize the local CSSM
     server.loadCssm();
     

+       // create the shared memory notification hub
+       new SharedMemoryListener(messagingName, kSharedMemoryPoolSize);
+       

        // okay, we're ready to roll
        Syslog::notice("Entering service");
        secdebug("SS", "%s initialized", bootstrapName);
        // okay, we're ready to roll
        Syslog::notice("Entering service");
        secdebug("SS", "%s initialized", bootstrapName);