securityd-55137.5.tar.gz

diff --git a/etc/authorization.merge b/etc/authorization.merge
index cf17bcc5022ed17746b9609a68d5c462f7c8e86f..a4a3d0aee947ffb1e1bca3e49173a2ca060c7ff3 100644 (file)
--- a/etc/authorization.merge
+++ b/etc/authorization.merge
@@ -4,29 +4,142 @@
 <dict>
        <key>rights</key>
        <dict>
 <dict>
        <key>rights</key>
        <dict>

-               <key>system.login.console</key>
+               <key>com.apple.container-repair</key>

                <dict>
                        <key>class</key>
                <dict>
                        <key>class</key>

-                       <string>evaluate-mechanisms</string>
-                       <key>comment</key>
-                       <string>Login mechanism based rule.  Not for general use, yet.</string>
-                       <key>mechanisms</key>
-                       <array>
-                               <string>builtin:policy-banner</string>
-                               <string>loginwindow:login</string>
-                               <string>builtin:login-begin</string>
-                               <string>builtin:reset-password,privileged</string>
-                               <string>builtin:forward-login,privileged</string>
-                               <string>builtin:auto-login,privileged</string>
-                               <string>builtin:authenticate,privileged</string>
-                               <string>PKINITMechanism:auth,privileged</string>
-                               <string>builtin:login-success</string>
-                               <string>loginwindow:success</string>
-                               <string>HomeDirMechanism:login,privileged</string>
-                               <string>HomeDirMechanism:status</string>
-                               <string>MCXMechanism:login</string>
-                               <string>loginwindow:done</string>
-                       </array>
+                       <string>user</string>
+                       <key>default-button</key>
+                       <dict>
+                               <key>ar</key>
+                               <string>تصليح</string>
+                               <key>ca</key>
+                               <string>Reparar</string>
+                               <key>cs</key>
+                               <string>Opravit</string>
+                               <key>da</key>
+                               <string>Reparer</string>
+                               <key>de</key>
+                               <string>Reparieren</string>
+                               <key>el</key>
+                               <string>Επισκευή</string>
+                               <key>en</key>
+                               <string>Repair</string>
+                               <key>es</key>
+                               <string>Reparar</string>
+                               <key>fi</key>
+                               <string>Korjaa</string>
+                               <key>fr</key>
+                               <string>Réparer</string>
+                               <key>he</key>
+                               <string>תקן</string>
+                               <key>hr</key>
+                               <string>Popravi</string>
+                               <key>hu</key>
+                               <string>Javítás</string>
+                               <key>it</key>
+                               <string>Ripara</string>
+                               <key>ja</key>
+                               <string>修復</string>
+                               <key>ko</key>
+                               <string>복구</string>
+                               <key>nb</key>
+                               <string>Reparer</string>
+                               <key>nl</key>
+                               <string>Herstel</string>
+                               <key>pl</key>
+                               <string>Napraw</string>
+                               <key>pt</key>
+                               <string>Reparar</string>
+                               <key>pt-PT</key>
+                               <string>Reparar</string>
+                               <key>ro</key>
+                               <string>Repară</string>
+                               <key>ru</key>
+                               <string>Исправить</string>
+                               <key>sk</key>
+                               <string>Opraviť</string>
+                               <key>sv</key>
+                               <string>Reparera</string>
+                               <key>th</key>
+                               <string>ซ่อมแซม</string>
+                               <key>tr</key>
+                               <string>Onar</string>
+                               <key>uk</key>
+                               <string>Полагодити</string>
+                               <key>zh-Hans</key>
+                               <string>修复</string>
+                               <key>zh-Hant</key>
+                               <string>修復</string>
+                       </dict>
+                       <key>default-prompt</key>
+                       <dict>
+                               <key>ar</key>
+                               <string>يحتاج __APPNAME__ إلى إصلاح مكتبتك لتشغيل التطبيات.</string>
+                               <key>ca</key>
+                               <string>__APPNAME__ necessita reparar la vostra biblioteca per poder executar aplicacions.</string>
+                               <key>cs</key>
+                               <string>__APPNAME__ potřebuje opravit vaši knihovnu, aby bylo možné spouštět aplikace.</string>
+                               <key>da</key>
+                               <string>__APPNAME__ skal reparere dit bibliotek for at kunne afvikle  programmer.</string>
+                               <key>de</key>
+                               <string>__APPNAME__ muss Ihre Library reparieren, um Programme auszuführen.</string>
+                               <key>el</key>
+                               <string>Η εφαρμογή «__APPNAME__» πρέπει να επισκευάσει τη Βιβλιοθήκη σας ώστε να εκτελεί εφαρμογές.</string>
+                               <key>en</key>
+                               <string>__APPNAME__ needs to repair your Library to run applications.</string>
+                               <key>es</key>
+                               <string>__APPNAME__ necesita reparar su biblioteca para poder ejecutar aplicaciones.</string>
+                               <key>fi</key>
+                               <string>Kohteen__APPNAME__ pitää korjata kirjastosi, jotta se voi suorittaa ohjelmia.</string>
+                               <key>fr</key>
+                               <string>__APPNAME__ doit réparer votre Bibliothèque pour exécuter les applications.</string>
+                               <key>he</key>
+                               <string>על-מנת שניתן יהיה להפעיל יישומים, על __APPNAME__ לתקן את הספריה שלך.</string>
+                               <key>hr</key>
+                               <string>__APPNAME__ treba popraviti vašu medijateku kako bi se mogle pokrenuti aplikacije.</string>
+                               <key>hu</key>
+                               <string>A(z) __APPNAME__ alkalmazásnak ki kell javítania az Ön Könyvtárát az alkalmazások futtatásához.</string>
+                               <key>it</key>
+                               <string>Per poter eseguire applicazioni, __APPNAME__ deve riparare la libreria.</string>
+                               <key>ja</key>
+                               <string>__APPNAME__ は、アプリケーションを実行するためにライブラリを修復する必要があります。</string>
+                               <key>ko</key>
+                               <string>응용 프로그램을 실행하려면 __APPNAME__이(가) 사용자의 라이브러리를 복구해야 합니다.</string>
+                               <key>nb</key>
+                               <string>__APPNAME__ må reparere biblioteket ditt for å kunne bruke programmer.</string>
+                               <key>nl</key>
+                               <string>__APPNAME__ moet uw Bibliotheek herstellen om programma's te kunnen uitvoeren.</string>
+                               <key>pl</key>
+                               <string>__APPNAME__ musi naprawić bibliotekę, aby móc uruchamiać programy.</string>
+                               <key>pt</key>
+                               <string>__APPNAME__ necessita reparar sua biblioteca para poder executar aplicativos.</string>
+                               <key>pt-PT</key>
+                               <string>__APPNAME__ tem de reparar a Biblioteca antes de poder executar aplicações.</string>
+                               <key>ro</key>
+                               <string>__APPNAME__ trebuie să repare biblioteca dvs. pentru a putea rula aplicații.</string>
+                               <key>ru</key>
+                               <string>Программе «__APPNAME__» необходимо исправить Вашу библиотеку для запуска программ.</string>
+                               <key>sk</key>
+                               <string>__APPNAME__ potrebuje kvôli spúšťaniu aplikácií opraviť vašu knižniciu.</string>
+                               <key>sv</key>
+                               <string>__APPNAME__ måste reparera ditt bibliotek för att kunna använda program.</string>
+                               <key>th</key>
+                               <string>__APPNAME__ จำเป็นต้องซ่อมแซมคลังของคุณเพื่อสั่งทำงานแอปพลิเคชั่น</string>
+                               <key>tr</key>
+                               <string>Uygulamaları çalıştırmak için Kitaplık klasörünüzün __APPNAME__ tarafından onarılması gerekiyor.</string>
+                               <key>uk</key>
+                               <string>Програмі __APPNAME__ потрібно полагодити вашу папку «Бібліотека», щоб мати змогу запускати програми.</string>
+                               <key>zh-Hans</key>
+                               <string>“__APPNAME__”需要修复您的资源库才能运行应用程序。</string>
+                               <key>zh-Hant</key>
+                               <string>“__APPNAME__”需要修復您的資料庫來執行應用程式。</string>
+                       </dict>
+                       <key>group</key>
+                       <string>admin</string>
+                       <key>shared</key>
+                       <false/>
+                       <key>timeout</key>
+                       <integer>30</integer>

                </dict>
        </dict>
 </dict>
                </dict>
        </dict>
 </dict>

diff --git a/etc/authorization.plist b/etc/authorization.plist
index 1a61be94861904faaf1adb9858b83404dfe903f0..091f40f6c4a325136c97dc9ae30e9cf3cd116747 100644 (file)
--- a/etc/authorization.plist
+++ b/etc/authorization.plist
@@ -2439,6 +2439,143 @@ See remaining rules for examples.
                                <string>builtin:generic-unlock</string>
                        </array>
                </dict>
                                <string>builtin:generic-unlock</string>
                        </array>
                </dict>

+               <key>com.apple.container-repair</key>
+               <dict>
+                       <key>class</key>
+                       <string>user</string>
+                       <key>default-button</key>
+                       <dict>
+                               <key>ar</key>
+                               <string>تصليح</string>
+                               <key>ca</key>
+                               <string>Reparar</string>
+                               <key>cs</key>
+                               <string>Opravit</string>
+                               <key>da</key>
+                               <string>Reparer</string>
+                               <key>de</key>
+                               <string>Reparieren</string>
+                               <key>el</key>
+                               <string>Επισκευή</string>
+                               <key>en</key>
+                               <string>Repair</string>
+                               <key>es</key>
+                               <string>Reparar</string>
+                               <key>fi</key>
+                               <string>Korjaa</string>
+                               <key>fr</key>
+                               <string>Réparer</string>
+                               <key>he</key>
+                               <string>תקן</string>
+                               <key>hr</key>
+                               <string>Popravi</string>
+                               <key>hu</key>
+                               <string>Javítás</string>
+                               <key>it</key>
+                               <string>Ripara</string>
+                               <key>ja</key>
+                               <string>修復</string>
+                               <key>ko</key>
+                               <string>복구</string>
+                               <key>nb</key>
+                               <string>Reparer</string>
+                               <key>nl</key>
+                               <string>Herstel</string>
+                               <key>pl</key>
+                               <string>Napraw</string>
+                               <key>pt</key>
+                               <string>Reparar</string>
+                               <key>pt-PT</key>
+                               <string>Reparar</string>
+                               <key>ro</key>
+                               <string>Repară</string>
+                               <key>ru</key>
+                               <string>Исправить</string>
+                               <key>sk</key>
+                               <string>Opraviť</string>
+                               <key>sv</key>
+                               <string>Reparera</string>
+                               <key>th</key>
+                               <string>ซ่อมแซม</string>
+                               <key>tr</key>
+                               <string>Onar</string>
+                               <key>uk</key>
+                               <string>Полагодити</string>
+                               <key>zh-Hans</key>
+                               <string>修复</string>
+                               <key>zh-Hant</key>
+                               <string>修復</string>
+                       </dict>
+                       <key>default-prompt</key>
+                       <dict>
+                               <key>ar</key>
+                               <string>يحتاج __APPNAME__ إلى إصلاح مكتبتك لتشغيل التطبيات.</string>
+                               <key>ca</key>
+                               <string>__APPNAME__ necessita reparar la vostra biblioteca per poder executar aplicacions.</string>
+                               <key>cs</key>
+                               <string>__APPNAME__ potřebuje opravit vaši knihovnu, aby bylo možné spouštět aplikace.</string>
+                               <key>da</key>
+                               <string>__APPNAME__ skal reparere dit bibliotek for at kunne afvikle  programmer.</string>
+                               <key>de</key>
+                               <string>__APPNAME__ muss Ihre Library reparieren, um Programme auszuführen.</string>
+                               <key>el</key>
+                               <string>Η εφαρμογή «__APPNAME__» πρέπει να επισκευάσει τη Βιβλιοθήκη σας ώστε να εκτελεί εφαρμογές.</string>
+                               <key>en</key>
+                               <string>__APPNAME__ needs to repair your Library to run applications.</string>
+                               <key>es</key>
+                               <string>__APPNAME__ necesita reparar su biblioteca para poder ejecutar aplicaciones.</string>
+                               <key>fi</key>
+                               <string>Kohteen__APPNAME__ pitää korjata kirjastosi, jotta se voi suorittaa ohjelmia.</string>
+                               <key>fr</key>
+                               <string>__APPNAME__ doit réparer votre Bibliothèque pour exécuter les applications.</string>
+                               <key>he</key>
+                               <string>על-מנת שניתן יהיה להפעיל יישומים, על __APPNAME__ לתקן את הספריה שלך.</string>
+                               <key>hr</key>
+                               <string>__APPNAME__ treba popraviti vašu medijateku kako bi se mogle pokrenuti aplikacije.</string>
+                               <key>hu</key>
+                               <string>A(z) __APPNAME__ alkalmazásnak ki kell javítania az Ön Könyvtárát az alkalmazások futtatásához.</string>
+                               <key>it</key>
+                               <string>Per poter eseguire applicazioni, __APPNAME__ deve riparare la libreria.</string>
+                               <key>ja</key>
+                               <string>__APPNAME__ は、アプリケーションを実行するためにライブラリを修復する必要があります。</string>
+                               <key>ko</key>
+                               <string>응용 프로그램을 실행하려면 __APPNAME__이(가) 사용자의 라이브러리를 복구해야 합니다.</string>
+                               <key>nb</key>
+                               <string>__APPNAME__ må reparere biblioteket ditt for å kunne bruke programmer.</string>
+                               <key>nl</key>
+                               <string>__APPNAME__ moet uw Bibliotheek herstellen om programma's te kunnen uitvoeren.</string>
+                               <key>pl</key>
+                               <string>__APPNAME__ musi naprawić bibliotekę, aby móc uruchamiać programy.</string>
+                               <key>pt</key>
+                               <string>__APPNAME__ necessita reparar sua biblioteca para poder executar aplicativos.</string>
+                               <key>pt-PT</key>
+                               <string>__APPNAME__ tem de reparar a Biblioteca antes de poder executar aplicações.</string>
+                               <key>ro</key>
+                               <string>__APPNAME__ trebuie să repare biblioteca dvs. pentru a putea rula aplicații.</string>
+                               <key>ru</key>
+                               <string>Программе «__APPNAME__» необходимо исправить Вашу библиотеку для запуска программ.</string>
+                               <key>sk</key>
+                               <string>__APPNAME__ potrebuje kvôli spúšťaniu aplikácií opraviť vašu knižniciu.</string>
+                               <key>sv</key>
+                               <string>__APPNAME__ måste reparera ditt bibliotek för att kunna använda program.</string>
+                               <key>th</key>
+                               <string>__APPNAME__ จำเป็นต้องซ่อมแซมคลังของคุณเพื่อสั่งทำงานแอปพลิเคชั่น</string>
+                               <key>tr</key>
+                               <string>Uygulamaları çalıştırmak için Kitaplık klasörünüzün __APPNAME__ tarafından onarılması gerekiyor.</string>
+                               <key>uk</key>
+                               <string>Програмі __APPNAME__ потрібно полагодити вашу папку «Бібліотека», щоб мати змогу запускати програми.</string>
+                               <key>zh-Hans</key>
+                               <string>“__APPNAME__”需要修复您的资源库才能运行应用程序。</string>
+                               <key>zh-Hant</key>
+                               <string>“__APPNAME__”需要修復您的資料庫來執行應用程式。</string>
+                       </dict>
+                       <key>group</key>
+                       <string>admin</string>
+                       <key>shared</key>
+                       <false/>
+                       <key>timeout</key>
+                       <integer>30</integer>
+               </dict>

                <key>com.apple.dashboard.advisory.allow</key>
                <dict>
                        <key>class</key>
                <key>com.apple.dashboard.advisory.allow</key>
                <dict>
                        <key>class</key>

diff --git a/src/AuthorizationEngine.cpp b/src/AuthorizationEngine.cpp
index 14a154c43523ccaaebc6bd8aa7e43a61d36dc765..b989fc3681762809ed0849f7c85efc7aa5027bde 100644 (file)
--- a/src/AuthorizationEngine.cpp
+++ b/src/AuthorizationEngine.cpp
@@ -164,16 +164,15 @@ Engine::authorize(const AuthItemSet &inRights, const AuthItemSet &environment,
 
         string processName = "unknown";
         string authCreatorName = "unknown";
 
         string processName = "unknown";
         string authCreatorName = "unknown";

-        if (SecCodeRef code = Server::process().currentGuest()) {
-            CFRef<CFURLRef> path;
-            if (!SecCodeCopyPath(code, kSecCSDefaultFlags, &path.aref()))
-                processName = cfString(path);
-        }
-        if (SecStaticCodeRef code = auth.creatorCode()) {
-            CFRef<CFURLRef> path;
-            if (!SecCodeCopyPath(code, kSecCSDefaultFlags, &path.aref()))
-                authCreatorName = cfString(path);
+               {
+                       StLock<Mutex> _(Server::process());
+               if (SecCodeRef code = Server::process().currentGuest()) {
+                   CFRef<CFURLRef> path;
+               if (!SecCodeCopyPath(code, kSecCSDefaultFlags, &path.aref()))
+                       processName = cfString(path);
+                       }

         }
         }

+               authCreatorName = auth.creatorPath();

                
         if (sandbox_check(Server::process().pid(), "authorization-right-obtain", SANDBOX_FILTER_RIGHT_NAME, (*it)->name())) {
             Syslog::error("Sandbox denied authorizing right '%s' by client '%s' [%d]", (*it)->name(), processName.c_str(), Server::process().pid());
                
         if (sandbox_check(Server::process().pid(), "authorization-right-obtain", SANDBOX_FILTER_RIGHT_NAME, (*it)->name())) {
             Syslog::error("Sandbox denied authorizing right '%s' by client '%s' [%d]", (*it)->name(), processName.c_str(), Server::process().pid());

diff --git a/src/acl_keychain.cpp b/src/acl_keychain.cpp
index 59eb86fc47e5f22da4307a45270402d9fd671212..e783cfa960a14ad19116bd594d25895bdd91dc73 100644 (file)
--- a/src/acl_keychain.cpp
+++ b/src/acl_keychain.cpp
@@ -84,34 +84,40 @@ bool KeychainPromptAclSubject::validate(const AclValidationContext &context,
                        mode = (mode & ~CSSM_ACL_KEYCHAIN_PROMPT_INVALID) | (flags & CSSM_ACL_KEYCHAIN_PROMPT_INVALID);
                
                // determine signed/validity status of client, without reference to any particular Code Requirement
                        mode = (mode & ~CSSM_ACL_KEYCHAIN_PROMPT_INVALID) | (flags & CSSM_ACL_KEYCHAIN_PROMPT_INVALID);
                
                // determine signed/validity status of client, without reference to any particular Code Requirement

-               SecCodeRef clientCode = process.currentGuest();
-               Server::active().longTermActivity();
-               OSStatus validation = clientCode ? SecCodeCheckValidity(clientCode, kSecCSDefaultFlags, NULL) : errSecCSStaticCodeNotFound;
-               switch (validation) {
-               case noErr:                                                     // client is signed and valid
-                       secdebug("kcacl", "client is valid, proceeding");
-                       break;
-               case errSecCSUnsigned:                          // client is not signed
-                       if (!(mode & CSSM_ACL_KEYCHAIN_PROMPT_UNSIGNED)) {
-                               secdebug("kcacl", "client is unsigned, suppressing prompt");
-                               return false;
-                       }
-                       break;
-               case errSecCSSignatureFailed:           // client signed but signature is broken
-               case errSecCSGuestInvalid:                      // client signed but dynamically invalid
-               case errSecCSStaticCodeNotFound:        // client not on disk (or unreadable)
-                       if (!(mode & CSSM_ACL_KEYCHAIN_PROMPT_INVALID)) {
-                               secdebug("kcacl", "client is invalid, suppressing prompt");
-                               Syslog::info("suppressing keychain prompt for invalidly signed client %s(%d)",
+               SecCodeRef clientCode = NULL;
+               OSStatus validation = errSecCSStaticCodeNotFound;
+               {
+                       StLock<Mutex> _(process);
+                       Server::active().longTermActivity();
+                       clientCode = process.currentGuest();
+                       if (clientCode)
+                               validation = SecCodeCheckValidity(clientCode, kSecCSDefaultFlags, NULL);
+                       switch (validation) {
+                       case noErr:                                                     // client is signed and valid
+                               secdebug("kcacl", "client is valid, proceeding");
+                               break;
+                       case errSecCSUnsigned:                          // client is not signed
+                               if (!(mode & CSSM_ACL_KEYCHAIN_PROMPT_UNSIGNED)) {
+                                       secdebug("kcacl", "client is unsigned, suppressing prompt");
+                                       return false;
+                               }
+                               break;
+                       case errSecCSSignatureFailed:           // client signed but signature is broken
+                       case errSecCSGuestInvalid:                      // client signed but dynamically invalid
+                       case errSecCSStaticCodeNotFound:        // client not on disk (or unreadable)
+                               if (!(mode & CSSM_ACL_KEYCHAIN_PROMPT_INVALID)) {
+                                       secdebug("kcacl", "client is invalid, suppressing prompt");
+                                       Syslog::info("suppressing keychain prompt for invalidly signed client %s(%d)",
+                                               process.getPath().c_str(), process.pid());
+                                       return false;
+                               }
+                               Syslog::info("attempting keychain prompt for invalidly signed client %s(%d)",

                                        process.getPath().c_str(), process.pid());
                                        process.getPath().c_str(), process.pid());

+                               break;
+                       default:                                                        // something else went wrong
+                               secdebug("kcacl", "client validation failed rc=%d, suppressing prompt", int32_t(validation));

                                return false;
                        }
                                return false;
                        }

-                       Syslog::info("attempting keychain prompt for invalidly signed client %s(%d)",
-                               process.getPath().c_str(), process.pid());
-                       break;
-               default:                                                        // something else went wrong
-                       secdebug("kcacl", "client validation failed rc=%d, suppressing prompt", int32_t(validation));
-                       return false;

                }
                
                // At this point, we're committed to try to Pop The Question. Now, how?
                }
                
                // At this point, we're committed to try to Pop The Question. Now, how?


@@ -122,6 +128,7 @@ bool KeychainPromptAclSubject::validate(const AclValidationContext &context,
 
                // an application (i.e. Keychain Access.app :-) can force this option
                if (clientCode && validation == noErr) {
 
                // an application (i.e. Keychain Access.app :-) can force this option
                if (clientCode && validation == noErr) {

+                       StLock<Mutex> _(process);

                        CFRef<CFDictionaryRef> dict;
                        if (SecCodeCopySigningInformation(clientCode, kSecCSDefaultFlags, &dict.aref()) == noErr)
                                if (CFDictionaryRef info = CFDictionaryRef(CFDictionaryGetValue(dict, kSecCodeInfoPList)))
                        CFRef<CFDictionaryRef> dict;
                        if (SecCodeCopySigningInformation(clientCode, kSecCSDefaultFlags, &dict.aref()) == noErr)
                                if (CFDictionaryRef info = CFDictionaryRef(CFDictionaryGetValue(dict, kSecCodeInfoPList)))


@@ -146,6 +153,7 @@ bool KeychainPromptAclSubject::validate(const AclValidationContext &context,
 
                        // process an "always allow..." response
                        if (query.remember && clientCode) {
 
                        // process an "always allow..." response
                        if (query.remember && clientCode) {

+                               StLock<Mutex> _(process);

                                RefPointer<OSXCode> clientXCode = new OSXCodeWrap(clientCode);
                                RefPointer<AclSubject> subject = new CodeSignatureAclSubject(OSXVerifier(clientXCode));
                                SecurityServerAcl::addToStandardACL(context, subject);
                                RefPointer<OSXCode> clientXCode = new OSXCodeWrap(clientCode);
                                RefPointer<AclSubject> subject = new CodeSignatureAclSubject(OSXVerifier(clientXCode));
                                SecurityServerAcl::addToStandardACL(context, subject);

diff --git a/src/acls.cpp b/src/acls.cpp
index ebd304ddd91b98a16b6df370dced29b8ea32e6bc..6d885bbb02ac7d63c8e7259004dc6bcc29cb9f45 100644 (file)
--- a/src/acls.cpp
+++ b/src/acls.cpp
@@ -87,6 +87,19 @@ void SecurityServerAcl::changeOwner(const AclOwnerPrototype &newOwner,
 void SecurityServerAcl::validate(AclAuthorization auth, const AccessCredentials *cred, Database *db)
 {
     SecurityServerEnvironment env(*this, db);
 void SecurityServerAcl::validate(AclAuthorization auth, const AccessCredentials *cred, Database *db)
 {
     SecurityServerEnvironment env(*this, db);

+
+       {
+               // Migrator gets a free ride
+               Process &thisProcess = Server::process();
+               StLock<Mutex> _(thisProcess);
+               SecCodeRef clientRef = thisProcess.currentGuest();
+               if (clientRef) {
+                       std::string clientPath = codePath(clientRef);
+                       if (clientPath == std::string("/usr/libexec/KeychainMigrator"))
+                               return;
+               }
+       }
+       

        StLock<Mutex> objectSequence(aclSequence);
        StLock<Mutex> processSequence(Server::process().aclSequence);
     ObjectAcl::validate(auth, cred, &env);
        StLock<Mutex> objectSequence(aclSequence);
        StLock<Mutex> processSequence(Server::process().aclSequence);
     ObjectAcl::validate(auth, cred, &env);

diff --git a/src/agentquery.cpp b/src/agentquery.cpp
index 123dbfd101e5d7e57c918a0328d9bc3969bcda39..b2e25ab184911383b12d5248dcdbac5b13942379 100644 (file)
--- a/src/agentquery.cpp
+++ b/src/agentquery.cpp
@@ -262,8 +262,11 @@ void
 SecurityAgentQuery::inferHints(Process &thisProcess)
 {
     string guestPath;
 SecurityAgentQuery::inferHints(Process &thisProcess)
 {
     string guestPath;

-       if (SecCodeRef clientCode = thisProcess.currentGuest())
-               guestPath = codePath(clientCode);
+       {
+               StLock<Mutex> _(thisProcess);
+               if (SecCodeRef clientCode = thisProcess.currentGuest())
+                       guestPath = codePath(clientCode);
+       }

        AuthItemSet processHints = clientHints(SecurityAgent::bundle, guestPath,
                thisProcess.pid(), thisProcess.uid());
        mClientHints.insert(processHints.begin(), processHints.end());
        AuthItemSet processHints = clientHints(SecurityAgent::bundle, guestPath,
                thisProcess.pid(), thisProcess.uid());
        mClientHints.insert(processHints.begin(), processHints.end());


@@ -870,8 +873,10 @@ void QueryInvokeMechanism::run(const AuthValueVector &inArguments, AuthItemSet &
     // prepopulate with client hints
        inHints.insert(mClientHints.begin(), mClientHints.end());
 
     // prepopulate with client hints
        inHints.insert(mClientHints.begin(), mClientHints.end());
 

-       if (Server::active().inDarkWake())
-               CssmError::throwMe(CSSM_ERRCODE_IN_DARK_WAKE);
+    if (mAuthHostType == securityAgent) {
+        if (Server::active().inDarkWake())
+            CssmError::throwMe(CSSM_ERRCODE_IN_DARK_WAKE);
+    }

 
     setArguments(inArguments);
     setInput(inHints, inContext);
 
     setArguments(inArguments);
     setInput(inHints, inContext);

diff --git a/src/authority.cpp b/src/authority.cpp
index 75221a3bbf8b221ff5a2ed848cbfa72f120647fc..f3371af3ac581e7a7d6407dd617364db2ce3fced 100644 (file)
--- a/src/authority.cpp
+++ b/src/authority.cpp
@@ -70,8 +70,12 @@ const audit_token_t &auditToken, bool operateAsLeastPrivileged)
        else
                mCreatorSandboxed = false;
        
        else
                mCreatorSandboxed = false;
        

-       if (SecCodeRef code = Server::process().currentGuest())
-               MacOSError::check(SecCodeCopyStaticCode(code, kSecCSDefaultFlags, &mCreatorCode.aref()));
+       {
+               Process &thisProcess = Server::process();
+               StLock<Mutex> _(thisProcess);
+               if (SecCodeRef code = thisProcess.currentGuest())
+                       MacOSError::check(SecCodeCopyStaticCode(code, kSecCSDefaultFlags, &mCreatorCode.aref()));
+       }

                
        // link to session
        referent(ssn);
                
        // link to session
        referent(ssn);


@@ -103,6 +107,18 @@ Session &AuthorizationToken::session() const
 }
 
 
 }
 
 

+std::string AuthorizationToken::creatorPath() const
+{
+       if (mCreatorCode) {
+               StLock<Mutex> _(mLock);
+               CFRef<CFURLRef> path;
+               if (SecCodeCopyPath(mCreatorCode, kSecCSDefaultFlags, &path.aref()) == noErr)
+                       return cfString(path);
+       }
+       return "unknown";
+}
+
+

 //
 // Locate an authorization given its blob.
 //
 //
 // Locate an authorization given its blob.
 //

diff --git a/src/authority.h b/src/authority.h
index d5f8ce875af748be9d7f5a554d6576ef927d2e6f..c71fc46b1940e01d6adc43ca6d59c6ad7d4b25ec 100644 (file)
--- a/src/authority.h
+++ b/src/authority.h
@@ -71,6 +71,7 @@ public:
        uid_t creatorUid() const        { return mCreatorUid; }
        gid_t creatorGid() const        { return mCreatorGid; }
     SecStaticCodeRef creatorCode() const { return mCreatorCode; }
        uid_t creatorUid() const        { return mCreatorUid; }
        gid_t creatorGid() const        { return mCreatorGid; }
     SecStaticCodeRef creatorCode() const { return mCreatorCode; }

+       std::string creatorPath() const;

        pid_t creatorPid() const        { return mCreatorPid; }
        bool creatorSandboxed() const { return mCreatorSandboxed; }
        
        pid_t creatorPid() const        { return mCreatorPid; }
        bool creatorSandboxed() const { return mCreatorSandboxed; }
        


@@ -99,7 +100,7 @@ public:
     };
 
 private:
     };
 
 private:

-       Mutex mLock;                                    // object lock
+       mutable Mutex mLock;                    // object lock

        AuthorizationBlob mHandle;              // official randomized blob marker
        CredentialSet mBaseCreds;               // credentials we're based on
        
        AuthorizationBlob mHandle;              // official randomized blob marker
        CredentialSet mBaseCreds;               // credentials we're based on
        

diff --git a/src/codesigdb.cpp b/src/codesigdb.cpp
index 8d3a425d605b69a9ac00f66255667db069e9007b..c0b78686c51a697497daaa79d9cc8652674bf166 100644 (file)
--- a/src/codesigdb.cpp
+++ b/src/codesigdb.cpp
@@ -228,13 +228,12 @@ bool CodeSignatures::verify(Process &process,
 {
        secdebug("codesign", "start verify");
 
 {
        secdebug("codesign", "start verify");
 

-       // if we have no client code, we cannot possibly match this
+       StLock<Mutex> _(process);

        SecCodeRef code = process.currentGuest();
        if (!code) {
                secdebug("codesign", "no code base: fail");
                return false;
        }
        SecCodeRef code = process.currentGuest();
        if (!code) {
                secdebug("codesign", "no code base: fail");
                return false;
        }

-       

        if (SecRequirementRef requirement = verifier.requirement()) {
                // If the ACL contains a code signature (requirement), we won't match against unsigned code at all.
                // The legacy hash is ignored (it's for use by pre-Leopard systems).
        if (SecRequirementRef requirement = verifier.requirement()) {
                // If the ACL contains a code signature (requirement), we won't match against unsigned code at all.
                // The legacy hash is ignored (it's for use by pre-Leopard systems).

diff --git a/src/process.cpp b/src/process.cpp
index 868a082df7d0a42bafd77e1119821b0d81dbbb7b..606e9498df462f995b6acac660ee41c9d05a6a61 100644 (file)
--- a/src/process.cpp
+++ b/src/process.cpp
@@ -42,6 +42,8 @@
 Process::Process(TaskPort taskPort,    const ClientSetupInfo *info, const CommonCriteria::AuditToken &audit)
  :  mTaskPort(taskPort), mByteFlipped(false), mPid(audit.pid()), mUid(audit.euid()), mGid(audit.egid())
 {
 Process::Process(TaskPort taskPort,    const ClientSetupInfo *info, const CommonCriteria::AuditToken &audit)
  :  mTaskPort(taskPort), mByteFlipped(false), mPid(audit.pid()), mUid(audit.euid()), mGid(audit.egid())
 {

+       StLock<Mutex> _(*this);
+       

        // set parent session
        parent(Session::find(audit.sessionId(), true));
 
        // set parent session
        parent(Session::find(audit.sessionId(), true));
 


@@ -76,6 +78,7 @@ Process::Process(TaskPort taskPort,   const ClientSetupInfo *info, const CommonCri
 //
 void Process::reset(TaskPort taskPort, const ClientSetupInfo *info, const CommonCriteria::AuditToken &audit)
 {
 //
 void Process::reset(TaskPort taskPort, const ClientSetupInfo *info, const CommonCriteria::AuditToken &audit)
 {

+       StLock<Mutex> _(*this);

        if (taskPort != mTaskPort) {
                secdebug("SS", "Process %p(%d) reset mismatch (tp %d-%d)",
                        this, pid(), taskPort.port(), mTaskPort.port());
        if (taskPort != mTaskPort) {
                secdebug("SS", "Process %p(%d) reset mismatch (tp %d-%d)",
                        this, pid(), taskPort.port(), mTaskPort.port());