securityd-67.tar.gz

diff --git a/etc/CodeEquivalenceCandidates b/etc/CodeEquivalenceCandidates
index 5c32ae42e12adef0ad7c26a14fc711908ed12e0b..45cc39a4485085fa66297000648106c20402c297 100644 (file)
--- a/etc/CodeEquivalenceCandidates
+++ b/etc/CodeEquivalenceCandidates
@@ -24,16 +24,26 @@
 /System/Library/CoreServices/SystemUIServer.app
 /System/Library/CoreServices/dotmacsyncclient
 /System/Library/Filesystems/ftp.fs/mount_ftp
 /System/Library/CoreServices/SystemUIServer.app
 /System/Library/CoreServices/dotmacsyncclient
 /System/Library/Filesystems/ftp.fs/mount_ftp

+/System/Library/Frameworks/ApplicationServices.framework/Frameworks/AE.framework/Versions/A/Support/AEServer

 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/Support/AEServer
 /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/Support/AEServer

+/System/Library/Frameworks/ApplicationServices.framework/Versions/Current/Frameworks/AE.framework/Versions/A/Support/AEServer
+/System/Library/Frameworks/ApplicationServices.framework/Frameworks/AE.framework/Versions/Current/Support/AEServer
+/System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/AE.framework/Versions/Current/Support/AEServer
+/System/Library/Frameworks/ApplicationServices.framework/Versions/Current/Frameworks/AE.framework/Versions/Current/Support/AEServer

 /System/Library/Frameworks/InstantMessage.framework/iChatAgent.app
 /System/Library/Frameworks/SecurityFoundation.framework/Resources/kcSync.app
 /System/Library/PreferencePanes/Mac.prefPane
 /System/Library/Frameworks/InstantMessage.framework/iChatAgent.app
 /System/Library/Frameworks/SecurityFoundation.framework/Resources/kcSync.app
 /System/Library/PreferencePanes/Mac.prefPane

+/System/Library/PrivateFrameworks/Admin.framework/Resources/writeconfig

 /System/Library/PrivateFrameworks/Admin.framework/Versions/A/Resources/writeconfig
 /System/Library/PrivateFrameworks/Admin.framework/Versions/A/Resources/writeconfig

-/System/Library/PrivateFrameworks/Apple80211.framework/Resources/airport
-/System/Library/PrivateFrameworks/Apple80211.framework/Resources/AirPortNetworkPrefs.bundle/Contents/Resources/AirPortCfgTool
+/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/airport
+/System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Resources/AirPortNetworkPrefs.bundle/Contents/Resources/AirPortCfgTool

 /System/Library/PrivateFrameworks/DotmacLegacy.framework/Resources/dotMacTranslator
 /System/Library/PrivateFrameworks/DotmacLegacy.framework/Resources/dotMacTranslator

+/System/Library/PrivateFrameworks/DotmacLegacy.framework/Versions/A/Resources/dotMacTranslator
+/System/Library/PrivateFrameworks/DotmacLegacy.framework/Versions/Current/Resources/dotMacTranslator

 /System/Library/PrivateFrameworks/InstantMessage.framework/iChatAgent.app
 /System/Library/PrivateFrameworks/DMNotification.framework/Resources/dmnotifyd
 /System/Library/PrivateFrameworks/InstantMessage.framework/iChatAgent.app
 /System/Library/PrivateFrameworks/DMNotification.framework/Resources/dmnotifyd

+/System/Library/PrivateFrameworks/DMNotification.framework/Versions/A/Resources/dmnotifyd
+/System/Library/PrivateFrameworks/DMNotification.framework/Versions/Current/Resources/dmnotifyd

 /System/Library/ScriptingAdditions/Keychain Scripting.app
 /sbin/mount_smbfs
 /sbin/mount_webdav
 /System/Library/ScriptingAdditions/Keychain Scripting.app
 /sbin/mount_smbfs
 /sbin/mount_webdav

diff --git a/securityd.xcode/project.pbxproj b/securityd.xcode/project.pbxproj
index d5ada2f893dbf4cbca882d0831ac686b8883ed76..d4df89e539d493b44c29a7a855fe59b6b347481e 100644 (file)
--- a/securityd.xcode/project.pbxproj
+++ b/securityd.xcode/project.pbxproj
@@ -838,7 +838,7 @@
                        );
                        buildSettings = {
                                BUILD_VARIANTS = "normal debug";
                        );
                        buildSettings = {
                                BUILD_VARIANTS = "normal debug";

-                               CURRENT_PROJECT_VERSION = 61;
+                               CURRENT_PROJECT_VERSION = 67;

                                FRAMEWORK_SEARCH_PATHS = "/usr/local/SecurityPieces/Frameworks /usr/local/SecurityPieces/Components/securityd $(SYSTEM_LIBRARY_DIR)/PrivateFrameworks";
                                INSTALL_PATH = /usr/sbin;
                                OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines -fcoalesce-templates";
                                FRAMEWORK_SEARCH_PATHS = "/usr/local/SecurityPieces/Frameworks /usr/local/SecurityPieces/Components/securityd $(SYSTEM_LIBRARY_DIR)/PrivateFrameworks";
                                INSTALL_PATH = /usr/sbin;
                                OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines -fcoalesce-templates";

diff --git a/src/kcdatabase.cpp b/src/kcdatabase.cpp
index e41c3d7cc1fd7d7435e521cd66a5b297058ef793..4f1b4908a6b1c7313e4f99f55dd1320e1931dd17 100644 (file)
--- a/src/kcdatabase.cpp
+++ b/src/kcdatabase.cpp
@@ -540,7 +540,11 @@ bool KeychainDatabase::decode()
 //
 // Given an AccessCredentials for this database, wring out the existing primary
 // database secret by whatever means necessary.
 //
 // Given an AccessCredentials for this database, wring out the existing primary
 // database secret by whatever means necessary.

-// On entry, caller must hold the database common lock. It will be held throughout.
+// On entry, caller must hold the database common lock. It will be held
+// throughout except when user interaction is required. User interaction 
+// requires relinquishing the database common lock and taking the UI lock. On
+// return from user interaction, the UI lock is relinquished and the database
+// common lock must be reacquired. At no time may the caller hold both locks.

 // On exit, the crypto core has its master secret. If things go wrong,
 // we will throw a suitable exception. Note that encountering any malformed
 // credential sample will throw, but this is not guaranteed -- don't assume
 // On exit, the crypto core has its master secret. If things go wrong,
 // we will throw a suitable exception. Note that encountering any malformed
 // credential sample will throw, but this is not guaranteed -- don't assume


@@ -564,13 +568,15 @@ void KeychainDatabase::establishOldSecrets(const AccessCredentials *creds)
                        switch (sample.type()) {
                        // interactively prompt the user - no additional data
                        case CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT:
                        switch (sample.type()) {
                        // interactively prompt the user - no additional data
                        case CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT:

-                               {
+                       {

                                secdebug("KCdb", "%p attempting interactive unlock", this);
                                secdebug("KCdb", "%p attempting interactive unlock", this);

+                               // Holding DB common lock during UI will deadlock securityd
+                               StSyncLock<Mutex, Mutex> uisync(common().uiLock(), common());

                                QueryUnlock query(*this);
                                query.inferHints(Server::process());
                                if (query() == SecurityAgent::noReason)
                                        return;
                                QueryUnlock query(*this);
                                query.inferHints(Server::process());
                                if (query() == SecurityAgent::noReason)
                                        return;

-                               }
+                       }

                                break;
                        // try to use an explicitly given passphrase - Data:passphrase
                        case CSSM_SAMPLE_TYPE_PASSWORD:
                                break;
                        // try to use an explicitly given passphrase - Data:passphrase
                        case CSSM_SAMPLE_TYPE_PASSWORD:


@@ -617,6 +623,7 @@ void KeychainDatabase::establishOldSecrets(const AccessCredentials *creds)
                }
                
                // attempt interactive unlock
                }
                
                // attempt interactive unlock

+               StSyncLock<Mutex, Mutex> uisync(common().uiLock(), common());

                QueryUnlock query(*this);
                query.inferHints(Server::process());
                if (query() == SecurityAgent::noReason)
                QueryUnlock query(*this);
                query.inferHints(Server::process());
                if (query() == SecurityAgent::noReason)


@@ -643,6 +650,7 @@ void KeychainDatabase::establishNewSecrets(const AccessCredentials *creds, Secur
                        case CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT:
                                {
                                secdebug("KCdb", "%p specified interactive passphrase", this);
                        case CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT:
                                {
                                secdebug("KCdb", "%p specified interactive passphrase", this);

+                               StSyncLock<Mutex, Mutex> uisync(common().uiLock(), common());

                                QueryNewPassphrase query(*this, reason);
                                query.inferHints(Server::process());
                                CssmAutoData passphrase(Allocator::standard(Allocator::sensitive));
                                QueryNewPassphrase query(*this, reason);
                                query.inferHints(Server::process());
                                CssmAutoData passphrase(Allocator::standard(Allocator::sensitive));


@@ -682,6 +690,7 @@ void KeychainDatabase::establishNewSecrets(const AccessCredentials *creds, Secur
                }
        } else {
                // default action -- interactive (only)
                }
        } else {
                // default action -- interactive (only)

+               StSyncLock<Mutex, Mutex> uisync(common().uiLock(), common());

                QueryNewPassphrase query(*this, reason);
         query.inferHints(Server::process());
                CssmAutoData passphrase(Allocator::standard(Allocator::sensitive));
                QueryNewPassphrase query(*this, reason);
         query.inferHints(Server::process());
                CssmAutoData passphrase(Allocator::standard(Allocator::sensitive));


@@ -920,7 +929,7 @@ void KeychainDatabase::dumpNode()
 // DbCommon basic features
 //
 KeychainDbCommon::KeychainDbCommon(Session &ssn, const DbIdentifier &id)
 // DbCommon basic features
 //
 KeychainDbCommon::KeychainDbCommon(Session &ssn, const DbIdentifier &id)

-       : DbCommon(ssn), sequence(0), version(1), mIdentifier(id),
+       : LocalDbCommon(ssn), sequence(0), version(1), mIdentifier(id),

       mIsLocked(true), mValidParams(false)
 {
     // match existing DbGlobal or create a new one
       mIsLocked(true), mValidParams(false)
 {
     // match existing DbGlobal or create a new one

diff --git a/src/kcdatabase.h b/src/kcdatabase.h
index 61f147bd307b08dbd0d0e3239813f129841ddf49..69714aa650ab93738e18b9c2ab93a37ea8e9431b 100644 (file)
--- a/src/kcdatabase.h
+++ b/src/kcdatabase.h
@@ -89,7 +89,7 @@ private:
 //
 // KeychainDatabase DbCommons
 //
 //
 // KeychainDatabase DbCommons
 //

-class KeychainDbCommon : public DbCommon,
+class KeychainDbCommon : public LocalDbCommon, 

        public DatabaseCryptoCore, public MachServer::Timer {
 public:
        KeychainDbCommon(Session &ssn, const DbIdentifier &id);
        public DatabaseCryptoCore, public MachServer::Timer {
 public:
        KeychainDbCommon(Session &ssn, const DbIdentifier &id);

diff --git a/src/localdatabase.h b/src/localdatabase.h
index 7e1f53fe13f5ee22eb1eaef1981bcb6d5558b677..6c604f3d707b71d7fde2b6f050fe11fad1dbf0cf 100644 (file)
--- a/src/localdatabase.h
+++ b/src/localdatabase.h
@@ -35,6 +35,17 @@
 
 class LocalKey;
 
 
 class LocalKey;
 

+class LocalDbCommon : public DbCommon {
+public:
+       LocalDbCommon(Session &ssn) : DbCommon(ssn) { }
+       
+       Mutex &uiLock()  { return mUILock; }
+       
+private:
+       // Contract: callers shall not simultaneously hold mUILock and the 
+       // DbCommon lock.  StSyncLock coordinates them to uphold the contract.  
+       Mutex mUILock;                          // serializes user interaction
+};

 
 //
 // A Database object represents an Apple CSP/DL open database (DL/DB) object.
 
 //
 // A Database object represents an Apple CSP/DL open database (DL/DB) object.

diff --git a/src/pcscmonitor.cpp b/src/pcscmonitor.cpp
index 47a0eefb122b7ec328d40d858f319437c6292bbd..9fe6a1386892ff9d20e3f351e1c43f930acabe32 100644 (file)
--- a/src/pcscmonitor.cpp
+++ b/src/pcscmonitor.cpp
@@ -151,7 +151,7 @@ void PCSCMonitor::launchPcscd()
        Child::fork();
 
        // if pcscd doesn't report a reader found soon, we'll kill it off
        Child::fork();
 
        // if pcscd doesn't report a reader found soon, we'll kill it off

-       server.setTimer(this, PCSCD_IDLE_SHUTDOWN);
+       scheduleTimer(true);

 }
 
 
 }
 
 


@@ -252,7 +252,7 @@ void PCSCMonitor::scheduleTimer(bool enable)
 //
 // Perform the initial PCSC subsystem initialization.
 // This runs (shortly) after securityd is fully functional and the
 //
 // Perform the initial PCSC subsystem initialization.
 // This runs (shortly) after securityd is fully functional and the

-// server loop as started.
+// server loop has started.

 //
 void PCSCMonitor::initialSetup()
 {
 //
 void PCSCMonitor::initialSetup()
 {


@@ -285,6 +285,12 @@ void PCSCMonitor::initialSetup()
                IOKit::DeviceMatch pcCardSelector("IOPCCard16Device");
                mIOKitNotifier.add(usbSelector, *this); // this will scan existing USB devices
                mIOKitNotifier.add(pcCardSelector, *this);      // ditto for PC Card devices
                IOKit::DeviceMatch pcCardSelector("IOPCCard16Device");
                mIOKitNotifier.add(usbSelector, *this); // this will scan existing USB devices
                mIOKitNotifier.add(pcCardSelector, *this);      // ditto for PC Card devices

+               if (mServiceLevel == aggressive) {
+                       // catch custom non-composite USB devices - they don't have IOServices attached
+                       IOKit::DeviceMatch customUsbSelector(::IOServiceMatching("IOUSBDevice"));
+                       mIOKitNotifier.add(customUsbSelector, *this);   // ditto for custom USB devices
+               }
+               break;

        }
        
        // we are NOT scanning for PCSC devices here. Pcscd will send us a notification when it's up
        }
        
        // we are NOT scanning for PCSC devices here. Pcscd will send us a notification when it's up


@@ -345,22 +351,24 @@ PCSCMonitor::DeviceSupport PCSCMonitor::deviceSupport(const IOKit::Device &dev)
 {
        try {
                secdebug("scsel", "%s", dev.path().c_str());
 {
        try {
                secdebug("scsel", "%s", dev.path().c_str());

-               CFRef<CFNumberRef> cfClass(dev.property<CFNumberRef>("bInterfaceClass"));
-               if (!cfClass) {
-                       secdebug("scsel", "  device without device class (ignored)");
-                       return impossible;
-               }
-               switch (IFDEBUG(uint32 clas =) cfNumber(cfClass)) {
-               case kUSBChipSmartCardInterfaceClass:           // CCID smartcard reader - go
-                       secdebug("scsel", "  CCID smartcard reader recognized");
-                       return definite;
-               case kUSBVendorSpecificInterfaceClass:
-                       secdebug("scsel", "  Vendor-specific device - possible match");
-                       return possible;
-               default:
-                       secdebug("scsel", "  class %ld is not a smartcard device", clas);
-                       return impossible;
-               }
+               if (CFRef<CFNumberRef> cfInterface = dev.property<CFNumberRef>("bInterfaceClass"))
+                       switch (IFDEBUG(uint32 clas =) cfNumber(cfInterface)) {
+                       case kUSBChipSmartCardInterfaceClass:           // CCID smartcard reader - go
+                               secdebug("scsel", "  CCID smartcard reader recognized");
+                               return definite;
+                       case kUSBVendorSpecificInterfaceClass:
+                               secdebug("scsel", "  Vendor-specific interface - possible match");
+                               return possible;
+                       default:
+                               secdebug("scsel", "  interface class %ld is not a smartcard device", clas);
+                               return impossible;
+                       }
+               if (CFRef<CFNumberRef> cfDevice = dev.property<CFNumberRef>("bDeviceClass"))
+                       if (cfNumber(cfDevice) == kUSBVendorSpecificClass) {
+                               secdebug("scsel", "  Vendor-specific device - possible match");
+                               return possible;
+                       }
+               return impossible;

        } catch (...) {
                secdebug("scsel", "  exception while examining device - ignoring it");
                return impossible;
        } catch (...) {
                secdebug("scsel", "  exception while examining device - ignoring it");
                return impossible;

diff --git a/src/pcscmonitor.h b/src/pcscmonitor.h
index 6ef6328567c0afbfd519fdefe9611834f9d7e706..4163cebc469f0c9e7ce4831be288492ae7bd9502 100644 (file)
--- a/src/pcscmonitor.h
+++ b/src/pcscmonitor.h
@@ -56,9 +56,9 @@ public:
        enum ServiceLevel {
                forcedOff,                                      // no service under any circumstances
                conservative,                           // launch pcscd for certain smartcard devices
        enum ServiceLevel {
                forcedOff,                                      // no service under any circumstances
                conservative,                           // launch pcscd for certain smartcard devices

-               aggressive,                                     // launch pcscd for possible smartcard devices
+               aggressive,                                     // launch pcscd for possible (and certain) smartcard devices

                forcedOn,                                       // keep pcscd running at all times
                forcedOn,                                       // keep pcscd running at all times

-               externalDaemon                          // use externally launched daemon
+               externalDaemon                          // use externally launched daemon if present (do not manage pcscd)

        };
 
        PCSCMonitor(Server &server, TokenCache &cache, ServiceLevel level = conservative);
        };
 
        PCSCMonitor(Server &server, TokenCache &cache, ServiceLevel level = conservative);