From 569135f537d6bd5118fa29c2fb4b6d4d436e066e Mon Sep 17 00:00:00 2001 From: Apple Date: Sat, 20 Jun 2009 07:38:38 +0000 Subject: [PATCH] securityd-36975.tar.gz --- dtrace/dtrace.mk | 2 + dtrace/securityd-watch.d | 370 ++++++ etc/authorization.plist | 191 ++- etc/com.apple.securityd.plist | 8 +- securityd.xcodeproj/project.pbxproj | 837 +++++++------ src/AuthorizationDBPlist.cpp | 35 +- src/AuthorizationEngine.cpp | 98 +- src/AuthorizationEngine.h | 3 +- src/AuthorizationMechEval.cpp | 78 +- src/AuthorizationMechEval.h | 4 +- src/AuthorizationRule.cpp | 381 +++--- src/AuthorizationRule.h | 16 +- src/SharedMemoryServer.cpp | 5 +- src/acl_keychain.cpp | 57 +- src/acl_keychain.h | 1 + src/acls.cpp | 2 +- src/agentquery.cpp | 298 ++++- src/agentquery.h | 83 +- src/authority.cpp | 6 +- src/ccaudit_extensions.cpp | 441 +++++++ src/ccaudit_extensions.h | 253 ++++ src/child.cpp | 8 +- src/clientid.cpp | 12 +- src/codesigdb.cpp | 18 +- src/connection.cpp | 16 +- src/connection.h | 21 +- src/credential.cpp | 72 +- src/credential.h | 45 +- src/csproxy.cpp | 131 ++- src/csproxy.h | 9 +- src/database.cpp | 10 +- src/database.h | 7 +- src/dtrace.h | 48 + src/entropy.cpp | 13 +- src/kcdatabase.cpp | 121 +- src/kcdatabase.h | 8 +- src/kckey.cpp | 5 +- src/key.h | 6 +- src/localdatabase.cpp | 2 +- src/localkey.cpp | 4 +- src/localkey.h | 5 +- src/main.cpp | 94 +- src/notifications.cpp | 2 +- src/notifications.h | 4 +- src/osxcodewrap.cpp | 64 - src/osxcodewrap.h | 60 - src/pcscmonitor.cpp | 27 +- src/process.cpp | 40 +- src/process.h | 5 +- src/reader.cpp | 2 +- src/securityd.d | 127 ++ src/securityd.order | 1700 ++++++++++++++++----------- src/server.cpp | 170 ++- src/server.h | 33 +- src/session.cpp | 110 +- src/session.h | 19 +- src/structure.cpp | 6 +- src/structure.h | 7 +- src/tempdatabase.cpp | 2 +- src/tokencache.cpp | 33 +- src/tokendatabase.cpp | 4 +- src/tokendatabase.h | 6 +- src/tokenkey.cpp | 2 +- src/transition.cpp | 426 ++++--- 64 files changed, 4599 insertions(+), 2074 deletions(-) create mode 100644 dtrace/dtrace.mk create mode 100755 dtrace/securityd-watch.d create mode 100644 src/ccaudit_extensions.cpp create mode 100644 src/ccaudit_extensions.h create mode 100644 src/dtrace.h delete mode 100644 src/osxcodewrap.cpp delete mode 100644 src/osxcodewrap.h create mode 100644 src/securityd.d diff --git a/dtrace/dtrace.mk b/dtrace/dtrace.mk new file mode 100644 index 0000000..37b4209 --- /dev/null +++ b/dtrace/dtrace.mk @@ -0,0 +1,2 @@ +$(DERIVED_SRC)/securityd_dtrace.h: $(SRCROOT)/src/securityd.d + /usr/sbin/dtrace -h -C -s $(SRCROOT)/src/securityd.d -o $(DERIVED_SRC)/securityd_dtrace.h diff --git a/dtrace/securityd-watch.d b/dtrace/securityd-watch.d new file mode 100755 index 0000000..631c2fc --- /dev/null +++ b/dtrace/securityd-watch.d @@ -0,0 +1,370 @@ +#!/usr/sbin/dtrace -q -s + + +/* + * Tracking state + */ +typedef uint32_t DTPort; +typedef uint64_t DTHandle; + +DTHandle portmap[DTPort]; /* map client reply ports to connections */ + +struct connection { + DTPort replyport; /* reply port for client thread */ + uint32_t client; /* client object for this connection */ +}; +struct connection connection[DTHandle]; /* indexed by connection handle */ + +/* should be a single self struct, but that doesn't work right... */ +self string reqName; /* request name */ +self DTHandle reqConnection; /* associated connection */ +self DTHandle reqClient; /* associated client */ + +struct client { + pid_t pid; /* original client pid */ + DTHandle session; /* session handle */ + string name; /* abbreviated name */ + string path; /* path to client process (regardless of guests) */ + DTPort taskport; /* process task port */ +}; +struct client client[DTHandle]; /* indexed by client handle */ + +struct keychain { + string name; /* keychain path */ +}; +struct keychain keychain[DTHandle]; /* indexed by DbCommon handle */ + + +/* + * Script management + */ +:::BEGIN +{ + /* fake data for unknown processes */ + client[0].pid = 0; + client[0].session = 0; + client[0].name = "*UNKNOWN*"; + client[0].path = "*UNKNOWN*"; + + printf("Ready...\n"); +} + + +/* + * Translate thread id + */ +uint32_t threads[DTHandle]; /* map tids to simple thread numbers */ +uint32_t nextThread; /* next unused thread number */ +self uint32_t mytid; /* translated tid */ + +securityd*::: /!threads[tid]/ { threads[tid] = ++nextThread; } +security_debug*::: /!threads[tid]/ { threads[tid] = ++nextThread; } + +securityd*::: { self->mytid = threads[tid]; } +security_debug*::: { self->mytid = threads[tid]; } + + +/* + * Principal events + */ +securityd*:::installmode +{ + printf("%u SYSTEM INSTALLATION MODE SELECTED\n", timestamp); +} + +securityd*:::initialized +{ + printf("%u COMMENCING SERVICE as %s\n", timestamp, copyinstr(arg0)); +} + + +/* + * Client management + */ +securityd*:::client-connection-new +{ + replymap[arg1] = arg0; + self->reqClient = arg2; + connection[arg0].client = self->reqClient; + self->reqConnection = arg0; + @total["Connections"] = count(); + printf("%u T%d:connection-new(<%x>,port=%d,client=<%x>/%s(%d))\n", + timestamp, self->mytid, arg0, arg1, + arg2, client[arg2].name, client[arg2].pid); +} + +securityd*:::client-connection-release +/connection[arg0].client/ +{ + printf("%u T%d:connection-release(<%x>,client=<%x>/%s(%d))\n", + timestamp, self->mytid, arg0, + connection[arg0].client, + client[connection[arg0].client].name, + client[connection[arg0].client].pid); + replymap[connection[arg0].replyport] = 0; /* clear from port map */ + connection[arg0].replyport = 0; + connection[arg0].client = 0; +} + +securityd*:::client-new +{ + client[arg0].pid = arg1; + client[arg0].session = arg2; + client[arg0].path = copyinstr(arg3); + client[arg0].name = basename(client[arg0].path); + client[arg0].taskport = arg4; + self->reqClient = arg0; + @total["Processes"] = count(); + printf("%u T%d:client-new(<%x>,%s(%d),session=<%x>,task=%d)\n", + timestamp, self->mytid, arg0, + client[arg0].path, client[arg0].pid, + client[arg0].session, client[arg0].taskport); +} + +securityd*:::client-release +{ + printf("%u T%d:client-release(<%x>,%s(%d))\n", + timestamp, self->mytid, arg0, client[arg0].path, arg1); + client[arg0].pid = 0; +} + +securityd*:::client-change_session +{ + printf("%u T%d:client-change_session(<%x>,new session=<%x>)\n", + timestamp, self->mytid, arg0, arg1); + client[arg0].pid = 0; +} + + +/* + * Client requests + */ +uint32_t connections[DTHandle]; +uint32_t nextConnection; +self uint32_t myConnection; + +securityd*:::request-entry +/!connections[arg1]/ +{ connections[arg1] = ++nextConnection; } + +securityd*:::request-entry +{ + self->reqName = copyinstr(arg0); + self->reqConnection = arg1; + self->myConnection = connections[arg1]; + self->reqClient = arg2; + this->client = client[self->reqClient]; +} + +securityd*:::request-entry +/this->client.pid/ +{ + printf("%u T%d:C%d:%s(%d)%s\n", + timestamp, self->mytid, self->myConnection, this->client.name, this->client.pid, self->reqName); + @request[client[self->reqClient].name, self->reqName] = count(); +} + +securityd*:::request-entry +/!this->client.pid/ +{ + printf("%u T%d:C%d:%s\n", + timestamp, self->mytid, self->myConnection, self->reqName); +} + +securityd*:::request-entry +{ + @requests[self->reqName] = count(); + @total["Requests"] = count(); +} + +securityd*:::request-return +/self->reqConnection && arg0 == 0/ +{ + printf("%u T%d:C%d:return\n", + timestamp, self->mytid, self->myConnection); +} + +securityd*:::request-return +/self->reqConnection && arg0 != 0/ +{ + printf("%u T%d:C%d:FAIL(%d)\n", + timestamp, self->mytid, self->myConnection, arg0); +} + +securityd*:::request-return +{ + self->reqConnection = 0; + self->reqClient = 0; +} + + +/* + * Sessions + */ +securityd*:::session-* +{ + printf("%u T%d:%s(<%x>,0x%x)\n", timestamp, self->mytid, probename, arg0, arg1); +} + + +/* + * Keychains + */ +securityd*:::keychain-* +{ + this->path = copyinstr(arg1); + printf("%u T%d:%s(<%x>,%s)\n", timestamp, self->mytid, probename, arg0, this->path); + @keychain[this->path, probename] = count(); +} + + +/* + * Low-level port events + */ +securityd*:::ports-* +{ + printf("%u T%d:%s(%d)\n", timestamp, self->mytid, probename, arg0); +} + + +/* + * Code signing + */ +securityd*:::guest-create +{ + printf("%u T%d:guest-create(<%x>,host=<%x>,guest=<%x>,status=0x%x,flags=0x%x,path=%s)\n", + timestamp, self->mytid, arg0, arg1, arg2, arg3, arg4, copyinstr(arg5)); + @total["Guests"] = count(); +} + +securityd*:::guest-change +{ + printf("%u T%d:guest-change(<%x>,<%x>,status=0x%x)\n", timestamp, self->mytid, arg0, arg1, arg2); +} + +securityd*:::guest-destroy +{ + printf("%u T%d:guest-destroy(<%x>,<%x>)\n", timestamp, self->mytid, arg0, arg1); +} + +securityd*:::host-register, +securityd*:::host-proxy +{ + printf("%u T%d:%s(<%x>,port=%d)\n", timestamp, self->mytid, probename, arg0, arg1); + @total["Hosts"] = count(); +} + +securityd*:::host-unregister +{ + printf("%u T%d:host-unregister(<%x>)\n", timestamp, self->mytid, arg0); +} + + +/* + * Child management + */ +securityd*:::child-* +{ + printf("%u T%d:%s(%d,%d)\n", timestamp, self->mytid, probename, arg0, arg1); +} + + +/* + * Power events + */ +securityd*:::power-* +{ + printf("%u T%d:POWER(%s)\n", timestamp, self->mytid, probename); +} + + +/* + * Authorization + */ +securityd*:::auth-create +{ + printf("%u T%d:%s ref(%#x) session(%#x)\n", timestamp, self->mytid, probename, arg1, arg0); +} + +securityd*:::auth-allow, +securityd*:::auth-deny, +securityd*:::auth-user, +securityd*:::auth-rules, +securityd*:::auth-kofn, +securityd*:::auth-mechrule +{ + printf("%u T%d:%s ref(%#x) rule(%s)\n", timestamp, self->mytid, probename, arg0, copyinstr(arg1)); +} + +securityd*:::auth-mech +{ + printf("%u T%d:%s ref(%#x) (%s)\n", timestamp, self->mytid, probename, arg0, copyinstr(arg1)); +} + +securityd*:::auth-user-allowroot, +securityd*:::auth-user-allowsessionowner +{ + printf("%u T%d:%s ref(%#x)\n", timestamp, self->mytid, probename, arg0); +} + +securityd*:::auth-evalright +{ + printf("%u T%d:%s ref(%#x) %s (%d)\n", timestamp, self->mytid, probename, arg0, copyinstr(arg1), arg2); +} + + +/* + * Miscellanea + */ +securityd*:::entropy-collect +{ + printf("%u T%d:entropy-collect()\n", timestamp, tid); +} + +securityd*:::entropy-seed +{ + printf("%u T%d:entropy-seed(%d)\n", timestamp, self->mytid, arg0); +} + +securityd*:::entropy-save +{ + printf("%u T%d:entropy-save(%s)\n", timestamp, self->mytid, copyinstr(arg0)); +} + +securityd*:::signal-* +{ + printf("%u T%d:%s(%d)\n", timestamp, self->mytid, probename, arg0); +} + + +/* + * Integrate secdebug logs + */ +security_debug*:::log +/execname == "securityd"/ +{ + printf("%u T%d:[%s]%s\n", timestamp, threads[tid], + copyinstr(arg0), copyinstr(arg1)); +} + +security_exception*:::throw-* +/execname == "securityd"/ +{ + printf("%u T%d:EXCEPTION(%p) THROWN %s(%d)\n", timestamp, threads[tid], + arg0, probename, arg1); +} + + +/* + * Wrapup + */ +:::END +{ + printa("%@8u %s\n", @total); + printf("\n Requests:\n"); + printa("%@8u %s\n", @requests); + printf("\n Requests by client:\n"); + printa("%@8u %s:%s\n", @request); + printf("\n Keychains by path and operation:\n"); + printa("%@8u %s(%s)\n", @keychain); +} diff --git a/etc/authorization.plist b/etc/authorization.plist index 53f8837..7a4a972 100644 --- a/etc/authorization.plist +++ b/etc/authorization.plist @@ -130,10 +130,10 @@ See remaining rules for examples. builtin:reset-password,privileged builtin:auto-login,privileged builtin:authenticate,privileged + loginwindow:success HomeDirMechanism:login,privileged HomeDirMechanism:status MCXMechanism:login - loginwindow:success loginwindow:done @@ -194,9 +194,9 @@ See remaining rules for examples. group admin shared - + timeout - 300 + 30 system.preferences @@ -250,6 +250,19 @@ See remaining rules for examples. timeout 0 + system.preferences.security + + allow-root + + class + user + comment + Checked by the Admin framework when making changes to the Security preference pane. + group + admin + shared + + system.printingmanager class @@ -266,7 +279,18 @@ See remaining rules for examples. class user group - _lpadmin + lpadmin + shared + + + system.print.operator + + allow-root + + class + user + group + _lpoperator shared @@ -368,6 +392,23 @@ See remaining rules for examples. shared + com.apple.DiskManagement. + + class + rule + comment + Used by diskmanagementd to allow access to its privileged functions + k-of-n + 1 + rule + + is-root + is-admin + default + + shared + + system.privilege.admin allow-root @@ -396,11 +437,36 @@ See remaining rules for examples. Task_for_pid is called by programs requesting full control over another program for things like debugging or performance analysis. This authorization only applies if the requesting and target programs are run by the same user; it will never - authorize access to the program of another user. + authorize access to the program of another user. WARNING: administrators are advised not to modify this right. group - admin + _developer + shared + + timeout + 36000 + + system.privilege.taskport.safe + + class + allow + comment + For use by Apple. + + system.privilege.taskport.debug + + allow-root + + class + user + comment + For use by Apple. WARNING: administrators are advised + not to modify this right. + group + _developer shared + timeout + 36000 system.restart @@ -410,8 +476,9 @@ See remaining rules for examples. Checked if the foreground console user tries to restart the system while other users are logged in via fast-user switching. mechanisms + builtin:smartcard-sniffer,privileged RestartAuthorization:restart - RestartAuthorization:authenticate + builtin:authenticate,privileged RestartAuthorization:success @@ -423,8 +490,9 @@ See remaining rules for examples. Checked if the foreground console user tries to shut down the system while other users are logged in via fast-user switching. mechanisms + builtin:smartcard-sniffer,privileged RestartAuthorization:shutdown - RestartAuthorization:authenticate + builtin:authenticate,privileged RestartAuthorization:success @@ -607,6 +675,64 @@ See remaining rules for examples. builtin:confirm-access-password + com.apple.ZFSManager. + + class + rule + comment + Used by zfsmanager to allow access to destructive zfs functions + k-of-n + 1 + rule + + is-root + is-admin + default + + shared + + + com.apple.ServiceManagement.blesshelper + + comment + Used by the ServiceManagement framework to add a privileged helper tool to the system launchd. + class + rule + k-of-n + 1 + rule + + is-root + authenticate-admin-30 + + + com.apple.ServiceManagement.daemons.modify + + comment + Used by the ServiceManagement framework to make changes to the system launchd's set of daemons. + class + rule + k-of-n + 1 + rule + + is-root + authenticate-admin-30 + + + com.apple.pcastagentconfigd. + + comment + Wildcard for rights checked by Podcast Producer when making changes to your camera binding. + class + user + group + admin + allow-root + + shared + + rules @@ -630,6 +756,35 @@ See remaining rules for examples. timeout 0 + authenticate-admin-30 + + class + user + comment + Like the default rule, but + credentials remain valid for only 30 seconds after they've + been obtained. An acquired credential is shared by all clients. + + group + admin + shared + + timeout + 30 + + authenticate-developer + + class + user + comment + Authenticate as a developer. + group + _developer + shared + + timeout + 36000 + authenticate-session-owner class @@ -639,6 +794,15 @@ See remaining rules for examples. session-owner + authenticate-session-user + + class + user + comment + Same as authenticate-session-owner. + session-owner + + authenticate-session-owner-or-admin allow-root @@ -667,6 +831,17 @@ See remaining rules for examples. shared true + is-developer + + class + user + comment + Verify that the user asking for authorization is a developer. + group + _developer + authenticate-user + + is-root allow-root diff --git a/etc/com.apple.securityd.plist b/etc/com.apple.securityd.plist index d9f2292..aae1614 100644 --- a/etc/com.apple.securityd.plist +++ b/etc/com.apple.securityd.plist @@ -1,9 +1,9 @@ - + Label - com.apple.SecurityServer + com.apple.securityd ProgramArguments /usr/sbin/securityd @@ -21,5 +21,9 @@ LaunchOnlyOnce + HopefullyExitsLast + + EnableTransactions + diff --git a/securityd.xcodeproj/project.pbxproj b/securityd.xcodeproj/project.pbxproj index 721a19d..b1d52fa 100644 --- a/securityd.xcodeproj/project.pbxproj +++ b/securityd.xcodeproj/project.pbxproj @@ -3,137 +3,167 @@ archiveVersion = 1; classes = { }; - objectVersion = 42; + objectVersion = 45; objects = { /* Begin PBXAggregateTarget section */ - C209B3A506ADBCAC007B9E6D /* mig */ = { + AA6D4B7A0E6F3A910050206D /* mig */ = { isa = PBXAggregateTarget; - buildConfigurationList = C27AD4990987FCF4001272E0 /* Build configuration list for PBXAggregateTarget "mig" */; + buildConfigurationList = AA6D4B7F0E6F3AE50050206D /* Build configuration list for PBXAggregateTarget "mig" */; buildPhases = ( - C209B3A406ADBCAC007B9E6D /* ShellScript */, + AA6D4B790E6F3A910050206D /* ShellScript */, ); dependencies = ( ); name = mig; - productName = generate; + productName = mig_native; + }; + AA6D4B810E6F3B210050206D /* startup */ = { + isa = PBXAggregateTarget; + buildConfigurationList = AA6D4B860E6F3B8D0050206D /* Build configuration list for PBXAggregateTarget "startup" */; + buildPhases = ( + AA6D4B800E6F3B210050206D /* ShellScript */, + ); + dependencies = ( + ); + name = startup; + productName = startup_native; + }; + C26CF02C0CD934260094DD9D /* DTrace */ = { + isa = PBXAggregateTarget; + buildConfigurationList = C26CF03B0CD934420094DD9D /* Build configuration list for PBXAggregateTarget "DTrace" */; + buildPhases = ( + C26CF0360CD9343A0094DD9D /* ShellScript */, + ); + dependencies = ( + ); + name = DTrace; + productName = DTrace; }; /* End PBXAggregateTarget section */ /* Begin PBXBuildFile section */ - 405845670663B2010083E58C /* AuthorizationMechEval.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 405845650663B2010083E58C /* AuthorizationMechEval.cpp */; }; - 405845680663B2010083E58C /* AuthorizationMechEval.h in Headers */ = {isa = PBXBuildFile; fileRef = 405845660663B2010083E58C /* AuthorizationMechEval.h */; }; - 40689F860725DCE00021A502 /* authhost.h in Headers */ = {isa = PBXBuildFile; fileRef = 40689F840725DCE00021A502 /* authhost.h */; }; - 40689F870725DCE00021A502 /* authhost.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 40689F850725DCE00021A502 /* authhost.cpp */; }; - 407ACD080AE5B57700A9DA90 /* credential.h in Headers */ = {isa = PBXBuildFile; fileRef = 407ACD060AE5B57700A9DA90 /* credential.h */; }; - 407ACD090AE5B57700A9DA90 /* credential.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 407ACD070AE5B57700A9DA90 /* credential.cpp */; }; - 4C01B3DA06FFC640004B3A01 /* securityd.1 in CopyFiles */ = {isa = PBXBuildFile; fileRef = 4CE1878706FFC5D60079D235 /* securityd.1 */; }; - 4C9264C80534866F004B0E72 /* acl_keychain.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264980534866F004B0E72 /* acl_keychain.cpp */; }; - 4C9264C90534866F004B0E72 /* acl_keychain.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264990534866F004B0E72 /* acl_keychain.h */; }; - 4C9264CA0534866F004B0E72 /* acls.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C92649A0534866F004B0E72 /* acls.cpp */; }; - 4C9264CB0534866F004B0E72 /* acls.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C92649B0534866F004B0E72 /* acls.h */; }; - 4C9264CC0534866F004B0E72 /* agentquery.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C92649C0534866F004B0E72 /* agentquery.cpp */; }; - 4C9264CD0534866F004B0E72 /* agentquery.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C92649D0534866F004B0E72 /* agentquery.h */; }; - 4C9264CE0534866F004B0E72 /* authority.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C92649E0534866F004B0E72 /* authority.cpp */; }; - 4C9264CF0534866F004B0E72 /* authority.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C92649F0534866F004B0E72 /* authority.h */; }; - 4C9264D00534866F004B0E72 /* AuthorizationDBPlist.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264A00534866F004B0E72 /* AuthorizationDBPlist.cpp */; }; - 4C9264D10534866F004B0E72 /* AuthorizationDBPlist.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264A10534866F004B0E72 /* AuthorizationDBPlist.h */; }; - 4C9264D20534866F004B0E72 /* AuthorizationEngine.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264A20534866F004B0E72 /* AuthorizationEngine.cpp */; }; - 4C9264D30534866F004B0E72 /* AuthorizationEngine.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264A30534866F004B0E72 /* AuthorizationEngine.h */; }; - 4C9264D40534866F004B0E72 /* AuthorizationRule.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264A40534866F004B0E72 /* AuthorizationRule.cpp */; }; - 4C9264D50534866F004B0E72 /* AuthorizationRule.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264A50534866F004B0E72 /* AuthorizationRule.h */; }; - 4C9264D80534866F004B0E72 /* codesigdb.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264A80534866F004B0E72 /* codesigdb.cpp */; }; - 4C9264D90534866F004B0E72 /* codesigdb.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264A90534866F004B0E72 /* codesigdb.h */; }; - 4C9264DA0534866F004B0E72 /* connection.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264AA0534866F004B0E72 /* connection.cpp */; }; - 4C9264DB0534866F004B0E72 /* connection.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264AB0534866F004B0E72 /* connection.h */; }; - 4C9264DC0534866F004B0E72 /* dbcrypto.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264AC0534866F004B0E72 /* dbcrypto.cpp */; }; - 4C9264DD0534866F004B0E72 /* dbcrypto.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264AD0534866F004B0E72 /* dbcrypto.h */; }; - 4C9264DE0534866F004B0E72 /* entropy.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264AE0534866F004B0E72 /* entropy.cpp */; }; - 4C9264DF0534866F004B0E72 /* entropy.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264AF0534866F004B0E72 /* entropy.h */; }; - 4C9264E20534866F004B0E72 /* key.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264B50534866F004B0E72 /* key.cpp */; }; - 4C9264E30534866F004B0E72 /* key.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264B60534866F004B0E72 /* key.h */; }; - 4C9264E40534866F004B0E72 /* main.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264B70534866F004B0E72 /* main.cpp */; }; - 4C9264E50534866F004B0E72 /* notifications.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264B80534866F004B0E72 /* notifications.cpp */; }; - 4C9264E60534866F004B0E72 /* notifications.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264B90534866F004B0E72 /* notifications.h */; }; - 4C9264E70534866F004B0E72 /* process.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264BA0534866F004B0E72 /* process.cpp */; }; - 4C9264E80534866F004B0E72 /* process.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264BB0534866F004B0E72 /* process.h */; }; - 4C9264EA0534866F004B0E72 /* server.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264BE0534866F004B0E72 /* server.cpp */; }; - 4C9264EB0534866F004B0E72 /* server.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264BF0534866F004B0E72 /* server.h */; }; - 4C9264EC0534866F004B0E72 /* session.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264C00534866F004B0E72 /* session.cpp */; }; - 4C9264ED0534866F004B0E72 /* session.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264C10534866F004B0E72 /* session.h */; }; - 4C9264EE0534866F004B0E72 /* transition.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264C20534866F004B0E72 /* transition.cpp */; }; - 4CB5ACBB06680AE000F359A9 /* child.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4CB5ACB906680AE000F359A9 /* child.cpp */; }; - 4CB5ACBC06680AE000F359A9 /* child.h in Headers */ = {isa = PBXBuildFile; fileRef = 4CB5ACBA06680AE000F359A9 /* child.h */; }; - C207646505EAD713004FEEDA /* kckey.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C207646305EAD713004FEEDA /* kckey.cpp */; }; - C207646605EAD713004FEEDA /* kckey.h in Headers */ = {isa = PBXBuildFile; fileRef = C207646405EAD713004FEEDA /* kckey.h */; }; - C20764E805ED250F004FEEDA /* localdatabase.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C20764E405ED250F004FEEDA /* localdatabase.cpp */; }; - C20764E905ED250F004FEEDA /* localdatabase.h in Headers */ = {isa = PBXBuildFile; fileRef = C20764E505ED250F004FEEDA /* localdatabase.h */; }; - C20764EA05ED250F004FEEDA /* localkey.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C20764E605ED250F004FEEDA /* localkey.cpp */; }; - C20764EB05ED250F004FEEDA /* localkey.h in Headers */ = {isa = PBXBuildFile; fileRef = C20764E705ED250F004FEEDA /* localkey.h */; }; - C209B3B506ADBE64007B9E6D /* self.h in Headers */ = {isa = PBXBuildFile; fileRef = C209B3B206ADBE64007B9E6D /* self.h */; }; - C209B3B606ADBE64007B9E6D /* selfServer.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C209B3B306ADBE64007B9E6D /* selfServer.cpp */; settings = {COMPILER_FLAGS = "-D__MigTypeCheck=1"; }; }; - C209B3B706ADBE64007B9E6D /* selfUser.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C209B3B406ADBE64007B9E6D /* selfUser.cpp */; }; - C20AF37E05F689540055732C /* tempdatabase.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C20AF37C05F689540055732C /* tempdatabase.cpp */; }; - C20AF37F05F689540055732C /* tempdatabase.h in Headers */ = {isa = PBXBuildFile; fileRef = C20AF37D05F689540055732C /* tempdatabase.h */; }; - C22A7F8E06AF06D9006087B7 /* tokend.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C22A7F8C06AF06D9006087B7 /* tokend.cpp */; }; - C22A7F8F06AF06D9006087B7 /* tokend.h in Headers */ = {isa = PBXBuildFile; fileRef = C22A7F8D06AF06D9006087B7 /* tokend.h */; }; - C22C344E0B278E770009368E /* osxcodewrap.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C22C344C0B278E770009368E /* osxcodewrap.cpp */; }; - C22C344F0B278E770009368E /* osxcodewrap.h in Headers */ = {isa = PBXBuildFile; fileRef = C22C344D0B278E770009368E /* osxcodewrap.h */; }; - C22C34540B278EB60009368E /* clientid.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C22C34520B278EB60009368E /* clientid.cpp */; }; - C22C34550B278EB60009368E /* clientid.h in Headers */ = {isa = PBXBuildFile; fileRef = C22C34530B278EB60009368E /* clientid.h */; }; - C26D533906C1E70A00062E1E /* tokenkey.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C26D533706C1E70A00062E1E /* tokenkey.cpp */; }; - C26D533A06C1E70A00062E1E /* tokenkey.h in Headers */ = {isa = PBXBuildFile; fileRef = C26D533806C1E70A00062E1E /* tokenkey.h */; }; - C26EA9530688CF34007CE21D /* tokencache.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C26EA9510688CF34007CE21D /* tokencache.cpp */; }; - C26EA9540688CF34007CE21D /* tokencache.h in Headers */ = {isa = PBXBuildFile; fileRef = C26EA9520688CF34007CE21D /* tokencache.h */; }; - C2813C810730534A00E243E8 /* tokenaccess.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2813C7F0730534A00E243E8 /* tokenaccess.cpp */; }; - C2813C820730534A00E243E8 /* tokenaccess.h in Headers */ = {isa = PBXBuildFile; fileRef = C2813C800730534A00E243E8 /* tokenaccess.h */; }; - C28654B206DBC2A30021E6E5 /* tokenacl.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C28654B006DBC2A30021E6E5 /* tokenacl.cpp */; }; - C28654B306DBC2A30021E6E5 /* tokenacl.h in Headers */ = {isa = PBXBuildFile; fileRef = C28654B106DBC2A30021E6E5 /* tokenacl.h */; }; - C28ACF9C05C9940B00447176 /* structure.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C28ACF9A05C9940B00447176 /* structure.cpp */; }; - C28ACF9D05C9940B00447176 /* structure.h in Headers */ = {isa = PBXBuildFile; fileRef = C28ACF9B05C9940B00447176 /* structure.h */; }; - C2B8DBCB05E6C3CE00E6E67C /* database.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2B8DBC705E6C3CE00E6E67C /* database.cpp */; }; - C2B8DBCC05E6C3CE00E6E67C /* database.h in Headers */ = {isa = PBXBuildFile; fileRef = C2B8DBC805E6C3CE00E6E67C /* database.h */; }; - C2B8DBCD05E6C3CE00E6E67C /* kcdatabase.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2B8DBC905E6C3CE00E6E67C /* kcdatabase.cpp */; }; - C2B8DBCE05E6C3CE00E6E67C /* kcdatabase.h in Headers */ = {isa = PBXBuildFile; fileRef = C2B8DBCA05E6C3CE00E6E67C /* kcdatabase.h */; }; - C2BD5FDC0AC47E850057FD3D /* csproxy.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2BD5FDA0AC47E850057FD3D /* csproxy.cpp */; }; - C2BD5FDD0AC47E850057FD3D /* csproxy.h in Headers */ = {isa = PBXBuildFile; fileRef = C2BD5FDB0AC47E850057FD3D /* csproxy.h */; }; - C2D425F305F3C07400CB11F8 /* tokendatabase.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2D425F105F3C07400CB11F8 /* tokendatabase.cpp */; }; - C2D425F405F3C07400CB11F8 /* tokendatabase.h in Headers */ = {isa = PBXBuildFile; fileRef = C2D425F205F3C07400CB11F8 /* tokendatabase.h */; }; - C2FDCAC50663CD5B0013F64C /* pcscmonitor.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2FDCABD0663CD5B0013F64C /* pcscmonitor.cpp */; }; - C2FDCAC60663CD5B0013F64C /* pcscmonitor.h in Headers */ = {isa = PBXBuildFile; fileRef = C2FDCABE0663CD5B0013F64C /* pcscmonitor.h */; }; - C2FDCAC70663CD5B0013F64C /* reader.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2FDCABF0663CD5B0013F64C /* reader.cpp */; }; - C2FDCAC80663CD5B0013F64C /* reader.h in Headers */ = {isa = PBXBuildFile; fileRef = C2FDCAC00663CD5B0013F64C /* reader.h */; }; - C2FDCAC90663CD5B0013F64C /* token.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2FDCAC10663CD5B0013F64C /* token.cpp */; }; - C2FDCACA0663CD5B0013F64C /* token.h in Headers */ = {isa = PBXBuildFile; fileRef = C2FDCAC20663CD5B0013F64C /* token.h */; }; - D6C887F00A55B6220044DFD2 /* SharedMemoryServer.cpp in Sources */ = {isa = PBXBuildFile; fileRef = D6C887ED0A55B6220044DFD2 /* SharedMemoryServer.cpp */; }; - D6C887F10A55B6220044DFD2 /* SharedMemoryServer.h in Headers */ = {isa = PBXBuildFile; fileRef = D6C887EE0A55B6220044DFD2 /* SharedMemoryServer.h */; }; + 4E0BB2B40F79590300BBFEFA /* ccaudit_extensions.h in Headers */ = {isa = PBXBuildFile; fileRef = 4E0BB2B20F79590300BBFEFA /* ccaudit_extensions.h */; }; + 4E0BB2B50F79590300BBFEFA /* ccaudit_extensions.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4E0BB2B30F79590300BBFEFA /* ccaudit_extensions.cpp */; }; + AAC707230E6F4335003CC2B2 /* acl_keychain.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264990534866F004B0E72 /* acl_keychain.h */; }; + AAC707240E6F4335003CC2B2 /* acls.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C92649B0534866F004B0E72 /* acls.h */; }; + AAC707250E6F4335003CC2B2 /* agentquery.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C92649D0534866F004B0E72 /* agentquery.h */; }; + AAC707260E6F4335003CC2B2 /* authority.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C92649F0534866F004B0E72 /* authority.h */; }; + AAC707270E6F4335003CC2B2 /* AuthorizationDBPlist.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264A10534866F004B0E72 /* AuthorizationDBPlist.h */; }; + AAC707280E6F4335003CC2B2 /* AuthorizationEngine.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264A30534866F004B0E72 /* AuthorizationEngine.h */; }; + AAC707290E6F4335003CC2B2 /* AuthorizationMechEval.h in Headers */ = {isa = PBXBuildFile; fileRef = 405845660663B2010083E58C /* AuthorizationMechEval.h */; }; + AAC7072A0E6F4335003CC2B2 /* AuthorizationRule.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264A50534866F004B0E72 /* AuthorizationRule.h */; }; + AAC7072B0E6F4335003CC2B2 /* child.h in Headers */ = {isa = PBXBuildFile; fileRef = 4CB5ACBA06680AE000F359A9 /* child.h */; }; + AAC7072C0E6F4335003CC2B2 /* codesigdb.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264A90534866F004B0E72 /* codesigdb.h */; }; + AAC7072D0E6F4335003CC2B2 /* connection.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264AB0534866F004B0E72 /* connection.h */; }; + AAC7072E0E6F4335003CC2B2 /* database.h in Headers */ = {isa = PBXBuildFile; fileRef = C2B8DBC805E6C3CE00E6E67C /* database.h */; }; + AAC7072F0E6F4335003CC2B2 /* dbcrypto.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264AD0534866F004B0E72 /* dbcrypto.h */; }; + AAC707300E6F4335003CC2B2 /* entropy.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264AF0534866F004B0E72 /* entropy.h */; }; + AAC707310E6F4335003CC2B2 /* kcdatabase.h in Headers */ = {isa = PBXBuildFile; fileRef = C2B8DBCA05E6C3CE00E6E67C /* kcdatabase.h */; }; + AAC707320E6F4335003CC2B2 /* kckey.h in Headers */ = {isa = PBXBuildFile; fileRef = C207646405EAD713004FEEDA /* kckey.h */; }; + AAC707330E6F4335003CC2B2 /* key.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264B60534866F004B0E72 /* key.h */; }; + AAC707340E6F4335003CC2B2 /* localdatabase.h in Headers */ = {isa = PBXBuildFile; fileRef = C20764E505ED250F004FEEDA /* localdatabase.h */; }; + AAC707350E6F4335003CC2B2 /* localkey.h in Headers */ = {isa = PBXBuildFile; fileRef = C20764E705ED250F004FEEDA /* localkey.h */; }; + AAC707360E6F4335003CC2B2 /* notifications.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264B90534866F004B0E72 /* notifications.h */; }; + AAC707370E6F4335003CC2B2 /* pcscmonitor.h in Headers */ = {isa = PBXBuildFile; fileRef = C2FDCABE0663CD5B0013F64C /* pcscmonitor.h */; }; + AAC707380E6F4335003CC2B2 /* process.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264BB0534866F004B0E72 /* process.h */; }; + AAC707390E6F4335003CC2B2 /* reader.h in Headers */ = {isa = PBXBuildFile; fileRef = C2FDCAC00663CD5B0013F64C /* reader.h */; }; + AAC7073A0E6F4335003CC2B2 /* server.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264BF0534866F004B0E72 /* server.h */; }; + AAC7073B0E6F4335003CC2B2 /* session.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C9264C10534866F004B0E72 /* session.h */; }; + AAC7073C0E6F4335003CC2B2 /* structure.h in Headers */ = {isa = PBXBuildFile; fileRef = C28ACF9B05C9940B00447176 /* structure.h */; }; + AAC7073D0E6F4335003CC2B2 /* tempdatabase.h in Headers */ = {isa = PBXBuildFile; fileRef = C20AF37D05F689540055732C /* tempdatabase.h */; }; + AAC7073E0E6F4335003CC2B2 /* token.h in Headers */ = {isa = PBXBuildFile; fileRef = C2FDCAC20663CD5B0013F64C /* token.h */; }; + AAC7073F0E6F4335003CC2B2 /* tokendatabase.h in Headers */ = {isa = PBXBuildFile; fileRef = C2D425F205F3C07400CB11F8 /* tokendatabase.h */; }; + AAC707400E6F4335003CC2B2 /* tokencache.h in Headers */ = {isa = PBXBuildFile; fileRef = C26EA9520688CF34007CE21D /* tokencache.h */; }; + AAC707410E6F4335003CC2B2 /* self.h in Headers */ = {isa = PBXBuildFile; fileRef = C209B3B206ADBE64007B9E6D /* self.h */; }; + AAC707420E6F4335003CC2B2 /* tokend.h in Headers */ = {isa = PBXBuildFile; fileRef = C22A7F8D06AF06D9006087B7 /* tokend.h */; }; + AAC707430E6F4335003CC2B2 /* tokenkey.h in Headers */ = {isa = PBXBuildFile; fileRef = C26D533806C1E70A00062E1E /* tokenkey.h */; }; + AAC707440E6F4335003CC2B2 /* tokenacl.h in Headers */ = {isa = PBXBuildFile; fileRef = C28654B106DBC2A30021E6E5 /* tokenacl.h */; }; + AAC707450E6F4335003CC2B2 /* tokenaccess.h in Headers */ = {isa = PBXBuildFile; fileRef = C2813C800730534A00E243E8 /* tokenaccess.h */; }; + AAC707460E6F4335003CC2B2 /* authhost.h in Headers */ = {isa = PBXBuildFile; fileRef = 40689F840725DCE00021A502 /* authhost.h */; }; + AAC707470E6F4335003CC2B2 /* SharedMemoryServer.h in Headers */ = {isa = PBXBuildFile; fileRef = D6C887EE0A55B6220044DFD2 /* SharedMemoryServer.h */; }; + AAC707480E6F4335003CC2B2 /* csproxy.h in Headers */ = {isa = PBXBuildFile; fileRef = C2BD5FDB0AC47E850057FD3D /* csproxy.h */; }; + AAC707490E6F4335003CC2B2 /* credential.h in Headers */ = {isa = PBXBuildFile; fileRef = 407ACD060AE5B57700A9DA90 /* credential.h */; }; + AAC7074B0E6F4335003CC2B2 /* clientid.h in Headers */ = {isa = PBXBuildFile; fileRef = C22C34530B278EB60009368E /* clientid.h */; }; + AAC7074C0E6F4335003CC2B2 /* dtrace.h in Headers */ = {isa = PBXBuildFile; fileRef = C26CF0880CDFE1180094DD9D /* dtrace.h */; }; + AAC7074D0E6F4352003CC2B2 /* acl_keychain.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264980534866F004B0E72 /* acl_keychain.cpp */; }; + AAC7074E0E6F4352003CC2B2 /* acls.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C92649A0534866F004B0E72 /* acls.cpp */; }; + AAC7074F0E6F4352003CC2B2 /* agentquery.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C92649C0534866F004B0E72 /* agentquery.cpp */; }; + AAC707500E6F4352003CC2B2 /* authority.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C92649E0534866F004B0E72 /* authority.cpp */; }; + AAC707510E6F4352003CC2B2 /* AuthorizationDBPlist.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264A00534866F004B0E72 /* AuthorizationDBPlist.cpp */; }; + AAC707520E6F4352003CC2B2 /* AuthorizationEngine.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264A20534866F004B0E72 /* AuthorizationEngine.cpp */; }; + AAC707530E6F4352003CC2B2 /* AuthorizationMechEval.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 405845650663B2010083E58C /* AuthorizationMechEval.cpp */; }; + AAC707540E6F4352003CC2B2 /* AuthorizationRule.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264A40534866F004B0E72 /* AuthorizationRule.cpp */; }; + AAC707550E6F4352003CC2B2 /* child.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4CB5ACB906680AE000F359A9 /* child.cpp */; }; + AAC707560E6F4352003CC2B2 /* codesigdb.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264A80534866F004B0E72 /* codesigdb.cpp */; }; + AAC707570E6F4352003CC2B2 /* connection.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264AA0534866F004B0E72 /* connection.cpp */; }; + AAC707580E6F4352003CC2B2 /* database.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2B8DBC705E6C3CE00E6E67C /* database.cpp */; }; + AAC707590E6F4352003CC2B2 /* dbcrypto.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264AC0534866F004B0E72 /* dbcrypto.cpp */; }; + AAC7075A0E6F4352003CC2B2 /* entropy.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264AE0534866F004B0E72 /* entropy.cpp */; }; + AAC7075B0E6F4352003CC2B2 /* kcdatabase.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2B8DBC905E6C3CE00E6E67C /* kcdatabase.cpp */; }; + AAC7075C0E6F4352003CC2B2 /* kckey.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C207646305EAD713004FEEDA /* kckey.cpp */; }; + AAC7075D0E6F4352003CC2B2 /* key.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264B50534866F004B0E72 /* key.cpp */; }; + AAC7075E0E6F4352003CC2B2 /* localdatabase.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C20764E405ED250F004FEEDA /* localdatabase.cpp */; }; + AAC7075F0E6F4352003CC2B2 /* localkey.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C20764E605ED250F004FEEDA /* localkey.cpp */; }; + AAC707600E6F4352003CC2B2 /* main.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264B70534866F004B0E72 /* main.cpp */; }; + AAC707610E6F4352003CC2B2 /* notifications.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264B80534866F004B0E72 /* notifications.cpp */; }; + AAC707620E6F4352003CC2B2 /* pcscmonitor.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2FDCABD0663CD5B0013F64C /* pcscmonitor.cpp */; }; + AAC707630E6F4352003CC2B2 /* process.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264BA0534866F004B0E72 /* process.cpp */; }; + AAC707640E6F4352003CC2B2 /* reader.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2FDCABF0663CD5B0013F64C /* reader.cpp */; }; + AAC707650E6F4352003CC2B2 /* server.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264BE0534866F004B0E72 /* server.cpp */; }; + AAC707660E6F4352003CC2B2 /* session.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264C00534866F004B0E72 /* session.cpp */; }; + AAC707670E6F4352003CC2B2 /* structure.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C28ACF9A05C9940B00447176 /* structure.cpp */; }; + AAC707680E6F4352003CC2B2 /* tempdatabase.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C20AF37C05F689540055732C /* tempdatabase.cpp */; }; + AAC707690E6F4352003CC2B2 /* token.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2FDCAC10663CD5B0013F64C /* token.cpp */; }; + AAC7076A0E6F4352003CC2B2 /* tokendatabase.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2D425F105F3C07400CB11F8 /* tokendatabase.cpp */; }; + AAC7076B0E6F4352003CC2B2 /* transition.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C9264C20534866F004B0E72 /* transition.cpp */; }; + AAC7076C0E6F4352003CC2B2 /* tokencache.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C26EA9510688CF34007CE21D /* tokencache.cpp */; }; + AAC7076D0E6F4352003CC2B2 /* selfServer.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C209B3B306ADBE64007B9E6D /* selfServer.cpp */; }; + AAC7076E0E6F4352003CC2B2 /* selfUser.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C209B3B406ADBE64007B9E6D /* selfUser.cpp */; }; + AAC7076F0E6F4352003CC2B2 /* tokend.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C22A7F8C06AF06D9006087B7 /* tokend.cpp */; }; + AAC707700E6F4352003CC2B2 /* tokenkey.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C26D533706C1E70A00062E1E /* tokenkey.cpp */; }; + AAC707710E6F4352003CC2B2 /* tokenacl.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C28654B006DBC2A30021E6E5 /* tokenacl.cpp */; }; + AAC707720E6F4352003CC2B2 /* tokenaccess.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2813C7F0730534A00E243E8 /* tokenaccess.cpp */; }; + AAC707730E6F4352003CC2B2 /* authhost.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 40689F850725DCE00021A502 /* authhost.cpp */; }; + AAC707740E6F4352003CC2B2 /* SharedMemoryServer.cpp in Sources */ = {isa = PBXBuildFile; fileRef = D6C887ED0A55B6220044DFD2 /* SharedMemoryServer.cpp */; }; + AAC707750E6F4352003CC2B2 /* csproxy.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2BD5FDA0AC47E850057FD3D /* csproxy.cpp */; }; + AAC707760E6F4352003CC2B2 /* credential.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 407ACD070AE5B57700A9DA90 /* credential.cpp */; }; + AAC707780E6F4352003CC2B2 /* clientid.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C22C34520B278EB60009368E /* clientid.cpp */; }; + ED5130690E7F1259002A3749 /* securityd.1 in CopyFiles */ = {isa = PBXBuildFile; fileRef = 4CE1878706FFC5D60079D235 /* securityd.1 */; }; /* End PBXBuildFile section */ /* Begin PBXContainerItemProxy section */ - 4CD8CCB5055884BD006B3584 /* PBXContainerItemProxy */ = { + AA1A9FF80E71EF08003D0309 /* PBXContainerItemProxy */ = { + isa = PBXContainerItemProxy; + containerPortal = 4CA1FEB0052A3C5800F22E42 /* Project object */; + proxyType = 1; + remoteGlobalIDString = C26CF02C0CD934260094DD9D; + remoteInfo = DTrace; + }; + AA1AA00E0E71F2ED003D0309 /* PBXContainerItemProxy */ = { isa = PBXContainerItemProxy; containerPortal = 4CA1FEB0052A3C5800F22E42 /* Project object */; proxyType = 1; - remoteGlobalIDString = 4CA4EB2C0558848900CF7791; + remoteGlobalIDString = AA6D4B810E6F3B210050206D; remoteInfo = startup; }; - C209B3A906ADBD6D007B9E6D /* PBXContainerItemProxy */ = { + AA1AA0100E71F2F7003D0309 /* PBXContainerItemProxy */ = { isa = PBXContainerItemProxy; containerPortal = 4CA1FEB0052A3C5800F22E42 /* Project object */; proxyType = 1; - remoteGlobalIDString = C209B3A506ADBCAC007B9E6D; + remoteGlobalIDString = AA6D4B7A0E6F3A910050206D; remoteInfo = mig; }; /* End PBXContainerItemProxy section */ /* Begin PBXCopyFilesBuildPhase section */ - 4C01B3D706FFC621004B3A01 /* CopyFiles */ = { + ED51306A0E7F1277002A3749 /* CopyFiles */ = { isa = PBXCopyFilesBuildPhase; buildActionMask = 8; - dstPath = /usr/share/man/man1/; + dstPath = /usr/share/man/man1; dstSubfolderSpec = 0; files = ( - 4C01B3DA06FFC640004B3A01 /* securityd.1 in CopyFiles */, + ED5130690E7F1259002A3749 /* securityd.1 in CopyFiles */, ); runOnlyForDeploymentPostprocessing = 1; }; @@ -181,7 +211,6 @@ 4C9264C00534866F004B0E72 /* session.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = session.cpp; sourceTree = ""; }; 4C9264C10534866F004B0E72 /* session.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = session.h; sourceTree = ""; }; 4C9264C20534866F004B0E72 /* transition.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = transition.cpp; sourceTree = ""; }; - 4CA1FEB6052A3C6D00F22E42 /* securityd */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; path = securityd; sourceTree = BUILT_PRODUCTS_DIR; }; 4CB5ACB906680AE000F359A9 /* child.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = child.cpp; sourceTree = ""; }; 4CB5ACBA06680AE000F359A9 /* child.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = child.h; sourceTree = ""; }; 4CD8CCBC055884E0006B3584 /* authorization.plist */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.plist; path = authorization.plist; sourceTree = ""; }; @@ -192,6 +221,10 @@ 4CDD506B0537666500FEC36D /* IOKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = IOKit.framework; path = /System/Library/Frameworks/IOKit.framework; sourceTree = ""; }; 4CE1878606FFC5D60079D235 /* BLOBFORMAT */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; path = BLOBFORMAT; sourceTree = ""; }; 4CE1878706FFC5D60079D235 /* securityd.1 */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.man; path = securityd.1; sourceTree = ""; }; + 4E0BB2B20F79590300BBFEFA /* ccaudit_extensions.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = ccaudit_extensions.h; sourceTree = ""; }; + 4E0BB2B30F79590300BBFEFA /* ccaudit_extensions.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = ccaudit_extensions.cpp; sourceTree = ""; }; + AA6D4B8A0E6F3BB80050206D /* securityd */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = securityd; sourceTree = BUILT_PRODUCTS_DIR; }; + AAA020B10E367BB000A6F842 /* dtrace.mk */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text; name = dtrace.mk; path = dtrace/dtrace.mk; sourceTree = ""; }; C207646305EAD713004FEEDA /* kckey.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = kckey.cpp; sourceTree = ""; }; C207646405EAD713004FEEDA /* kckey.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = kckey.h; sourceTree = ""; }; C20764E405ED250F004FEEDA /* localdatabase.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = localdatabase.cpp; sourceTree = ""; }; @@ -207,10 +240,10 @@ C20AF37D05F689540055732C /* tempdatabase.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = tempdatabase.h; sourceTree = ""; }; C22A7F8C06AF06D9006087B7 /* tokend.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = tokend.cpp; sourceTree = ""; }; C22A7F8D06AF06D9006087B7 /* tokend.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = tokend.h; sourceTree = ""; }; - C22C344C0B278E770009368E /* osxcodewrap.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = osxcodewrap.cpp; sourceTree = ""; }; - C22C344D0B278E770009368E /* osxcodewrap.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = osxcodewrap.h; sourceTree = ""; }; C22C34520B278EB60009368E /* clientid.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = clientid.cpp; sourceTree = ""; }; C22C34530B278EB60009368E /* clientid.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = clientid.h; sourceTree = ""; }; + C26CF0230CD933AE0094DD9D /* securityd.d */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.dtrace; name = securityd.d; path = src/securityd.d; sourceTree = ""; }; + C26CF0880CDFE1180094DD9D /* dtrace.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = dtrace.h; path = src/dtrace.h; sourceTree = ""; }; C26D533706C1E70A00062E1E /* tokenkey.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = tokenkey.cpp; sourceTree = ""; }; C26D533806C1E70A00062E1E /* tokenkey.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = tokenkey.h; sourceTree = ""; }; C26EA9510688CF34007CE21D /* tokencache.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = tokencache.cpp; sourceTree = ""; }; @@ -229,6 +262,7 @@ C2B8DBCA05E6C3CE00E6E67C /* kcdatabase.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = kcdatabase.h; sourceTree = ""; }; C2BD5FDA0AC47E850057FD3D /* csproxy.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = csproxy.cpp; sourceTree = ""; }; C2BD5FDB0AC47E850057FD3D /* csproxy.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = csproxy.h; sourceTree = ""; }; + C2CB75A90CE26A3600727A2B /* securityd-watch.d */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.dtrace; name = "securityd-watch.d"; path = "dtrace/securityd-watch.d"; sourceTree = ""; }; C2D425F105F3C07400CB11F8 /* tokendatabase.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = tokendatabase.cpp; sourceTree = ""; }; C2D425F205F3C07400CB11F8 /* tokendatabase.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = tokendatabase.h; sourceTree = ""; }; C2FDCABD0663CD5B0013F64C /* pcscmonitor.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = pcscmonitor.cpp; sourceTree = ""; }; @@ -242,7 +276,7 @@ /* End PBXFileReference section */ /* Begin PBXFrameworksBuildPhase section */ - 4CA1FEB3052A3C6D00F22E42 /* Frameworks */ = { + AA6D4B880E6F3BB80050206D /* Frameworks */ = { isa = PBXFrameworksBuildPhase; buildActionMask = 2147483647; files = ( @@ -264,6 +298,7 @@ C28AE82606CD7E4700BE0061 /* ACLs */, C28AE81106CD7D7800BE0061 /* Authorization */, C22C34510B278E950009368E /* Client Identification */, + C26AC79D0DAED222005BFB40 /* Code Signing */, C28AE83906CD7EE900BE0061 /* Support */, ); path = src; @@ -274,6 +309,7 @@ children = ( 4C9264970534866F004B0E72 /* src */, C209B39106ADBB19007B9E6D /* mig */, + C26CF0290CD933D60094DD9D /* DTrace */, 4CE1878506FFC5D60079D235 /* doc */, C209B39406ADBB2B007B9E6D /* derived_src */, C28AE82006CD7DF500BE0061 /* Build Stuff */, @@ -286,7 +322,7 @@ 4CA1FEB7052A3C6D00F22E42 /* Products */ = { isa = PBXGroup; children = ( - 4CA1FEB6052A3C6D00F22E42 /* securityd */, + AA6D4B8A0E6F3BB80050206D /* securityd */, ); name = Products; sourceTree = ""; @@ -348,14 +384,32 @@ children = ( C22C34530B278EB60009368E /* clientid.h */, C22C34520B278EB60009368E /* clientid.cpp */, - C2BD5FDB0AC47E850057FD3D /* csproxy.h */, - C2BD5FDA0AC47E850057FD3D /* csproxy.cpp */, 4C9264A90534866F004B0E72 /* codesigdb.h */, 4C9264A80534866F004B0E72 /* codesigdb.cpp */, ); name = "Client Identification"; sourceTree = ""; }; + C26AC79D0DAED222005BFB40 /* Code Signing */ = { + isa = PBXGroup; + children = ( + C2BD5FDB0AC47E850057FD3D /* csproxy.h */, + C2BD5FDA0AC47E850057FD3D /* csproxy.cpp */, + ); + name = "Code Signing"; + sourceTree = ""; + }; + C26CF0290CD933D60094DD9D /* DTrace */ = { + isa = PBXGroup; + children = ( + C26CF0230CD933AE0094DD9D /* securityd.d */, + C26CF0880CDFE1180094DD9D /* dtrace.h */, + C2CB75A90CE26A3600727A2B /* securityd-watch.d */, + AAA020B10E367BB000A6F842 /* dtrace.mk */, + ); + name = DTrace; + sourceTree = ""; + }; C28AE7FE06CD7CFF00BE0061 /* Token */ = { isa = PBXGroup; children = ( @@ -505,14 +559,14 @@ children = ( 4C92649D0534866F004B0E72 /* agentquery.h */, 4C92649C0534866F004B0E72 /* agentquery.cpp */, + 4E0BB2B20F79590300BBFEFA /* ccaudit_extensions.h */, + 4E0BB2B30F79590300BBFEFA /* ccaudit_extensions.cpp */, 4CB5ACBA06680AE000F359A9 /* child.h */, 4CB5ACB906680AE000F359A9 /* child.cpp */, 4C9264AF0534866F004B0E72 /* entropy.h */, 4C9264AE0534866F004B0E72 /* entropy.cpp */, 4C9264B90534866F004B0E72 /* notifications.h */, 4C9264B80534866F004B0E72 /* notifications.cpp */, - C22C344D0B278E770009368E /* osxcodewrap.h */, - C22C344C0B278E770009368E /* osxcodewrap.cpp */, D6C887EE0A55B6220044DFD2 /* SharedMemoryServer.h */, D6C887ED0A55B6220044DFD2 /* SharedMemoryServer.cpp */, ); @@ -531,93 +585,102 @@ /* End PBXGroup section */ /* Begin PBXHeadersBuildPhase section */ - 4CA1FEB1052A3C6D00F22E42 /* Headers */ = { + AAC7077A0E6F437A003CC2B2 /* Headers */ = { isa = PBXHeadersBuildPhase; buildActionMask = 2147483647; files = ( - 4C9264C90534866F004B0E72 /* acl_keychain.h in Headers */, - 4C9264CB0534866F004B0E72 /* acls.h in Headers */, - 4C9264CD0534866F004B0E72 /* agentquery.h in Headers */, - 4C9264CF0534866F004B0E72 /* authority.h in Headers */, - 4C9264D10534866F004B0E72 /* AuthorizationDBPlist.h in Headers */, - 4C9264D30534866F004B0E72 /* AuthorizationEngine.h in Headers */, - 405845680663B2010083E58C /* AuthorizationMechEval.h in Headers */, - 4C9264D50534866F004B0E72 /* AuthorizationRule.h in Headers */, - 4CB5ACBC06680AE000F359A9 /* child.h in Headers */, - 4C9264D90534866F004B0E72 /* codesigdb.h in Headers */, - 4C9264DB0534866F004B0E72 /* connection.h in Headers */, - C2B8DBCC05E6C3CE00E6E67C /* database.h in Headers */, - 4C9264DD0534866F004B0E72 /* dbcrypto.h in Headers */, - 4C9264DF0534866F004B0E72 /* entropy.h in Headers */, - C2B8DBCE05E6C3CE00E6E67C /* kcdatabase.h in Headers */, - C207646605EAD713004FEEDA /* kckey.h in Headers */, - 4C9264E30534866F004B0E72 /* key.h in Headers */, - C20764E905ED250F004FEEDA /* localdatabase.h in Headers */, - C20764EB05ED250F004FEEDA /* localkey.h in Headers */, - 4C9264E60534866F004B0E72 /* notifications.h in Headers */, - C2FDCAC60663CD5B0013F64C /* pcscmonitor.h in Headers */, - 4C9264E80534866F004B0E72 /* process.h in Headers */, - C2FDCAC80663CD5B0013F64C /* reader.h in Headers */, - 4C9264EB0534866F004B0E72 /* server.h in Headers */, - 4C9264ED0534866F004B0E72 /* session.h in Headers */, - C28ACF9D05C9940B00447176 /* structure.h in Headers */, - C20AF37F05F689540055732C /* tempdatabase.h in Headers */, - C2FDCACA0663CD5B0013F64C /* token.h in Headers */, - C2D425F405F3C07400CB11F8 /* tokendatabase.h in Headers */, - C26EA9540688CF34007CE21D /* tokencache.h in Headers */, - C209B3B506ADBE64007B9E6D /* self.h in Headers */, - C22A7F8F06AF06D9006087B7 /* tokend.h in Headers */, - C26D533A06C1E70A00062E1E /* tokenkey.h in Headers */, - C28654B306DBC2A30021E6E5 /* tokenacl.h in Headers */, - C2813C820730534A00E243E8 /* tokenaccess.h in Headers */, - 40689F860725DCE00021A502 /* authhost.h in Headers */, - D6C887F10A55B6220044DFD2 /* SharedMemoryServer.h in Headers */, - C2BD5FDD0AC47E850057FD3D /* csproxy.h in Headers */, - 407ACD080AE5B57700A9DA90 /* credential.h in Headers */, - C22C344F0B278E770009368E /* osxcodewrap.h in Headers */, - C22C34550B278EB60009368E /* clientid.h in Headers */, + AAC707230E6F4335003CC2B2 /* acl_keychain.h in Headers */, + AAC707240E6F4335003CC2B2 /* acls.h in Headers */, + AAC707250E6F4335003CC2B2 /* agentquery.h in Headers */, + AAC707260E6F4335003CC2B2 /* authority.h in Headers */, + AAC707270E6F4335003CC2B2 /* AuthorizationDBPlist.h in Headers */, + AAC707280E6F4335003CC2B2 /* AuthorizationEngine.h in Headers */, + AAC707290E6F4335003CC2B2 /* AuthorizationMechEval.h in Headers */, + AAC7072A0E6F4335003CC2B2 /* AuthorizationRule.h in Headers */, + AAC7072B0E6F4335003CC2B2 /* child.h in Headers */, + AAC7072C0E6F4335003CC2B2 /* codesigdb.h in Headers */, + AAC7072D0E6F4335003CC2B2 /* connection.h in Headers */, + AAC7072E0E6F4335003CC2B2 /* database.h in Headers */, + AAC7072F0E6F4335003CC2B2 /* dbcrypto.h in Headers */, + AAC707300E6F4335003CC2B2 /* entropy.h in Headers */, + AAC707310E6F4335003CC2B2 /* kcdatabase.h in Headers */, + AAC707320E6F4335003CC2B2 /* kckey.h in Headers */, + AAC707330E6F4335003CC2B2 /* key.h in Headers */, + AAC707340E6F4335003CC2B2 /* localdatabase.h in Headers */, + AAC707350E6F4335003CC2B2 /* localkey.h in Headers */, + AAC707360E6F4335003CC2B2 /* notifications.h in Headers */, + AAC707370E6F4335003CC2B2 /* pcscmonitor.h in Headers */, + AAC707380E6F4335003CC2B2 /* process.h in Headers */, + AAC707390E6F4335003CC2B2 /* reader.h in Headers */, + AAC7073A0E6F4335003CC2B2 /* server.h in Headers */, + AAC7073B0E6F4335003CC2B2 /* session.h in Headers */, + AAC7073C0E6F4335003CC2B2 /* structure.h in Headers */, + AAC7073D0E6F4335003CC2B2 /* tempdatabase.h in Headers */, + AAC7073E0E6F4335003CC2B2 /* token.h in Headers */, + AAC7073F0E6F4335003CC2B2 /* tokendatabase.h in Headers */, + AAC707400E6F4335003CC2B2 /* tokencache.h in Headers */, + AAC707410E6F4335003CC2B2 /* self.h in Headers */, + AAC707420E6F4335003CC2B2 /* tokend.h in Headers */, + AAC707430E6F4335003CC2B2 /* tokenkey.h in Headers */, + AAC707440E6F4335003CC2B2 /* tokenacl.h in Headers */, + AAC707450E6F4335003CC2B2 /* tokenaccess.h in Headers */, + AAC707460E6F4335003CC2B2 /* authhost.h in Headers */, + AAC707470E6F4335003CC2B2 /* SharedMemoryServer.h in Headers */, + AAC707480E6F4335003CC2B2 /* csproxy.h in Headers */, + AAC707490E6F4335003CC2B2 /* credential.h in Headers */, + AAC7074B0E6F4335003CC2B2 /* clientid.h in Headers */, + AAC7074C0E6F4335003CC2B2 /* dtrace.h in Headers */, + 4E0BB2B40F79590300BBFEFA /* ccaudit_extensions.h in Headers */, ); runOnlyForDeploymentPostprocessing = 0; }; /* End PBXHeadersBuildPhase section */ -/* Begin PBXLegacyTarget section */ - 4CA4EB2C0558848900CF7791 /* startup */ = { - isa = PBXLegacyTarget; - buildArgumentsString = "-f $(SRCROOT)/etc/startup.mk $(ACTION)"; - buildConfigurationList = C27AD4A30987FCF4001272E0 /* Build configuration list for PBXLegacyTarget "startup" */; +/* Begin PBXNativeTarget section */ + AA6D4B890E6F3BB80050206D /* securityd */ = { + isa = PBXNativeTarget; + buildConfigurationList = AA6D4B900E6F3BE80050206D /* Build configuration list for PBXNativeTarget "securityd" */; buildPhases = ( + AAC7077A0E6F437A003CC2B2 /* Headers */, + AA6D4B870E6F3BB80050206D /* Sources */, + AA6D4B880E6F3BB80050206D /* Frameworks */, + ED51306A0E7F1277002A3749 /* CopyFiles */, + ); + buildRules = ( ); - buildToolPath = /usr/bin/gnumake; - buildWorkingDirectory = ""; dependencies = ( + AA1AA00F0E71F2ED003D0309 /* PBXTargetDependency */, + AA1AA0110E71F2F7003D0309 /* PBXTargetDependency */, + AA1A9FF90E71EF08003D0309 /* PBXTargetDependency */, ); - name = startup; - passBuildSettingsInEnvironment = 1; - productName = startup; + name = securityd; + productName = securityd_native; + productReference = AA6D4B8A0E6F3BB80050206D /* securityd */; + productType = "com.apple.product-type.tool"; }; -/* End PBXLegacyTarget section */ +/* End PBXNativeTarget section */ /* Begin PBXProject section */ 4CA1FEB0052A3C5800F22E42 /* Project object */ = { isa = PBXProject; buildConfigurationList = C27AD4AD0987FCF4001272E0 /* Build configuration list for PBXProject "securityd" */; - compatibilityVersion = "Xcode 2.4"; + compatibilityVersion = "Xcode 3.1"; hasScannedForEncodings = 1; mainGroup = 4CA1FEAC052A3C5800F22E42; productRefGroup = 4CA1FEB7052A3C6D00F22E42 /* Products */; projectDirPath = ""; projectRoot = ""; targets = ( - 4CA1FEB5052A3C6D00F22E42 /* securityd */, - 4CA4EB2C0558848900CF7791 /* startup */, - C209B3A506ADBCAC007B9E6D /* mig */, + AA6D4B890E6F3BB80050206D /* securityd */, + C26CF02C0CD934260094DD9D /* DTrace */, + AA6D4B7A0E6F3A910050206D /* mig */, + AA6D4B810E6F3B210050206D /* startup */, ); }; /* End PBXProject section */ /* Begin PBXShellScriptBuildPhase section */ - C209B3A406ADBCAC007B9E6D /* ShellScript */ = { + AA6D4B790E6F3A910050206D /* ShellScript */ = { isa = PBXShellScriptBuildPhase; buildActionMask = 2147483647; files = ( @@ -627,110 +690,125 @@ outputPaths = ( ); runOnlyForDeploymentPostprocessing = 0; - shellPath = /bin/bash; + shellPath = /bin/sh; shellScript = "make -f mig/mig.mk\n"; }; + AA6D4B800E6F3B210050206D /* ShellScript */ = { + isa = PBXShellScriptBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + inputPaths = ( + ); + outputPaths = ( + ); + runOnlyForDeploymentPostprocessing = 0; + shellPath = /bin/sh; + shellScript = "/usr/bin/gnumake -f $SRCROOT/etc/startup.mk $ACTION\n\n"; + }; + C26CF0360CD9343A0094DD9D /* ShellScript */ = { + isa = PBXShellScriptBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + inputPaths = ( + ); + outputPaths = ( + ); + runOnlyForDeploymentPostprocessing = 0; + shellPath = /bin/bash; + shellScript = "export DERIVED_SRC=$BUILT_PRODUCTS_DIR/derived_src\nmkdir -p $DERIVED_SRC\nmake -f $SRCROOT/dtrace/dtrace.mk\n"; + }; /* End PBXShellScriptBuildPhase section */ /* Begin PBXSourcesBuildPhase section */ - 4CA1FEB2052A3C6D00F22E42 /* Sources */ = { + AA6D4B870E6F3BB80050206D /* Sources */ = { isa = PBXSourcesBuildPhase; buildActionMask = 2147483647; files = ( - 4C9264C80534866F004B0E72 /* acl_keychain.cpp in Sources */, - 4C9264CA0534866F004B0E72 /* acls.cpp in Sources */, - 4C9264CC0534866F004B0E72 /* agentquery.cpp in Sources */, - 4C9264CE0534866F004B0E72 /* authority.cpp in Sources */, - 4C9264D00534866F004B0E72 /* AuthorizationDBPlist.cpp in Sources */, - 4C9264D20534866F004B0E72 /* AuthorizationEngine.cpp in Sources */, - 405845670663B2010083E58C /* AuthorizationMechEval.cpp in Sources */, - 4C9264D40534866F004B0E72 /* AuthorizationRule.cpp in Sources */, - 4CB5ACBB06680AE000F359A9 /* child.cpp in Sources */, - 4C9264D80534866F004B0E72 /* codesigdb.cpp in Sources */, - 4C9264DA0534866F004B0E72 /* connection.cpp in Sources */, - C2B8DBCB05E6C3CE00E6E67C /* database.cpp in Sources */, - 4C9264DC0534866F004B0E72 /* dbcrypto.cpp in Sources */, - 4C9264DE0534866F004B0E72 /* entropy.cpp in Sources */, - C2B8DBCD05E6C3CE00E6E67C /* kcdatabase.cpp in Sources */, - C207646505EAD713004FEEDA /* kckey.cpp in Sources */, - 4C9264E20534866F004B0E72 /* key.cpp in Sources */, - C20764E805ED250F004FEEDA /* localdatabase.cpp in Sources */, - C20764EA05ED250F004FEEDA /* localkey.cpp in Sources */, - 4C9264E40534866F004B0E72 /* main.cpp in Sources */, - 4C9264E50534866F004B0E72 /* notifications.cpp in Sources */, - C2FDCAC50663CD5B0013F64C /* pcscmonitor.cpp in Sources */, - 4C9264E70534866F004B0E72 /* process.cpp in Sources */, - C2FDCAC70663CD5B0013F64C /* reader.cpp in Sources */, - 4C9264EA0534866F004B0E72 /* server.cpp in Sources */, - 4C9264EC0534866F004B0E72 /* session.cpp in Sources */, - C28ACF9C05C9940B00447176 /* structure.cpp in Sources */, - C20AF37E05F689540055732C /* tempdatabase.cpp in Sources */, - C2FDCAC90663CD5B0013F64C /* token.cpp in Sources */, - C2D425F305F3C07400CB11F8 /* tokendatabase.cpp in Sources */, - 4C9264EE0534866F004B0E72 /* transition.cpp in Sources */, - C26EA9530688CF34007CE21D /* tokencache.cpp in Sources */, - C209B3B606ADBE64007B9E6D /* selfServer.cpp in Sources */, - C209B3B706ADBE64007B9E6D /* selfUser.cpp in Sources */, - C22A7F8E06AF06D9006087B7 /* tokend.cpp in Sources */, - C26D533906C1E70A00062E1E /* tokenkey.cpp in Sources */, - C28654B206DBC2A30021E6E5 /* tokenacl.cpp in Sources */, - C2813C810730534A00E243E8 /* tokenaccess.cpp in Sources */, - 40689F870725DCE00021A502 /* authhost.cpp in Sources */, - D6C887F00A55B6220044DFD2 /* SharedMemoryServer.cpp in Sources */, - C2BD5FDC0AC47E850057FD3D /* csproxy.cpp in Sources */, - 407ACD090AE5B57700A9DA90 /* credential.cpp in Sources */, - C22C344E0B278E770009368E /* osxcodewrap.cpp in Sources */, - C22C34540B278EB60009368E /* clientid.cpp in Sources */, + AAC7074D0E6F4352003CC2B2 /* acl_keychain.cpp in Sources */, + AAC7074E0E6F4352003CC2B2 /* acls.cpp in Sources */, + AAC7074F0E6F4352003CC2B2 /* agentquery.cpp in Sources */, + AAC707500E6F4352003CC2B2 /* authority.cpp in Sources */, + AAC707510E6F4352003CC2B2 /* AuthorizationDBPlist.cpp in Sources */, + AAC707520E6F4352003CC2B2 /* AuthorizationEngine.cpp in Sources */, + AAC707530E6F4352003CC2B2 /* AuthorizationMechEval.cpp in Sources */, + AAC707540E6F4352003CC2B2 /* AuthorizationRule.cpp in Sources */, + AAC707550E6F4352003CC2B2 /* child.cpp in Sources */, + AAC707560E6F4352003CC2B2 /* codesigdb.cpp in Sources */, + AAC707570E6F4352003CC2B2 /* connection.cpp in Sources */, + AAC707580E6F4352003CC2B2 /* database.cpp in Sources */, + AAC707590E6F4352003CC2B2 /* dbcrypto.cpp in Sources */, + AAC7075A0E6F4352003CC2B2 /* entropy.cpp in Sources */, + AAC7075B0E6F4352003CC2B2 /* kcdatabase.cpp in Sources */, + AAC7075C0E6F4352003CC2B2 /* kckey.cpp in Sources */, + AAC7075D0E6F4352003CC2B2 /* key.cpp in Sources */, + AAC7075E0E6F4352003CC2B2 /* localdatabase.cpp in Sources */, + AAC7075F0E6F4352003CC2B2 /* localkey.cpp in Sources */, + AAC707600E6F4352003CC2B2 /* main.cpp in Sources */, + AAC707610E6F4352003CC2B2 /* notifications.cpp in Sources */, + AAC707620E6F4352003CC2B2 /* pcscmonitor.cpp in Sources */, + AAC707630E6F4352003CC2B2 /* process.cpp in Sources */, + AAC707640E6F4352003CC2B2 /* reader.cpp in Sources */, + AAC707650E6F4352003CC2B2 /* server.cpp in Sources */, + AAC707660E6F4352003CC2B2 /* session.cpp in Sources */, + AAC707670E6F4352003CC2B2 /* structure.cpp in Sources */, + AAC707680E6F4352003CC2B2 /* tempdatabase.cpp in Sources */, + AAC707690E6F4352003CC2B2 /* token.cpp in Sources */, + AAC7076A0E6F4352003CC2B2 /* tokendatabase.cpp in Sources */, + AAC7076B0E6F4352003CC2B2 /* transition.cpp in Sources */, + AAC7076C0E6F4352003CC2B2 /* tokencache.cpp in Sources */, + AAC7076D0E6F4352003CC2B2 /* selfServer.cpp in Sources */, + AAC7076E0E6F4352003CC2B2 /* selfUser.cpp in Sources */, + AAC7076F0E6F4352003CC2B2 /* tokend.cpp in Sources */, + AAC707700E6F4352003CC2B2 /* tokenkey.cpp in Sources */, + AAC707710E6F4352003CC2B2 /* tokenacl.cpp in Sources */, + AAC707720E6F4352003CC2B2 /* tokenaccess.cpp in Sources */, + AAC707730E6F4352003CC2B2 /* authhost.cpp in Sources */, + AAC707740E6F4352003CC2B2 /* SharedMemoryServer.cpp in Sources */, + AAC707750E6F4352003CC2B2 /* csproxy.cpp in Sources */, + AAC707760E6F4352003CC2B2 /* credential.cpp in Sources */, + AAC707780E6F4352003CC2B2 /* clientid.cpp in Sources */, + 4E0BB2B50F79590300BBFEFA /* ccaudit_extensions.cpp in Sources */, ); runOnlyForDeploymentPostprocessing = 0; }; /* End PBXSourcesBuildPhase section */ /* Begin PBXTargetDependency section */ - 4CD8CCB6055884BD006B3584 /* PBXTargetDependency */ = { + AA1A9FF90E71EF08003D0309 /* PBXTargetDependency */ = { isa = PBXTargetDependency; - target = 4CA4EB2C0558848900CF7791 /* startup */; - targetProxy = 4CD8CCB5055884BD006B3584 /* PBXContainerItemProxy */; + target = C26CF02C0CD934260094DD9D /* DTrace */; + targetProxy = AA1A9FF80E71EF08003D0309 /* PBXContainerItemProxy */; }; - C209B3AA06ADBD6D007B9E6D /* PBXTargetDependency */ = { + AA1AA00F0E71F2ED003D0309 /* PBXTargetDependency */ = { isa = PBXTargetDependency; - target = C209B3A506ADBCAC007B9E6D /* mig */; - targetProxy = C209B3A906ADBD6D007B9E6D /* PBXContainerItemProxy */; + target = AA6D4B810E6F3B210050206D /* startup */; + targetProxy = AA1AA00E0E71F2ED003D0309 /* PBXContainerItemProxy */; }; -/* End PBXTargetDependency section */ - -/* Begin PBXToolTarget section */ - 4CA1FEB5052A3C6D00F22E42 /* securityd */ = { - isa = PBXToolTarget; - buildConfigurationList = C27AD4A80987FCF4001272E0 /* Build configuration list for PBXToolTarget "securityd" */; - buildPhases = ( - 4CA1FEB1052A3C6D00F22E42 /* Headers */, - 4CA1FEB2052A3C6D00F22E42 /* Sources */, - 4CA1FEB3052A3C6D00F22E42 /* Frameworks */, - 4C01B3D706FFC621004B3A01 /* CopyFiles */, - ); - dependencies = ( - C209B3AA06ADBD6D007B9E6D /* PBXTargetDependency */, - 4CD8CCB6055884BD006B3584 /* PBXTargetDependency */, - ); - name = securityd; - productInstallPath = /usr/sbin; - productName = securityd; - productReference = 4CA1FEB6052A3C6D00F22E42 /* securityd */; + AA1AA0110E71F2F7003D0309 /* PBXTargetDependency */ = { + isa = PBXTargetDependency; + target = AA6D4B7A0E6F3A910050206D /* mig */; + targetProxy = AA1AA0100E71F2F7003D0309 /* PBXContainerItemProxy */; }; -/* End PBXToolTarget section */ +/* End PBXTargetDependency section */ /* Begin XCBuildConfiguration section */ - C27AD49A0987FCF4001272E0 /* Development */ = { + AA6D4B7B0E6F3A910050206D /* Development */ = { isa = XCBuildConfiguration; buildSettings = { BUILD_VARIANTS = debug; + CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)"; + CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)"; COPY_PHASE_STRIP = NO; CSSM_HEADERS = "$(BUILT_PRODUCTS_DIR)/Security.framework/Headers:$(SYSTEM_LIBRARY_DIR)/Frameworks/Security.framework/Headers"; GCC_DYNAMIC_NO_PIC = NO; - GCC_ENABLE_FIX_AND_CONTINUE = YES; GCC_GENERATE_DEBUGGING_SYMBOLS = YES; GCC_OPTIMIZATION_LEVEL = 0; + HEADER_SEARCH_PATHS = ( + "$(BUILT_PRODUCTS_DIR)/SecurityPieces/Headers", + "$(BUILT_PRODUCTS_DIR)/SecurityPieces/PrivateHeaders", + ); OTHER_CFLAGS = ""; OTHER_LDFLAGS = ""; OTHER_REZFLAGS = ""; @@ -745,13 +823,16 @@ }; name = Development; }; - C27AD49B0987FCF4001272E0 /* Deployment */ = { + AA6D4B7C0E6F3A910050206D /* Deployment */ = { isa = XCBuildConfiguration; buildSettings = { + CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)"; + CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)"; + COPY_PHASE_STRIP = YES; CSSM_HEADERS = "$(BUILT_PRODUCTS_DIR)/Security.framework/Headers:$(SYSTEM_LIBRARY_DIR)/Frameworks/Security.framework/Headers"; DEAD_CODE_STRIPPING = YES; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; GCC_DYNAMIC_NO_PIC = NO; - GCC_ENABLE_FIX_AND_CONTINUE = YES; GCC_GENERATE_DEBUGGING_SYMBOLS = NO; OTHER_CFLAGS = ""; OTHER_LDFLAGS = ""; @@ -767,10 +848,12 @@ }; name = Deployment; }; - C27AD49C0987FCF4001272E0 /* normal with debug */ = { + AA6D4B7D0E6F3A910050206D /* normal with debug */ = { isa = XCBuildConfiguration; buildSettings = { BUILD_VARIANTS = normal; + CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)"; + CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)"; COPY_PHASE_STRIP = NO; OPT_LDFLAGS = ""; OPT_LDXFLAGS = ""; @@ -790,9 +873,11 @@ }; name = "normal with debug"; }; - C27AD49D0987FCF4001272E0 /* Default */ = { + AA6D4B7E0E6F3A910050206D /* Default */ = { isa = XCBuildConfiguration; buildSettings = { + CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)"; + CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)"; OTHER_CFLAGS = ""; OTHER_LDFLAGS = ""; OTHER_REZFLAGS = ""; @@ -806,14 +891,13 @@ }; name = Default; }; - C27AD4A40987FCF4001272E0 /* Development */ = { + AA6D4B820E6F3B210050206D /* Development */ = { isa = XCBuildConfiguration; buildSettings = { BUILD_VARIANTS = debug; COPY_PHASE_STRIP = NO; CSSM_HEADERS = "$(BUILT_PRODUCTS_DIR)/Security.framework/Headers:$(SYSTEM_LIBRARY_DIR)/Frameworks/Security.framework/Headers"; GCC_DYNAMIC_NO_PIC = NO; - GCC_ENABLE_FIX_AND_CONTINUE = YES; GCC_GENERATE_DEBUGGING_SYMBOLS = YES; GCC_OPTIMIZATION_LEVEL = 0; OTHER_CFLAGS = ""; @@ -830,13 +914,14 @@ }; name = Development; }; - C27AD4A50987FCF4001272E0 /* Deployment */ = { + AA6D4B830E6F3B210050206D /* Deployment */ = { isa = XCBuildConfiguration; buildSettings = { + COPY_PHASE_STRIP = YES; CSSM_HEADERS = "$(BUILT_PRODUCTS_DIR)/Security.framework/Headers:$(SYSTEM_LIBRARY_DIR)/Frameworks/Security.framework/Headers"; DEAD_CODE_STRIPPING = YES; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; GCC_DYNAMIC_NO_PIC = NO; - GCC_ENABLE_FIX_AND_CONTINUE = YES; GCC_GENERATE_DEBUGGING_SYMBOLS = NO; OTHER_CFLAGS = ""; OTHER_LDFLAGS = ""; @@ -852,52 +937,29 @@ }; name = Deployment; }; - C27AD4A60987FCF4001272E0 /* normal with debug */ = { + AA6D4B840E6F3B210050206D /* normal with debug */ = { isa = XCBuildConfiguration; buildSettings = { - BUILD_VARIANTS = normal; - COPY_PHASE_STRIP = NO; - OPT_LDFLAGS = ""; - OPT_LDXFLAGS = ""; - OPT_LDXNOPIC = ""; - OTHER_CFLAGS = ""; - OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -O1 -fno-inline"; - OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CPLUSPLUSFLAGS) -O1 -fno-inline"; - OTHER_LDFLAGS = ""; - OTHER_REZFLAGS = ""; - PRODUCT_NAME = startup; - SECTORDER_FLAGS = ""; - WARNING_CFLAGS = ( - "-Wmost", - "-Wno-four-char-constants", - "-Wno-unknown-pragmas", - ); + PRODUCT_NAME = startup_native; }; name = "normal with debug"; }; - C27AD4A70987FCF4001272E0 /* Default */ = { + AA6D4B850E6F3B210050206D /* Default */ = { isa = XCBuildConfiguration; buildSettings = { - OTHER_CFLAGS = ""; - OTHER_LDFLAGS = ""; - OTHER_REZFLAGS = ""; - PRODUCT_NAME = startup; - SECTORDER_FLAGS = ""; - WARNING_CFLAGS = ( - "-Wmost", - "-Wno-four-char-constants", - "-Wno-unknown-pragmas", - ); + PRODUCT_NAME = startup_native; }; name = Default; }; - C27AD4A90987FCF4001272E0 /* Development */ = { + AA6D4B8C0E6F3BB80050206D /* Development */ = { isa = XCBuildConfiguration; buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + ARCHS = "$(NATIVE_ARCH)"; BUILD_VARIANTS = debug; COPY_PHASE_STRIP = NO; CSSM_HEADERS = "$(BUILT_PRODUCTS_DIR)/Security.framework/Headers:$(SYSTEM_LIBRARY_DIR)/Frameworks/Security.framework/Headers"; - CURRENT_PROJECT_VERSION = 36489; + CURRENT_PROJECT_VERSION = 36975; FRAMEWORK_SEARCH_PATHS = ( /usr/local/SecurityPieces/Frameworks, /usr/local/SecurityPieces/Components/securityd, @@ -905,63 +967,53 @@ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks", ); GCC_DYNAMIC_NO_PIC = NO; - GCC_ENABLE_FIX_AND_CONTINUE = YES; GCC_GENERATE_DEBUGGING_SYMBOLS = YES; GCC_OPTIMIZATION_LEVEL = 0; + HEADER_SEARCH_PATHS = "\"$(BUILT_PRODUCTS_DIR)/derived_src\""; INSTALL_PATH = /usr/sbin; - OPTIMIZATION_CFLAGS = "-O0"; OPT_CPPXFLAGS = "$(OPT_CXFLAGS)"; OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)"; OPT_INLINEXFLAGS = "-finline-functions"; OPT_LDXFLAGS = "-dead_strip"; OPT_LDXNOPIC = ",_nopic"; + ORDER_FILE = "$(SRCROOT)/src/securityd.order"; OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)"; OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)"; OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg"; - OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline"; + OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline"; OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)"; OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg"; - OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -fno-inline"; + OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline -gdwarf-2"; OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)"; OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg"; - OTHER_LDFLAGS = ( - "-lbsm", - "-exported_symbols_list", - "$(SRCROOT)/src/securityd.exp", - ); - OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) \"-framework\" \"Security,_debug\" \"-framework\" \"PCSC,_debug\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client,_debug\" \"-framework\" \"security_tokend_client,_debug\" \"-framework\" \"security_cdsa_client,_debug\" \"-framework\" \"securityd_server,_debug\" \"-framework\" \"securityd_client,_debug\" \"-framework\" \"security_cdsa_utilities,_debug\" \"-framework\" \"security_utilities,_debug\" \"-framework\" \"security_codesigning,_debug\""; + OTHER_LDFLAGS = "-lbsm"; + OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) \"-framework\" \"Security,_debug\" \"-framework\" \"PCSC,_debug\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client,_debug\" \"-framework\" \"security_tokend_client,_debug\" \"-framework\" \"security_cdsa_client,_debug\" \"-framework\" \"securityd_server,_debug\" \"-framework\" \"securityd_client,_debug\" \"-framework\" \"security_cdsa_utilities,_debug\" \"-framework\" \"security_utilities,_debug\" \"-framework\" \"security_codesigning,_debug\" -gdwarf-2"; OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) \"-framework\" \"Security\" \"-framework\" \"PCSC\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_tokend_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_cdsa_client$(OPT_LDXNOPIC)\" \"-framework\" \"securityd_server$(OPT_LDXNOPIC)\" \"-framework\" \"securityd_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_cdsa_utilities$(OPT_LDXNOPIC)\" \"-framework\" \"security_utilities$(OPT_LDXNOPIC)\""; OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg \"-framework\" \"Security,_profile\" \"-framework\" \"PCSC,_profile\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client,_profile\" \"-framework\" \"security_tokend_client,_profile\" \"-framework\" \"security_cdsa_client,_profile\" \"-framework\" \"securityd_server,_profile\" \"-framework\" \"securityd_client,_profile\" \"-framework\" \"security_cdsa_utilities,_profile\" \"-framework\" \"security_utilities,_profile\""; + PREBINDING = NO; PRODUCT_NAME = securityd; - SECTORDER_FLAGS = ( - "-sectorder", - __TEXT, - __text, - src/securityd.order, - "-e", - start, - ); VERSIONING_SYSTEM = "apple-generic"; WARNING_CFLAGS = ( "-Wmost", "-Wno-four-char-constants", "-Wno-unknown-pragmas", ); - ZERO_LINK = YES; + ZERO_LINK = NO; }; name = Development; }; - C27AD4AA0987FCF4001272E0 /* Deployment */ = { + AA6D4B8D0E6F3BB80050206D /* Deployment */ = { isa = XCBuildConfiguration; buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; BUILD_VARIANTS = ( normal, debug, ); + COPY_PHASE_STRIP = "(null)"; CSSM_HEADERS = "$(BUILT_PRODUCTS_DIR)/Security.framework/Headers:$(SYSTEM_LIBRARY_DIR)/Frameworks/Security.framework/Headers"; - CURRENT_PROJECT_VERSION = 36489; - DEAD_CODE_STRIPPING = YES; - EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/securityd.exp"; + CURRENT_PROJECT_VERSION = 36975; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; FRAMEWORK_SEARCH_PATHS = ( /usr/local/SecurityPieces/Frameworks, /usr/local/SecurityPieces/Components/securityd, @@ -969,40 +1021,31 @@ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks", ); GCC_DYNAMIC_NO_PIC = NO; - GCC_ENABLE_FIX_AND_CONTINUE = YES; GCC_GENERATE_DEBUGGING_SYMBOLS = NO; + GCC_OPTIMIZATION_LEVEL = s; + HEADER_SEARCH_PATHS = "\"$(BUILT_PRODUCTS_DIR)/derived_src\""; INSTALL_PATH = /usr/sbin; OPT_CPPXFLAGS = "$(OPT_CXFLAGS)"; OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)"; OPT_INLINEXFLAGS = "-finline-functions"; OPT_LDXFLAGS = "-dead_strip"; OPT_LDXNOPIC = ",_nopic"; - OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)"; + ORDER_FILE = "$(SRCROOT)/src/securityd.order"; + OTHER_ASFLAGS_debug = "\"$(OTHER_CFLAGS)\""; OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)"; OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg"; - OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O1 -fno-inline"; + OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline"; OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)"; OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg"; - OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O1 -fno-inline"; + OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline -gdwarf-2"; OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)"; OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg"; - OTHER_LDFLAGS = ( - "-lbsm", - "-exported_symbols_list", - "$(SRCROOT)/src/securityd.exp", - ); + OTHER_LDFLAGS = "-lbsm"; OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) \"-framework\" \"Security,_debug\" \"-framework\" \"PCSC,_debug\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client,_debug\" \"-framework\" \"security_tokend_client,_debug\" \"-framework\" \"security_cdsa_client,_debug\" \"-framework\" \"securityd_server,_debug\" \"-framework\" \"securityd_client,_debug\" \"-framework\" \"security_cdsa_utilities,_debug\" \"-framework\" \"security_utilities,_debug\" \"-framework\" \"security_codesigning,_debug\""; OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) \"-framework\" \"Security\" \"-framework\" \"PCSC\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_tokend_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_cdsa_client$(OPT_LDXNOPIC)\" \"-framework\" \"securityd_server$(OPT_LDXNOPIC)\" \"-framework\" \"securityd_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_cdsa_utilities$(OPT_LDXNOPIC)\" \"-framework\" \"security_utilities$(OPT_LDXNOPIC)\""; OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg \"-framework\" \"Security,_profile\" \"-framework\" \"PCSC,_profile\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client,_profile\" \"-framework\" \"security_tokend_client,_profile\" \"-framework\" \"security_cdsa_client,_profile\" \"-framework\" \"securityd_server,_profile\" \"-framework\" \"securityd_client,_profile\" \"-framework\" \"security_cdsa_utilities,_profile\" \"-framework\" \"security_utilities,_profile\""; + PREBINDING = NO; PRODUCT_NAME = securityd; - SECTORDER_FLAGS = ( - "-sectorder", - __TEXT, - __text, - src/securityd.order, - "-e", - start, - ); VERSIONING_SYSTEM = "apple-generic"; WARNING_CFLAGS = ( "-Wmost", @@ -1013,122 +1056,155 @@ }; name = Deployment; }; - C27AD4AB0987FCF4001272E0 /* normal with debug */ = { + AA6D4B8E0E6F3BB80050206D /* normal with debug */ = { isa = XCBuildConfiguration; buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; BUILD_VARIANTS = normal; COPY_PHASE_STRIP = NO; - CURRENT_PROJECT_VERSION = 36489; - EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/securityd.exp"; + CSSM_HEADERS = "$(BUILT_PRODUCTS_DIR)/Security.framework/Headers:$(SYSTEM_LIBRARY_DIR)/Frameworks/Security.framework/Headers"; + CURRENT_PROJECT_VERSION = 36975; FRAMEWORK_SEARCH_PATHS = ( /usr/local/SecurityPieces/Frameworks, /usr/local/SecurityPieces/Components/securityd, /usr/local/SecurityPieces/Components/Security, "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks", ); + GCC_DYNAMIC_NO_PIC = ""; + GCC_GENERATE_DEBUGGING_SYMBOLS = ""; + GCC_MODEL_TUNING = G5; + GCC_OPTIMIZATION_LEVEL = ""; + HEADER_SEARCH_PATHS = "\"$(BUILT_PRODUCTS_DIR)/derived_src\""; INSTALL_PATH = /usr/sbin; OPT_CPPXFLAGS = "$(OPT_CXFLAGS)"; OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)"; OPT_INLINEXFLAGS = "-finline-functions"; - OPT_LDFLAGS = ""; OPT_LDXFLAGS = ""; OPT_LDXNOPIC = ""; - OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)"; + ORDER_FILE = "$(SRCROOT)/src/securityd.order"; + OTHER_ASFLAGS_debug = "\"$(OTHER_CFLAGS)\""; OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)"; OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg"; - OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O1 -fno-inline"; + OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline"; OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -O1 -fno-inline"; OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg"; - OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O1 -fno-inline"; - OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CPLUSPLUSFLAGS) -O1 -fno-inline"; + OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline -gdwarf-2"; + OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CPLUSPLUSFLAGS) -fno-inline"; OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg"; - OTHER_LDFLAGS = ( - "-lbsm", - "-exported_symbols_list", - "$(SRCROOT)/src/securityd.exp", - ); + OTHER_LDFLAGS = "-lbsm"; OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) \"-framework\" \"Security,_debug\" \"-framework\" \"PCSC,_debug\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client,_debug\" \"-framework\" \"security_tokend_client,_debug\" \"-framework\" \"security_cdsa_client,_debug\" \"-framework\" \"securityd_server,_debug\" \"-framework\" \"securityd_client,_debug\" \"-framework\" \"security_cdsa_utilities,_debug\" \"-framework\" \"security_utilities,_debug\" \"-framework\" \"security_codesigning,_debug\""; OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) \"-framework\" \"Security\" \"-framework\" \"PCSC\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_tokend_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_cdsa_client$(OPT_LDXNOPIC)\" \"-framework\" \"securityd_server$(OPT_LDXNOPIC)\" \"-framework\" \"securityd_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_cdsa_utilities$(OPT_LDXNOPIC)\" \"-framework\" \"security_utilities$(OPT_LDXNOPIC)\""; OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg \"-framework\" \"Security,_profile\" \"-framework\" \"PCSC,_profile\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client,_profile\" \"-framework\" \"security_tokend_client,_profile\" \"-framework\" \"security_cdsa_client,_profile\" \"-framework\" \"securityd_server,_profile\" \"-framework\" \"securityd_client,_profile\" \"-framework\" \"security_cdsa_utilities,_profile\" \"-framework\" \"security_utilities,_profile\""; + PREBINDING = NO; PRODUCT_NAME = securityd; - SECTORDER_FLAGS = ( - "-sectorder", - __TEXT, - __text, - src/securityd.order, - "-e", - start, - ); VERSIONING_SYSTEM = "apple-generic"; WARNING_CFLAGS = ( "-Wmost", "-Wno-four-char-constants", "-Wno-unknown-pragmas", ); + ZERO_LINK = NO; }; name = "normal with debug"; }; - C27AD4AC0987FCF4001272E0 /* Default */ = { + AA6D4B8F0E6F3BB80050206D /* Default */ = { isa = XCBuildConfiguration; buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; BUILD_VARIANTS = ( normal, debug, ); - CURRENT_PROJECT_VERSION = 36489; - EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/securityd.exp"; + COPY_PHASE_STRIP = "(null)"; + CSSM_HEADERS = ""; + CURRENT_PROJECT_VERSION = 36975; FRAMEWORK_SEARCH_PATHS = ( /usr/local/SecurityPieces/Frameworks, /usr/local/SecurityPieces/Components/securityd, /usr/local/SecurityPieces/Components/Security, "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks", ); + GCC_DYNAMIC_NO_PIC = ""; + GCC_GENERATE_DEBUGGING_SYMBOLS = ""; + GCC_MODEL_TUNING = G5; + HEADER_SEARCH_PATHS = "$(BUILT_PRODUCTS_DIR)/derived_src"; INSTALL_PATH = /usr/sbin; OPT_CPPXFLAGS = "$(OPT_CXFLAGS)"; OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)"; OPT_INLINEXFLAGS = "-finline-functions"; OPT_LDXFLAGS = "-dead_strip"; OPT_LDXNOPIC = ",_nopic"; + ORDER_FILE = "$(SRCROOT)/src/securityd.order"; OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)"; OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)"; OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg"; - OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O1 -fno-inline"; + OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline -gdwarf-2"; OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)"; OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg"; - OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O1 -fno-inline"; + OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline -gdwarf-2 "; OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)"; OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg"; - OTHER_LDFLAGS = ( - "-lbsm", - "-exported_symbols_list", - "$(SRCROOT)/src/securityd.exp", - ); + OTHER_LDFLAGS = "-lbsm"; OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) \"-framework\" \"Security,_debug\" \"-framework\" \"PCSC,_debug\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client,_debug\" \"-framework\" \"security_tokend_client,_debug\" \"-framework\" \"security_cdsa_client,_debug\" \"-framework\" \"securityd_server,_debug\" \"-framework\" \"securityd_client,_debug\" \"-framework\" \"security_cdsa_utilities,_debug\" \"-framework\" \"security_utilities,_debug\" \"-framework\" \"security_codesigning,_debug\""; OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) \"-framework\" \"Security\" \"-framework\" \"PCSC\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_tokend_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_cdsa_client$(OPT_LDXNOPIC)\" \"-framework\" \"securityd_server$(OPT_LDXNOPIC)\" \"-framework\" \"securityd_client$(OPT_LDXNOPIC)\" \"-framework\" \"security_cdsa_utilities$(OPT_LDXNOPIC)\" \"-framework\" \"security_utilities$(OPT_LDXNOPIC)\""; OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg \"-framework\" \"Security,_profile\" \"-framework\" \"PCSC,_profile\" \"-framework\" \"IOKit\" \"-framework\" \"CoreFoundation\" \"-framework\" \"security_agent_client,_profile\" \"-framework\" \"security_tokend_client,_profile\" \"-framework\" \"security_cdsa_client,_profile\" \"-framework\" \"securityd_server,_profile\" \"-framework\" \"securityd_client,_profile\" \"-framework\" \"security_cdsa_utilities,_profile\" \"-framework\" \"security_utilities,_profile\""; + PREBINDING = NO; PRODUCT_NAME = securityd; - SECTORDER_FLAGS = ( - "-sectorder", - __TEXT, - __text, - src/securityd.order, - "-e", - start, - ); VERSIONING_SYSTEM = "apple-generic"; WARNING_CFLAGS = ( "-Wmost", "-Wno-four-char-constants", "-Wno-unknown-pragmas", ); + ZERO_LINK = NO; + }; + name = Default; + }; + C26CF02D0CD934260094DD9D /* Development */ = { + isa = XCBuildConfiguration; + buildSettings = { + COPY_PHASE_STRIP = NO; + GCC_DYNAMIC_NO_PIC = NO; + GCC_OPTIMIZATION_LEVEL = 0; + INSTALLHDRS_SCRIPT_PHASE = YES; + PRODUCT_NAME = DTrace; + }; + name = Development; + }; + C26CF02E0CD934260094DD9D /* Deployment */ = { + isa = XCBuildConfiguration; + buildSettings = { + COPY_PHASE_STRIP = YES; + DEBUG_INFORMATION_FORMAT = "dwarf-with-dsym"; + INSTALLHDRS_SCRIPT_PHASE = YES; + PRODUCT_NAME = DTrace; + ZERO_LINK = NO; + }; + name = Deployment; + }; + C26CF02F0CD934260094DD9D /* normal with debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + INSTALLHDRS_SCRIPT_PHASE = YES; + PRODUCT_NAME = DTrace; + }; + name = "normal with debug"; + }; + C26CF0300CD934260094DD9D /* Default */ = { + isa = XCBuildConfiguration; + buildSettings = { + INSTALLHDRS_SCRIPT_PHASE = YES; + PRODUCT_NAME = DTrace; }; name = Default; }; C27AD4AE0987FCF4001272E0 /* Development */ = { isa = XCBuildConfiguration; buildSettings = { + CODE_SIGN_IDENTITY = "-"; CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)"; CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)"; + GCC_OPTIMIZATION_LEVEL = 0; HEADER_SEARCH_PATHS = ( "$(BUILT_PRODUCTS_DIR)/SecurityPieces/Headers", "$(BUILT_PRODUCTS_DIR)/SecurityPieces/PrivateHeaders", @@ -1139,6 +1215,7 @@ C27AD4AF0987FCF4001272E0 /* Deployment */ = { isa = XCBuildConfiguration; buildSettings = { + CODE_SIGN_IDENTITY = "-"; CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)"; CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)"; }; @@ -1147,14 +1224,17 @@ C27AD4B00987FCF4001272E0 /* normal with debug */ = { isa = XCBuildConfiguration; buildSettings = { + CODE_SIGN_IDENTITY = "-"; CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)"; CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)"; + GCC_OPTIMIZATION_LEVEL = 0; }; name = "normal with debug"; }; C27AD4B10987FCF4001272E0 /* Default */ = { isa = XCBuildConfiguration; buildSettings = { + CODE_SIGN_IDENTITY = "-"; CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)"; CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)"; }; @@ -1163,35 +1243,46 @@ /* End XCBuildConfiguration section */ /* Begin XCConfigurationList section */ - C27AD4990987FCF4001272E0 /* Build configuration list for PBXAggregateTarget "mig" */ = { + AA6D4B7F0E6F3AE50050206D /* Build configuration list for PBXAggregateTarget "mig" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + AA6D4B7B0E6F3A910050206D /* Development */, + AA6D4B7C0E6F3A910050206D /* Deployment */, + AA6D4B7D0E6F3A910050206D /* normal with debug */, + AA6D4B7E0E6F3A910050206D /* Default */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Default; + }; + AA6D4B860E6F3B8D0050206D /* Build configuration list for PBXAggregateTarget "startup" */ = { isa = XCConfigurationList; buildConfigurations = ( - C27AD49A0987FCF4001272E0 /* Development */, - C27AD49B0987FCF4001272E0 /* Deployment */, - C27AD49C0987FCF4001272E0 /* normal with debug */, - C27AD49D0987FCF4001272E0 /* Default */, + AA6D4B820E6F3B210050206D /* Development */, + AA6D4B830E6F3B210050206D /* Deployment */, + AA6D4B840E6F3B210050206D /* normal with debug */, + AA6D4B850E6F3B210050206D /* Default */, ); defaultConfigurationIsVisible = 0; defaultConfigurationName = Default; }; - C27AD4A30987FCF4001272E0 /* Build configuration list for PBXLegacyTarget "startup" */ = { + AA6D4B900E6F3BE80050206D /* Build configuration list for PBXNativeTarget "securityd" */ = { isa = XCConfigurationList; buildConfigurations = ( - C27AD4A40987FCF4001272E0 /* Development */, - C27AD4A50987FCF4001272E0 /* Deployment */, - C27AD4A60987FCF4001272E0 /* normal with debug */, - C27AD4A70987FCF4001272E0 /* Default */, + AA6D4B8C0E6F3BB80050206D /* Development */, + AA6D4B8D0E6F3BB80050206D /* Deployment */, + AA6D4B8E0E6F3BB80050206D /* normal with debug */, + AA6D4B8F0E6F3BB80050206D /* Default */, ); defaultConfigurationIsVisible = 0; defaultConfigurationName = Default; }; - C27AD4A80987FCF4001272E0 /* Build configuration list for PBXToolTarget "securityd" */ = { + C26CF03B0CD934420094DD9D /* Build configuration list for PBXAggregateTarget "DTrace" */ = { isa = XCConfigurationList; buildConfigurations = ( - C27AD4A90987FCF4001272E0 /* Development */, - C27AD4AA0987FCF4001272E0 /* Deployment */, - C27AD4AB0987FCF4001272E0 /* normal with debug */, - C27AD4AC0987FCF4001272E0 /* Default */, + C26CF02D0CD934260094DD9D /* Development */, + C26CF02E0CD934260094DD9D /* Deployment */, + C26CF02F0CD934260094DD9D /* normal with debug */, + C26CF0300CD934260094DD9D /* Default */, ); defaultConfigurationIsVisible = 0; defaultConfigurationName = Default; diff --git a/src/AuthorizationDBPlist.cpp b/src/AuthorizationDBPlist.cpp index 5d0bc6f..c33a963 100644 --- a/src/AuthorizationDBPlist.cpp +++ b/src/AuthorizationDBPlist.cpp @@ -109,11 +109,11 @@ void AuthorizationDBPlist::save() return; CFIndex configSize = CFDataGetLength(configXML); - size_t bytesWritten = write(fd, CFDataGetBytePtr(configXML), configSize); + ssize_t bytesWritten = write(fd, CFDataGetBytePtr(configXML), configSize); CFRelease(configXML); if (bytesWritten != configSize) { - if (bytesWritten == static_cast(-1)) + if (bytesWritten == -1) Syslog::error("Problem writing rules file \"%s\": (errno=%s)", tempFile.c_str(), strerror(errno)); else @@ -158,9 +158,9 @@ void AuthorizationDBPlist::load() CFMutableDataRef xmlData = CFDataCreateMutable(NULL, fileSize); CFDataSetLength(xmlData, fileSize); void *buffer = CFDataGetMutableBytePtr(xmlData); - size_t bytesRead = read(fd, buffer, fileSize); + ssize_t bytesRead = read(fd, buffer, fileSize); if (bytesRead != fileSize) { - if (bytesRead == static_cast(-1)) { + if (bytesRead == -1) { Syslog::error("Problem reading rules file \"%s\": %s", mFileName.c_str(), strerror(errno)); CFRelease(xmlData); @@ -224,7 +224,10 @@ void AuthorizationDBPlist::parseConfig(CFDictionaryRef config) CFMutableDictionaryRef newRules = NULL; if (!config) + { + Syslog::alert("Failed to parse config, no config"); MacOSError::throwMe(errAuthorizationInternal); + } if (CFDictionaryContainsKey(config, rulesKey)) newRules = reinterpret_cast(const_cast(CFDictionaryGetValue(config, rulesKey))); @@ -242,12 +245,16 @@ void AuthorizationDBPlist::parseConfig(CFDictionaryRef config) try { CFDictionaryApplyFunction(newRights, parseRule, this); } catch (...) { + Syslog::alert("Failed to parse config and apply dictionary function"); MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule file } mConfig = config; } else + { + Syslog::alert("Failed to parse config, invalid rule file"); MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule file + } } void AuthorizationDBPlist::parseRule(const void *key, const void *value, void *context) @@ -264,6 +271,11 @@ void AuthorizationDBPlist::addRight(CFStringRef key, CFDictionaryRef definition) bool AuthorizationDBPlist::validateRule(string inRightName, CFDictionaryRef inRightDefinition) const { + if (!mConfigRules || + 0 == CFDictionaryGetCount(mConfigRules)) { + Syslog::error("No rule definitions!"); + MacOSError::throwMe(errAuthorizationInternal); + } try { Rule newRule(inRightName, inRightDefinition, mConfigRules); if (newRule->name() == inRightName) @@ -278,6 +290,11 @@ AuthorizationDBPlist::validateRule(string inRightName, CFDictionaryRef inRightDe CFDictionaryRef AuthorizationDBPlist::getRuleDefinition(string &key) { + if (!mConfigRights || + 0 == CFDictionaryGetCount(mConfigRights)) { + Syslog::error("No rule definitions!"); + MacOSError::throwMe(errAuthorizationInternal); + } CFStringRef cfKey = makeCFString(key); StLock _(mLock); if (CFDictionaryContainsKey(mConfigRights, cfKey)) { @@ -339,7 +356,10 @@ AuthorizationDBPlist::setRule(const char *inRightName, CFDictionaryRef inRuleDef { // if mConfig is now a reasonable guard if (!inRuleDefinition || !mConfigRights) - MacOSError::throwMe(errAuthorizationDenied); // errInvalidRule + { + Syslog::alert("Failed to set rule, no definition or rights"); + MacOSError::throwMe(errAuthorizationDenied); // ???/gh errAuthorizationInternal instead? + } CFRef keyRef(CFStringCreateWithCString(NULL, inRightName, kCFStringEncodingASCII)); @@ -360,7 +380,10 @@ AuthorizationDBPlist::removeRule(const char *inRightName) { // if mConfig is now a reasonable guard if (!mConfigRights) - MacOSError::throwMe(errAuthorizationDenied); + { + Syslog::alert("Failed to remove rule, no rights"); + MacOSError::throwMe(errAuthorizationDenied); // ???/gh errAuthorizationInternal instead? + } CFRef keyRef(CFStringCreateWithCString(NULL, inRightName, kCFStringEncodingASCII)); diff --git a/src/AuthorizationEngine.cpp b/src/AuthorizationEngine.cpp index cd05764..6b74271 100644 --- a/src/AuthorizationEngine.cpp +++ b/src/AuthorizationEngine.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -26,7 +26,6 @@ #include #include - #include "authority.h" #include @@ -34,7 +33,6 @@ #include #include #include -//#include "session.h" #include "server.h" #include @@ -45,10 +43,13 @@ #include #include -#include +#include // AUE_ssauth* +#include "ccaudit_extensions.h" namespace Authorization { +using namespace CommonCriteria::Securityd; + // // Errors to be thrown @@ -101,6 +102,7 @@ Engine::authorize(const AuthItemSet &inRights, const AuthItemSet &environment, { CredentialSet credentials; OSStatus status = errAuthorizationSuccess; + SecurityAgent::Reason reason = SecurityAgent::noReason; // Get current time of day. CFAbsoluteTime now = CFAbsoluteTimeGetCurrent(); @@ -138,58 +140,62 @@ Engine::authorize(const AuthItemSet &inRights, const AuthItemSet &environment, // generate hints for every authorization AuthItemSet environmentToClient = environment; + RightAuthenticationLogger logger(auth.creatorAuditToken(), AUE_ssauthorize); + AuthItemSet::const_iterator end = inRights.end(); for (AuthItemSet::const_iterator it = inRights.begin(); it != end; ++it) { // Get the rule for each right we are trying to obtain. const Rule &toplevelRule = mAuthdb.getRule(*it); - OSStatus result = toplevelRule->evaluate(*it, toplevelRule, environmentToClient, flags, now, inCredentials, credentials, auth); - secdebug("autheval", "evaluate rule %s for right %s returned %ld.", toplevelRule->name().c_str(), (*it)->name(), result); - - { - string processName = "unknown"; - if (SecCodeRef code = Server::process().currentGuest()) { - CFRef path; - if (!SecCodeCopyPath(code, kSecCSDefaultFlags, &path.aref())) - processName = cfString(path); - } - string authCreatorName = "unknown"; - if (SecStaticCodeRef code = auth.creatorCode()) { - CFRef path; - if (!SecCodeCopyPath(code, kSecCSDefaultFlags, &path.aref())) - authCreatorName = cfString(path); - } + OSStatus result = toplevelRule->evaluate(*it, toplevelRule, environmentToClient, flags, now, inCredentials, credentials, auth, reason); + secdebug("autheval", "evaluate rule %s for right %s returned %d.", toplevelRule->name().c_str(), (*it)->name(), int(result)); + SECURITYD_AUTH_EVALRIGHT(&auth, (char *)(*it)->name(), result); + + string processName = "unknown"; + string authCreatorName = "unknown"; + if (SecCodeRef code = Server::process().currentGuest()) { + CFRef path; + if (!SecCodeCopyPath(code, kSecCSDefaultFlags, &path.aref())) + processName = cfString(path); + } + if (SecStaticCodeRef code = auth.creatorCode()) { + CFRef path; + if (!SecCodeCopyPath(code, kSecCSDefaultFlags, &path.aref())) + authCreatorName = cfString(path); + } + + logger.setRight((*it)->name()); + logger.logAuthorizationResult(processName.c_str(), authCreatorName.c_str(), result); - if (result == errAuthorizationSuccess) { - Syslog::info("Succeeded authorizing right %s by client %s for authorization created by %s.", (*it)->name(), processName.c_str(), authCreatorName.c_str()); - CommonCriteria::AuditRecord auditrec(auth.creatorAuditToken()); - auditrec.submit(AUE_ssauthorize, CommonCriteria::errNone, (*it)->name()); - } else if (result == errAuthorizationDenied) { - Syslog::notice("Failed to authorize right %s by client %s for authorization created by %s.", (*it)->name(), processName.c_str(), authCreatorName.c_str()); - } - } - - if (result == errAuthorizationSuccess) - outRights.insert(*it); - else if (result == errAuthorizationDenied || result == errAuthorizationInteractionNotAllowed) - { - // add creator pid to authorization token - if (!(flags & kAuthorizationFlagPartialRights)) - { - status = result; - break; - } - } + if (result == errAuthorizationSuccess) + { + outRights.insert(*it); + Syslog::info("Succeeded authorizing right '%s' by client '%s' for authorization created by '%s'", (*it)->name(), processName.c_str(), authCreatorName.c_str()); + } + else if (result == errAuthorizationDenied || result == errAuthorizationInteractionNotAllowed) + { + if (result == errAuthorizationDenied) + { + Syslog::notice("Failed to authorize right '%s' by client '%s' for authorization created by '%s'", (*it)->name(), processName.c_str(), authCreatorName.c_str()); + } + + // add creator pid to authorization token + if (!(flags & kAuthorizationFlagPartialRights)) + { + status = result; + break; + } + } else if (result == errAuthorizationCanceled) { status = result; break; - } - else - { - Syslog::error("Engine::authorize: Rule::evaluate returned %ld returning errAuthorizationInternal", result); - status = errAuthorizationInternal; - break; + } + else + { + Syslog::error("Engine::authorize: Rule::evaluate returned %ld returning errAuthorizationInternal", result); + status = errAuthorizationInternal; + break; } } diff --git a/src/AuthorizationEngine.h b/src/AuthorizationEngine.h index a54a5e8..c0dfc83 100644 --- a/src/AuthorizationEngine.h +++ b/src/AuthorizationEngine.h @@ -55,8 +55,7 @@ public: virtual int unixError() const throw(); virtual OSStatus osStatus() const throw(); virtual const char *what () const throw(); - // @@@ Default value should be internal error. - static void throwMe(int err = -1) __attribute((noreturn)); + static void throwMe(int err) __attribute((noreturn)); }; diff --git a/src/AuthorizationMechEval.cpp b/src/AuthorizationMechEval.cpp index 307a149..0080eb3 100644 --- a/src/AuthorizationMechEval.cpp +++ b/src/AuthorizationMechEval.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2003-2004,2008-2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -27,10 +27,12 @@ #include "AuthorizationMechEval.h" #include #include -#include +#include "ccaudit_extensions.h" namespace Authorization { +using namespace CommonCriteria::Securityd; + AgentMechanismRef::AgentMechanismRef(const AuthHostType type, Session &session) : RefPointer(new QueryInvokeMechanism(type, session)) {} @@ -44,6 +46,21 @@ AgentMechanismEvaluator::AgentMechanismEvaluator(uid_t uid, Session& session, co OSStatus AgentMechanismEvaluator::run(const AuthValueVector &inArguments, const AuthItemSet &inHints, const AuthorizationToken &auth) { + AuthMechLogger logger(auth.creatorAuditToken(), AUE_ssauthmech); + string rightName = ""; // for syslog + + // as of 10.6, the first item in inArguments should be the name of the + // requested right, for auditing + try + { + AuthorizationValue val = inArguments.at(0)->value(); + string tmpstr(static_cast(val.data), val.length); + logger.setRight(tmpstr); + rightName.clear(); + rightName = tmpstr; + } + catch (...) { } + const AuthItemSet &inContext = const_cast(auth).infoSet(); // add process specifics to context? @@ -56,10 +73,16 @@ AgentMechanismEvaluator::run(const AuthValueVector &inArguments, const AuthItemS AuthItemSet context = inContext; // add saved-off sticky context values to context for evaluation context.insert(mStickyContext.begin(), mStickyContext.end()); - + while ( (result == kAuthorizationResultAllow) && (currentMechanism != mMechanisms.end()) ) // iterate mechanisms { + SECURITYD_AUTH_MECH(&auth, (char *)(*currentMechanism).c_str()); + + // set up the audit message + logger.setCurrentMechanism(*currentMechanism); + + // do the real work ClientMap::iterator iter = mClients.find(*currentMechanism); if (iter == mClients.end()) { @@ -76,7 +99,12 @@ AgentMechanismEvaluator::run(const AuthValueVector &inArguments, const AuthItemS if (extMechanism != string::npos) { if (extMechanism < extPlugin) + { + string auditMsg = "badly formed mechanism name; ending rule evaluation"; + Syslog::alert("Right '%s', mech '%s': %s", rightName.c_str(), (*currentMechanism).c_str(), auditMsg.c_str()); + logger.logFailure(auditMsg); return errAuthorizationInternal; + } mechanismIn = currentMechanism->substr(extPlugin + 1, extMechanism - extPlugin - 1); authhostIn = currentMechanism->substr(extMechanism + 1); @@ -97,23 +125,30 @@ AgentMechanismEvaluator::run(const AuthValueVector &inArguments, const AuthItemS secdebug("AuthEvalMech", "performing authentication"); result = authinternal(context); - AuthItem *rightItem = hints.find(AGENT_HINT_AUTHORIZE_RIGHT); - string right = (rightItem == NULL) ? string("") : rightItem->stringValue(); - CommonCriteria::AuditRecord auditrec(auth.creatorAuditToken()); if (kAuthorizationResultAllow == result) - auditrec.submit(AUE_ssauthint, CommonCriteria::errNone, right.c_str()); + { + logger.logSuccess(); + } else // kAuthorizationResultDeny - auditrec.submit(AUE_ssauthint, CommonCriteria::errInvalidCredential, right.c_str()); + { + logger.logFailure(); + } } else if (*currentMechanism == "push_hints_to_context") { secdebug("AuthEvalMech", "evaluate push_hints_to_context"); + logger.logSuccess(); // doesn't block evaluation, ever result = kAuthorizationResultAllow; context = hints; } else + { + string auditMsg = "unknown mechanism; ending rule evaluation"; + Syslog::alert("Right '%s', mech '%s': %s", rightName.c_str(), (*currentMechanism).c_str(), auditMsg.c_str()); + logger.logFailure(auditMsg); return errAuthorizationInternal; + } } iter = mClients.find(*currentMechanism); @@ -138,7 +173,11 @@ AgentMechanismEvaluator::run(const AuthValueVector &inArguments, const AuthItemS while (client->state() == client->deactivating) client->receive(); - secdebug("AuthEvalMech", "evaluate(%s) interrupted by %s.", (iter->first).c_str(), (iter2->first).c_str()); + string auditMsg = "evaluation interrupted by "; + auditMsg += (iter2->first).c_str(); + auditMsg += "; restarting evaluation there"; + secdebug("AuthEvalMech", "%s", auditMsg.c_str()); + logger.logInterrupt(auditMsg); interrupted = true; hints = iter2->second->inHints(); @@ -164,18 +203,24 @@ AgentMechanismEvaluator::run(const AuthValueVector &inArguments, const AuthItemS continue; } else - secdebug("AuthEvalMech", "evaluate(%s) with result: %lu.", (iter->first).c_str(), result); + secdebug("AuthEvalMech", "evaluate(%s) with result: %u.", (iter->first).c_str(), (uint32_t)result); } catch (...) { - secdebug("AuthEvalMech", "exception during evaluate(%s).", (iter->first).c_str()); + string auditMsg = "exception during evaluation of "; + auditMsg += (iter->first).c_str(); + secdebug("AuthEvalMech", "%s", auditMsg.c_str()); + logger.logFailure(auditMsg); result = kAuthorizationResultUndefined; } } if (result == kAuthorizationResultAllow) + { + logger.logSuccess(); currentMechanism++; + } } - + if ((result == kAuthorizationResultUserCanceled) || (result == kAuthorizationResultAllow)) { @@ -188,6 +233,8 @@ AgentMechanismEvaluator::run(const AuthValueVector &inArguments, const AuthItemS if (item->flags() != kAuthorizationContextFlagSticky) mContext.insert(item); } + if (result == kAuthorizationResultUserCanceled) + logger.logFailure(NULL, errAuthorizationCanceled); } else if (result == kAuthorizationResultDeny) { @@ -199,6 +246,7 @@ AgentMechanismEvaluator::run(const AuthValueVector &inArguments, const AuthItemS if (item->flags() == kAuthorizationContextFlagSticky) mStickyContext.insert(item); } + logger.logFailure(); } // convert AuthorizationResult to OSStatus @@ -210,8 +258,14 @@ AgentMechanismEvaluator::run(const AuthValueVector &inArguments, const AuthItemS return errAuthorizationCanceled; case kAuthorizationResultAllow: return errAuthorizationSuccess; + case kAuthorizationResultUndefined: + return errAuthorizationInternal; default: + { + Syslog::alert("Right '%s': unexpected error result (%u)", rightName.c_str(), result); + logger.logFailure("unexpected error result", result); return errAuthorizationInternal; + } } } diff --git a/src/AuthorizationMechEval.h b/src/AuthorizationMechEval.h index da8ef57..7e02f25 100644 --- a/src/AuthorizationMechEval.h +++ b/src/AuthorizationMechEval.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2003-2004,2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -48,7 +48,7 @@ public: AgentMechanismEvaluator(uid_t uid, Session &session, const vector& inMechanisms); OSStatus run(const AuthValueVector &inArguments, const AuthItemSet &inHints, const AuthorizationToken &auth); - AuthorizationResult AgentMechanismEvaluator::authinternal(AuthItemSet &context); + AuthorizationResult authinternal(AuthItemSet &context); AuthItemSet &hints() { return mHints; } AuthItemSet &context() { return mContext; } diff --git a/src/AuthorizationRule.cpp b/src/AuthorizationRule.cpp index 1fc8290..61fb2c5 100644 --- a/src/AuthorizationRule.cpp +++ b/src/AuthorizationRule.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2003-2004,2008-2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -31,8 +31,8 @@ #include #include #include -#include #include +#include "ccaudit_extensions.h" #include "authority.h" #include "server.h" #include "process.h" @@ -48,6 +48,8 @@ extern "C" { #include } +using namespace CommonCriteria::Securityd; + // // Rule class // @@ -73,7 +75,7 @@ CFStringRef RuleImpl::kRuleAuthenticateUserID = CFSTR(kAuthorizationRuleParamete string -RuleImpl::Attribute::getString(CFDictionaryRef config, CFStringRef key, bool required = false, char *defaultValue = "") +RuleImpl::Attribute::getString(CFDictionaryRef config, CFStringRef key, bool required = false, const char *defaultValue = "") { CFTypeRef value = CFDictionaryGetValue(config, key); if (value && (CFGetTypeID(value) == CFStringGetTypeID())) @@ -86,7 +88,10 @@ RuleImpl::Attribute::getString(CFDictionaryRef config, CFStringRef key, bool req if (CFStringGetCString(stringValue, buffer, sizeof(buffer), kCFStringEncodingUTF8)) ptr = buffer; else - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + { + Syslog::alert("Could not convert CFString to C string"); + MacOSError::throwMe(errAuthorizationInternal); + } } return string(ptr); @@ -95,7 +100,10 @@ RuleImpl::Attribute::getString(CFDictionaryRef config, CFStringRef key, bool req if (!required) return string(defaultValue); else - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + { + Syslog::alert("Failed to get rule string"); + MacOSError::throwMe(errAuthorizationInternal); + } } double @@ -112,7 +120,10 @@ RuleImpl::Attribute::getDouble(CFDictionaryRef config, CFStringRef key, bool req if (!required) return defaultValue; else - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + { + Syslog::alert("Failed to get rule double value"); + MacOSError::throwMe(errAuthorizationInternal); + } return doubleValue; } @@ -131,7 +142,10 @@ RuleImpl::Attribute::getBool(CFDictionaryRef config, CFStringRef key, bool requi if (!required) return defaultValue; else - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + { + Syslog::alert("Failed to get rule bool value"); + MacOSError::throwMe(errAuthorizationInternal); + } return boolValue; } @@ -146,7 +160,8 @@ RuleImpl::Attribute::getVector(CFDictionaryRef config, CFStringRef key, bool req { CFArrayRef evalArray = reinterpret_cast(value); - for (int index=0; index < CFArrayGetCount(evalArray); index++) + CFIndex numItems = CFArrayGetCount(evalArray); + for (CFIndex index=0; index < numItems; index++) { CFTypeRef arrayValue = CFArrayGetValueAtIndex(evalArray, index); if (arrayValue && (CFGetTypeID(arrayValue) == CFStringGetTypeID())) @@ -159,7 +174,10 @@ RuleImpl::Attribute::getVector(CFDictionaryRef config, CFStringRef key, bool req if (CFStringGetCString(stringValue, buffer, sizeof(buffer), kCFStringEncodingUTF8)) ptr = buffer; else - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + { + Syslog::alert("Failed to convert CFString to C string for item %u in array", index); + MacOSError::throwMe(errAuthorizationInternal); + } } valueArray.push_back(string(ptr)); } @@ -167,7 +185,10 @@ RuleImpl::Attribute::getVector(CFDictionaryRef config, CFStringRef key, bool req } else if (required) - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + { + Syslog::alert("Value for key either not present or not a CFArray"); + MacOSError::throwMe(errAuthorizationInternal); + } return valueArray; } @@ -221,7 +242,10 @@ RuleImpl::RuleImpl(const string &inRightName, CFDictionaryRef cfRight, CFDiction // @@@ make sure cfRight is non mutable and never used that way if (CFGetTypeID(cfRight) != CFDictionaryGetTypeID()) - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + { + Syslog::alert("Invalid rights set"); + MacOSError::throwMe(errAuthorizationInternal); + } mTries = 0; @@ -256,7 +280,7 @@ RuleImpl::RuleImpl(const string &inRightName, CFDictionaryRef cfRight, CFDiction if (cfRuleDef && CFGetTypeID(cfRuleDef) == CFDictionaryGetTypeID()) mEvalDef = Attribute::getVector(cfRuleDef, kMechanismsID); } - mTries = int(Attribute::getDouble(cfRight, kTriesID, false, 3.0)); // XXX/cs double(kAuthorizationMaxTries) + mTries = int(Attribute::getDouble(cfRight, kTriesID, false, double(kMaximumAuthorizationTries))); mAuthenticateUser = Attribute::getBool(cfRight, kRuleAuthenticateUserID, false, true); secdebug("authrule", "%s : rule user in group \"%s\" timeout %g%s%s", @@ -289,7 +313,10 @@ RuleImpl::RuleImpl(const string &inRightName, CFDictionaryRef cfRight, CFDiction if (ruleDefRef) CFRelease(ruleDefRef); if (!cfRuleDef || CFGetTypeID(cfRuleDef) != CFDictionaryGetTypeID()) - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + { + Syslog::alert("'%s' does not name a built-in rule", ruleDefString.c_str()); + MacOSError::throwMe(errAuthorizationInternal); + } mRuleDef.push_back(Rule(ruleDefString, cfRuleDef, cfRules)); } else // array @@ -302,7 +329,10 @@ RuleImpl::RuleImpl(const string &inRightName, CFDictionaryRef cfRight, CFDiction if (ruleNameRef) CFRelease(ruleNameRef); if (!cfRuleDef || (CFGetTypeID(cfRuleDef) != CFDictionaryGetTypeID())) - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + { + Syslog::alert("Invalid rule '%s'in rule set", it->c_str()); + MacOSError::throwMe(errAuthorizationInternal); + } mRuleDef.push_back(Rule(*it, cfRuleDef, cfRules)); } } @@ -314,8 +344,9 @@ RuleImpl::RuleImpl(const string &inRightName, CFDictionaryRef cfRight, CFDiction } else { - secdebug("authrule", "%s : rule class unknown %s.", inRightName.c_str(), classTag.c_str()); - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + secdebug("authrule", "%s : rule class '%s' unknown.", inRightName.c_str(), classTag.c_str()); + Syslog::alert("%s : rule class '%s' unknown", inRightName.c_str(), classTag.c_str()); + MacOSError::throwMe(errAuthorizationInternal); } } else @@ -332,7 +363,10 @@ RuleImpl::RuleImpl(const string &inRightName, CFDictionaryRef cfRight, CFDiction if (ruleNameRef) CFRelease(ruleNameRef); if (!cfRuleDef || CFGetTypeID(cfRuleDef) != CFDictionaryGetTypeID()) - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + { + Syslog::alert("Rule '%s' for right '%s' does not exist or is not properly formed", ruleName.c_str(), inRightName.c_str()); + MacOSError::throwMe(errAuthorizationInternal); + } mRuleDef.push_back(Rule(ruleName, cfRuleDef, cfRules)); } @@ -394,14 +428,14 @@ RuleImpl::setAgentHints(const AuthItemRef &inRight, const Rule &inTopLevelRule, // we'll run that and validate the credentials from there. // we fall back on a default configuration from the authenticate rule OSStatus -RuleImpl::evaluateAuthentication(const AuthItemRef &inRight, const Rule &inRule,AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, AuthorizationToken &auth) const +RuleImpl::evaluateAuthentication(const AuthItemRef &inRight, const Rule &inRule,AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, AuthorizationToken &auth, SecurityAgent::Reason &reason) const { OSStatus status = errAuthorizationDenied; Credential hintCredential; - if (errAuthorizationSuccess == evaluateSessionOwner(inRight, inRule, environmentToClient, now, auth, hintCredential)) { - if (hintCredential->name().length()) - environmentToClient.insert(AuthItemRef(AGENT_HINT_SUGGESTED_USER, AuthValueOverlay(hintCredential->name()))); + if (errAuthorizationSuccess == evaluateSessionOwner(inRight, inRule, environmentToClient, now, auth, hintCredential, reason)) { + if (hintCredential->username().length()) + environmentToClient.insert(AuthItemRef(AGENT_HINT_SUGGESTED_USER, AuthValueOverlay(hintCredential->username()))); if (hintCredential->realname().length()) environmentToClient.insert(AuthItemRef(AGENT_HINT_SUGGESTED_USER_LONG, AuthValueOverlay(hintCredential->realname()))); } @@ -410,13 +444,26 @@ RuleImpl::evaluateAuthentication(const AuthItemRef &inRight, const Rule &inRule, environmentToClient.insert(AuthItemRef(AGENT_HINT_REQUIRE_USER_IN_GROUP, AuthValueOverlay(mGroupName))); uint32 tries; - SecurityAgent::Reason reason = SecurityAgent::noReason; + reason = SecurityAgent::noReason; Process &cltProc = Server::process(); // Authorization preserves creator's UID in setuid processes + // (which is nice, but cltUid ends up being unused except by the debug + // message -- AgentMechanismEvaluator ignores it) uid_t cltUid = (cltProc.uid() != 0) ? cltProc.uid() : auth.creatorUid(); secdebug("AuthEvalMech", "Mechanism invocation by process %d (UID %d)", cltProc.pid(), cltUid); + // For auditing within AuthorizationMechEval, pass the right name. + size_t rightNameSize = inRight->name() ? strlen(inRight->name()) : 0; + AuthorizationString rightName = inRight->name() ? inRight->name() : ""; + // @@@ AuthValueRef's ctor ought to take a const void * + AuthValueRef rightValue(rightNameSize, const_cast(rightName)); + AuthValueVector authValueVector; + authValueVector.push_back(rightValue); + + RightAuthenticationLogger rightAuthLogger(auth.creatorAuditToken(), AUE_ssauthint); + rightAuthLogger.setRight(rightName); + AgentMechanismEvaluator eval(cltUid, auth.session(), mEvalDef); for (tries = 0; tries < mTries; tries++) @@ -426,81 +473,77 @@ RuleImpl::evaluateAuthentication(const AuthItemRef &inRight, const Rule &inRule, AuthItemRef triesHint(AGENT_HINT_TRIES, AuthValueOverlay(sizeof(tries), &tries)); environmentToClient.erase(triesHint); environmentToClient.insert(triesHint); // replace - status = eval.run(AuthValueVector(), environmentToClient, auth); - - if ((status == errAuthorizationSuccess) || - (status == errAuthorizationCanceled)) // @@@ can only pass back sideband through context - { - secdebug("AuthEvalMech", "storing new context for authorization"); - auth.setInfoSet(eval.context()); - } - - // successfully ran mechanisms to obtain credential - if (status == errAuthorizationSuccess) - { - // deny is the default - status = errAuthorizationDenied; - - CredentialSet newCredentials = makeCredentials(auth); - // clear context after extracting credentials - auth.scrubInfoSet(); - - CommonCriteria::AuditRecord auditrec(auth.creatorAuditToken()); - for (CredentialSet::const_iterator it = newCredentials.begin(); it != newCredentials.end(); ++it) - { - const Credential& newCredential = *it; - - // @@@ we log the uid a process was running under when it created the authref, which is misleading in the case of loginwindow - if (newCredential->isValid()) { - Syslog::info("uid %lu succeeded authenticating as user %s (uid %lu) for right %s.", auth.creatorUid(), newCredential->name().c_str(), newCredential->uid(), inRight->name()); - auditrec.submit(AUE_ssauthint, CommonCriteria::errNone, inRight->name()); - } else { - // we can't be sure that the user actually exists so inhibit logging of uid - Syslog::error("uid %lu failed to authenticate as user %s for right %s.", auth.creatorUid(), newCredential->name().c_str(), inRight->name()); - auditrec.submit(AUE_ssauthint, CommonCriteria::errInvalidCredential, inRight->name()); - } - - if (!newCredential->isValid()) - { - reason = SecurityAgent::invalidPassphrase; //invalidPassphrase; - continue; - } - - // verify that this credential authorizes right - status = evaluateUserCredentialForRight(auth, inRight, inRule, environmentToClient, now, newCredential, true); - - if (status == errAuthorizationSuccess) - { - if (auth.operatesAsLeastPrivileged()) { - Credential rightCredential(inRight->name(), mShared); - credentials.erase(rightCredential); credentials.insert(rightCredential); - if (mShared) - credentials.insert(Credential(inRight->name(), false)); - } else { - // whack an equivalent credential, so it gets updated to a later achieved credential which must have been more stringent - credentials.erase(newCredential); credentials.insert(newCredential); - // just got a new credential - if it's shared also add a non-shared one that to stick in the authorizationref local cache - if (mShared) - credentials.insert(Credential(newCredential->uid(), newCredential->name(), newCredential->realname(), false)); - } - - // use valid credential to set context info - // XXX/cs keeping this for now, such that the uid is passed back - auth.setCredentialInfo(newCredential); - secdebug("SSevalMech", "added valid credential for user %s", newCredential->name().c_str()); - status = errAuthorizationSuccess; - break; - } - else - reason = SecurityAgent::userNotInGroup; //unacceptableUser; // userNotInGroup - } + status = eval.run(authValueVector, environmentToClient, auth); + + if ((status == errAuthorizationSuccess) || + (status == errAuthorizationCanceled)) // @@@ can only pass back sideband through context + { + secdebug("AuthEvalMech", "storing new context for authorization"); + auth.setInfoSet(eval.context()); + } + + // successfully ran mechanisms to obtain credential + if (status == errAuthorizationSuccess) + { + // deny is the default + status = errAuthorizationDenied; + + CredentialSet newCredentials = makeCredentials(auth); + // clear context after extracting credentials + auth.scrubInfoSet(); + + for (CredentialSet::const_iterator it = newCredentials.begin(); it != newCredentials.end(); ++it) + { + const Credential& newCredential = *it; + + // @@@ we log the uid a process was running under when it created the authref, which is misleading in the case of loginwindow + if (newCredential->isValid()) { + Syslog::info("UID %u authenticated as user %s (UID %u) for right '%s'", auth.creatorUid(), newCredential->username().c_str(), newCredential->uid(), rightName); + rightAuthLogger.logSuccess(auth.creatorUid(), newCredential->uid(), newCredential->username().c_str()); + } else { + // we can't be sure that the user actually exists so inhibit logging of uid + Syslog::error("UID %u failed to authenticate as user '%s' for right '%s'", auth.creatorUid(), newCredential->username().c_str(), rightName); + rightAuthLogger.logFailure(auth.creatorUid(), newCredential->username().c_str()); + } + + if (!newCredential->isValid()) + { + reason = SecurityAgent::invalidPassphrase; + continue; + } + + // verify that this credential authorizes right + status = evaluateUserCredentialForRight(auth, inRight, inRule, environmentToClient, now, newCredential, true, reason); + + if (status == errAuthorizationSuccess) + { + if (auth.operatesAsLeastPrivileged()) { + Credential rightCredential(rightName, newCredential->uid(), mShared); + credentials.erase(rightCredential); credentials.insert(rightCredential); + if (mShared) + credentials.insert(Credential(rightName, newCredential->uid(), false)); + } else { + // whack an equivalent credential, so it gets updated to a later achieved credential which must have been more stringent + credentials.erase(newCredential); credentials.insert(newCredential); + // just got a new credential - if it's shared also add a non-shared one that to stick in the authorizationref local cache + if (mShared) + credentials.insert(Credential(newCredential->uid(), newCredential->username(), newCredential->realname(), newCredential->groupname(), false)); + } + + // use valid credential to set context info + // XXX/cs keeping this for now, such that the uid is passed back + auth.setCredentialInfo(newCredential); + secdebug("SSevalMech", "added valid credential for user %s", newCredential->username().c_str()); + status = errAuthorizationSuccess; + break; + } + } if (status == errAuthorizationSuccess) break; } else - if ((status == errAuthorizationCanceled) || - (status == errAuthorizationInternal)) + if ((status == errAuthorizationCanceled) || (status == errAuthorizationInternal)) { auth.scrubInfoSet(); break; @@ -508,7 +551,7 @@ RuleImpl::evaluateAuthentication(const AuthItemRef &inRight, const Rule &inRule, else // last mechanism is now authentication - fail if (status == errAuthorizationDenied) reason = SecurityAgent::invalidPassphrase; -} + } // If we fell out of the loop because of too many tries, notify user if (tries == mTries) @@ -518,12 +561,11 @@ RuleImpl::evaluateAuthentication(const AuthItemRef &inRight, const Rule &inRule, environmentToClient.erase(retryHint); environmentToClient.insert(retryHint); // replace AuthItemRef triesHint(AGENT_HINT_TRIES, AuthValueOverlay(sizeof(tries), &tries)); environmentToClient.erase(triesHint); environmentToClient.insert(triesHint); // replace - eval.run(AuthValueVector(), environmentToClient, auth); + eval.run(AuthValueVector(), environmentToClient, auth); // XXX/cs is this still necessary? auth.scrubInfoSet(); - CommonCriteria::AuditRecord auditrec(auth.creatorAuditToken()); - auditrec.submit(AUE_ssauthorize, CommonCriteria::errTooManyTries, inRight->name()); + rightAuthLogger.logFailure(NULL, CommonCriteria::errTooManyTries); } return status; @@ -556,7 +598,7 @@ RuleImpl::makeCredentials(const AuthorizationToken &auth) const if (username.length() && uid) { // credential is valid because mechanism says so - newCredentials.insert(Credential(*uid, username, "", mShared)); + newCredentials.insert(Credential(*uid, username, "", "", mShared)); } } while(0); @@ -565,7 +607,7 @@ RuleImpl::makeCredentials(const AuthorizationToken &auth) const // evaluate whether a good credential of the current session owner would authorize a right OSStatus -RuleImpl::evaluateSessionOwner(const AuthItemRef &inRight, const Rule &inRule, const AuthItemSet &environment, const CFAbsoluteTime now, const AuthorizationToken &auth, Credential &credential) const +RuleImpl::evaluateSessionOwner(const AuthItemRef &inRight, const Rule &inRule, const AuthItemSet &environment, const CFAbsoluteTime now, const AuthorizationToken &auth, Credential &credential, SecurityAgent::Reason &reason) const { // username hint is taken from the user who created the authorization, unless it's clearly ineligible // @@@ we have no access to current requester uid here and the process uid is only taken when the authorization is created @@ -577,7 +619,7 @@ RuleImpl::evaluateSessionOwner(const AuthItemRef &inRight, const Rule &inRule, c if (session.haveOriginatorUid()) { // preflight session credential as if it were a fresh copy const Credential &cred = session.originatorCredential(); - sessionCredential = Credential(cred->uid(), cred->name(), cred->realname(), mShared/*ignored*/); + sessionCredential = Credential(cred->uid(), cred->username(), cred->realname(), cred->groupname(), mShared/*ignored*/); } else { uid = auth.creatorUid(); Server::active().longTermActivity(); @@ -589,12 +631,12 @@ RuleImpl::evaluateSessionOwner(const AuthItemRef &inRight, const Rule &inRule, c // Check if username will authorize the request and set username to // be used as a hint to the user if so secdebug("AuthEvalMech", "preflight credential from current user, result follows:"); - sessionCredential = Credential(pw->pw_uid, pw->pw_name, pw->pw_gecos, mShared/*ignored*/); + sessionCredential = Credential(pw->pw_uid, pw->pw_name, pw->pw_gecos, "", mShared/*ignored*/); } //fi endpwent(); } } - OSStatus status = evaluateUserCredentialForRight(auth, inRight, inRule, environment, now, sessionCredential, true); + OSStatus status = evaluateUserCredentialForRight(auth, inRight, inRule, environment, now, sessionCredential, true, reason); if (errAuthorizationSuccess == status) credential = sessionCredential; @@ -603,43 +645,58 @@ RuleImpl::evaluateSessionOwner(const AuthItemRef &inRight, const Rule &inRule, c OSStatus -RuleImpl::evaluateCredentialForRight(const AuthorizationToken &auth, const AuthItemRef &inRight, const Rule &inRule, const AuthItemSet &environment, CFAbsoluteTime now, const Credential &credential, bool ignoreShared) const +RuleImpl::evaluateCredentialForRight(const AuthorizationToken &auth, const AuthItemRef &inRight, const Rule &inRule, const AuthItemSet &environment, CFAbsoluteTime now, const Credential &credential, bool ignoreShared, SecurityAgent::Reason &reason) const { if (auth.operatesAsLeastPrivileged()) { - if (credential->isRight() && credential->isValid() && (inRight->name() == credential->name())) + if (credential->isRight() && credential->isValid() && (inRight->name() == credential->rightname())) return errAuthorizationSuccess; else + { + // @@@ no proper SA::Reason + reason = SecurityAgent::unknownReason; return errAuthorizationDenied; + } } else - return evaluateUserCredentialForRight(auth, inRight, inRule, environment, now, credential, false); + return evaluateUserCredentialForRight(auth, inRight, inRule, environment, now, credential, false, reason); } // Return errAuthorizationSuccess if this rule allows access based on the specified credential, // return errAuthorizationDenied otherwise. OSStatus -RuleImpl::evaluateUserCredentialForRight(const AuthorizationToken &auth, const AuthItemRef &inRight, const Rule &inRule, const AuthItemSet &environment, CFAbsoluteTime now, const Credential &credential, bool ignoreShared) const +RuleImpl::evaluateUserCredentialForRight(const AuthorizationToken &auth, const AuthItemRef &inRight, const Rule &inRule, const AuthItemSet &environment, CFAbsoluteTime now, const Credential &credential, bool ignoreShared, SecurityAgent::Reason &reason) const { assert(mType == kUser); + // Ideally we'd set the AGENT_HINT_RETRY_REASON hint in this method, but + // evaluateAuthentication() overwrites it before + // AgentMechanismEvaluator::run(). That's what led to passing "reason" + // everywhere, from RuleImpl::evaluate() on down. + // Get the username from the credential - const char *user = credential->name().c_str(); + const char *user = credential->username().c_str(); - // If the credential is not valid or it's age is more than the allowed maximum age + // If the credential is not valid or its age is more than the allowed maximum age // for a credential, deny. if (!credential->isValid()) { + // @@@ it could be the username, not password, was invalid + reason = SecurityAgent::invalidPassphrase; secdebug("autheval", "credential for user %s is invalid, denying right %s", user, inRight->name()); return errAuthorizationDenied; } if (now - credential->creationTime() > mMaxCredentialAge) { + // @@@ no proper SA::Reason + reason = SecurityAgent::unknownReason; secdebug("autheval", "credential for user %s has expired, denying right %s", user, inRight->name()); return errAuthorizationDenied; } if (!ignoreShared && !mShared && credential->isShared()) { + // @@@ no proper SA::Reason + reason = SecurityAgent::unknownReason; secdebug("autheval", "shared credential for user %s cannot be used, denying right %s", user, inRight->name()); return errAuthorizationDenied; } @@ -663,9 +720,14 @@ RuleImpl::evaluateUserCredentialForRight(const AuthorizationToken &auth, const A secdebug("autheval", "user %s is session-owner(uid: %d), granting right %s", user, console_user, inRight->name()); return errAuthorizationSuccess; } + // set "reason" in this case? not that a proper SA::Reason exists } else + { + // @@@ no proper SA::Reason + reason = SecurityAgent::unknownReason; secdebug("autheval", "session-owner check failed."); + } } if (mGroupName.length()) @@ -680,7 +742,10 @@ RuleImpl::evaluateUserCredentialForRight(const AuthorizationToken &auth, const A { uuid_t group_uuid, user_uuid; int is_member; - + + // @@@ it'd be nice to have SA::Reason codes for the failures + // associated with the pre-check-membership mbr_*() functions, + // but userNotInGroup will do if (mbr_group_name_to_uuid(groupname, group_uuid)) break; @@ -692,6 +757,7 @@ RuleImpl::evaluateUserCredentialForRight(const AuthorizationToken &auth, const A if (is_member) { + credential->setGroupname(mGroupName); secdebug("autheval", "user %s is a member of group %s, granting right %s", user, groupname, inRight->name()); return errAuthorizationSuccess; @@ -699,10 +765,15 @@ RuleImpl::evaluateUserCredentialForRight(const AuthorizationToken &auth, const A } while (0); - + + reason = SecurityAgent::userNotInGroup; secdebug("autheval", "user %s is not a member of group %s, denying right %s", user, groupname, inRight->name()); } + else if (mSessionOwner) // rule asks only if user is the session owner + { + reason = SecurityAgent::unacceptableUser; + } return errAuthorizationDenied; } @@ -710,15 +781,17 @@ RuleImpl::evaluateUserCredentialForRight(const AuthorizationToken &auth, const A OSStatus -RuleImpl::evaluateUser(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, AuthorizationToken &auth) const +RuleImpl::evaluateUser(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, AuthorizationToken &auth, SecurityAgent::Reason &reason) const { - // If we got here, this is a kUser type rule, let's start looking for a + // If we got here, this is a kUser type rule, let's start looking for a // credential that is satisfactory // Zeroth -- Here is an extra special saucy ugly hack to allow authorizations // created by a proccess running as root to automatically get a right. if (mAllowRoot && auth.creatorUid() == 0) { + SECURITYD_AUTH_USER_ALLOWROOT(&auth); + secdebug("autheval", "creator of authorization has uid == 0 granting right %s", inRight->name()); return errAuthorizationSuccess; @@ -728,10 +801,13 @@ RuleImpl::evaluateUser(const AuthItemRef &inRight, const Rule &inRule, AuthItemS if (!mAuthenticateUser) { Credential hintCredential; - OSStatus status = evaluateSessionOwner(inRight, inRule, environmentToClient, now, auth, hintCredential); + OSStatus status = evaluateSessionOwner(inRight, inRule, environmentToClient, now, auth, hintCredential, reason); if (!status) + { + SECURITYD_AUTH_USER_ALLOWSESSIONOWNER(&auth); return errAuthorizationSuccess; + } return errAuthorizationDenied; } @@ -739,21 +815,21 @@ RuleImpl::evaluateUser(const AuthItemRef &inRight, const Rule &inRule, AuthItemS // First -- go though the credentials we either already used or obtained during this authorize operation. for (CredentialSet::const_iterator it = credentials.begin(); it != credentials.end(); ++it) { - // Passed in user credentials are allowed for least privileged mode + // Passed-in user credentials are allowed for least-privileged mode if (auth.operatesAsLeastPrivileged() && !(*it)->isRight() && (*it)->isValid()) { - OSStatus status = evaluateUserCredentialForRight(auth, inRight, inRule, environmentToClient, now, *it, false); + OSStatus status = evaluateUserCredentialForRight(auth, inRight, inRule, environmentToClient, now, *it, false, reason); if (errAuthorizationSuccess == status) { - Credential rightCredential(inRight->name(), mShared); + Credential rightCredential(inRight->name(), (*it)->uid(), mShared); credentials.erase(rightCredential); credentials.insert(rightCredential); if (mShared) - credentials.insert(Credential(inRight->name(), false)); + credentials.insert(Credential(inRight->name(), (*it)->uid(), false)); return status; } } // if this is least privileged, this will function differently: match credential to requested right - OSStatus status = evaluateCredentialForRight(auth, inRight, inRule, environmentToClient, now, *it, false); + OSStatus status = evaluateCredentialForRight(auth, inRight, inRule, environmentToClient, now, *it, false, reason); if (status != errAuthorizationDenied) { // add credential to authinfo @@ -769,7 +845,7 @@ RuleImpl::evaluateUser(const AuthItemRef &inRight, const Rule &inRule, AuthItemS for (CredentialSet::const_iterator it = inCredentials->begin(); it != inCredentials->end(); ++it) { // if this is least privileged, this will function differently: match credential to requested right - OSStatus status = evaluateCredentialForRight(auth, inRight, inRule, environmentToClient, now, *it, false); + OSStatus status = evaluateCredentialForRight(auth, inRight, inRule, environmentToClient, now, *it, false, reason); if (status == errAuthorizationSuccess) { @@ -803,7 +879,7 @@ RuleImpl::evaluateUser(const AuthItemRef &inRight, const Rule &inRule, AuthItemS setAgentHints(inRight, inRule, environmentToClient, auth); - return evaluateAuthentication(inRight, inRule, environmentToClient, flags, now, inCredentials, credentials, auth); + return evaluateAuthentication(inRight, inRule, environmentToClient, flags, now, inCredentials, credentials, auth, reason); } OSStatus @@ -819,15 +895,21 @@ RuleImpl::evaluateMechanismOnly(const AuthItemRef &inRight, const Rule &inRule, { AgentMechanismEvaluator eval(cltUid, auth.session(), mEvalDef); - + // For auditing within AuthorizationMechEval, pass the right name. + size_t rightNameSize = inRight->name() ? strlen(inRight->name()) : 0; + AuthorizationString rightName = inRight->name() ? inRight->name() : ""; + // @@@ AuthValueRef's ctor ought to take a const void * + AuthValueRef rightValue(rightNameSize, const_cast(rightName)); + AuthValueVector authValueVector; + authValueVector.push_back(rightValue); + do { setAgentHints(inRight, inRule, environmentToClient, auth); AuthItemRef triesHint(AGENT_HINT_TRIES, AuthValueOverlay(sizeof(tries), &tries)); environmentToClient.erase(triesHint); environmentToClient.insert(triesHint); // replace - - status = eval.run(AuthValueVector(), environmentToClient, auth); - + + status = eval.run(authValueVector, environmentToClient, auth); if ((status == errAuthorizationSuccess) || (status == errAuthorizationCanceled)) // @@@ can only pass back sideband through context { @@ -835,8 +917,28 @@ RuleImpl::evaluateMechanismOnly(const AuthItemRef &inRight, const Rule &inRule, auth.setInfoSet(eval.context()); if (status == errAuthorizationSuccess) { + // (try to) attach the authorizing UID to the least-priv cred if (auth.operatesAsLeastPrivileged()) - outCredentials.insert(Credential(inRight->name(), mShared)); + { + RightAuthenticationLogger logger(auth.creatorAuditToken(), AUE_ssauthint); + logger.setRight(rightName); + + AuthItem *uidItem = eval.context().find(AGENT_CONTEXT_UID); + if (uidItem) + { + uid_t authorizedUid; + memcpy(&authorizedUid, uidItem->value().data, sizeof(authorizedUid)); + secdebug("AuthEvalMech", "generating least-privilege cred for '%s' authorized by UID %u", inRight->name(), authorizedUid); + outCredentials.insert(Credential(rightName, authorizedUid, mShared)); + logger.logLeastPrivilege(authorizedUid, true); + } + else // cltUid is better than nothing + { + secdebug("AuthEvalMech", "generating least-privilege cred for '%s' with process- or auth-UID %u", inRight->name(), cltUid); + outCredentials.insert(Credential(rightName, cltUid, mShared)); + logger.logLeastPrivilege(cltUid, false); + } + } else outCredentials = makeCredentials(auth); } @@ -851,8 +953,10 @@ RuleImpl::evaluateMechanismOnly(const AuthItemRef &inRight, const Rule &inRule, } // HACK kill all hosts to free pages for low memory systems + // (XXX/gh there should be a #define for this right) if (name() == "system.login.done") { + // one case where we don't want to mark the agents as "busy" QueryInvokeMechanism query(securityAgent, auth.session()); query.terminateAgent(); QueryInvokeMechanism query2(privilegedAuthHost, auth.session()); @@ -863,7 +967,7 @@ RuleImpl::evaluateMechanismOnly(const AuthItemRef &inRight, const Rule &inRule, } OSStatus -RuleImpl::evaluateRules(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, AuthorizationToken &auth) const +RuleImpl::evaluateRules(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, AuthorizationToken &auth, SecurityAgent::Reason &reason) const { // line up the rules to try if (!mRuleDef.size()) @@ -880,7 +984,7 @@ RuleImpl::evaluateRules(const AuthItemRef &inRight, const Rule &inRule, AuthItem return errAuthorizationSuccess; // get a rule and try it - status = (*it)->evaluate(inRight, inRule, environmentToClient, flags, now, inCredentials, credentials, auth); + status = (*it)->evaluate(inRight, inRule, environmentToClient, flags, now, inCredentials, credentials, auth, reason); // if status is cancel/internal error abort if ((status == errAuthorizationCanceled) || (status == errAuthorizationInternal)) @@ -903,30 +1007,33 @@ RuleImpl::evaluateRules(const AuthItemRef &inRight, const Rule &inRule, AuthItem OSStatus -RuleImpl::evaluate(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, AuthorizationToken &auth) const +RuleImpl::evaluate(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, AuthorizationToken &auth, SecurityAgent::Reason &reason) const { switch (mType) { case kAllow: - secdebug("autheval", "rule is always allow"); + SECURITYD_AUTH_ALLOW(&auth, (char *)name().c_str()); return errAuthorizationSuccess; case kDeny: - secdebug("autheval", "rule is always deny"); + SECURITYD_AUTH_DENY(&auth, (char *)name().c_str()); return errAuthorizationDenied; case kUser: - secdebug("autheval", "rule is user"); - return evaluateUser(inRight, inRule, environmentToClient, flags, now, inCredentials, credentials, auth); + SECURITYD_AUTH_USER(&auth, (char *)name().c_str()); + return evaluateUser(inRight, inRule, environmentToClient, flags, now, inCredentials, credentials, auth, reason); case kRuleDelegation: - secdebug("autheval", "rule evaluates rules"); - return evaluateRules(inRight, inRule, environmentToClient, flags, now, inCredentials, credentials, auth); + SECURITYD_AUTH_RULES(&auth, (char *)name().c_str()); + return evaluateRules(inRight, inRule, environmentToClient, flags, now, inCredentials, credentials, auth, reason); case kKofN: - secdebug("autheval", "rule evaluates k-of-n rules"); - return evaluateRules(inRight, inRule, environmentToClient, flags, now, inCredentials, credentials, auth); + SECURITYD_AUTH_KOFN(&auth, (char *)name().c_str()); + return evaluateRules(inRight, inRule, environmentToClient, flags, now, inCredentials, credentials, auth, reason); case kEvaluateMechanisms: - secdebug("autheval", "rule evaluates mechanisms"); + SECURITYD_AUTH_MECHRULE(&auth, (char *)name().c_str()); + // if we had a SecurityAgent::Reason code for "mechanism denied," + // it would make sense to pass down "reason" return evaluateMechanismOnly(inRight, inRule, environmentToClient, auth, credentials); default: - MacOSError::throwMe(errAuthorizationInternal); // XXX/cs invalid rule + Syslog::alert("Unrecognized rule type %d", mType); + MacOSError::throwMe(errAuthorizationInternal); // invalid rule } } diff --git a/src/AuthorizationRule.h b/src/AuthorizationRule.h index 95cf139..7a8e5bc 100644 --- a/src/AuthorizationRule.h +++ b/src/AuthorizationRule.h @@ -46,7 +46,7 @@ public: OSStatus evaluate(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, - AuthorizationToken &auth) const; + AuthorizationToken &auth, SecurityAgent::Reason &reason) const; string name() const { return mRightName; } @@ -55,29 +55,29 @@ private: // evaluate credential for right OSStatus evaluateCredentialForRight(const AuthorizationToken &auth, const AuthItemRef &inRight, const Rule &inRule, - const AuthItemSet &environment, CFAbsoluteTime now, const Credential &credential, bool ignoreShared) const; + const AuthItemSet &environment, CFAbsoluteTime now, const Credential &credential, bool ignoreShared, SecurityAgent::Reason &reason) const; // evaluate user credential (authentication) for right - OSStatus evaluateUserCredentialForRight(const AuthorizationToken &auth, const AuthItemRef &inRight, const Rule &inRule, const AuthItemSet &environment, CFAbsoluteTime now, const Credential &credential, bool ignoreShared) const; + OSStatus evaluateUserCredentialForRight(const AuthorizationToken &auth, const AuthItemRef &inRight, const Rule &inRule, const AuthItemSet &environment, CFAbsoluteTime now, const Credential &credential, bool ignoreShared, SecurityAgent::Reason &reason) const; OSStatus evaluateRules(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, - AuthorizationToken &auth) const; + AuthorizationToken &auth, SecurityAgent::Reason &reason) const; void setAgentHints(const AuthItemRef &inRight, const Rule &inTopLevelRule, AuthItemSet &environmentToClient, AuthorizationToken &auth) const; // perform authorization based on running specified mechanisms (see evaluateMechanism) - OSStatus evaluateAuthentication(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, AuthorizationToken &auth) const; + OSStatus evaluateAuthentication(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, AuthorizationToken &auth, SecurityAgent::Reason &reason) const; OSStatus evaluateUser(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationFlags flags, CFAbsoluteTime now, const CredentialSet *inCredentials, CredentialSet &credentials, - AuthorizationToken &auth) const; + AuthorizationToken &auth, SecurityAgent::Reason &reason) const; OSStatus evaluateMechanismOnly(const AuthItemRef &inRight, const Rule &inRule, AuthItemSet &environmentToClient, AuthorizationToken &auth, CredentialSet &outCredentials) const; // find username hint based on session owner - OSStatus evaluateSessionOwner(const AuthItemRef &inRight, const Rule &inRule, const AuthItemSet &environment, const CFAbsoluteTime now, const AuthorizationToken &auth, Credential &credential) const; + OSStatus evaluateSessionOwner(const AuthItemRef &inRight, const Rule &inRule, const AuthItemSet &environment, const CFAbsoluteTime now, const AuthorizationToken &auth, Credential &credential, SecurityAgent::Reason &reason) const; CredentialSet makeCredentials(const AuthorizationToken &auth) const; @@ -116,7 +116,7 @@ private: public: static bool getBool(CFDictionaryRef config, CFStringRef key, bool required, bool defaultValue); static double getDouble(CFDictionaryRef config, CFStringRef key, bool required, double defaultValue); - static string getString(CFDictionaryRef config, CFStringRef key, bool required, char *defaultValue); + static string getString(CFDictionaryRef config, CFStringRef key, bool required, const char *defaultValue); static vector getVector(CFDictionaryRef config, CFStringRef key, bool required); static bool getLocalizedPrompts(CFDictionaryRef config, map &localizedPrompts); }; diff --git a/src/SharedMemoryServer.cpp b/src/SharedMemoryServer.cpp index 0b86779..2c82c68 100644 --- a/src/SharedMemoryServer.cpp +++ b/src/SharedMemoryServer.cpp @@ -7,7 +7,7 @@ #include #include -static const char* kPrefix = "/private/var/tmp/mds/messages/se_"; +static const char* kPrefix = "/private/var/db/mds/messages/se_"; SharedMemoryServer::SharedMemoryServer (const char* segmentName, SegmentOffsetType segmentSize) : mSegmentName (segmentName), mSegmentSize (segmentSize) @@ -16,7 +16,8 @@ SharedMemoryServer::SharedMemoryServer (const char* segmentName, SegmentOffsetTy mFileName += segmentName; // make the mds directory, just in case it doesn't exist - mkdir("/var/tmp/mds/messages", 0755); + mkdir("/var/db/mds", 1777); + mkdir("/var/db/mds/messages", 0755); // make the file name // clean any old file away diff --git a/src/acl_keychain.cpp b/src/acl_keychain.cpp index aa7b18b..59eb86f 100644 --- a/src/acl_keychain.cpp +++ b/src/acl_keychain.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004,2007 Apple Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2007-2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -47,7 +47,6 @@ #include "connection.h" #include "database.h" #include "server.h" -#include "osxcodewrap.h" #include #include #include @@ -111,7 +110,7 @@ bool KeychainPromptAclSubject::validate(const AclValidationContext &context, process.getPath().c_str(), process.pid()); break; default: // something else went wrong - secdebug("kcacl", "client validation failed rc=%ld, suppressing prompt", validation); + secdebug("kcacl", "client validation failed rc=%d, suppressing prompt", int32_t(validation)); return false; } @@ -122,31 +121,39 @@ bool KeychainPromptAclSubject::validate(const AclValidationContext &context, bool needPassphrase = db && (selector.flags & CSSM_ACL_KEYCHAIN_PROMPT_REQUIRE_PASSPHRASE); // an application (i.e. Keychain Access.app :-) can force this option - if (clientCode) { + if (clientCode && validation == noErr) { CFRef dict; - if (!SecCodeCopySigningInformation(clientCode, kSecCSDefaultFlags, &dict.aref())) + if (SecCodeCopySigningInformation(clientCode, kSecCSDefaultFlags, &dict.aref()) == noErr) if (CFDictionaryRef info = CFDictionaryRef(CFDictionaryGetValue(dict, kSecCodeInfoPList))) needPassphrase |= (CFDictionaryGetValue(info, CFSTR("SecForcePassphrasePrompt")) != NULL); } // pop The Question - QueryKeychainUse query(needPassphrase, db); - query.inferHints(Server::process()); - query.addHint(AGENT_HINT_CLIENT_VALIDITY, &validation, sizeof(validation)); - if (query.queryUser(db ? db->dbName() : NULL, - description.c_str(), context.authorization()) != SecurityAgent::noReason) - return false; + if (db && db->belongsToSystem() && !hasAuthorizedForSystemKeychain()) { + QueryKeychainAuth query; + query.inferHints(Server::process()); + if (query(db ? db->dbName() : NULL, description.c_str(), context.authorization(), NULL) != SecurityAgent::noReason) + return false; + return true; + } else { + QueryKeychainUse query(needPassphrase, db); + query.inferHints(Server::process()); + query.addHint(AGENT_HINT_CLIENT_VALIDITY, &validation, sizeof(validation)); + if (query.queryUser(db ? db->dbName() : NULL, + description.c_str(), context.authorization()) != SecurityAgent::noReason) + return false; - // process an "always allow..." response - if (query.remember && clientCode) { - RefPointer clientXCode = new OSXCodeWrap(clientCode); - RefPointer subject = new CodeSignatureAclSubject(OSXVerifier(clientXCode)); - SecurityServerAcl::addToStandardACL(context, subject); - } + // process an "always allow..." response + if (query.remember && clientCode) { + RefPointer clientXCode = new OSXCodeWrap(clientCode); + RefPointer subject = new CodeSignatureAclSubject(OSXVerifier(clientXCode)); + SecurityServerAcl::addToStandardACL(context, subject); + } - // finally, return the actual user response - return query.allow; + // finally, return the actual user response + return query.allow; + } } return false; // default to deny without prejudice } @@ -163,6 +170,18 @@ CssmList KeychainPromptAclSubject::toList(Allocator &alloc) const new(alloc) ListElement(alloc, description)); } +// +// Has the caller recently authorized in such a way as to render unnecessary +// the usual QueryKeychainAuth dialog? (The right is specific to Keychain +// Access' way of editing a system keychain.) +// +bool KeychainPromptAclSubject::hasAuthorizedForSystemKeychain() const +{ + string rightString = "system.keychain.modify"; + return Server::session().isRightAuthorized(rightString, Server::connection(), false/*no UI*/); +} + + // // Create a KeychainPromptAclSubject diff --git a/src/acl_keychain.h b/src/acl_keychain.h index bfca5ef..9a7edb3 100644 --- a/src/acl_keychain.h +++ b/src/acl_keychain.h @@ -44,6 +44,7 @@ class KeychainPromptAclSubject : public SimpleAclSubject { public: bool validate(const AclValidationContext &baseCtx, const TypedList &sample) const; CssmList toList(Allocator &alloc) const; + bool hasAuthorizedForSystemKeychain() const; KeychainPromptAclSubject(string description, const CSSM_ACL_KEYCHAIN_PROMPT_SELECTOR &selector); diff --git a/src/acls.cpp b/src/acls.cpp index a366b9d..ebd304d 100644 --- a/src/acls.cpp +++ b/src/acls.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved. + * Copyright (c) 2000-2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * diff --git a/src/agentquery.cpp b/src/agentquery.cpp index 55a2129..b165b4f 100644 --- a/src/agentquery.cpp +++ b/src/agentquery.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2008-2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -26,9 +26,12 @@ // #include "agentquery.h" #include "authority.h" +#include "ccaudit_extensions.h" #include #include +#include +#include // AUE_ssauthint // // NOSA support functions. This is a test mode where the SecurityAgent @@ -67,20 +70,112 @@ static void getNoSA(char *buffer, size_t bufferSize, const char *fmt, ...) #endif //NOSA -using SecurityAgent::Reason; -using namespace Authorization; +// SecurityAgentConnection -SecurityAgentQuery::SecurityAgentQuery(const AuthHostType type, Session &session) : mAuthHostType(type), mHostInstance(session.authhost(mAuthHostType)), mConnection(&Server::connection()) +SecurityAgentConnection::SecurityAgentConnection(const AuthHostType type, Session &session) + : mAuthHostType(type), + mHostInstance(session.authhost(mAuthHostType)), + mConnection(&Server::connection()), + mAuditToken(Server::connection().auditToken()) { // this may take a while Server::active().longTermActivity(); + secdebug("SecurityAgentConnection", "new SecurityAgentConnection(%p)", this); +} + +SecurityAgentConnection::~SecurityAgentConnection() +{ + secdebug("SecurityAgentConnection", "SecurityAgentConnection(%p) dying", this); + mConnection->useAgent(NULL); +} + +void +SecurityAgentConnection::activate() +{ + secdebug("SecurityAgentConnection", "activate(%p)", this); + mConnection->useAgent(this); + try { + mPort = mHostInstance->activate(); + secdebug("SecurityAgentConnection", "%p activated", this); + } catch (...) { + mConnection->useAgent(NULL); // guess not + secdebug("SecurityAgentConnection", "error activating %p", this); + throw; + } +} + +void +SecurityAgentConnection::reconnect() +{ + // if !mHostInstance throw()? + if (mHostInstance) + { + Session &session = mHostInstance->session(); + mHostInstance = session.authhost(mAuthHostType, true); + activate(); + } +} + +void +SecurityAgentConnection::terminate() +{ + activate(); + + // @@@ This happens already in the destructor; presumably we do this to tear things down orderly + mConnection->useAgent(NULL); +} + + +// SecurityAgentTransaction + +SecurityAgentTransaction::SecurityAgentTransaction(const AuthHostType type, Session &session, bool startNow) + : SecurityAgentConnection(type, session), + mStarted(false) +{ + secdebug("SecurityAgentTransaction", "New SecurityAgentTransaction(%p)", this); + activate(); // start agent now, or other SAConnections will kill and spawn new agents + if (startNow) + start(); +} + +SecurityAgentTransaction::~SecurityAgentTransaction() +{ + try { end(); } catch(...) {} + secdebug("SecurityAgentTransaction", "Destroying %p", this); +} + +void +SecurityAgentTransaction::start() +{ + secdebug("SecurityAgentTransaction", "start(%p)", this); + MacOSError::check(SecurityAgentQuery::Client::startTransaction(mPort)); + mStarted = true; + secdebug("SecurityAgentTransaction", "started(%p)", this); +} + +void +SecurityAgentTransaction::end() +{ + if (started()) + { + MacOSError::check(SecurityAgentQuery::Client::endTransaction(mPort)); + mStarted = false; + } + secdebug("SecurityAgentTransaction", "End SecurityAgentTransaction(%p)", this); +} + +using SecurityAgent::Reason; +using namespace Authorization; + +SecurityAgentQuery::SecurityAgentQuery(const AuthHostType type, Session &session) + : SecurityAgentConnection(type, session) +{ secdebug("SecurityAgentQuery", "new SecurityAgentQuery(%p)", this); } SecurityAgentQuery::~SecurityAgentQuery() { secdebug("SecurityAgentQuery", "SecurityAgentQuery(%p) dying", this); - mConnection->useAgent(NULL); #if defined(NOSA) if (getenv("NOSA")) { @@ -93,17 +188,20 @@ SecurityAgentQuery::~SecurityAgentQuery() destroy(); } -void +void SecurityAgentQuery::activate() { - mConnection->useAgent(this); + SecurityAgentConnection::activate(); + SecurityAgent::Client::activate(mPort); + secdebug("SecurityAgentQuery", "activate(%p)", this); +} - try { - SecurityAgent::Client::activate(mHostInstance->activate()); - } catch (...) { - mConnection->useAgent(NULL); // guess not - throw; - } +void +SecurityAgentQuery::reconnect() +{ + SecurityAgentConnection::reconnect(); + SecurityAgent::Client::activate(mPort); + secdebug("SecurityAgentQuery", "reconnect(%p)", this); } void @@ -150,13 +248,16 @@ SecurityAgentQuery::readChoice() } void -SecurityAgentQuery::terminate() +SecurityAgentQuery::disconnect() { - activate(); - - // @@@ This happens already in the destructor; presumably we do this to tear things down orderly - mConnection->useAgent(NULL); + SecurityAgent::Client::destroy(); +} +void +SecurityAgentQuery::terminate() +{ + // you might think these are called in the wrong order, but you'd be wrong + SecurityAgentConnection::terminate(); SecurityAgent::Client::terminate(); } @@ -168,9 +269,7 @@ SecurityAgentQuery::create(const char *pluginId, const char *mechanismId, const if (status) { secdebug("SecurityAgentQuery", "agent went walkabout, restarting"); - Session &session = mHostInstance->session(); - mHostInstance = session.authhost(mAuthHostType, true); - activate(); + reconnect(); status = SecurityAgent::Client::create(pluginId, mechanismId, inSessionId); } if (status) MacOSError::throwMe(status); @@ -618,12 +717,12 @@ Reason QueryGenericPassphrase::query(const char *prompt, bool verify, // // Get a DB blob's passphrase--keychain synchronization // -Reason QueryDBBlobSecret::operator () (DatabaseCryptoCore &dbCore, const DbBlob *secretsBlob) +Reason QueryDBBlobSecret::operator () (DbHandle *dbHandleArray, uint8 dbHandleArrayCount, DbHandle *dbHandleAuthenticated) { - return query(dbCore, secretsBlob); + return query(dbHandleArray, dbHandleArrayCount, dbHandleAuthenticated); } -Reason QueryDBBlobSecret::query(DatabaseCryptoCore &dbCore, const DbBlob *secretsBlob) +Reason QueryDBBlobSecret::query(DbHandle *dbHandleArray, uint8 dbHandleArrayCount, DbHandle *dbHandleAuthenticated) { Reason reason = SecurityAgent::noReason; CssmAutoData passphrase(Allocator::standard(Allocator::sensitive)); @@ -637,8 +736,8 @@ Reason QueryDBBlobSecret::query(DatabaseCryptoCore &dbCore, const DbBlob *secret return SecurityAgent::noReason; } #endif - - hints.insert(mClientHints.begin(), mClientHints.end()); + + hints.insert(mClientHints.begin(), mClientHints.end()); create("builtin", "generic-unlock-kcblob", noSecuritySession); @@ -666,22 +765,34 @@ Reason QueryDBBlobSecret::query(DatabaseCryptoCore &dbCore, const DbBlob *secret continue; secretItem->getCssmData(passphrase); - } while (reason = accept(passphrase, dbCore, secretsBlob)); + } while (reason = accept(passphrase, dbHandleArray, dbHandleArrayCount, dbHandleAuthenticated)); return reason; } Reason QueryDBBlobSecret::accept(CssmManagedData &passphrase, - DatabaseCryptoCore &dbCore, - const DbBlob *secretsBlob) + DbHandle *dbHandlesToAuthenticate, uint8 dbHandleCount, DbHandle *dbHandleAuthenticated) { - try { - dbCore.setup(secretsBlob, passphrase); - dbCore.decodeCore(secretsBlob, NULL); - } catch (const CommonError &err) { - // XXX/gh Are there errors other than this? - return SecurityAgent::invalidPassphrase; + DbHandle *currHdl = dbHandlesToAuthenticate; + short index; + Boolean authenticated = false; + for (index=0; index < dbHandleCount && !authenticated; index++) + { + try + { + RefPointer dbToUnlock = Server::keychain(*currHdl); + dbToUnlock->unlockDb(passphrase); + authenticated = true; + *dbHandleAuthenticated = *currHdl; // return the DbHandle that 'passphrase' authenticated with. + } + catch (const CommonError &err) + { + currHdl++; // we failed to authenticate with this one, onto the next one. + } } + if ( !authenticated ) + return SecurityAgent::invalidPassphrase; + return SecurityAgent::noReason; } @@ -717,3 +828,120 @@ void QueryInvokeMechanism::terminateAgent() { terminate(); } + +// @@@ no pluggable authentication possible! +Reason +QueryKeychainAuth::operator () (const char *database, const char *description, AclAuthorization action, const char *prompt) +{ + Reason reason = SecurityAgent::noReason; + AuthItemSet hints, context; + AuthValueVector arguments; + int retryCount = 0; + string username; + string password; + + using CommonCriteria::Securityd::KeychainAuthLogger; + KeychainAuthLogger logger(mAuditToken, AUE_ssauthint, database, description); + +#if defined(NOSA) + /* XXX/gh probably not complete; stolen verbatim from rogue-app query */ + if (getenv("NOSA")) { + char answer[maxPassphraseLength+10]; + + string applicationPath; + AuthItem *applicationPathItem = mClientHints.find(AGENT_HINT_APPLICATION_PATH); + if (applicationPathItem) + applicationPathItem->getString(applicationPath); + + getNoSA(answer, sizeof(answer), "Allow %s to do %d on %s in %s? [yn][g]%s ", + applicationPath.c_str(), int(action), (description ? description : "[NULL item]"), + (database ? database : "[NULL database]"), + mPassphraseCheck ? ":passphrase" : ""); + // turn passphrase (no ':') into y:passphrase + if (mPassphraseCheck && !strchr(answer, ':')) { + memmove(answer+2, answer, strlen(answer)+1); + memcpy(answer, "y:", 2); + } + + allow = answer[0] == 'y'; + remember = answer[1] == 'g'; + return SecurityAgent::noReason; + } +#endif + + hints.insert(mClientHints.begin(), mClientHints.end()); + + // put action/operation (sint32) into hints + hints.insert(AuthItemRef(AGENT_HINT_ACL_TAG, AuthValueOverlay(sizeof(action), static_cast(&action)))); + + hints.insert(AuthItemRef(AGENT_HINT_CUSTOM_PROMPT, AuthValueOverlay(prompt ? strlen(prompt) : 0, const_cast(prompt)))); + + // item name into hints + hints.insert(AuthItemRef(AGENT_HINT_KEYCHAIN_ITEM_NAME, AuthValueOverlay(description ? strlen(description) : 0, const_cast(description)))); + + // keychain name into hints + hints.insert(AuthItemRef(AGENT_HINT_KEYCHAIN_PATH, AuthValueOverlay(database ? strlen(database) : 0, const_cast(database)))); + + create("builtin", "confirm-access-user-password", noSecuritySession); + + AuthItem *usernameItem; + AuthItem *passwordItem; + + do { + + AuthItemRef triesHint(AGENT_HINT_TRIES, AuthValueOverlay(sizeof(retryCount), &retryCount)); + hints.erase(triesHint); hints.insert(triesHint); // replace + + if (++retryCount > maxTries) + reason = SecurityAgent::tooManyTries; + + if (SecurityAgent::noReason != reason) + { + if (SecurityAgent::tooManyTries == reason) + logger.logFailure(NULL, CommonCriteria::errTooManyTries); + else + logger.logFailure(); + } + + AuthItemRef retryHint(AGENT_HINT_RETRY_REASON, AuthValueOverlay(sizeof(reason), &reason)); + hints.erase(retryHint); hints.insert(retryHint); // replace + + setInput(hints, context); + try + { + invoke(); + checkResult(); + } + catch (...) // user probably clicked "deny" + { + logger.logFailure(); + throw; + } + usernameItem = outContext().find(AGENT_USERNAME); + passwordItem = outContext().find(AGENT_PASSWORD); + if (!usernameItem || !passwordItem) + continue; + usernameItem->getString(username); + passwordItem->getString(password); + } while (reason = accept(username, password)); + + if (SecurityAgent::noReason == reason) + logger.logSuccess(); + // else we logged the denial in the loop + + return reason; +} + +Reason +QueryKeychainAuth::accept(string &username, string &passphrase) +{ + const char *user = username.c_str(); + const char *passwd = passphrase.c_str(); + int checkpw_status = checkpw(user, passwd); + + if (checkpw_status != CHECKPW_SUCCESS) + return SecurityAgent::invalidPassphrase; + + return SecurityAgent::noReason; +} + diff --git a/src/agentquery.h b/src/agentquery.h index f92a15f..18161e9 100644 --- a/src/agentquery.h +++ b/src/agentquery.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2008-2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -30,6 +30,7 @@ #include #include +#include // some queries do their own authentication #include #include "kcdatabase.h" #include "AuthorizationEngine.h" @@ -41,34 +42,81 @@ using Authorization::AuthItemSet; using Authorization::AuthValueVector; using Security::OSXCode; -class SecurityAgentQuery : public SecurityAgent::Client { +// +// base for classes talking to SecurityAgent and authorizationhost +// +class SecurityAgentConnection : public SecurityAgentConnectionInterface +{ +public: + SecurityAgentConnection(const AuthHostType type = securityAgent, Session &session = Server::session()); + virtual ~SecurityAgentConnection(); + virtual void activate(); + virtual void reconnect(); + virtual void disconnect() { }; + virtual void terminate(); + + AuthHostType hostType() { return mAuthHostType; } + +protected: + AuthHostType mAuthHostType; + RefPointer mHostInstance; + Port mPort; + const RefPointer mConnection; + audit_token_t *mAuditToken; +}; + +// +// Special wrapper around SecurityAgent::Client transaction interfaces. +// Not currently used because this was intended to support +// SecurityAgent's/authorizationhost's use of Foundation's enable/disable-sudden- +// termination APIs, but the latter don't work for non-direct children of +// launchd. Kept around because securityd might need its own child-transaction +// semantics one day. +// +class SecurityAgentTransaction : public SecurityAgentConnection +{ +public: + SecurityAgentTransaction(const AuthHostType type = securityAgent, Session &session = Server::session(), bool startNow = true); + ~SecurityAgentTransaction(); + + void start(); + void end(); + bool started() { return mStarted; } + +private: + bool mStarted; +}; + +// +// The main SecurityAgent/authorizationhost interaction base class +// +class SecurityAgentQuery : public SecurityAgent::Client, + public SecurityAgentConnection +{ public: typedef SecurityAgent::Reason Reason; SecurityAgentQuery(const AuthHostType type = securityAgent, Session &session = Server::session()); + void inferHints(Process &thisProcess); void addHint(const char *name, const void *value = NULL, UInt32 valueLen = 0, UInt32 flags = 0); virtual ~SecurityAgentQuery(); virtual void activate(); + virtual void reconnect(); + virtual void disconnect(); virtual void terminate(); void create(const char *pluginId, const char *mechanismId, const SessionId inSessionId); -public: void readChoice(); bool allow; bool remember; - AuthHostType mAuthHostType; - RefPointer mHostInstance; protected: AuthItemSet mClientHints; -private: - Port mPort; - const RefPointer mConnection; }; // @@ -185,11 +233,11 @@ class QueryDBBlobSecret : public SecurityAgentQuery { static const int maxTries = kMaximumAuthorizationTries; public: QueryDBBlobSecret() { } - Reason operator () (DatabaseCryptoCore &dbCore, const DbBlob *secretsBlob); + Reason operator () (DbHandle *dbHandleArray, uint8 dbHandleArrayCount, DbHandle *dbHandleAuthenticated); protected: - Reason query(DatabaseCryptoCore &dbCore, const DbBlob *secretsBlob); - Reason accept(CssmManagedData &passphrase, DatabaseCryptoCore &dbCore, const DbBlob *secretsBlob); + Reason query(DbHandle *dbHandleArray, uint8 dbHandleArrayCount, DbHandle *dbHandleAuthenticated); + Reason accept(CssmManagedData &passphrase, DbHandle *dbHandlesToAuthenticate, uint8 dbHandleCount, DbHandle *dbHandleAuthenticated); }; class QueryInvokeMechanism : public SecurityAgentQuery, public RefCount { @@ -205,4 +253,17 @@ public: AuthValueVector mArguments; }; +// hybrid of confirm-access and generic authentication queries, for +// securityd's use; keep the Frankenstein references to yourself +// (the alternative is to ask the user to unlock the system keychain, +// and you don't want that, do you?) +class QueryKeychainAuth : public SecurityAgentQuery { + static const int maxTries = kMaximumAuthorizationTries; +public: + QueryKeychainAuth() { } + // "prompt" can be NULL + Reason operator () (const char *database, const char *description, AclAuthorization action, const char *prompt); + Reason accept(string &username, string &passphrase); +}; + #endif //_H_AGENTQUERY diff --git a/src/authority.cpp b/src/authority.cpp index dd48354..3b910d0 100644 --- a/src/authority.cpp +++ b/src/authority.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2008-2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -253,10 +253,10 @@ AuthorizationToken::setCredentialInfo(const Credential &inCred) if (snprintf(uid_string, sizeof(uid_string), "%u", inCred->uid()) >= int(sizeof(uid_string))) uid_string[0] = '\0'; - AuthItemRef uidHint("uid", AuthValueOverlay(uid_string ? strlen(uid_string) + 1 : 0, uid_string), 0); + AuthItemRef uidHint("uid", AuthValueOverlay(uid_string[0] ? strlen(uid_string) + 1 : 0, uid_string), 0); dstInfoSet.insert(uidHint); - AuthItemRef userHint("username", AuthValueOverlay(inCred->name()), 0); + AuthItemRef userHint("username", AuthValueOverlay(inCred->username()), 0); dstInfoSet.insert(userHint); setInfoSet(dstInfoSet); diff --git a/src/ccaudit_extensions.cpp b/src/ccaudit_extensions.cpp new file mode 100644 index 0000000..dff043a --- /dev/null +++ b/src/ccaudit_extensions.cpp @@ -0,0 +1,441 @@ +/* + * ccaudit_extensions.cpp + * securityd + * + * Created by G H on 3/24/09. + * Copyright 2009 Apple Inc. All rights reserved. + * + */ + +#include +#include +#include // vsnprintf() +#include // va_start(), et al. +#include +#include // memcpy() +#include // AUE_ssauth* +#include +#include +#include +#include "ccaudit_extensions.h" + +namespace Security +{ + +namespace CommonCriteria +{ + +namespace Securityd +{ + +// +// AuditLogger +// +AuditLogger::AuditLogger(const audit_token_t *srcToken, short auEvent) + : mAuditFd(-1), mEvent(auEvent), mClientInfoSet(false) +{ + setClientInfo(srcToken); +} + +AuditLogger::AuditLogger(const AuditToken &srcToken, short auEvent) + : mAuditFd(-1), mEvent(auEvent), mClientInfoSet(false) +{ + setClientInfo(srcToken); +} + +AuditLogger::~AuditLogger() +{ + close(); +} + +bool +AuditLogger::open() +{ + if (-1 != mAuditFd) + return true; + + // @@@ use audit_get_cond() when it's available + int acond = au_get_state(); + switch (acond) + { + case AUC_NOAUDIT: + return false; + case AUC_AUDITING: + break; + default: + logInternalError("error checking auditing status (%d)", acond); + UnixError::throwMe(acond); // assume it's a Unix error + } + if ((mAuditFd = au_open()) < 0) + { + logInternalError("au_open() failed (%s)", strerror(errno)); + UnixError::throwMe(errno); + } + return true; +} + +void +AuditLogger::close(bool writeLog/* = true*/) +{ + if (-1 != mAuditFd) + { + int keep = writeLog == true ? AU_TO_WRITE : AU_TO_NO_WRITE; + int error = au_close(mAuditFd, keep, mEvent); + mAuditFd = -1; + if (writeLog == true && error < 0) + { + logInternalError("au_close() failed; record not committed"); + UnixError::throwMe(error); + } + } +} + +void +AuditLogger::setClientInfo(const audit_token_t *srcToken) +{ + assert(srcToken); + audit_token_to_au32(*srcToken, &mAuditId, &mEuid, &mEgid, &mRuid, &mRgid, &mPid, &mAuditSessionId, &mOldTerminalId); + + mTerminalId.at_type = AU_IPv4; + mTerminalId.at_addr[0] = mOldTerminalId.machine; + mTerminalId.at_port = mOldTerminalId.port; + + mClientInfoSet = true; +} + +void +AuditLogger::setClientInfo(const AuditToken &srcToken) +{ + mAuditId = srcToken.auditId(); + mEuid = srcToken.euid(); + mEgid = srcToken.egid(); + mRuid = srcToken.ruid(); + mRgid = srcToken.rgid(); + mPid = srcToken.pid(); + mAuditSessionId = srcToken.auditSession(); + memcpy(&mOldTerminalId, &(srcToken.terminalId()), sizeof(mOldTerminalId)); + + mTerminalId.at_type = AU_IPv4; + mTerminalId.at_addr[0] = mOldTerminalId.machine; + mTerminalId.at_port = mOldTerminalId.port; + + mClientInfoSet = true; +} + +void +AuditLogger::writeToken(token_t *token, const char *name) +{ + const char *tokenName = name ? name : ""; + if (NULL == token) + { + logInternalError("Invalid '%s' token", tokenName); + close(); + UnixError::throwMe(EPERM); // per audit_submit() + } + if (au_write(mAuditFd, token) < 0) + { + logInternalError("Error writing '%s' token (%s)", tokenName, strerror(errno)); + close(); + UnixError::throwMe(errno); + } +} + +void +AuditLogger::writeSubject() +{ + assert(mClientInfoSet); + + token_t *token; + + // @@@ terminal ID is not carried in the audit trailer nowadays, but + // this code should be harmless: it replicates the current logic in + // audit_submit() + if (AU_IPv4 == mTerminalId.at_type) + token = au_to_subject32(mAuditId, mEuid, mEgid, mRuid, mRgid, mPid, mAuditSessionId, &mOldTerminalId); + else + token = au_to_subject_ex(mAuditId, mEuid, mEgid, mRuid, mRgid, mPid, mAuditSessionId, &mTerminalId); + writeToken(token, "subject"); +} + +void +AuditLogger::writeReturn(char status, int reterr) +{ + writeToken(au_to_return32(status, reterr), "return"); +} + +void +AuditLogger::logSuccess() +{ + if (false == open()) + return; + writeCommon(); + writeReturn(0, 0); + close(); +} + +void +AuditLogger::logFailure(const char *errMsg, int errcode) +{ + if (false == open()) + return; + writeCommon(); + if (errMsg) + writeToken(au_to_text(errMsg), "evaluation error"); + writeReturn(EPERM, errcode); + close(); +} + +// cribbed from audit_submit() +void +AuditLogger::logInternalError(const char *fmt, ...) +{ + va_list ap; + char text[MAX_AUDITSTRING_LEN]; + + if (fmt != NULL) + { + int error = errno; + va_start(ap, fmt); + (void)vsnprintf(text, MAX_AUDITSTRING_LEN, fmt, ap); + va_end(ap); + syslog(LOG_AUTH | LOG_ERR, "%s", text); + errno = error; + } +} + +// +// KeychainAuthLogger +// +const char *KeychainAuthLogger::sysKCAuthStr = "System keychain authorization"; +const char *KeychainAuthLogger::unknownKCStr = ""; +const char *KeychainAuthLogger::unknownItemStr = ""; + +KeychainAuthLogger::KeychainAuthLogger(const audit_token_t *srcToken, short auEvent) + : AuditLogger(srcToken, auEvent), mDatabase(unknownKCStr), + mItem(unknownItemStr) +{ +} + +KeychainAuthLogger::KeychainAuthLogger(const AuditToken &srcToken, short auEvent) + : AuditLogger(srcToken, auEvent), mDatabase(unknownKCStr), + mItem(unknownItemStr) +{ +} + +KeychainAuthLogger::KeychainAuthLogger(const audit_token_t *srcToken, short auEvent, const char *database, const char *item) + : AuditLogger(srcToken, auEvent) +{ + setDbName(database); + setItemName(item); +} + +KeychainAuthLogger::KeychainAuthLogger(const AuditToken &srcToken, short auEvent, const char *database, const char *item) + : AuditLogger(srcToken, auEvent) +{ + setDbName(database); + setItemName(item); +} + +void +KeychainAuthLogger::setDbName(const char *database) +{ + mDatabase = database ? database : unknownKCStr; +} + +void +KeychainAuthLogger::setItemName(const char *item) +{ + mItem = item ? item : unknownItemStr; +} + +void +KeychainAuthLogger::writeCommon() +{ + writeSubject(); + writeToken(au_to_text(sysKCAuthStr), sysKCAuthStr); + writeToken(au_to_text(mDatabase.c_str()), "keychain"); + writeToken(au_to_text(mItem.c_str()), "keychain item"); +} + + +// +// RightLogger +// +const char *RightLogger::unknownRightStr = ""; + +void +RightLogger::setRight(const string &rightName) +{ + mRight.clear(); + mRight = rightName; +} + +void +RightLogger::setRight(const char *rightName) +{ + if (rightName) // NULL bad for string class and au_to_text() + { + string tmpStr(rightName); // setRight() takes a string& + setRight(tmpStr); + } +} + + +// +// AuthMechLogger +// +const char *AuthMechLogger::unknownMechStr = ""; +const char *AuthMechLogger::mechStr = "mechanism "; + +AuthMechLogger::AuthMechLogger(const AuditToken &srcToken, short auEvent) + : AuditLogger(srcToken, auEvent), RightLogger(), + mEvaluatingMechanism(false), mCurrentMechanism(unknownMechStr) +{ +} + +AuthMechLogger::AuthMechLogger(const audit_token_t *srcToken, short auEvent) + : AuditLogger(srcToken, auEvent), RightLogger(), + mEvaluatingMechanism(false), mCurrentMechanism(unknownMechStr) +{ +} + +void +AuthMechLogger::setCurrentMechanism(const char *mech) +{ + mCurrentMechanism.clear(); + if (NULL == mech) + { + mEvaluatingMechanism = false; + } + else + { + mCurrentMechanism = mech; + mEvaluatingMechanism = true; + } +} + +void +AuthMechLogger::writeCommon() +{ + writeSubject(); + writeToken(au_to_text(mRight.c_str()), "right"); + if (true == mEvaluatingMechanism) + { + string tmpStr = mechStr; // mechStr includes a trailing space + tmpStr += mCurrentMechanism; + writeToken(au_to_text(tmpStr.c_str()), "mechanism"); + } +} + +void +AuthMechLogger::logInterrupt(const char *msg) +{ + if (false == open()) + return; + writeCommon(); + if (msg) + writeToken(au_to_text(msg), "interrupt"); + writeReturn(0, 0); + close(); +} + +// +// RightAuthenticationLogger +// +const char *RightAuthenticationLogger::unknownUserStr = ""; +const char *RightAuthenticationLogger::unknownClientStr = ""; +const char *RightAuthenticationLogger::unknownAuthCreatorStr = ""; +const char *RightAuthenticationLogger::authenticatorStr = "known UID "; +const char *RightAuthenticationLogger::clientStr = "client "; +const char *RightAuthenticationLogger::authCreatorStr = "creator "; +const char *RightAuthenticationLogger::authenticatedAsStr = "authenticated as "; +const char *RightAuthenticationLogger::leastPrivStr = "least-privilege"; + +RightAuthenticationLogger::RightAuthenticationLogger(const AuditToken &srcToken, short auEvent) + : AuditLogger(srcToken, auEvent), RightLogger() +{ +} + +RightAuthenticationLogger::RightAuthenticationLogger(const audit_token_t *srcToken, short auEvent) + : AuditLogger(srcToken, auEvent), RightLogger() +{ +} + +void +RightAuthenticationLogger::writeCommon() +{ + writeSubject(); + writeToken(au_to_text(mRight.c_str()), "right"); +} + +void +RightAuthenticationLogger::logSuccess(uid_t authenticator, uid_t target, const char *targetName) +{ + if (false == open()) + return; + writeCommon(); + + // au_to_arg32() is really meant for auditing syscall arguments; + // we're slightly abusing it to get descriptive strings for free. + writeToken(au_to_arg32(1, authenticatorStr, authenticator), "authenticator"); + string tmpStr(authenticatedAsStr); + // targetName shouldn't be NULL on a successful authentication, but allow + // for programmer screwups + tmpStr += targetName ? targetName : unknownUserStr; + writeToken(au_to_arg32(2, tmpStr.c_str(), target), "target"); + writeReturn(0, 0); + close(); +} + +void +RightAuthenticationLogger::logAuthorizationResult(const char *client, const char *authCreator, int errcode) +{ + if (false == open()) + return; + writeCommon(); + string tmpStr(clientStr); + tmpStr += client ? client : unknownClientStr; + writeToken(au_to_text(tmpStr.c_str()), "Authorization client"); + tmpStr.clear(); + tmpStr = authCreatorStr; + tmpStr += authCreator ? authCreator : unknownAuthCreatorStr; + writeToken(au_to_text(tmpStr.c_str()), "Authorization creator"); + if (errAuthorizationSuccess == errcode) + writeReturn(0, 0); + else + writeReturn(EPERM, errcode); + close(); +} + +void +RightAuthenticationLogger::logLeastPrivilege(uid_t userId, bool isAuthorizingUser) +{ + if (false == open()) + return; + writeCommon(); + writeToken(au_to_text(leastPrivStr), leastPrivStr); + writeReturn(0, 0); + close(); +} + +void +RightAuthenticationLogger::logFailure(uid_t authenticator, const char *targetName) +{ + if (false == open()) + return; + writeCommon(); + writeToken(au_to_arg32(1, authenticatorStr, authenticator), "authenticator"); + if (NULL == targetName) + writeToken(au_to_text(unknownUserStr), "target username"); + else + writeToken(au_to_text(targetName), "target username"); + // @@@ EAUTH more appropriate, but !defined for _POSIX_C_SOURCE + writeReturn(EPERM, errAuthorizationDenied); + close(); +} + +} // namespace Securityd + +} // namespace CommonCriteria + +} // namespace Security diff --git a/src/ccaudit_extensions.h b/src/ccaudit_extensions.h new file mode 100644 index 0000000..c81860f --- /dev/null +++ b/src/ccaudit_extensions.h @@ -0,0 +1,253 @@ +/* + * ccaudit_extensions.h + * securityd + * + * Created by G H on 3/24/09. + * Copyright 2009 Apple Inc. All rights reserved. + * + * Extensions to utility classes in Security::CommonCriteria + * (libsecurity_utilities). Not clear that these are useful enough to be + * added there, so for now, they're here. + */ + +#include +#include +#include +#include // AUE_NULL +#include + +// +// Regarding message formats in comments, below: +// +// <> denotes a string with the indicated information +// '' denotes a literal string +// +// Message info is in text tokens unless otherwise indicated. +// + +namespace Security +{ + +namespace CommonCriteria +{ + +namespace Securityd +{ + +// +// Pure virtual class from which audit log writers should be derived. +// The assumption about logging is that a "success" case logs certain +// data about what succeeded, while a "failure" case logs that same data +// plus some indication as to why the failure occurred. +// +// Subclasses minimally need to provide a writeCommon() method. They may +// override logSuccess(); q.v. +// +// An AuditLogger is intended to live no longer than the audit trailer of a +// securityd IPC. +// +// setClientInfo() must be called before logging, or at best, gibberish +// will be logged. +// +// Nomenclature: +// "write" methods only au_write() +// "log" methods open, write, and close the log +// +class AuditLogger +{ +public: + AuditLogger() : mAuditFd(-1), mEvent(AUE_NULL), mClientInfoSet(false) { } + AuditLogger(const audit_token_t *srcToken, short auEvent = AUE_NULL); + AuditLogger(const AuditToken &srcToken, short auEvent = AUE_NULL); + virtual ~AuditLogger(); + + bool open(); // false if auditing disabled; throws on real errors + void close(bool writeLog = true); // throws if writeLog true but au_close() failed + + void setClientInfo(const audit_token_t *srcToken); + void setClientInfo(const AuditToken &srcToken); + void setEvent(short auEvent) { mEvent = auEvent; } + short event() const { return mEvent; } + + // common log-writing activities + void writeToken(token_t *token, const char *name); + void writeSubject(); + void writeReturn(char status, int reterr); + virtual void writeCommon() = 0; // should not open or close log + + // logSuccess() assumes that all the ancillary information you need is + // written by writeCommon(). If that's not true, you can either + // override logSuccess() in your subclass, or use a different method + // altogether. Do not call AuditLogger::logSuccess() from the subclass + // in eiher case. + virtual void logSuccess(); + + virtual void logFailure(const char *errMsg = NULL, int errcode = errAuthorizationDenied); + virtual void logFailure(string &errMsg, int errcode = errAuthorizationDenied) { logFailure(errMsg.c_str(), errcode); } + + // @@@ Extra credit: let callers add arbitrary tokens. Tokens added + // before a log*() call would be appended to the end of writeCommon()'s + // standard set. + +protected: + void logInternalError(const char *fmt, ...); + +private: + int mAuditFd; + short mEvent; + bool mClientInfoSet; // disallow resetting client info + + uid_t mAuditId; + uid_t mEuid; + gid_t mEgid; + uid_t mRuid; + gid_t mRgid; + pid_t mPid; + au_asid_t mAuditSessionId; + au_tid_t mOldTerminalId; // to cache audit_token_to_au32() result + au_tid_addr_t mTerminalId; // @@@ AuditInfo still uses ai_tid_t +}; + +// +// KeychainAuthLogger format: +// 'System keychain authorization' +// +// +// [optional] +// +// For QueryKeychainAuth audit logging +// +class KeychainAuthLogger : public AuditLogger +{ + static const char *sysKCAuthStr; + static const char *unknownKCStr; + static const char *unknownItemStr; + +public: + KeychainAuthLogger() : AuditLogger(), mDatabase(unknownKCStr), mItem(unknownItemStr) { } + KeychainAuthLogger(const audit_token_t *srcToken, short auEvent); + KeychainAuthLogger(const audit_token_t *srcToken, short auEvent, const char *database, const char *item); + KeychainAuthLogger(const AuditToken &srcToken, short auEvent); + KeychainAuthLogger(const AuditToken &srcToken, short auEvent, const char *database, const char *item); + void setDbName(const char *database); + void setItemName(const char *item); + virtual void writeCommon(); + +private: + string mDatabase; + string mItem; +}; + +// +// RightLogger provides basic common data and behavior for rights-based +// logging classes. @@@ "RightLogger" is a lousy name +// +class RightLogger +{ +protected: + static const char *unknownRightStr; + +public: + RightLogger() : mRight(unknownRightStr) { } + virtual ~RightLogger() { } + + void setRight(const string &rightName); + void setRight(const char *rightName); + +protected: + string mRight; +}; + +// +// Basic (per-mechanism) AuthMechLogger format: +// +// [optional] 'mechanism' +// [optional] +// +// e.g.: +// com.foo.bar +// mechanism FooPlugin:SomeMechanism +// unknown mechanism; ending rule evaluation +// +class AuthMechLogger : public AuditLogger, public RightLogger +{ + static const char *unknownMechStr; + static const char *mechStr; + +public: + AuthMechLogger() : AuditLogger(), RightLogger(), mEvaluatingMechanism(false), mCurrentMechanism(unknownMechStr) { } + AuthMechLogger(const AuditToken &srcToken, short auEvent); + AuthMechLogger(const audit_token_t *srcToken, short auEvent); + + void setCurrentMechanism(const char *mech); // pass NULL if not running mechs. + void setCurrentMechanism(const string &mech) { setCurrentMechanism(mech.c_str()); } + virtual void writeCommon(); + + // Authorization mechanism-evaluation interrupts need to be logged since + // they cause evaluation to restart, possibly at a different point in the + // mechanism chain. + void logInterrupt(const char *msg); // NULL msg okay + void logInterrupt(string &msg) { logInterrupt(msg.c_str()); } + +private: + bool mEvaluatingMechanism; + string mCurrentMechanism; +}; + +// +// Basic RightAuthenticationLogger formats: +// +// Per-credential (newly granted during an evaluation): +// +// UID of user performing the authentication [arg32 token] +// UID and username of the successfully authenticated user [arg32 token] +// or: +// +// UID of user performing the authentication [arg32 token] +// Name of the user as whom the first UID was attempting to authenticate +// +// Final (i.e., after all mechanisms) right-granting decision format: +// +// name of process requesting authorization +// name of process that created the Authorization handle +// +// Least-privilege credential-generating event format: +// +// 'least-privilege' +// +// @@@ each format should be its own class +// +class RightAuthenticationLogger : public AuditLogger, public RightLogger +{ + static const char *unknownUserStr; + static const char *unknownClientStr; + static const char *unknownAuthCreatorStr; + static const char *authenticatorStr; + static const char *clientStr; + static const char *authCreatorStr; + static const char *authenticatedAsStr; + static const char *leastPrivStr; + +public: + RightAuthenticationLogger() : AuditLogger(), RightLogger() { } + RightAuthenticationLogger(const AuditToken &srcToken, short auEvent); + RightAuthenticationLogger(const audit_token_t *srcToken, short auEvent); + virtual ~RightAuthenticationLogger() { } + + virtual void writeCommon(); + + virtual void logSuccess() { } // throw? in any case, don't allow the usual logSuccess() to work + // @@@ clean up, consolidate Success and AuthorizationResult + void logSuccess(uid_t authenticator, uid_t target, const char *targetName); + void logAuthorizationResult(const char *client, const char *authCreator, int errcode); + void logLeastPrivilege(uid_t userId, bool isAuthorizingUser); + virtual void logFailure(const char *errMsg, int errcode) { AuditLogger::logFailure(errMsg, errcode); } + void logFailure(uid_t authenticator, const char *targetName); +}; + + +} // namespace Securityd + +} // namespace CommonCriteria + +} // namespace Security diff --git a/src/child.cpp b/src/child.cpp index a8cd2b0..812c611 100644 --- a/src/child.cpp +++ b/src/child.cpp @@ -26,6 +26,7 @@ // child - track a single child process and its belongings // #include "child.h" +#include "dtrace.h" #include @@ -47,7 +48,7 @@ ServerChild::ServerChild() // // If the ServerChild is destroyed, kill its process, nice or hard. // -// In case you wonder about the tango below, it's making sure we +// In case you wonder about the tango below, it's making sure we // get to "It's dead, Jim" with the minimum number of checkChildren() // calls while still working correctly if this is the only thread alive. // @@ -92,10 +93,12 @@ void ServerChild::parentAction() if (state() == dead) { // our child died secdebug("serverchild", "%p (pid %d) died before checking in", this, pid()); + SECURITYD_CHILD_STILLBORN(this->pid()); } else if (ready()) { // child has checked in and is ready for service secdebug("serverchild", "%p (pid %d) ready for service on port %d", this, pid(), mServicePort.port()); + SECURITYD_CHILD_READY(this->pid()); } else assert(false); // how did we ever get here?! } @@ -106,6 +109,7 @@ void ServerChild::parentAction() // void ServerChild::dying() { + SECURITYD_CHILD_DYING(this->pid()); secdebug("serverchild", "%p is dead; resuming parent thread (if any)", this); mCheckinCond.signal(); } @@ -122,10 +126,12 @@ void ServerChild::checkIn(Port servicePort, pid_t pid) secdebug("serverchild", "%p (pid %d) checking in; resuming parent thread", child, pid); } + SECURITYD_CHILD_CHECKIN(pid, servicePort); child->mCheckinCond.signal(); } else { // Child has died; is wrong kind; or spurious checkin. // If it was a proper child, death notifications will wake up the parent thread secdebug("serverchild", "pid %d not in child set; checkin ignored", pid); + SECURITYD_CHILD_CHECKIN(pid, 0); } } diff --git a/src/clientid.cpp b/src/clientid.cpp index b04b7c6..7dc6907 100644 --- a/src/clientid.cpp +++ b/src/clientid.cpp @@ -25,7 +25,7 @@ // #include "clientid.h" #include "server.h" -#include "osxcodewrap.h" +#include // @@ -44,10 +44,12 @@ ClientIdentification::ClientIdentification() // void ClientIdentification::setup(pid_t pid) { - if (IFDEBUG(OSStatus rc =)SecCodeCreateWithPID(pid, kSecCSDefaultFlags, + StLock _(mLock); + if (OSStatus rc = SecCodeCreateWithPID(pid, kSecCSDefaultFlags, &mClientProcess.aref())) - secdebug("clientid", "could not get code for process %d: OSStatus=%ld", - pid, rc); + secdebug("clientid", "could not get code for process %d: OSStatus=%d", + pid, int32_t(rc)); + mGuests.erase(mGuests.begin(), mGuests.end()); } @@ -174,7 +176,7 @@ static void dumpCode(SecCodeRef code) { CFRef path; if (OSStatus rc = SecCodeCopyPath(code, kSecCSDefaultFlags, &path.aref())) - Debug::dump("unknown(rc=%ld)", rc); + Debug::dump("unknown(rc=%d)", int32_t(rc)); else Debug::dump("%s", cfString(path).c_str()); } diff --git a/src/codesigdb.cpp b/src/codesigdb.cpp index 411f8ec..8d3a425 100644 --- a/src/codesigdb.cpp +++ b/src/codesigdb.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003-2007 Apple Inc. All Rights Reserved. + * Copyright (c) 2003-2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -28,10 +28,10 @@ #include "codesigdb.h" #include "process.h" #include "server.h" -#include "osxcodewrap.h" #include "agentquery.h" #include #include +#include // @@ -240,7 +240,7 @@ bool CodeSignatures::verify(Process &process, // The legacy hash is ignored (it's for use by pre-Leopard systems). secdebug("codesign", "CS requirement present; ignoring legacy hashes"); Server::active().longTermActivity(); - switch (IFDEBUG(OSStatus rc =) SecCodeCheckValidity(code, kSecCSDefaultFlags, requirement)) { + switch (OSStatus rc = SecCodeCheckValidity(code, kSecCSDefaultFlags, requirement)) { case noErr: secdebug("codesign", "CS verify passed"); return true; @@ -248,7 +248,7 @@ bool CodeSignatures::verify(Process &process, secdebug("codesign", "CS verify against unsigned binary failed"); return false; default: - secdebug("codesign", "CS verify failed OSStatus=%ld", rc); + secdebug("codesign", "CS verify failed OSStatus=%d", int32_t(rc)); return false; } } @@ -361,7 +361,7 @@ OSStatus CodeSignatures::matchSignedClientToLegacyACL(Process &process, return noErr; } default: - secdebug("codesign", "validation fails with rc=%ld, rejecting", rc); + secdebug("codesign", "validation fails with rc=%d, rejecting", int32_t(rc)); return rc; } secdebug("codesign", "does not withstand strict scrutiny; ask the user"); @@ -408,6 +408,8 @@ bool CodeSignatures::verifyLegacy(Process &process, const CssmData &signature, s return false; } +#if CONSULT_LEGACY_CODE_EQUIVALENCE_DATABASE + // Ah well. Establish mediator objects for database signature links AclIdentity aclIdentity(signature, path); @@ -496,6 +498,12 @@ bool CodeSignatures::verifyLegacy(Process &process, const CssmData &signature, s mDb.flush(); secdebug("codesign", "new linkages established: pass"); return true; + +#else /* ignore Code Equivalence Database */ + + return false; + +#endif } diff --git a/src/connection.cpp b/src/connection.cpp index ea4fbd7..ec973d8 100644 --- a/src/connection.cpp +++ b/src/connection.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved. + * Copyright (c) 2000-2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -56,8 +56,7 @@ Connection::Connection(Process &proc, Port rPort) // bump the send-rights count on the reply port so we keep the right after replying mClientPort.modRefs(MACH_PORT_RIGHT_SEND, +1); - secdebug("SS", "New connection %p for process %d clientport=%d", - this, process().pid(), int(rPort)); + SECURITYD_CLIENT_CONNECTION_NEW(this, rPort, &proc); } @@ -67,7 +66,7 @@ Connection::Connection(Process &proc, Port rPort) // Connection::~Connection() { - secdebug("SS", "Connection %p destroyed", this); + SECURITYD_CLIENT_CONNECTION_RELEASE(this); assert(!agentWait); } @@ -113,7 +112,7 @@ void Connection::abort(bool keepReplyPort) case busy: state = dying; // shoot me soon, please if (agentWait) - agentWait->destroy(); + agentWait->disconnect(); secdebug("SS", "Connection %p abort deferred (busy)", this); break; default: @@ -129,8 +128,11 @@ void Connection::abort(bool keepReplyPort) // into the Big Bad Void as Connections and processes drop out from // under them. // -void Connection::beginWork() +void Connection::beginWork(audit_token_t &auditToken) { + // assume the audit token will be valid for the Connection's lifetime + // (but no longer) + mAuditToken = &auditToken; switch (state) { case idle: state = busy; @@ -160,6 +162,8 @@ void Connection::checkWork() void Connection::endWork(CSSM_RETURN &rcode) { + mAuditToken = NULL; + switch (state) { case busy: if (mOverrideReturn && rcode == CSSM_OK) diff --git a/src/connection.h b/src/connection.h index 551c888..b340940 100644 --- a/src/connection.h +++ b/src/connection.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved. + * Copyright (c) 2000-2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -28,10 +28,10 @@ #ifndef _H_CONNECTION #define _H_CONNECTION -#include #include "process.h" #include "session.h" #include "notifications.h" +#include // audit_token_t #include using MachPlusPlus::Port; @@ -39,6 +39,14 @@ using MachPlusPlus::TaskPort; class Session; +// define the minimum interface Connection requires for classes wanting to +// participate in SecurityAgent/authorizationhost IPCs (defined here rather +// than agentquery.h to avoid circularity in headers) +class SecurityAgentConnectionInterface +{ +public: + virtual void disconnect() = 0; +}; // // A Connection object represents an established connection between a client @@ -62,14 +70,16 @@ public: // Code Signing guest management - tracks current guest id in client SecGuestRef guestRef() const { return mGuestRef; } void guestRef(SecGuestRef newGuest, SecCSFlags flags = 0); + + audit_token_t *auditToken() const { return mAuditToken; } // work framing - called as work threads pick up connection work - void beginWork(); // I've got it + void beginWork(audit_token_t &auditToken); // I've got it void checkWork(); // everything still okay? void endWork(CSSM_RETURN &rcode); // Done with this // notify that a SecurityAgent call may hang the active worker thread for a while - void useAgent(SecurityAgent::Client *client) + void useAgent(SecurityAgentConnectionInterface *client) { StLock _(*this); agentWait = client; } // set an overriding CSSM_RETURN to return instead of success @@ -82,6 +92,7 @@ private: // peer state: established during connection startup; fixed thereafter Port mClientPort; // client's Mach reply port SecGuestRef mGuestRef; // last known Code Signing guest reference for this client thread + audit_token_t *mAuditToken; // in case auditing is required CSSM_RETURN mOverrideReturn; // override successful return code (only) // transient state (altered as we go) @@ -90,7 +101,7 @@ private: busy, // a thread is busy servicing us dying // busy and scheduled to die as soon as possible } state; - SecurityAgent::Client *agentWait; // SA client session we may be waiting on + SecurityAgentConnectionInterface *agentWait; // SA connection we may be waiting on }; diff --git a/src/credential.cpp b/src/credential.cpp index eab7c83..5eaa6a1 100644 --- a/src/credential.cpp +++ b/src/credential.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -32,16 +32,16 @@ extern "C" int checkpw_internal( const struct passwd *pw, const char* password ) namespace Authorization { // default credential: invalid for everything, needed as a default session credential -CredentialImpl::CredentialImpl() : mUid(0), mShared(false), mName(""), mRealname(""), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(false), mRight(false) +CredentialImpl::CredentialImpl() : mShared(false), mRight(false), mRightName(""), mGroupName(""), mUid(0), mUserName(""), mRealName(""), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(false) { } // only for testing whether this credential is usable -CredentialImpl::CredentialImpl(const uid_t uid, const string &username, const string &realname, bool shared) : mUid(uid), mShared(shared), mName(username), mRealname(realname), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(true), mRight(false) +CredentialImpl::CredentialImpl(const uid_t uid, const string &username, const string &realname, const string &groupname, bool shared) : mShared(shared), mRight(false), mRightName(""), mGroupName(groupname), mUid(uid), mUserName(username), mRealName(realname), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(true) { } -CredentialImpl::CredentialImpl(const string &username, const string &password, bool shared) : mShared(shared), mName(username), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(false), mRight(false) +CredentialImpl::CredentialImpl(const string &username, const string &password, bool shared) : mShared(shared), mRight(false), mRightName(""), mGroupName(""), mUserName(username), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(false) { Server::active().longTermActivity(); const char *user = username.c_str(); @@ -54,8 +54,8 @@ CredentialImpl::CredentialImpl(const string &username, const string &password, b } mUid = pw->pw_uid; - mName = pw->pw_name; - mRealname = pw->pw_gecos; + mUserName = pw->pw_name; + mRealName = pw->pw_gecos; const char *passwd = password.c_str(); int checkpw_status = checkpw_internal(pw, passwd); @@ -73,7 +73,10 @@ CredentialImpl::CredentialImpl(const string &username, const string &password, b } while (0); } -CredentialImpl::CredentialImpl(const string &right, bool shared) : mUid(-2), mShared(shared), mName(right), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(true), mRight(true) +// least-privilege + // @@@ arguably we don't care about the UID any more and should not + // require it in this ctor +CredentialImpl::CredentialImpl(const string &right, const uid_t uid, bool shared) : mShared(shared), mRight(true), mRightName(right), mGroupName(""), mUid(uid), mUserName(""), mRealName(""), mCreationTime(CFAbsoluteTimeGetCurrent()), mValid(true) { } @@ -84,12 +87,32 @@ CredentialImpl::~CredentialImpl() bool CredentialImpl::operator < (const CredentialImpl &other) const { - if (!mShared && other.mShared) - return true; - if (!other.mShared && mShared) - return false; - - return mUid < other.mUid; + // Desired ordering characteristics: + // + // - unshared before shared + // - least privilege before non-least privilege + // - for least privilege credentials with the same sharing characteristics, + // order on the basis of right strings + // - orthographic order of group names + // + // UID used to be the primary distinguishing element, but it can't be + // trusted--it's gathered as a side effect, potentially by an external + // process. + // + // Nothing is sacred about this ordering; we just had to pick something. + + if (!mShared && other.mShared) + return true; + if (!other.mShared && mShared) + return false; + if (mRight && !other.mRight) + return true; + if (!mRight && other.mRight) + return false; + if (mRight && other.mRight) + return mRightName < other.mRightName; + else + return mGroupName < other.mGroupName; } // Returns true if this CredentialImpl should be shared. @@ -103,13 +126,18 @@ CredentialImpl::isShared() const void CredentialImpl::merge(const CredentialImpl &other) { - assert(mUid == other.mUid); + // try to ensure that the credentials are the same type + assert(mRight == other.mRight); + if (mRight) + assert(mRightName == other.mRightName); + else + assert(mGroupName == other.mGroupName); - if (other.mValid && (!mValid || mCreationTime < other.mCreationTime)) - { - mCreationTime = other.mCreationTime; - mValid = true; - } + if (other.mValid && (!mValid || mCreationTime < other.mCreationTime)) + { + mCreationTime = other.mCreationTime; + mValid = true; + } } // The time at which this credential was obtained. @@ -145,8 +173,8 @@ RefPointer(impl) { } -Credential::Credential(const uid_t uid, const string &username, const string &realname, bool shared) : -RefPointer(new CredentialImpl(uid, username, realname, shared)) +Credential::Credential(const uid_t uid, const string &username, const string &realname, const string &groupname, bool shared) : +RefPointer(new CredentialImpl(uid, username, realname, groupname, shared)) { } @@ -154,7 +182,7 @@ Credential::Credential(const string &username, const string &password, bool shar { } -Credential::Credential(const string &right, bool shared) : RefPointer(new CredentialImpl(right, shared)) +Credential::Credential(const string &right, const uid_t uid, bool shared) : RefPointer(new CredentialImpl(right, uid, shared)) { } diff --git a/src/credential.h b/src/credential.h index 78363ee..7b5dba6 100644 --- a/src/credential.h +++ b/src/credential.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -29,15 +29,19 @@ #include namespace Authorization { + + // There should be an abstract base class for Credential so we can have + // different kinds, e.g., those associated with smart-card auth, or those + // not requiring authentication as such at all. () /* Credentials are less than comparable so they can be put in sets or maps. */ class CredentialImpl : public RefCount { public: CredentialImpl(); - CredentialImpl(const uid_t uid, const string &username, const string &realname, bool shared); + CredentialImpl(const uid_t uid, const string &username, const string &realname, const string &groupname, bool shared); CredentialImpl(const string &username, const string &password, bool shared); - CredentialImpl(const string &right, bool shared); + CredentialImpl(const string &right, const uid_t uid, bool shared); ~CredentialImpl(); bool operator < (const CredentialImpl &other) const; @@ -59,25 +63,32 @@ public: // We could make Rule a friend but instead we just expose this for now inline const uid_t uid() const { return mUid; } - inline const string& name() const { return mName; } - inline const string& realname() const { return mRealname; } + inline const string& username() const { return mUserName; } + inline const string& realname() const { return mRealName; } inline const bool isRight() const { return mRight; } + inline const string &rightname() const { return mRightName; } + inline const string &groupname() const { return mGroupName; } + + // sometimes the Credential exists before we've validated it, so we need + // a setter for group name + inline void setGroupname(const string &group) { mGroupName = group; } + private: - // Key - uid_t mUid; - - // True iff this credential is shared. - bool mShared; + bool mShared; // credential is shared + bool mRight; // is least-privilege credential + string mRightName; // least-privilege name + string mGroupName; // if it's not least-priv, it boils down to + // user-in-group - // Fields below are not used by less than operator + // Fields below are not used by less-than operator - // The username of the user that provided his password. - string mName; - string mRealname; + // The user that provided his password. + uid_t mUid; + string mUserName; + string mRealName; CFAbsoluteTime mCreationTime; bool mValid; - bool mRight; }; /* Credentials are less than comparable so they can be put in sets or maps. */ @@ -86,9 +97,9 @@ class Credential : public RefPointer public: Credential(); Credential(CredentialImpl *impl); - Credential(const uid_t uid, const string &username, const string &realname, bool shared); + Credential(const uid_t uid, const string &username, const string &realname, const string &groupname, bool shared); Credential(const string &username, const string &password, bool shared); - Credential(const string &right, bool shared); + Credential(const string &right, const uid_t uid, bool shared); ~Credential(); bool operator < (const Credential &other) const; diff --git a/src/csproxy.cpp b/src/csproxy.cpp index 6511b43..5783e08 100644 --- a/src/csproxy.cpp +++ b/src/csproxy.cpp @@ -27,7 +27,9 @@ // #include "csproxy.h" #include "server.h" +#include #include +#include // @@ -60,6 +62,7 @@ void CodeSigningHost::reset() case dynamicHosting: mHostingPort.destroy(); mHostingPort = MACH_PORT_NULL; + SECURITYD_HOST_UNREGISTER(DTSELF); break; case proxyHosting: Server::active().remove(*this); // unhook service handler @@ -67,6 +70,7 @@ void CodeSigningHost::reset() mHostingState = noHosting; mHostingPort = MACH_PORT_NULL; mGuests.erase(mGuests.begin(), mGuests.end()); + SECURITYD_HOST_UNREGISTER(DTSELF); break; } } @@ -84,7 +88,6 @@ CodeSigningHost::Guest *CodeSigningHost::findHost(SecGuestRef hostRef) for (;;) { if (Guest *guest = findGuest(host)) if (guest->dedicated) { - secdebug("hosting", "%p selecting dedicated guest %p of %p", this, guest, host); host = guest; continue; } @@ -127,12 +130,10 @@ CodeSigningHost::Guest *CodeSigningHost::findGuest(Guest *host, const CssmData & if (CFNumberRef canonical = attrs.get(kSecGuestAttributeCanonical)) { // direct lookup by SecGuestRef (canonical guest handle) SecGuestRef guestRef = cfNumber(canonical); - secdebug("hosting", "host %p looking for guest handle 0x%x", host, guestRef); if (Guest *guest = findGuest(guestRef, true)) // found guest handle - if (guest->isGuestOf(host, loose)) { - secdebug("hosting", "found guest %p, continuing search", guest); + if (guest->isGuestOf(host, loose)) host = guest; // new starting point - } else + else MacOSError::throwMe(errSecCSNoSuchCode); // not a guest of given host else MacOSError::throwMe(errSecCSNoSuchCode); // not there at all @@ -143,7 +144,6 @@ CodeSigningHost::Guest *CodeSigningHost::findGuest(Guest *host, const CssmData & CFTypeRef keys[count], values[count]; CFDictionaryGetKeysAndValues(attrs, keys, values); for (;;) { - secdebug("hosting", "searching host %p by attributes", host); Guest *match = NULL; // previous match found for (GuestMap::const_iterator it = mGuests.begin(); it != mGuests.end(); ++it) if (it->second->isGuestOf(host, strict)) @@ -152,13 +152,10 @@ CodeSigningHost::Guest *CodeSigningHost::findGuest(Guest *host, const CssmData & MacOSError::throwMe(errSecCSMultipleGuests); // ambiguous else match = it->second; - if (!match) { // nothing found - secdebug("hosting", "nothing found, returning %p", host); + if (!match) // nothing found return host; - } else { - secdebug("hosting", "found guest %p, continuing", match); + else host = match; // and repeat - } } } @@ -186,10 +183,9 @@ void CodeSigningHost::registerCodeSigning(mach_port_t hostingPort, SecCSFlags fl { switch (mHostingState) { case noHosting: - secdebug("hosting", "%p registering for dynamic hosting on port %d", - this, hostingPort); mHostingPort = hostingPort; mHostingState = dynamicHosting; + SECURITYD_HOST_REGISTER(DTSELF, mHostingPort); break; default: MacOSError::throwMe(errSecCSHostProtocolContradiction); @@ -203,35 +199,36 @@ void CodeSigningHost::registerCodeSigning(mach_port_t hostingPort, SecCSFlags fl // This engages proxy hosting mode, and is incompatible with dynamic hosting mode. // SecGuestRef CodeSigningHost::createGuest(SecGuestRef hostRef, - uint32_t status, const char *path, const CssmData &attributes, SecCSFlags flags) + uint32_t status, const char *path, + const CssmData &cdhash, const CssmData &attributes, SecCSFlags flags) { - secdebug("hosting", "%p create guest from host %d", this, hostRef); - if (path[0] != '/') // relative path (relative to what? :-) MacOSError::throwMe(errSecCSHostProtocolRelativePath); + if (cdhash.length() > maxUcspHashLength) + MacOSError::throwMe(errSecCSHostProtocolInvalidHash); // set up for hosting proxy services if nothing's there yet switch (mHostingState) { - case noHosting: + case noHosting: // first hosting call, this host // set up proxy hosting - mHostingPort.allocate(); - MachServer::Handler::port(mHostingPort); - MachServer::active().add(*this); - mHostingState = proxyHosting; - secdebug("hosting", "%p created hosting port %d for proxy hosting", this, mHostingPort.port()); + mHostingPort.allocate(); // allocate service port + MachServer::Handler::port(mHostingPort); // put into Handler + MachServer::active().add(*this); // start listening + mHostingState = proxyHosting; // now proxying for this host + SECURITYD_HOST_PROXY(DTSELF, mHostingPort); break; - case proxyHosting: - break; // all set - case dynamicHosting: + case proxyHosting: // already proxying + break; + case dynamicHosting: // in dynamic mode, can't switch MacOSError::throwMe(errSecCSHostProtocolContradiction); } RefPointer host = findHost(hostRef); - RefPointer knownGuest = findGuest(host); - if ((flags & kSecCSDedicatedHost) && knownGuest) - MacOSError::throwMe(errSecCSHostProtocolDedicationError); // can't dedicate with other guests - else if (knownGuest && knownGuest->dedicated) - MacOSError::throwMe(errSecCSHostProtocolDedicationError); // other guest is already dedicated + if (RefPointer knownGuest = findGuest(host)) // got a guest already + if (flags & kSecCSDedicatedHost) + MacOSError::throwMe(errSecCSHostProtocolDedicationError); // can't dedicate with other guests + else if (knownGuest->dedicated) + MacOSError::throwMe(errSecCSHostProtocolDedicationError); // other guest is already dedicated // create the new guest RefPointer guest = new Guest; @@ -241,27 +238,30 @@ SecGuestRef CodeSigningHost::createGuest(SecGuestRef hostRef, guest->status = status; guest->path = path; guest->setAttributes(attributes); + guest->setHash(cdhash, flags & kSecCSGenerateGuestHash); guest->dedicated = (flags & kSecCSDedicatedHost); mGuests[guest->guestRef()] = guest; - secdebug("hosting", "guest 0x%x created %sstatus=0x%x path=%s", - guest->guestRef(), guest->dedicated ? "dedicated " : "", guest->status, guest->path.c_str()); + SECURITYD_GUEST_CREATE(DTSELF, hostRef, guest->guestRef(), guest->status, flags, (char *)guest->path.c_str()); + if (SECURITYD_GUEST_CDHASH_ENABLED()) + SECURITYD_GUEST_CDHASH(DTSELF, guest->guestRef(), + (void*)CFDataGetBytePtr(guest->cdhash), CFDataGetLength(guest->cdhash)); return guest->guestRef(); } void CodeSigningHost::setGuestStatus(SecGuestRef guestRef, uint32_t status, const CssmData &attributes) { - secdebug("hosting", "%p set guest 0x%x", this, guestRef); if (mHostingState != proxyHosting) MacOSError::throwMe(errSecCSHostProtocolNotProxy); Guest *guest = findGuest(guestRef); // state modification machine - if ((status & ~guest->status) & CS_VALID) + if ((status & ~guest->status) & kSecCodeStatusValid) MacOSError::throwMe(errSecCSHostProtocolStateError); // can't set - if ((~status & guest->status) & (CS_HARD | CS_KILL)) + if ((~status & guest->status) & (kSecCodeStatusHard | kSecCodeStatusKill)) MacOSError::throwMe(errSecCSHostProtocolStateError); // can't clear guest->status = status; + SECURITYD_GUEST_CHANGE(DTSELF, guestRef, status); // replace attributes if requested if (attributes) @@ -274,7 +274,6 @@ void CodeSigningHost::setGuestStatus(SecGuestRef guestRef, uint32_t status, cons // void CodeSigningHost::removeGuest(SecGuestRef hostRef, SecGuestRef guestRef) { - secdebug("hosting", "%p removes guest %d from host %d", this, guestRef, hostRef); if (mHostingState != proxyHosting) MacOSError::throwMe(errSecCSHostProtocolNotProxy); RefPointer host = findHost(hostRef); @@ -284,8 +283,10 @@ void CodeSigningHost::removeGuest(SecGuestRef hostRef, SecGuestRef guestRef) if (!guest->isGuestOf(host, strict)) MacOSError::throwMe(errSecCSHostProtocolUnrelated); for (GuestMap::iterator it = mGuests.begin(); it != mGuests.end(); ++it) - if (it->second->isGuestOf(guest, loose)) + if (it->second->isGuestOf(guest, loose)) { + SECURITYD_GUEST_DESTROY(DTSELF, it->first); mGuests.erase(it); + } } @@ -293,23 +294,45 @@ void CodeSigningHost::removeGuest(SecGuestRef hostRef, SecGuestRef guestRef) // The internal Guest object // CodeSigningHost::Guest::~Guest() -{ - secdebug("hosting", "guest %ld destroyed", handle()); -} +{ } void CodeSigningHost::Guest::setAttributes(const CssmData &attrData) { CFRef guest = makeCFNumber(guestRef()); if (attrData) { - CFRef inputDict = makeCFDictionaryFrom(attrData.data(), attrData.length()); - CFRef dict = CFDictionaryCreateMutableCopy(NULL, 0, inputDict); - CFDictionaryAddValue(dict, kSecGuestAttributeCanonical, guest); - attributes.take(dict); + attributes.take(cfmake("{+%O,%O=%O}", + makeCFDictionaryFrom(attrData.data(), attrData.length()), kSecGuestAttributeCanonical, guest.get())); } else { attributes.take(makeCFDictionary(1, kSecGuestAttributeCanonical, guest.get())); } } +CFDataRef CodeSigningHost::Guest::attrData() const +{ + if (!mAttrData) + mAttrData = makeCFData(this->attributes.get()); + return mAttrData; +} + + +void CodeSigningHost::Guest::setHash(const CssmData &given, bool generate) +{ + if (given.length()) // explicitly given + this->cdhash.take(makeCFData(given)); + else if (CFTypeRef hash = CFDictionaryGetValue(this->attributes, kSecGuestAttributeHash)) + if (CFGetTypeID(hash) == CFDataGetTypeID()) + this->cdhash = CFDataRef(hash); + else + MacOSError::throwMe(errSecCSHostProtocolInvalidHash); + else if (generate) { // generate from path (well, try) + CFRef code; + MacOSError::check(SecStaticCodeCreateWithPath(CFTempURL(this->path), kSecCSDefaultFlags, &code.aref())); + CFRef info; + MacOSError::check(SecCodeCopySigningInformation(code, kSecCSDefaultFlags, &info.aref())); + this->cdhash = CFDataRef(CFDictionaryGetValue(info, kSecCodeInfoUnique)); + } +} + bool CodeSigningHost::Guest::isGuestOf(Guest *host, GuestCheck check) const { @@ -416,10 +439,26 @@ kern_return_t cshosting_server_findGuest(CSH_ARGS, SecGuestRef hostRef, // // Retrieve the path to a guest specified by canonical reference. // -kern_return_t cshosting_server_guestPath(CSH_ARGS, SecGuestRef guestRef, char *path) +kern_return_t cshosting_server_identifyGuest(CSH_ARGS, SecGuestRef guestRef, + char *path, char *hash, uint32_t *hashLength, DATA_OUT(attributes)) { BEGIN_IPC - strncpy(path, context()->findGuest(guestRef)->path.c_str(), MAXPATHLEN); + CodeSigningHost::Guest *guest = context()->findGuest(guestRef); + strncpy(path, guest->path.c_str(), MAXPATHLEN); + + // canonical cdhash + if (guest->cdhash) { + *hashLength = CFDataGetLength(guest->cdhash); + assert(*hashLength <= maxUcspHashLength); + memcpy(hash, CFDataGetBytePtr(guest->cdhash), *hashLength); + } else + *hashLength = 0; // unavailable + + // visible attributes. This proxy returns all attributes set by the host + CFDataRef attrData = guest->attrData(); // (the guest will cache this until it dies) + *attributes = (void *)CFDataGetBytePtr(attrData); // MIG botch (it doesn't need a writable pointer) + *attributesLength = CFDataGetLength(attrData); + END_IPC } diff --git a/src/csproxy.h b/src/csproxy.h index 33a3662..61dcf82 100644 --- a/src/csproxy.h +++ b/src/csproxy.h @@ -71,23 +71,30 @@ public: uint32_t status; // dynamic status std::string path; // canonical code path CFRef attributes; // matching attributes set + CFRef cdhash; // hash of CodeDirectory as specified by host bool dedicated; // host is dedicated (and this is the only guest) operator bool() const { return attributes; } // exists SecGuestRef guestRef() const { return handle(); } void setAttributes(const CssmData &attrData); + CFDataRef attrData() const; + void setHash(const CssmData &given, bool generate); bool isGuestOf(Guest *host, GuestCheck check) const; bool matches(CFIndex count, CFTypeRef keys[], CFTypeRef values[]) const; IFDUMP(void dump() const); + + private: + mutable CFRef mAttrData; // XML form of attributes (must live until guest destruction) }; void registerCodeSigning(mach_port_t hostingPort, SecCSFlags flags); Port hostingPort() const { return mHostingPort; } SecGuestRef createGuest(SecGuestRef guest, - uint32_t status, const char *path, const CssmData &attributes, SecCSFlags flags); + uint32_t status, const char *path, + const CssmData &cdhash, const CssmData &attributes, SecCSFlags flags); void setGuestStatus(SecGuestRef guest, uint32_t status, const CssmData &attributes); void removeGuest(SecGuestRef host, SecGuestRef guest); diff --git a/src/database.cpp b/src/database.cpp index a29cd70..25a7d41 100644 --- a/src/database.cpp +++ b/src/database.cpp @@ -101,6 +101,11 @@ void DbCommon::lockProcessing() // nothing } +bool DbCommon::belongsToSystem() const +{ + return false; +} + void Database::releaseKey(Key &key) { @@ -208,11 +213,6 @@ AclKind Database::aclKind() const return dbAcl; } -GenericHandle Database::aclHandle() const -{ - return HandleObject::handle(); -} - // // Remote validation is not, by default, supported diff --git a/src/database.h b/src/database.h index 9534fcf..3435dd2 100644 --- a/src/database.h +++ b/src/database.h @@ -37,7 +37,7 @@ #include "dbcrypto.h" #include "notifications.h" #include -#include +#include #include #include #include @@ -68,6 +68,8 @@ public: virtual void sleepProcessing(); // generic action on system sleep virtual void lockProcessing(); // generic action on "lock" requests + + virtual bool belongsToSystem() const; // belongs to system (root) security domain protected: void notify(NotificationEvent event, const DLDbIdentifier &ident); @@ -189,9 +191,10 @@ public: public: // SecurityServerAcl personality AclKind aclKind() const; - GenericHandle aclHandle() const; Database *relatedDatabase(); + bool belongsToSystem() const { return common().belongsToSystem(); } + public: // support ACL remote secret validation (default is no support) virtual bool validateSecret(const AclSubject *subject, const AccessCredentials *cred); diff --git a/src/dtrace.h b/src/dtrace.h new file mode 100644 index 0000000..6993a13 --- /dev/null +++ b/src/dtrace.h @@ -0,0 +1,48 @@ +/* + * Copyright (c) 2007 Apple Inc. All Rights Reserved. + * + * @APPLE_LICENSE_HEADER_START@ + * + * This file contains Original Code and/or Modifications of Original Code + * as defined in and that are subject to the Apple Public Source License + * Version 2.0 (the 'License'). You may not use this file except in + * compliance with the License. Please obtain a copy of the License at + * http://www.opensource.apple.com/apsl/ and read it before using this + * file. + * + * The Original Code and all software distributed under the License are + * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER + * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, + * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. + * Please see the License for the specific language governing rights and + * limitations under the License. + * + * @APPLE_LICENSE_HEADER_END@ + */ + + +// +// dtrace - dtrace support in securityd +// +#ifndef _H_DTRACE +#define _H_DTRACE + + +// +// Typedefs used in the DTrace static probe interface +// +typedef const void *DTHandle; +typedef uint32_t DTPort; +typedef uint32_t DTGuest; + + +#define DTHANDLE(it) (dynamic_cast((it))) +#define DTSELF DTHANDLE(this) + + +#include "securityd_dtrace.h" + + + +#endif //_H_DTRACE diff --git a/src/entropy.cpp b/src/entropy.cpp index 6cb47b2..3f961b2 100644 --- a/src/entropy.cpp +++ b/src/entropy.cpp @@ -36,6 +36,7 @@ // file that some fool administrator removed yesterday. // #include "entropy.h" +#include "dtrace.h" #include #include #include @@ -95,6 +96,7 @@ void EntropyManager::action() // void EntropyManager::collectEntropy() { + SECURITYD_ENTROPY_COLLECT(); int mib[4]; mib[0] = CTL_KERN; mib[1] = KERN_KDEBUG; @@ -102,12 +104,17 @@ void EntropyManager::collectEntropy() mib[3] = 1; // milliseconds maximum delay mach_timespec_t timings[timingsToCollect]; size_t size = sizeof(timings); - int ret = sysctl(mib, 4, timings, &size, NULL, 0); - if (ret == -1) { + if (sysctl(mib, 4, timings, &size, NULL, 0)) { Syslog::alert("entropy collection failed (errno=%d)", errno); return; } + size /= sizeof(mach_timespec_t); // convert to element count + if (size > timingsToCollect) + size = timingsToCollect; // pure paranoia char buffer[timingsToCollect]; + size /= sizeof(mach_timespec_t); // convert to element count + if (size > timingsToCollect) + size = timingsToCollect; // pure paranoia for (unsigned n = 0; n < size; n++) buffer[n] = timings[n].tv_nsec; // truncating to LSB secdebug("entropy", "Entropy size %d: %02x %02x %02x %02x %02x %02x %02x %02x...", @@ -115,6 +122,7 @@ void EntropyManager::collectEntropy() (unsigned char)buffer[0], (unsigned char)buffer[1], (unsigned char)buffer[2], (unsigned char)buffer[3], (unsigned char)buffer[4], (unsigned char)buffer[5], (unsigned char)buffer[6], (unsigned char)buffer[7]); + SECURITYD_ENTROPY_SEED((void *)buffer, size); addEntropy(buffer, size); } @@ -126,6 +134,7 @@ void EntropyManager::updateEntropyFile() { if (Time::now() >= mNextUpdate) { try { + SECURITYD_ENTROPY_SAVE((char *)mEntropyFilePath.c_str()); mNextUpdate = Time::now() + Time::Interval(updateInterval); secdebug("entropy", "updating %s", mEntropyFilePath.c_str()); char buffer[entropyFileSize]; diff --git a/src/kcdatabase.cpp b/src/kcdatabase.cpp index ad5ee8f..aff328d 100644 --- a/src/kcdatabase.cpp +++ b/src/kcdatabase.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved. + * Copyright (c) 2000-2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -102,8 +102,7 @@ KeychainDatabase::KeychainDatabase(const DLDbIdentifier &id, const DBParameters // this new keychain is unlocked; make it so activity(); - secdebug("KCdb", "database %s(%p) created, common at %p", - common().dbName(), this, &common()); + SECURITYD_KEYCHAIN_CREATE(&common(), (char*)this->dbName(), this); } @@ -128,22 +127,20 @@ KeychainDatabase::KeychainDatabase(const DLDbIdentifier &id, const DbBlob *blob, session.findFirst(&KeychainDbCommon::identifier, ident)) { parent(*dbcom); //@@@ arbitrate sequence number here, perhaps update common().mParams - secdebug("KCdb", - "open database %s(%p) version %x at known common %p", - common().dbName(), this, blob->version(), &common()); + SECURITYD_KEYCHAIN_JOIN(&common(), (char*)this->dbName(), this); } else { // DbCommon not present; make a new one parent(*new KeychainDbCommon(proc.session(), ident)); common().mParams = blob->params; - secdebug("KCdb", "open database %s(%p) version %x with new common %p", - common().dbName(), this, blob->version(), &common()); + SECURITYD_KEYCHAIN_MAKE(&common(), (char*)this->dbName(), this); // this DbCommon is locked; no timer or reference setting } proc.addReference(*this); } -// +// recode/clone: +// // Special-purpose constructor for keychain synchronization. Copies an // existing keychain but uses the operational keys from secretsBlob. The // new KeychainDatabase will silently replace the existing KeychainDatabase @@ -152,21 +149,9 @@ KeychainDatabase::KeychainDatabase(const DLDbIdentifier &id, const DbBlob *blob, // securityd state, but we try to ensure that only the client that started // the re-encoding can declare it done. // -KeychainDatabase::KeychainDatabase(KeychainDatabase &src, Process &proc, - const DbBlob *secretsBlob, const CssmData &agentData) +KeychainDatabase::KeychainDatabase(KeychainDatabase &src, Process &proc, DbHandle dbToClone) : LocalDatabase(proc), mValidData(false), version(0), mBlob(NULL) { - validateBlob(secretsBlob); - - // get the passphrase to unlock secretsBlob - QueryDBBlobSecret query; - query.inferHints(proc); - query.addHint(AGENT_HINT_KCSYNC_DICT, agentData.data(), agentData.length()); - DatabaseCryptoCore keysCore; - if (query(keysCore, secretsBlob) != SecurityAgent::noReason) - CssmError::throwMe(CSSM_ERRCODE_OPERATION_AUTH_DENIED); - // keysCore is now ready to yield its secrets to us - mCred = DataWalkers::copy(src.mCred, Allocator::standard()); // Give this KeychainDatabase a temporary name @@ -193,7 +178,8 @@ KeychainDatabase::KeychainDatabase(KeychainDatabase &src, Process &proc, common().setup(src.blob(), src.common().masterKey()); // import the operational secrets - common().importSecrets(keysCore); + RefPointer srcKC = Server::keychain(dbToClone); + common().importSecrets(srcKC->common()); // import source keychain's ACL CssmData pubAcl, privAcl; @@ -216,7 +202,6 @@ KeychainDatabase::KeychainDatabase(KeychainDatabase &src, Process &proc, common().dbName(), this, &common()); } - // // Destroy a Database // @@ -392,13 +377,13 @@ void KeychainDatabase::commitSecretsForSync(KeychainDatabase &cloneDb) // items until after this call. // // @@@ This specific implementation is a workaround for 4003540. - std::vector handleList; - HandleObject::findAllRefs(handleList); + std::vector handleList; + U32HandleObject::findAllRefs(handleList); size_t count = handleList.size(); if (count > 0) { for (unsigned int n = 0; n < count; ++n) { RefPointer kckey = - HandleObject::findRefAndLock(handleList[n], CSSMERR_CSP_INVALID_KEY_REFERENCE); + U32HandleObject::findRefAndLock(handleList[n], CSSMERR_CSP_INVALID_KEY_REFERENCE); StLock _(*kckey/*, true*/); if (kckey->database().global().identifier() == identifier()) { kckey->key(); // force decode @@ -563,6 +548,19 @@ bool KeychainDatabase::decode() // void KeychainDatabase::establishOldSecrets(const AccessCredentials *creds) { + bool forSystem = this->belongsToSystem(); // this keychain belongs to the system security domain + + // attempt system-keychain unlock + if (forSystem) { + SystemKeychainKey systemKeychain(kSystemUnlockFile); + if (systemKeychain.matches(mBlob->randomSignature)) { + secdebug("KCdb", "%p attempting system unlock", this); + common().setup(mBlob, CssmClient::Key(Server::csp(), systemKeychain.key(), true)); + if (decode()) + return; + } + } + list samples; if (creds && creds->samples().collect(CSSM_SAMPLE_TYPE_KEYCHAIN_LOCK, samples)) { for (list::iterator it = samples.begin(); it != samples.end(); it++) { @@ -571,9 +569,11 @@ void KeychainDatabase::establishOldSecrets(const AccessCredentials *creds) switch (sample.type()) { // interactively prompt the user - no additional data case CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT: - if (interactiveUnlock()) - return; - break; + if (!forSystem) { + if (interactiveUnlock()) + return; + } + break; // try to use an explicitly given passphrase - Data:passphrase case CSSM_SAMPLE_TYPE_PASSWORD: if (sample.length() != 2) @@ -609,18 +609,11 @@ void KeychainDatabase::establishOldSecrets(const AccessCredentials *creds) } else { // default action assert(mBlob); - - // attempt system-keychain unlock - SystemKeychainKey systemKeychain(kSystemUnlockFile); - if (systemKeychain.matches(mBlob->randomSignature)) { - secdebug("KCdb", "%p attempting system unlock", this); - common().setup(mBlob, CssmClient::Key(Server::csp(), systemKeychain.key(), true)); - if (decode()) + + if (!forSystem) { + if (interactiveUnlock()) return; } - - if (interactiveUnlock()) - return; } // out of options - no secret obtained @@ -658,7 +651,7 @@ void KeychainDatabase::establishNewSecrets(const AccessCredentials *creds, Secur switch (sample.type()) { // interactively prompt the user case CSSM_SAMPLE_TYPE_KEYCHAIN_PROMPT: - { + { secdebug("KCdb", "%p specified interactive passphrase", this); QueryNewPassphrase query(*this, reason); StSyncLock uisync(common().uiLock(), common()); @@ -668,7 +661,7 @@ void KeychainDatabase::establishNewSecrets(const AccessCredentials *creds, Secur common().setup(NULL, passphrase); return; } - } + } break; // try to use an explicitly given passphrase case CSSM_SAMPLE_TYPE_PASSWORD: @@ -729,8 +722,14 @@ CssmClient::Key KeychainDatabase::keyFromCreds(const TypedList &sample, unsigned || sample[2].type() != CSSM_LIST_ELEMENT_DATUM || (requiredLength == 4 && sample[3].type() != CSSM_LIST_ELEMENT_DATUM)) CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE); - CSSM_CSP_HANDLE &handle = *sample[1].data().interpretedAs(CSSM_ERRCODE_INVALID_SAMPLE_VALUE); - CssmKey &key = *sample[2].data().interpretedAs(CSSM_ERRCODE_INVALID_SAMPLE_VALUE); + KeyHandle &handle = *sample[1].data().interpretedAs(CSSM_ERRCODE_INVALID_SAMPLE_VALUE); + // We used to be able to check the length but supporting multiple client + // architectures dishes that (sizeof(CSSM_KEY) varies due to alignment and + // field-size differences). The decoding in the transition layer should + // serve as a sufficient garbling check anyway. + if (sample[2].data().data() == NULL) + CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE); + CssmKey &key = *sample[2].data().interpretedAs(); if (key.header().cspGuid() == gGuidAppleCSPDL) { // handleOrKey is a SecurityServer KeyHandle; ignore key argument @@ -869,14 +868,13 @@ void KeychainDatabase::lockDb() KeyBlob *KeychainDatabase::encodeKey(const CssmKey &key, const CssmData &pubAcl, const CssmData &privAcl) { bool inTheClear = false; - if((key.keyClass() == CSSM_KEYCLASS_PUBLIC_KEY) && !(key.attribute(CSSM_KEYATTR_PUBLIC_KEY_ENCRYPT))) { inTheClear = true; } - if(!inTheClear) { + StLock _(common()); + if(!inTheClear) unlockDb(); - } // tell the cryptocore to form the key blob return common().encodeKeyCore(key, pubAcl, privAcl, inTheClear); @@ -889,12 +887,13 @@ KeyBlob *KeychainDatabase::encodeKey(const CssmKey &key, const CssmData &pubAcl, // void KeychainDatabase::decodeKey(KeyBlob *blob, CssmKey &key, void * &pubAcl, void * &privAcl) { - if(!blob->isClearText()) { + StLock _(common()); + + if(!blob->isClearText()) unlockDb(); // we need our keys - } - - common().decodeKeyCore(blob, key, pubAcl, privAcl); - // memory protocol: pubAcl points into blob; privAcl was allocated + + common().decodeKeyCore(blob, key, pubAcl, privAcl); + // memory protocol: pubAcl points into blob; privAcl was allocated activity(); } @@ -1065,7 +1064,7 @@ KeychainDbCommon::KeychainDbCommon(Session &ssn, const DbIdentifier &id) KeychainDbCommon::~KeychainDbCommon() { - secdebug("KCdb", "DbCommon %p destroyed", this); + SECURITYD_KEYCHAIN_RELEASE(this, (char*)this->dbName()); // explicitly unschedule ourselves Server::active().clearTimer(this); @@ -1133,6 +1132,7 @@ bool KeychainDbCommon::unlockDb(DbBlob *blob, void **privateAclBlob) if (isLocked) { // broadcast unlock notification, but only if we were previously locked notify(kNotificationEventUnlocked); + SECURITYD_KEYCHAIN_UNLOCK(this, (char*)this->dbName()); } return true; } @@ -1149,9 +1149,9 @@ void KeychainDbCommon::lockDb() { StLock _(*this); if (!isLocked()) { - secdebug("KCdb", "common %s(%p) locking", dbName(), this); DatabaseCryptoCore::invalidate(); notify(kNotificationEventLocked); + SECURITYD_KEYCHAIN_LOCK(this, (char*)this->dbName()); Server::active().clearTimer(this); mIsLocked = true; // mark locked @@ -1219,6 +1219,19 @@ void KeychainDbCommon::lockProcessing() } +// +// We consider a keychain to belong to the system domain if it resides +// in /Library/Keychains. That's not exactly fool-proof, but we don't +// currently have any internal markers to interrogate. +// +bool KeychainDbCommon::belongsToSystem() const +{ + if (const char *name = this->dbName()) + return !strncmp(name, "/Library/Keychains/", 19); + return false; +} + + // // Keychain global objects // diff --git a/src/kcdatabase.h b/src/kcdatabase.h index 3656bfa..27fcfa5 100644 --- a/src/kcdatabase.h +++ b/src/kcdatabase.h @@ -32,6 +32,7 @@ #define _H_KCDATABASE #include "localdatabase.h" +#include class KeychainDatabase; class KeychainDbCommon; @@ -117,6 +118,8 @@ public: void sleepProcessing(); void lockProcessing(); + + bool belongsToSystem() const; public: // debugging @@ -156,8 +159,9 @@ public: const AccessCredentials *cred, const AclEntryPrototype *owner); KeychainDatabase(const DLDbIdentifier &id, const DbBlob *blob, Process &proc, const AccessCredentials *cred); - // keychain synchronization - KeychainDatabase(KeychainDatabase &src, Process &proc, const DbBlob *secretsBlob, const CssmData &agentData); + + // keychain synchronization recode to a specfic blob: + KeychainDatabase(KeychainDatabase &src, Process &proc, DbHandle dbToClone); virtual ~KeychainDatabase(); KeychainDbCommon &common() const; diff --git a/src/kckey.cpp b/src/kckey.cpp index 2f96682..98e6e82 100644 --- a/src/kckey.cpp +++ b/src/kckey.cpp @@ -29,6 +29,7 @@ #include "server.h" #include "database.h" #include +#include // @@ -56,7 +57,7 @@ KeychainKey::KeychainKey(Database &db, const KeyBlob *blob) mBlob = blob->copy(Allocator::standard()); mValidBlob = true; db.addReference(*this); - secdebug("SSkey", "%p (handle 0x%lx) created from blob version %x", + secdebug("SSkey", "%p (handle %#x) created from blob version %x", this, handle(), blob->version()); } @@ -109,6 +110,7 @@ void KeychainKey::getHeader(CssmKey::Header &hdr) // // Ensure that a key is fully decoded. // This makes the mKey key value available for use, as well as its ACL. +// Caller must hold the key object lock. // void KeychainKey::decode() { @@ -180,6 +182,7 @@ void KeychainKey::invalidateBlob() // void KeychainKey::instantiateAcl() { + StLock _(*this); decode(); } diff --git a/src/key.h b/src/key.h index b6c9e00..94c98cc 100644 --- a/src/key.h +++ b/src/key.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -31,7 +31,7 @@ #include "structure.h" #include "database.h" #include "acls.h" -#include +#include #include @@ -73,7 +73,7 @@ public: virtual CSSM_KEYATTR_FLAGS attributes() = 0; bool attribute(CSSM_KEYATTR_FLAGS f) { return attributes() & f; } - virtual void returnKey(Handle &h, CssmKey::Header &hdr) = 0; + virtual void returnKey(U32HandleObject::Handle &h, CssmKey::Header &hdr) = 0; }; diff --git a/src/localdatabase.cpp b/src/localdatabase.cpp index 30aa4a0..e494273 100644 --- a/src/localdatabase.cpp +++ b/src/localdatabase.cpp @@ -249,7 +249,7 @@ void LocalDatabase::deriveKey(const Context &context, Key *key, CssmData *param, uint32 usage, uint32 attrs, RefPointer &derivedKey) { if (key) { - key->validate(CSSM_ACL_AUTHORIZATION_DERIVE, cred); + key->validate(CSSM_ACL_AUTHORIZATION_DERIVE, context); context.replace(CSSM_ATTRIBUTE_KEY, myKey(*key).cssmKey()); } CssmClient::DeriveKey derive(Server::csp(), context.algorithm(), CSSM_ALGID_NONE); diff --git a/src/localkey.cpp b/src/localkey.cpp index 37e8c7b..c8cb9fe 100644 --- a/src/localkey.cpp +++ b/src/localkey.cpp @@ -39,7 +39,7 @@ LocalKey::LocalKey(Database &db, const CssmKey &newKey, CSSM_KEYATTR_FLAGS moreA { mValidKey = true; setup(newKey, moreAttributes); - secdebug("SSkey", "%p (handle 0x%lx) created from key alg=%u use=0x%x attr=0x%x db=%p", + secdebug("SSkey", "%p (handle %#x) created from key alg=%u use=0x%x attr=0x%x db=%p", this, handle(), mKey.header().algorithm(), mKey.header().usage(), mAttributes, &db); } @@ -122,7 +122,7 @@ CSSM_KEYATTR_FLAGS LocalKey::attributes() // // Return a key's handle and header in external form // -void LocalKey::returnKey(Handle &h, CssmKey::Header &hdr) +void LocalKey::returnKey(U32HandleObject::Handle &h, CssmKey::Header &hdr) { StLock _(*this); diff --git a/src/localkey.h b/src/localkey.h index adc1d63..e3ead56 100644 --- a/src/localkey.h +++ b/src/localkey.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2001,2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -29,7 +29,6 @@ #define _H_LOCALKEY #include "key.h" -#include #include @@ -72,7 +71,7 @@ public: operator const CSSM_KEY & () { return keyValue(); } // yield the approximate external key header -- external attributes - void returnKey(Handle &h, CssmKey::Header &hdr); + void returnKey(U32HandleObject::Handle &h, CssmKey::Header &hdr); // generate the canonical key digest const CssmData &canonicalDigest(); diff --git a/src/main.cpp b/src/main.cpp index 159e4ab..68cfdba 100644 --- a/src/main.cpp +++ b/src/main.cpp @@ -38,7 +38,6 @@ #include #include #include -#include #include @@ -47,13 +46,6 @@ #include #include - -// #define PERFORMANCE_MEASUREMENT 1 - -#ifdef PERFORMANCE_MEASUREMENT -#include -#endif - // ACL subject types (their makers are instantiated here) #include #include @@ -84,13 +76,6 @@ PCSCMonitor *gPCSC; // int main(int argc, char *argv[]) { - #ifdef PERFORMANCE_MEASUREMENT - // needed for automated timing of securityd startup - uint64_t startTime = mach_absolute_time (); - #endif - - Debug::trace (kSecTraceSecurityServerStart); - // clear the umask - we know what we're doing secdebug("SS", "starting umask was 0%o", ::umask(0)); ::umask(0); @@ -106,17 +91,19 @@ int main(int argc, char *argv[]) bool reExecute = false; int workerTimeout = 0; int maxThreads = 0; - bool waitForClients = false; + bool waitForClients = true; + bool mdsIsInstalled = false; const char *authorizationConfig = "/etc/authorization"; const char *tokenCacheDir = "/var/db/TokenCache"; const char *entropyFile = "/var/db/SystemEntropyCache"; const char *equivDbFile = EQUIVALENCEDBPATH; const char *smartCardOptions = getenv("SMARTCARDS"); uint32_t keychainAclDefault = CSSM_ACL_KEYCHAIN_PROMPT_INVALID | CSSM_ACL_KEYCHAIN_PROMPT_UNSIGNED; + unsigned int verbose = 0; // check for the Installation-DVD environment and modify some default arguments if found if (access("/etc/rc.cdrom", F_OK) == 0) { // /etc/rc.cdrom exists - secdebug("SS", "configuring for installation"); + SECURITYD_INSTALLMODE(); smartCardOptions = "off"; // needs writable directories that aren't } @@ -124,7 +111,7 @@ int main(int argc, char *argv[]) extern char *optarg; extern int optind; int arg; - while ((arg = getopt(argc, argv, "a:c:de:E:fiN:s:t:T:Xuw")) != -1) { + while ((arg = getopt(argc, argv, "a:c:de:E:fimN:s:t:T:uvWX")) != -1) { switch (arg) { case 'a': authorizationConfig = optarg; @@ -147,6 +134,9 @@ int main(int argc, char *argv[]) case 'i': keychainAclDefault &= ~CSSM_ACL_KEYCHAIN_PROMPT_INVALID; break; + case 'm': + mdsIsInstalled = true; + break; case 'N': bootstrapName = optarg; break; @@ -161,12 +151,15 @@ int main(int argc, char *argv[]) if ((workerTimeout = atoi(optarg)) < 0) workerTimeout = 0; break; - case 'w': - waitForClients = true; + case 'W': + waitForClients = false; break; case 'u': keychainAclDefault &= ~CSSM_ACL_KEYCHAIN_PROMPT_UNSIGNED; break; + case 'v': + verbose++; + break; case 'X': doFork = true; reExecute = true; @@ -213,8 +206,7 @@ int main(int argc, char *argv[]) fprintf(stderr, "You are not allowed to run securityd\n"); exit(1); #else - fprintf(stderr, "securityd is unprivileged; some features may not work.\n"); - secdebug("SS", "Running as user %d (you have been warned)", uid); + fprintf(stderr, "securityd is unprivileged (uid=%d); some features may not work.\n", uid); #endif //NDEBUG } @@ -228,20 +220,17 @@ int main(int argc, char *argv[]) } // arm signal handlers; code below may generate signals we want to see - if (signal(SIGCHLD, handleSignals) == SIG_ERR) - secdebug("SS", "Cannot handle SIGCHLD: errno=%d", errno); - if (signal(SIGINT, handleSignals) == SIG_ERR) - secdebug("SS", "Cannot handle SIGINT: errno=%d", errno); - if (signal(SIGTERM, handleSignals) == SIG_ERR) - secdebug("SS", "Cannot handle SIGTERM: errno=%d", errno); - if (signal(SIGPIPE, handleSignals) == SIG_ERR) - secdebug("SS", "Cannot handle SIGPIPE: errno=%d", errno); + if (signal(SIGCHLD, handleSignals) == SIG_ERR + || signal(SIGINT, handleSignals) == SIG_ERR + || signal(SIGTERM, handleSignals) == SIG_ERR + || signal(SIGPIPE, handleSignals) == SIG_ERR #if !defined(NDEBUG) - if (signal(SIGUSR1, handleSignals) == SIG_ERR) - secdebug("SS", "Cannot handle SIGUSR1: errno=%d", errno); + || signal(SIGUSR1, handleSignals) == SIG_ERR #endif //NDEBUG - if (signal(SIGUSR2, handleSignals) == SIG_ERR) - secdebug("SS", "Cannot handle SIGUSR2: errno=%d", errno); + || signal(SIGUSR2, handleSignals) == SIG_ERR) { + perror("signal"); + exit(1); + } // create an Authorization engine Authority authority(authorizationConfig); @@ -275,6 +264,7 @@ int main(int argc, char *argv[]) server.maxThreads(maxThreads); server.floatingThread(true); server.waitForClients(waitForClients); + server.verbosity(verbose); // add the RNG seed timer # if defined(NDEBUG) @@ -282,12 +272,6 @@ int main(int argc, char *argv[]) # else if (getuid() == 0) new EntropyManager(server, entropyFile); # endif - - // create a token-cache interface -#if !defined(NDEBUG) - if (const char *s = getenv("TOKENCACHE")) - tokenCacheDir = s; -#endif //NDEBUG // create a smartcard monitor to manage external token devices gPCSC = new PCSCMonitor(server, tokenCacheDir, scOptions(smartCardOptions)); @@ -296,39 +280,16 @@ int main(int argc, char *argv[]) RootSession rootSession(server, debugMode ? (sessionHasGraphicAccess | sessionHasTTY) : 0); - // install MDS and initialize the local CSSM - server.loadCssm(); + // install MDS (if needed) and initialize the local CSSM + server.loadCssm(mdsIsInstalled); // create the shared memory notification hub new SharedMemoryListener(messagingName, kSharedMemoryPoolSize); // okay, we're ready to roll + SECURITYD_INITIALIZED((char*)bootstrapName); Syslog::notice("Entering service"); - secdebug("SS", "%s initialized", bootstrapName); - Debug::trace (kSecTraceSecurityServerInitialized); - #ifdef PERFORMANCE_MEASUREMENT - // needed for automated timing of securityd startup - uint64_t endTime = mach_absolute_time (); - - // compute how long it took to initialize - uint64_t elapsedTime = endTime - startTime; - mach_timebase_info_data_t multiplier; - mach_timebase_info (&multiplier); - - elapsedTime = elapsedTime * multiplier.numer / multiplier.denom; - - FILE* f = fopen ("/var/log/startuptime.txt", "a"); - if (f == NULL) - { - // probably not running as root. - f = fopen ("/tmp/startuptime.txt", "a"); - } - - fprintf (f, "%lld\n", elapsedTime); - fclose (f); - #endif - // go server.run(); @@ -386,6 +347,7 @@ static PCSCMonitor::ServiceLevel scOptions(const char *optionString) // static void handleSignals(int sig) { + SECURITYD_SIGNAL_RECEIVED(sig); if (kern_return_t rc = self_client_handleSignal(gMainServerPort, mach_task_self(), sig)) Syslog::error("self-send failed (mach error %d)", rc); } diff --git a/src/notifications.cpp b/src/notifications.cpp index 4ad4198..e4db915 100644 --- a/src/notifications.cpp +++ b/src/notifications.cpp @@ -33,7 +33,7 @@ #include -Listener::ListenerMap Listener::listeners; +Listener::ListenerMap& Listener::listeners = *(new Listener::ListenerMap); Mutex Listener::setLock(Mutex::recursive); diff --git a/src/notifications.h b/src/notifications.h index 858e12e..d83e321 100644 --- a/src/notifications.h +++ b/src/notifications.h @@ -114,11 +114,11 @@ public: }; private: - static void Listener::sendNotification(Notification *message); + static void sendNotification(Notification *message); private: typedef multimap > ListenerMap; - static ListenerMap listeners; + static ListenerMap& listeners; static Mutex setLock; }; diff --git a/src/osxcodewrap.cpp b/src/osxcodewrap.cpp deleted file mode 100644 index 8aeabef..0000000 --- a/src/osxcodewrap.cpp +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * This file contains Original Code and/or Modifications of Original Code - * as defined in and that are subject to the Apple Public Source License - * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this - * file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. - * Please see the License for the specific language governing rights and - * limitations under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - - -// -// osxcodewrap - wrap an OSXCode around a SecCodeRef -// -#include "osxcodewrap.h" -#include - - -// -// We don't really HAVE a canonical encoding, in the sense that -// the matching OSXCode::decode function won't recognize us. -// That's not the point; if you want use the old transmission logic, -// use the canonical OSXCode subclasses. -// -string OSXCodeWrap::encode() const -{ - return "?:unsupported"; -} - - -// -// Canonical path directly from the SecCode's mouth -// -string OSXCodeWrap::canonicalPath() const -{ - CFURLRef path; - MacOSError::check(SecCodeCopyPath(mCode, kSecCSDefaultFlags, &path)); - return cfString(path, true); -} - - -// -// The executable path is a bit annoying to get, but not quite -// annoying enough to cache the result. -// -string OSXCodeWrap::executablePath() const -{ - CFRef info; - MacOSError::check(SecCodeCopySigningInformation(mCode, kSecCSDefaultFlags, &info.aref())); - return cfString(CFURLRef(CFDictionaryGetValue(info, kSecCodeInfoMainExecutable))); -} diff --git a/src/osxcodewrap.h b/src/osxcodewrap.h deleted file mode 100644 index 8112fad..0000000 --- a/src/osxcodewrap.h +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved. - * - * @APPLE_LICENSE_HEADER_START@ - * - * This file contains Original Code and/or Modifications of Original Code - * as defined in and that are subject to the Apple Public Source License - * Version 2.0 (the 'License'). You may not use this file except in - * compliance with the License. Please obtain a copy of the License at - * http://www.opensource.apple.com/apsl/ and read it before using this - * file. - * - * The Original Code and all software distributed under the License are - * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER - * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, - * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, - * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. - * Please see the License for the specific language governing rights and - * limitations under the License. - * - * @APPLE_LICENSE_HEADER_END@ - */ - - -// -// osxcodewrap - wrap an OSXCode around a SecCodeRef -// -#ifndef _H_OSXCODEWRAP -#define _H_OSXCODEWRAP - -#include -#include -#include -#include - - -// -// OSXCodeWrap is a partial OSXCode implementation that gets all its information -// from a SecStaticCodeRef API object. OSXCode and SecStaticCode are in many ways -// twin brothers, and this class allows the use of a SecStaticCode in places where -// an OSXCode is required. -// Note that OSXCodeWrap will not provide the capabilities of the canonical -// OSXCode subclasses (such as Bundle). its encodings will always specify a type -// code of '?' (unknown). -// -class OSXCodeWrap : public OSXCode { -public: - OSXCodeWrap(SecStaticCodeRef code) : mCode(code) { } - - string encode() const; - - string canonicalPath() const; - string executablePath() const; - -private: - CFCopyRef mCode; -}; - - -#endif //_H_OSXCODEWRAP diff --git a/src/pcscmonitor.cpp b/src/pcscmonitor.cpp index d38efc9..060a767 100644 --- a/src/pcscmonitor.cpp +++ b/src/pcscmonitor.cpp @@ -53,6 +53,22 @@ static const uint32_t kVendorProductMask = 0x0000FFFF; static const uint32_t kVendorIDApple = 0x05AC; static const uint16_t kProductIDBuiltInISight = 0x8501; +/* + Copied from USBVideoClass-230.2.3/Digitizers/USBVDC/Camera/USBClient/APW_VDO_USBVDC_USBClient.h +*/ + +enum { + kBuiltIniSightProductID = 0x8501, + kBuiltIniSightWave2ProductID = 0x8502, + kBuiltIniSightWave3ProductID = 0x8505, + kUSBWave4ProductID = 0x8507, + kUSBWave2InK29ProductID = 0x8508, + kUSBWaveReserved1ProductID = 0x8509, + kUSBWaveReserved2ProductID = 0x850a, + kExternaliSightProductID = 0x1111, + kLogitechVendorID = 0x046d +}; + // // Construct a PCSCMonitor. // We strongly assume there's only one of us around here. @@ -409,7 +425,7 @@ PCSCMonitor::DeviceSupport PCSCMonitor::deviceSupport(const IOKit::Device &dev) // composite USB device with interface class if (CFRef cfInterface = dev.property("bInterfaceClass")) - switch (IFDEBUG(uint32 clas =) cfNumber(cfInterface)) { + switch (uint32 clas = cfNumber(cfInterface)) { case kUSBChipSmartCardInterfaceClass: // CCID smartcard reader - go secdebug("scsel", " CCID smartcard reader recognized"); return definite; @@ -463,7 +479,14 @@ bool PCSCMonitor::isExcludedDevice(const IOKit::Device &dev) productID = cfNumber(cfProductID); secdebug("scsel", " checking device for possible exclusion [vendor id: 0x%08X, product id: 0x%08X]", vendorID, productID); - return ((vendorID & kVendorProductMask) == kVendorIDApple && (productID & kVendorProductMask) == kProductIDBuiltInISight); + + if ((vendorID & kVendorProductMask) != kVendorIDApple) + return false; // i.e. it is not an excluded device + + // Since Apple does not manufacture smartcard readers, just exclude + // If we even start making them, we should make it a CCID reader anyway + + return true; } // diff --git a/src/process.cpp b/src/process.cpp index 4f482f8..3d46ae4 100644 --- a/src/process.cpp +++ b/src/process.cpp @@ -30,6 +30,7 @@ #include "session.h" #include "tempdatabase.h" #include "authority.h" +#include "child.h" // ServerChild (really UnixPlusPlus::Child)::find() #include //@@@ debug only #include "agentquery.h" @@ -56,11 +57,16 @@ Process::Process(Port servicePort, TaskPort taskPort, setup(info); ClientIdentification::setup(this->pid()); - secdebug("SS", "New process %p(%d) uid=%d gid=%d session=%p TP=%d %sfor %s", - this, mPid, mUid, mGid, &session(), - mTaskPort.port(), - mByteFlipped ? "FLIP " : "", - (identity && identity[0]) ? identity : "(unknown)"); + // NB: ServerChild::find() should only be used to determine + // *existence*. Don't use the returned Child object for anything else, + // as it is not protected against its underlying process's destruction. + if (this->pid() == getpid() // called ourselves (through some API). Do NOT record this as a "dirty" transaction + || ServerChild::find(this->pid())) // securityd's child; do not mark this txn dirty + VProc::Transaction::deactivate(); + + if (SECURITYD_CLIENT_NEW_ENABLED()) + SECURITYD_CLIENT_NEW(this, this->pid(), &this->session(), + (char *)codePath(this->processCode()).c_str(), taskPort, mUid, mGid, mByteFlipped); } @@ -85,14 +91,16 @@ void Process::reset(Port servicePort, TaskPort taskPort, (identity && identity[0]) ? identity : "(unknown)"); //CssmError::throwMe(CSSM_ERRCODE_VERIFICATION_FAILURE); // liar } - - string oldPath = codePath(processCode()); setup(info); - ClientIdentification::setup(this->pid()); - if (codePath(processCode()) == oldPath) { - secdebug("SS", "process %p(%d) path unchanged; assuming client-side reset", this, mPid); + CFRef oldCode; // DO NOT MAKE THE ASSIGNMENT HERE. If you do, you will invoke the copy constructor, not the assignment operator. For the CFRef + // template, they have very different meanings (assignment retains the CFRef, copy does not). + oldCode = processCode(); // This is the right place to do the assignment. + + ClientIdentification::setup(this->pid()); // re-constructs processCode() + if (CFEqual(oldCode, processCode())) { + secdebug("SS", "process %p(%d) unchanged; assuming client-side reset", this, mPid); } else { - secdebug("SS", "process %p(%d) path changed; assuming exec with full reset", this, mPid); + secdebug("SS", "process %p(%d) changed; assuming exec with full reset", this, mPid); CodeSigningHost::reset(); } @@ -114,7 +122,7 @@ void Process::setup(const ClientSetupInfo *info) pversion = info->version; mByteFlipped = false; } else if (info->order == 0x34120000) { // flip side up - pversion = ntohl(info->version); + pversion = flip(info->version); mByteFlipped = true; } else // non comprende CssmError::throwMe(CSSM_ERRCODE_INCOMPATIBLE_VERSION); @@ -130,6 +138,8 @@ void Process::setup(const ClientSetupInfo *info) // Process::~Process() { + SECURITYD_CLIENT_RELEASE(this, this->pid()); + // tell all our authorizations that we're gone IFDEBUG(if (!mAuthorizations.empty()) secdebug("SS", "Process %p(%d) clearing %d authorizations", @@ -141,9 +151,6 @@ Process::~Process() if (auth->endProcess(*this)) delete auth; } - - // no need to lock here; the client process has no more active threads - secdebug("SS", "Process %p(%d) has died", this, mPid); // release our name for the process's task port if (mTaskPort) @@ -191,8 +198,7 @@ void Process::changeSession(Port servicePort) { // re-parent parent(Session::find(servicePort)); - - secdebug("SS", "process %p(%d) changed session to %p", this, pid(), &session()); + SECURITYD_CLIENT_CHANGE_SESSION(this, &this->session()); } diff --git a/src/process.h b/src/process.h index 59cc330..b708582 100644 --- a/src/process.h +++ b/src/process.h @@ -32,6 +32,7 @@ #include #include #include +#include #include "clientid.h" #include "csproxy.h" #include "localkey.h" @@ -66,7 +67,9 @@ class AuthorizationToken; // but there's no evidence (yet) that this is worth the trouble. // class Process : public PerProcess, - public CodeSigningHost, public ClientIdentification { + public CodeSigningHost, + public ClientIdentification, + private VProc::Transaction { public: Process(Port servicePort, TaskPort tPort, const ClientSetupInfo *info, const char *identity, diff --git a/src/reader.cpp b/src/reader.cpp index 32b45ab..bdfd396 100644 --- a/src/reader.cpp +++ b/src/reader.cpp @@ -80,7 +80,7 @@ void Reader::kill() void Reader::update(const PCSC::ReaderState &state) { // set new state - IFDEBUG(unsigned long oldState = mState.state()); + unsigned long oldState = mState.state(); mState = state; mState.name(mName.c_str()); // (fix name pointer, unchanged) diff --git a/src/securityd.d b/src/securityd.d new file mode 100644 index 0000000..c66571e --- /dev/null +++ b/src/securityd.d @@ -0,0 +1,127 @@ +/* + * DTrace provider for securityd + */ + + +/* + * Work around 5194316 + */ +#define uint32_t unsigned + + +/* + * Types + */ +typedef const void *DTHandle; +typedef uint32_t DTPort; +typedef uint32_t DTGuest; + + +/* + * The main static provider for securityd + */ +provider securityd { + /* + * Overall operational events + */ + probe installmode(); // configuring for system installation scenario + probe initialized(const char *bootstrapName); + + + /* + * Keychain activity (DbCommon status change) + */ + probe keychain__create(DTHandle common, const char *name, DTHandle db); + probe keychain__make(DTHandle common, const char *name, DTHandle db); + probe keychain__join(DTHandle common, const char *name, DTHandle db); + probe keychain__unlock(DTHandle id, const char *name); + probe keychain__lock(DTHandle id, const char *name); + probe keychain__release(DTHandle id, const char *name); + + /* + * Client management + */ + probe client__new(DTHandle id, int pid, DTHandle session, const char *path, DTPort taskport, int uid, int gid, bool flipped); + probe client__release(DTHandle id, int pid); + probe client__connection__new(DTHandle id, DTPort port, DTHandle client); + probe client__connection__release(DTHandle id); + + probe client__change_session(DTHandle id, DTHandle session); + + probe request__entry(const char *name, DTHandle connection, DTHandle process); + probe request__return(uint32_t osstatus); + + /* + * Session management + */ + probe session__create(DTHandle id, uint32_t attributes, DTPort port); + probe session__setattr(DTHandle id, uint32_t attributes); + probe session__destroy(DTHandle id); + + /* + * Port-related events (internal interest only) + */ + probe ports__dead__connection(DTPort port); + probe ports__dead__process(DTPort port); + probe ports__dead__session(DTPort port); + probe ports__dead__orphan(DTPort port); + + /* + * Power management and tracking + */ + probe power__sleep(); + probe power__wake(); + probe power__on(); + + /* + * Code Signing related + */ + probe host__register(DTHandle proc, DTPort port); + probe host__proxy(DTHandle proc, DTPort port); + probe host__unregister(DTHandle proc); + probe guest__create(DTHandle proc, DTGuest host, DTGuest guest, uint32_t status, uint32_t flags, const char *path); + probe guest__cdhash(DTHandle proc, DTGuest guest, const void *hash, uint32_t length); + probe guest__destroy(DTHandle proc, DTGuest guest); + probe guest__change(DTHandle proc, DTGuest guest, uint32_t status); + + /* + * Child management + */ + probe child__dying(int pid); + probe child__checkin(int pid, DTPort servicePort); + probe child__stillborn(int pid); + probe child__ready(int pid); + + /* + * Authorization + */ + /* creation */ + probe auth__create(DTHandle session, void *authref); + /* rule evaluation types */ + probe auth__allow(DTHandle authref, const char *rule); + probe auth__deny(DTHandle authref, const char *rule); + probe auth__user(DTHandle authref, const char *rule); + probe auth__rules(DTHandle authref, const char *rule); + probe auth__kofn(DTHandle authref, const char *rule); + probe auth__mechrule(DTHandle authref, const char *rule); + probe auth__mech(DTHandle authref, const char *mechanism); + /* evaluation intermediate results */ + probe auth__user__allowroot(DTHandle authref); + probe auth__user__allowsessionowner(DTHandle authref); + /* evaluation final result */ + probe auth__evalright(DTHandle authref, const char *right, int32_t status); + + /* + * Miscellaneous activity + */ + probe shutdown__begin(); + probe shutdown__count(int processesLeft, int dirtyCountLeft); + probe shutdown__now(); + + probe entropy__collect(); + probe entropy__seed(const void *data, uint32_t count); + probe entropy__save(const char *path); + + probe signal__received(int signal); + probe signal__handled(int signal); +}; diff --git a/src/securityd.order b/src/securityd.order index bd1a5ae..8c328e2 100644 --- a/src/securityd.order +++ b/src/securityd.order @@ -1,838 +1,1196 @@ -__Znwm -dyld_stub_binding_helper -__ZNSt24__default_alloc_templateILb1ELi0EE8allocateEm -__ZNSt24__default_alloc_templateILb1ELi0EE5_LockC4Ev -__ZNSt24__default_alloc_templateILb1ELi0EE9_S_refillEm -__ZNSt24__default_alloc_templateILb1ELi0EE14_S_chunk_allocEmRi -__ZNSt24__default_alloc_templateILb1ELi0EE5_LockD4Ev -__ZN8Security5MutexC1Eb -__ZN8Security5MutexC4Eb -__ZN8Security5MutexC2Eb -__ZN8Security15ThreadStoreSlotC2EPFvPvE -__ZN8Security15ThreadStoreSlotC4EPFvPvE -__call_mod_init_funcs -__start -__call_objcInit -__dyld_func_lookup -_crt_basename -_crt_strbeginswith -_main -__ZN8Security6Syslog4openEPKcii -__ZN8Security11CodeSigning9OSXSignerC1Ev -__ZN8Security11CodeSigning9OSXSignerC4Ev -__ZN8Security10CssmClient7CSPImplC1ERKNS_4GuidE -__ZN8Security10CssmClient7CSPImplC4ERKNS_4GuidE -__ZN8Security10CssmClient14AttachmentImplC2ERKNS_4GuidEm -__ZN8Security10CssmClient14AttachmentImplC4ERKNS_4GuidEm -__ZN8Security10CssmClient8CssmImpl8standardEv +__ZN8Security5MutexC1Ev +__ZN8Security5MutexC2Ev +__ZN8Security5MutexC1ENS0_4TypeE +__ZN8Security5MutexC2ENS0_4TypeE +__ZN8Security11ModuleNexusI15MutexAttributesEclEv __ZN8Security17ModuleNexusCommon6createEPFPvvE __ZN8Security5Mutex4lockEv +__ZN8Security11ModuleNexusI15MutexAttributesE4makeEv +__ZN15MutexAttributesC2Ev __ZN8Security5Mutex6unlockEv __ZN8Security5MutexD1Ev -__ZN8Security5MutexD4Ev -__ZdlPv -__ZN8Security10CssmClient8CssmImpl12StandardCssm3getEv -__ZN8Security10CssmClient8CssmImplC4Eb -__ZN8Security10CssmClient10ObjectImplC4Ev -__ZN8Security10CssmClient8CssmImpl5setupEv -___dynamic_cast -__ZNK10__cxxabiv120__si_class_type_info12__do_dyncastEiNS_17__class_type_info10__sub_kindEPKS1_PKvS4_S6_RNS1_16__dyncast_resultE -__ZNKSt9type_infoeqERKS_ -__ZN8Security10CssmClient8CssmImpl10autoModuleERKNS_4GuidE -__ZN8Security10CssmClient10ModuleImplC1ERKNS_4GuidERKNS0_4CssmE -__ZN8Security10CssmClient10ModuleImplC4ERKNS_4GuidERKNS0_4CssmE -__ZN8Security10CssmClient10ObjectImplC4ERKNS0_6ObjectE -__ZN8Security10CssmClient10ObjectImpl8addChildEv -__ZN8Security10CssmClient14AttachmentImpl4makeEm +__ZN8Security5MutexD2Ev +__ZN7PortMapI7SessionEC2Ev +__ZN8Security15ThreadStoreSlotC2EPFvPvE +start +_main +__ZN8Security6Syslog4openEPKcii __ZN9AuthorityC1EPKc -__ZN9AuthorityC4EPKc __ZN13Authorization6EngineC2EPKc -__ZN13Authorization6EngineC4EPKc __ZN13Authorization20AuthorizationDBPlistC1EPKc -__ZN13Authorization20AuthorizationDBPlistC4EPKc -__ZNSsC1EPKcRKSaIcE -__ZNSsC4EPKcRKSaIcE -__ZNSs12_S_constructIPKcEEPcT_S3_RKSaIcESt20forward_iterator_tag -__ZNSs4_Rep9_S_createEmRKSaIcE -__ZNSs12_Alloc_hiderC4EPcRKSaIcE -__ZN8Security10AclSubject5MakerC2El -__ZN8Security10AclSubject5MakerC4El +__ZN13Authorization20AuthorizationDBPlistC2EPKc +__ZN8Security10AclSubject5MakerC2Ei +__ZN8Security11ModuleNexusISt3mapIiPNS_10AclSubject5MakerESt4lessIiESaISt4pairIKiS4_EEEEclEv +__ZN8Security11ModuleNexusISt3mapIiPNS_10AclSubject5MakerESt4lessIiESaISt4pairIKiS4_EEEE4makeEv +__ZNSt3mapIiPN8Security10AclSubject5MakerESt4lessIiESaISt4pairIKiS3_EEEixERS7_ +__ZNSt8_Rb_treeIiSt4pairIKiPN8Security10AclSubject5MakerEESt10_Select1stIS6_ESt4lessIiESaIS6_EE16_M_insert_uniqueESt17_Rb_tree_ +__ZNSt8_Rb_treeIiSt4pairIKiPN8Security10AclSubject5MakerEESt10_Select1stIS6_ESt4lessIiESaIS6_EE16_M_insert_uniqueERKS6_ +__ZNSt8_Rb_treeIiSt4pairIKiPN8Security10AclSubject5MakerEESt10_Select1stIS6_ESt4lessIiESaIS6_EE9_M_insertEPSt18_Rb_tree_node_ba +__ZNSt8_Rb_treeIiSt4pairIKiPN8Security10AclSubject5MakerEESt10_Select1stIS6_ESt4lessIiESaIS6_EE14_M_create_nodeERKS6_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKiPN8Security10AclSubject5MakerEEEE8allocateEmPKv __ZN14CodeSignaturesC1EPKc -__ZN14CodeSignaturesC4EPKc +__ZN14CodeSignaturesC2EPKc __ZN8Security12UnixPlusPlus6UnixDbC1Ev -__ZN8Security12UnixPlusPlus6UnixDbC4Ev __ZN8Security12UnixPlusPlus6UnixDb4openEPKcii6DBTYPE __ZN8Security12UnixPlusPlus6UnixDb5closeEv __ZN8Security12UnixPlusPlus6UnixDb5flushEi +__ZN8Security12UnixPlusPlus10checkErrorIiEET_S2_ __ZN6ServerC1ER9AuthorityR14CodeSignaturesPKc -__ZN6ServerC4ER9AuthorityR14CodeSignaturesPKc -__ZN8Security5MutexC2ENS0_4TypeEb -__ZN8Security5MutexC4ENS0_4TypeEb +__ZN6ServerC2ER9AuthorityR14CodeSignaturesPKc +__ZN8NodeCoreC2Ev __ZN8Security12MachPlusPlus10MachServerC2EPKc -__ZN8Security12MachPlusPlus10MachServerC4EPKc +__ZN8Security12MachPlusPlus9BootstrapC2Ev __ZN8Security12MachPlusPlus5Error5checkEi -__ZN8Security12MachPlusPlus11ReceivePortC1EPKcRKNS0_9BootstrapE -__ZN8Security12MachPlusPlus11ReceivePortC4EPKcRKNS0_9BootstrapE +__ZN8Security12MachPlusPlus11ReceivePortC1EPKcRKNS0_9BootstrapEb +__ZN8Security12MachPlusPlus11ReceivePortC2EPKcRKNS0_9BootstrapEb __ZNK8Security12MachPlusPlus9Bootstrap15checkInOptionalEPKc -__ZNK8Security12MachPlusPlus9Bootstrap10registerAsEjPKc -__ZN8Security12MachPlusPlus10MachServer5setupEPKc +__ZN8Security12MachPlusPlus4Port8allocateEj +__ZN8Security12MachPlusPlus7PortSetpLERKNS0_4PortE __ZN8Security18DevRandomGeneratorC2Eb -__ZN8Security18DevRandomGeneratorC4Eb +__ZN6Server12SleepWatcherC2Ev __ZN8Security12MachPlusPlus16PortPowerWatcherC2Ev -__ZN8Security12MachPlusPlus16PortPowerWatcherC4Ev -__ZN8Security12MachPlusPlus14IOPowerWatcherC4Ev +__ZN8Security12MachPlusPlus14IOPowerWatcherC2Ev +__ZN7PortMapI10ConnectionEC2Ev +__ZN7PortMapI7ProcessEC2Ev +__ZN8Security10CssmClient4CssmC2Ev __ZN8Security10CssmClient8CssmImplC1Ev -__ZN8Security10CssmClient8CssmImplC4Ev +__ZN8Security11ModuleNexusINS_10CssmClient8CssmImpl12StandardCssmEEclEv +__ZN8Security11ModuleNexusINS_10CssmClient8CssmImpl12StandardCssmEE4makeEv __ZN8Security10CssmClient8CssmImpl12StandardCssm7setCssmEPS1_ +__ZNK8Security8RefCount3refEv +__ZN8Security10CssmClient6ModuleC2ERKNS_4GuidERKNS0_4CssmE +__ZN8Security10CssmClient10ModuleImplC1ERKNS_4GuidERKNS0_4CssmE +__ZN8Security10CssmClient10ObjectImplC2ERKNS0_6ObjectE +__ZN8Security10CssmClient3CSPC2ERKNS0_6ModuleE __ZN8Security10CssmClient7CSPImplC1ERKNS0_6ModuleE -__ZN8Security10CssmClient7CSPImplC4ERKNS0_6ModuleE -__ZN8Security10CssmClient14AttachmentImplC2ERKNS0_6ModuleEm -__ZN8Security10CssmClient14AttachmentImplC4ERKNS0_6ModuleEm +__ZN8Security10CssmClient14AttachmentImplC2ERKNS0_6ModuleEj __ZN8Security14CommonCriteria10TerminalIdC1Ev -__ZN8Security14CommonCriteria10TerminalIdC4Ev +__ZN8Security14CommonCriteria10TerminalIdC2Ev __ZN8Security14CommonCriteria12AuditSession15registerSessionEv __ZN8Security12MachPlusPlus10MachServer3addERNS1_7HandlerE +__ZNSt8_Rb_treeIPN8Security12MachPlusPlus10MachServer7HandlerES4_St9_IdentityIS4_ESt4lessIS4_ESaIS4_EE16_M_insert_uniqueERKS4_ +__ZNSt8_Rb_treeIPN8Security12MachPlusPlus10MachServer7HandlerES4_St9_IdentityIS4_ESt4lessIS4_ESaIS4_EE9_M_insertEPSt18_Rb_tree_ +__ZNSt8_Rb_treeIPN8Security12MachPlusPlus10MachServer7HandlerES4_St9_IdentityIS4_ESt4lessIS4_ESaIS4_EE14_M_create_nodeERKS4_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIPN8Security12MachPlusPlus10MachServer7HandlerEEE8allocateEmPKv +__ZN6Server14waitForClientsEb __ZN14EntropyManagerC1ERN8Security12MachPlusPlus10MachServerEPKc -__ZN14EntropyManagerC4ERN8Security12MachPlusPlus10MachServerEPKc +__ZN14EntropyManagerC2ERN8Security12MachPlusPlus10MachServerEPKc __ZN8Security4Time3nowEv __ZN8Security12UnixPlusPlus8FileDesc4openEPKcit __ZN8Security12UnixPlusPlus8FileDesc4readEPvm __ZN8Security18DevRandomGenerator10addEntropyEPKvm +__ZN8Security11ModuleNexusINS_18DevRandomGenerator8WritableEEclEv +__ZN8Security11ModuleNexusINS_18DevRandomGenerator8WritableEE4makeEv __ZN8Security12UnixPlusPlus8FileDesc5writeEPKvm __ZN8Security12UnixPlusPlus8FileDesc5closeEv __ZN14EntropyManager6actionEv __ZN14EntropyManager14collectEntropyEv __ZN14EntropyManager17updateEntropyFileEv __ZN8Security18DevRandomGenerator6randomEPvm +__ZN8Security11ModuleNexusINS_18DevRandomGenerator8ReadonlyEEclEv +__ZN8Security11ModuleNexusINS_18DevRandomGenerator8ReadonlyEE4makeEv +__ZN8Security12MachPlusPlus10MachServer8setTimerEPNS1_5TimerENS_4Time8IntervalE __ZN8Security12MachPlusPlus10MachServer8setTimerEPNS1_5TimerENS_4Time8AbsoluteE -__ZN10TokenCacheC1EPKc -__ZN10TokenCacheC4EPKc -__ZNSsC1ERKSs -__ZNSsC4ERKSs -__ZNKSs13get_allocatorEv -__ZN10TokenCache7makedirEPKcitNS_5OwnerE -__ZN8Security12UnixPlusPlus7makedirEPKcit -__ZNSsD4Ev -__ZNK6Rooted4pathEPKc -__ZNSs6appendEPKcm -__ZNSs7reserveEm -__ZNSs4_Rep8_M_cloneERKSaIcEm -__ZNKSs7_M_iendEv -__ZNSs15_M_replace_safeIPKcEERSsN9__gnu_cxx17__normal_iteratorIPcSsEES6_T_S7_ -__ZNKSs9_M_ibeginEv -__ZNSs9_M_mutateEmmm -__ZNSs4_Rep10_M_destroyERKSaIcE -__Z9scOptionsPKc -__ZN11PCSCMonitorC1ER6ServerR10TokenCacheNS_12ServiceLevelE -__ZN11PCSCMonitorC4ER6ServerR10TokenCacheNS_12ServiceLevelE -__ZN8ListenerC2Emm -__ZN8ListenerC4Emm -__ZN8Listener5setupEv +__ZN8Security13ScheduleQueueINS_4Time8AbsoluteEE8scheduleEPNS3_5EventES2_ +__ZN11PCSCMonitorC1ER6ServerPKcNS_12ServiceLevelE +__ZN11PCSCMonitorC2ER6ServerPKcNS_12ServiceLevelE +__ZN8ListenerC2Ejjj +__ZNSt8_Rb_treeIjSt4pairIKjN8Security10RefPointerI8ListenerEEESt10_Select1stIS6_ESt4lessIjESaIS6_EE9_M_insertEPSt18_Rb_tree_nod +__ZNSt8_Rb_treeIjSt4pairIKjN8Security10RefPointerI8ListenerEEESt10_Select1stIS6_ESt4lessIjESaIS6_EE14_M_create_nodeERKS6_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKjN8Security10RefPointerI8ListenerEEEEE8allocateEmPKv +__ZN8Security10RefPointerI8ListenerE7releaseEv +__ZNK8Security8RefCount5unrefEv __ZN8Security12UnixPlusPlus5ChildC2Ev -__ZN8Security12UnixPlusPlus5ChildC4Ev __ZN8Security4PCSC7SessionC1Ev -__ZN8Security4PCSC7SessionC4Ev -__ZNSaIcED4Ev __ZN8Security5IOKit24MachPortNotificationPortC1Ev -__ZN8Security5IOKit24MachPortNotificationPortC4Ev -__ZN8Security5IOKit16NotificationPortC4Ev -__ZN8Security5IOKit10MasterPortC4Ev -__ZN11RootSessionC1ER6Serverm -__ZN11RootSessionC4ER6Serverm -__ZN7SessionC4EN8Security12MachPlusPlus9BootstrapENS1_4PortEm -__ZN8Security12HandleObject5StateC1Ev -__ZN8Security12HandleObject5StateC4Ev -__ZN8Security12HandleObject5State4makeEPS0_ +__ZN8Security5IOKit24MachPortNotificationPortC2Ev +__ZN8Security5IOKit16NotificationPortC2Ev +__ZN8Security5IOKit10MasterPortC2Ev +__ZN8Security12MachPlusPlus4Port10deallocateEv +__ZNK8Security5IOKit16NotificationPort4portEv +__ZN11RootSessionC1ER6Serverj +__ZN11RootSessionC2ER6Serverj +__ZN7SessionC2EN8Security12MachPlusPlus9BootstrapENS1_4PortEj +__ZN8Security13MappingHandleIjE4makeEv +__ZN8Security11ModuleNexusINS_13MappingHandleIjE5StateEEclEv +__ZN8Security11ModuleNexusINS_13MappingHandleIjE5StateEE4makeEv +__ZN8Security13MappingHandleIjE5StateC2Ev +__ZN9__gnu_cxx9hashtableISt4pairIKjPN8Security13MappingHandleIjEEEjNS_4hashIjEESt10_Select1stIS7_ESt8equal_toIjESaIS6_EEC2EmRKS +__ZN9__gnu_cxx9hashtableISt4pairIKjPN8Security13MappingHandleIjEEEjNS_4hashIjEESt10_Select1stIS7_ESt8equal_toIjESaIS6_EE21_M_in +__ZSt11lower_boundIPKmmET_S2_S2_RKT0_ +__ZNSt6vectorIPN9__gnu_cxx15_Hashtable_nodeISt4pairIKjPN8Security13MappingHandleIjEEEEESaISA_EE7reserveEm +__ZNSt6vectorIPN9__gnu_cxx15_Hashtable_nodeISt4pairIKjPN8Security13MappingHandleIjEEEEESaISA_EE20_M_allocate_and_copyIPSA_EESE_ +__ZN9__gnu_cxx13new_allocatorIPNS_15_Hashtable_nodeISt4pairIKjPN8Security13MappingHandleIjEEEEEE8allocateEmPKv +__ZSt18uninitialized_copyIPPN9__gnu_cxx15_Hashtable_nodeISt4pairIKjPN8Security13MappingHandleIjEEEEESB_ET0_T_SD_SC_ +__ZNSt6vectorIPN9__gnu_cxx15_Hashtable_nodeISt4pairIKjPN8Security13MappingHandleIjEEEEESaISA_EE14_M_fill_insertENS0_17__normal_ +__ZN8Security13MappingHandleIjE5State11handleInUseEj +__ZN9__gnu_cxx9hashtableISt4pairIKjPN8Security13MappingHandleIjEEEjNS_4hashIjEESt10_Select1stIS7_ESt8equal_toIjESaIS6_EE4findER +__ZN9__gnu_cxx9hashtableISt4pairIKjPN8Security13MappingHandleIjEEEjNS_4hashIjEESt10_Select1stIS7_ESt8equal_toIjESaIS6_EE14find_ +__ZN9__gnu_cxx9hashtableISt4pairIKjPN8Security13MappingHandleIjEEEjNS_4hashIjEESt10_Select1stIS7_ESt8equal_toIjESaIS6_EE6resize +__ZN9__gnu_cxx13new_allocatorINS_15_Hashtable_nodeISt4pairIKjPN8Security13MappingHandleIjEEEEEE8allocateEmPKv +__ZN13Authorization10CredentialC1Ev +__ZN13Authorization10CredentialC2Ev +__ZN13Authorization14CredentialImplC2Ev +__ZN8Security6Syslog6noticeEPKcz __ZN8NodeCore6parentERS_ -__ZN6Server8loadCssmEv +__ZN8Security10RefPointerI8NodeCoreE10setPointerEPS1_ +__ZN8Security10RefPointerI8NodeCoreE7releaseEv +__ZNSt3mapIN8Security12MachPlusPlus4PortENS0_10RefPointerI7SessionEESt4lessIS2_ESaISt4pairIKS2_S5_EEEixERS9_ +__ZNSt8_Rb_treeIN8Security12MachPlusPlus4PortESt4pairIKS2_NS0_10RefPointerI7SessionEEESt10_Select1stIS8_ESt4lessIS2_ESaIS8_EE16 +__ZNSt8_Rb_treeIN8Security12MachPlusPlus4PortESt4pairIKS2_NS0_10RefPointerI7SessionEEESt10_Select1stIS8_ESt4lessIS2_ESaIS8_EE9_ +__ZNSt8_Rb_treeIN8Security12MachPlusPlus4PortESt4pairIKS2_NS0_10RefPointerI7SessionEEESt10_Select1stIS8_ESt4lessIS2_ESaIS8_EE14 +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKN8Security12MachPlusPlus4PortENS3_10RefPointerI7SessionEEEEE8allocateE +__ZN8Security10RefPointerI7SessionE7releaseEv +__ZN8Security10RefPointerI7SessionE10setPointerEPS1_ +__ZN6Server8loadCssmEb +__ZNK8Security10CssmClient6Object4implINS0_8CssmImplEEERT_v +__ZN8Security11ModuleNexusINS_9MDSClient9DirectoryEEclEv +__ZN8Security11ModuleNexusINS_9MDSClient9DirectoryEE4makeEv __ZN8Security9MDSClient9DirectoryC1Ev -__ZN8Security9MDSClient9DirectoryC4Ev -__ZN8Security9Allocator8standardEm +__ZN8Security9MDSClient9DirectoryC2Ev +__ZN8Security9Allocator8standardEj +__ZN8Security11ModuleNexusI17DefaultAllocatorsEclEv +__ZN8Security11ModuleNexusI17DefaultAllocatorsE4makeEv __ZN8Security28CssmAllocatorMemoryFunctionsC1ERNS_9AllocatorE -__ZN8Security28CssmAllocatorMemoryFunctionsC4ERNS_9AllocatorE +__ZN8Security9MDSClient9Directory7installEv __ZN8Security28CssmAllocatorMemoryFunctions11relayMallocEmPv __ZN16DefaultAllocator6mallocEm __ZN8Security28CssmAllocatorMemoryFunctions9relayFreeEPvS1_ __ZN16DefaultAllocator4freeEPv -__ZN8Security9MDSClient9Directory7installEv __ZN8Security10CssmClient8CssmImpl8activateEv +__ZNK8Security10CssmClient6Object4implINS0_7CSPImplEEERT_v __ZN8Security10CssmClient14AttachmentImpl8activateEv -__ZNK8Security10CssmClient14AttachmentImpl6moduleEv -__ZNK10__cxxabiv121__vmi_class_type_info12__do_dyncastEiNS_17__class_type_info10__sub_kindEPKS1_PKvS4_S6_RNS1_16__dyncast_resultE +__ZNK8Security10CssmClient6Object4implINS0_10ModuleImplEEERT_v __ZN8Security10CssmClient10ModuleImpl8activateEv -__ZNK8Security10CssmClient10ModuleImpl7sessionEv +__ZN8Security10RefPointerINS_10CssmClient10ObjectImplEE7releaseEv __ZNK8Security10CssmClient10ObjectImpl9allocatorEv -__ZN8Security6Syslog6noticeEPKcz +__ZNK8Security10CssmClient14AttachmentImpl4guidEv +__ZNK8Security10CssmClient14AttachmentImpl6moduleEv +__ZN20SharedMemoryListenerC1EPKcj +__ZN20SharedMemoryListenerC2EPKcj +__ZN18SharedMemoryServerC2EPKcj __ZN6Server3runEv __ZN8Security12MachPlusPlus10MachServer3runEmi __ZN8Security12MachPlusPlus10MachServer15runServerThreadEb __ZN8Security12MachPlusPlus7MessageC1Em -__ZN8Security12MachPlusPlus7MessageC4Em __ZN8Security12MachPlusPlus7Message9setBufferEm -__ZN8Security12MachPlusPlus7Message7releaseEv -__Znam +__ZN8Security12MachPlusPlus10MachServer9perThreadEv +__ZN8Security11ModuleNexusINS_11ThreadNexusINS_12MachPlusPlus10MachServer9PerThreadEEEEclEv +__ZN8Security11ModuleNexusINS_11ThreadNexusINS_12MachPlusPlus10MachServer9PerThreadEEEE4makeEv +__ZN8Security11ThreadNexusINS_12MachPlusPlus10MachServer9PerThreadEEclEv +__ZNK8Security15ThreadStoreSlotaSEPv +__ZN8Security11ModuleNexusINS_5MutexEEclEv +__ZN8Security11ModuleNexusINS_5MutexEE4makeEv +__ZN8Security11ModuleNexusISt3setIPvSt4lessIS2_ESaIS2_EEEclEv +__ZN8Security11ModuleNexusISt3setIPvSt4lessIS2_ESaIS2_EEE4makeEv +__ZNSt8_Rb_treeIPvS0_St9_IdentityIS0_ESt4lessIS0_ESaIS0_EE16_M_insert_uniqueERKS0_ +__ZNSt8_Rb_treeIPvS0_St9_IdentityIS0_ESt4lessIS0_ESaIS0_EE9_M_insertEPSt18_Rb_tree_node_baseS8_RKS0_ +__ZNSt8_Rb_treeIPvS0_St9_IdentityIS0_ESt4lessIS0_ESaIS0_EE14_M_create_nodeERKS0_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIPvEE8allocateEmPKv +__ZThn144_N6Server9eventDoneEv +__ZN6Server9eventDoneEv __ZN8Security12MachPlusPlus10MachServer12processTimerEv +__ZN8Security13ScheduleQueueINS_4Time8AbsoluteEE3popES2_ +__ZN8Security13ScheduleQueueINS_4Time8AbsoluteEE5Event10unscheduleEv +__ZN8Security12MachPlusPlus10MachServer5Timer6selectEv +__ZN8Security12MachPlusPlus10MachServer4busyEv +__ZN8Security12MachPlusPlus10MachServer17ensureReadyThreadEv +__ZN8Security6Thread3runEv +__ZThn24_N11PCSCMonitor6actionEv __ZN11PCSCMonitor6actionEv __ZN11PCSCMonitor12initialSetupEv +__ZN6Server3addEPN8Security12MachPlusPlus12PowerWatcherE __ZN6Server12SleepWatcher3addEPN8Security12MachPlusPlus12PowerWatcherE +__ZN8Security6Thread6runnerEPv +__ZN8Security12MachPlusPlus10MachServer10LoadThread6actionEv +__ZNSt8_Rb_treeIPN8Security12MachPlusPlus12PowerWatcherES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE16_M_insert_uniqueERKS3_ +__ZN8Security12MachPlusPlus10MachServer9addThreadEPNS_6ThreadE +__ZNSt8_Rb_treeIPN8Security12MachPlusPlus12PowerWatcherES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE9_M_insertEPSt18_Rb_tree_node_b +__ZNSt8_Rb_treeIPN8Security6ThreadES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE16_M_insert_uniqueERKS2_ +__ZNSt8_Rb_treeIPN8Security12MachPlusPlus12PowerWatcherES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE14_M_create_nodeERKS3_ +__ZNSt8_Rb_treeIPN8Security6ThreadES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE9_M_insertEPSt18_Rb_tree_node_baseSA_RKS2_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIPN8Security12MachPlusPlus12PowerWatcherEEE8allocateEmPKv +__ZNSt8_Rb_treeIPN8Security6ThreadES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE14_M_create_nodeERKS2_ __ZN8Security5IOKit11DeviceMatchC1EPKc -__ZN8Security5IOKit11DeviceMatchC4EPKc -__ZN8Security5IOKit16NotificationPort3addENS0_11DeviceMatchERNS1_8ReceiverEPKc -__ZN11PCSCMonitor8ioChangeERN8Security5IOKit14DeviceIteratorE -__ZN8Security5IOKit14DeviceIteratorclEv -__ZN11PCSCMonitor13deviceSupportERKN8Security5IOKit6DeviceE -__ZNK8Security5IOKit6Device8propertyEPKc -__ZN8Security8cfNumberEPK10__CFNumber -__ZN8Security5IOKit6DeviceD1Ev -__ZN8Security5IOKit6DeviceD4Ev -__ZN8Security5IOKit14DeviceIteratorD4Ev +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIPN8Security6ThreadEEE8allocateEmPKv +__ZN8Security5IOKit11DeviceMatchC2EPKc __ZN8Security12MachPlusPlus10MachServer26releaseDeferredAllocationsEv +__ZNSt8_Rb_treeIN8Security12MachPlusPlus10MachServer10AllocationES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE8_M_eraseEPSt13_Rb_tre +__ZN8Security5IOKit16NotificationPort3addERKNS0_11DeviceMatchERNS1_8ReceiverEPKc +__ZThn144_N6Server6handleEP17mach_msg_header_tS1_ __ZN6Server6handleEP17mach_msg_header_tS1_ __Z11ucsp_serverP17mach_msg_header_tS0_ -__Z7_XsetupP17mach_msg_header_tS0_ -__Z29__MIG_check__Request__setup_tP18__Request__setup_t -__Z17ucsp_server_setupjj13audit_token_tPljN8Security14SecurityServer15ClientSetupInfoEPKc -__ZN6Server15setupConnectionENS_12ConnectLevelEN8Security12MachPlusPlus4PortES3_S3_RK13audit_token_tPKNS1_14SecurityServer15ClientSetupInfoEPKc +__ZL18_XverifyPrivilegedP17mach_msg_header_tS0_ +__Z28ucsp_server_verifyPrivilegedjj13audit_token_tPi +__ZN8Security12MachPlusPlus10MachServer4idleEv +__ZL7_XsetupP17mach_msg_header_tS0_ +__Z17ucsp_server_setupjj13audit_token_tPijN8Security14SecurityServer15ClientSetupInfoEPKc +__ZN6Server15setupConnectionENS_12ConnectLevelEN8Security12MachPlusPlus4PortES3_S3_RK13audit_token_tPKNS1_14SecurityServer15Cli +__ZNSt3mapIN8Security12MachPlusPlus4PortENS0_10RefPointerI7ProcessEESt4lessIS2_ESaISt4pairIKS2_S5_EEEixERS9_ +__ZNSt8_Rb_treeIN8Security12MachPlusPlus4PortESt4pairIKS2_NS0_10RefPointerI7ProcessEEESt10_Select1stIS8_ESt4lessIS2_ESaIS8_EE16 +__ZNSt8_Rb_treeIN8Security12MachPlusPlus4PortESt4pairIKS2_NS0_10RefPointerI7ProcessEEESt10_Select1stIS8_ESt4lessIS2_ESaIS8_EE9_ +__ZNSt8_Rb_treeIN8Security12MachPlusPlus4PortESt4pairIKS2_NS0_10RefPointerI7ProcessEEESt10_Select1stIS8_ESt4lessIS2_ESaIS8_EE14 +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKN8Security12MachPlusPlus4PortENS3_10RefPointerI7ProcessEEEEE8allocateE +__ZN8Security10RefPointerI7ProcessE7releaseEv __ZN8Security14CommonCriteria10AuditTokenC1ERK13audit_token_t -__ZN8Security14CommonCriteria10AuditTokenC4ERK13audit_token_t -__ZN7ProcessC1EN8Security12MachPlusPlus4PortENS1_8TaskPortEPKNS0_14SecurityServer15ClientSetupInfoEPKcjj -__ZN7ProcessC4EN8Security12MachPlusPlus4PortENS1_8TaskPortEPKNS0_14SecurityServer15ClientSetupInfoEPKcjj +__ZN8Security14CommonCriteria10AuditTokenC2ERK13audit_token_t +__ZN7ProcessC1EN8Security12MachPlusPlus4PortENS1_8TaskPortEPKNS0_14SecurityServer15ClientSetupInfoEPKcRKNS0_14CommonCriteria10A +__ZN7ProcessC2EN8Security12MachPlusPlus4PortENS1_8TaskPortEPKNS0_14SecurityServer15ClientSetupInfoEPKcRKNS0_14CommonCriteria10A +__ZN10PerProcessC2Ev +__ZN15CodeSigningHostC2Ev +__ZN20ClientIdentificationC2Ev __ZN14CodeSignatures8IdentityC2Ev -__ZN14CodeSignatures8IdentityC4Ev __ZN7Session4findEN8Security12MachPlusPlus4PortE __ZNK8Security12MachPlusPlus8TaskPort3pidEv -__ZN8Security7OSXCode6decodeEPKc +__ZN7Process5setupEPKN8Security14SecurityServer15ClientSetupInfoE +__ZN20ClientIdentification5setupEi +__ZThn72_N11PCSCMonitor8ioChangeERN8Security5IOKit14DeviceIteratorE +__ZN11PCSCMonitor8ioChangeERN8Security5IOKit14DeviceIteratorE +__ZN8Security5IOKit14DeviceIteratorclEv +__ZN11PCSCMonitor13deviceSupportERKN8Security5IOKit6DeviceE +__ZNK8Security5IOKit6Device8propertyEPKc +__ZN8Security8cfNumberIjEET_PK10__CFNumber +__ZN8Security5IOKit6DeviceD1Ev +__ZN11PCSCMonitor16isExcludedDeviceERKN8Security5IOKit6DeviceE +__ZN8Security5IOKit14DeviceIteratorD2Ev +__ZNSt8_Rb_treeIjSt4pairIKjN20ClientIdentification10GuestStateEESt10_Select1stIS4_ESt4lessIjESaIS4_EE8_M_eraseEPSt13_Rb_tree_no +__ZN8Security12UnixPlusPlus5Child4findI11ServerChildEEPT_i +__ZN8Security12UnixPlusPlus5Child11findGenericEi +__ZN8Security11ModuleNexusINS_12UnixPlusPlus5Child8ChildrenEEclEv +__ZN8Security11ModuleNexusINS_12UnixPlusPlus5Child8ChildrenEE4makeEv +__ZN8Security12UnixPlusPlus5Child8ChildrenC2Ev +__ZN8Security10RefPointerI7ProcessE10setPointerEPS1_ __ZNK8Security12MachPlusPlus10MachServer12notifyIfDeadENS0_4PortEb __ZN8Security12MachPlusPlus4Port13requestNotifyEjij +__ZNSt3mapIiP7ProcessSt4lessIiESaISt4pairIKiS1_EEEixERS5_ +__ZNSt8_Rb_treeIiSt4pairIKiP7ProcessESt10_Select1stIS4_ESt4lessIiESaIS4_EE16_M_insert_uniqueESt17_Rb_tree_iteratorIS4_ERKS4_ +__ZNSt8_Rb_treeIiSt4pairIKiP7ProcessESt10_Select1stIS4_ESt4lessIiESaIS4_EE16_M_insert_uniqueERKS4_ +__ZNSt8_Rb_treeIiSt4pairIKiP7ProcessESt10_Select1stIS4_ESt4lessIiESaIS4_EE9_M_insertEPSt18_Rb_tree_node_baseSC_RKS4_ +__ZNSt8_Rb_treeIiSt4pairIKiP7ProcessESt10_Select1stIS4_ESt4lessIiESaIS4_EE14_M_create_nodeERKS4_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKiP7ProcessEEE8allocateEmPKv __ZN10ConnectionC1ER7ProcessN8Security12MachPlusPlus4PortE -__ZN10ConnectionC4ER7ProcessN8Security12MachPlusPlus4PortE -__Z21_XauthorizationCreateP17mach_msg_header_tS0_ -__Z43__MIG_check__Request__authorizationCreate_tP32__Request__authorizationCreate_t -__Z31ucsp_server_authorizationCreatejj13audit_token_tPlP20AuthorizationItemSetjS2_mS2_jS2_PN8Security14SecurityServer17AuthorizationBlobE -__ZN6Server10connectionEj -__ZN10Connection9beginWorkEv -__ZN13Authorization11AuthItemSetC1EPK20AuthorizationItemSet -__ZN13Authorization11AuthItemSetC4EPK20AuthorizationItemSet -__ZNK7Process7sessionEv -__ZN7Session10authCreateERKN13Authorization11AuthItemSetES3_mRN8Security14SecurityServer17AuthorizationBlobERK13audit_token_t -__ZN18AuthorizationTokenC1ER7SessionRKSt3setIN13Authorization10CredentialESt4lessIS4_ESaIS4_EERK13audit_token_t -__ZN18AuthorizationTokenC4ER7SessionRKSt3setIN13Authorization10CredentialESt4lessIS4_ESaIS4_EERK13audit_token_t -__ZN6Server7processEv +__ZN10ConnectionC2ER7ProcessN8Security12MachPlusPlus4PortE +__ZN8Security12MachPlusPlus4Port7modRefsEji +__ZNK7PortMapI10ConnectionE8containsEj +__ZNSt3mapIN8Security12MachPlusPlus4PortENS0_10RefPointerI10ConnectionEESt4lessIS2_ESaISt4pairIKS2_S5_EEEixERS9_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKN8Security12MachPlusPlus4PortENS3_10RefPointerI10ConnectionEEEEE8alloc +__ZN8Security10RefPointerI10ConnectionE7releaseEv +__ZN8Security10RefPointerI10ConnectionE10setPointerEPS1_ +__ZL16_XgetSessionInfoP17mach_msg_header_tS0_ +__Z26ucsp_server_getSessionInfojj13audit_token_tPiPjS1_ +__ZN6Server10connectionEjR13audit_token_t +__ZNK7PortMapI10ConnectionE3getEji +__ZN8Security11ThreadNexusINS_10RefPointerI10ConnectionEEEclEv +__ZN10Connection9beginWorkER13audit_token_t +__ZN7Session4findEj +__ZN6Server7sessionEv __ZN6Server10connectionEb __ZN10Connection9checkWorkEv -__ZN13Authorization11AuthItemSetC1Ev -__ZN13Authorization11AuthItemSetC4Ev +__ZNK7Process7sessionEv +__ZN6Server15requestCompleteERi +__ZN10Connection7endWorkERi +__ZN11PCSCMonitor15startSoftTokensEv +__ZN11PCSCMonitor12clearReadersEN6Reader4TypeE +__ZN8Security14CodeRepositoryINS_6BundleEEC2ERKSsPKcS6_b +__ZN8Security8PathListC2ERKSsPKcS4_b +__ZStplIcSt11char_traitsIcESaIcEESbIT_T0_T1_EPKS3_RKS6_ +__ZNSt6vectorISsSaISsEE9push_backERKSs +__ZNSt6vectorISsSaISsEE13_M_insert_auxEN9__gnu_cxx17__normal_iteratorIPSsS1_EERKSs +__ZN9__gnu_cxx13new_allocatorISsE8allocateEmPKv +__ZSt24__uninitialized_copy_auxIPSsS0_ET0_T_S2_S1_St12__false_type +__ZN8Security14CodeRepositoryINS_6BundleEE6updateEv +__ZN8Security9makeCFURLEPKcbPK7__CFURL +__ZN8Security6BundleC1EP10__CFBundlePKc +__ZN8Security6BundleC2EP10__CFBundlePKc +__ZN8Security8cfStringEPK7__CFURLb +__ZNSt6vectorIN8Security10RefPointerINS0_6BundleEEESaIS3_EE9push_backERKS3_ +__ZNSt6vectorIN8Security10RefPointerINS0_6BundleEEESaIS3_EE13_M_insert_auxEN9__gnu_cxx17__normal_iteratorIPS3_S5_EERKS3_ +__ZN9__gnu_cxx13new_allocatorIN8Security10RefPointerINS1_6BundleEEEE8allocateEmPKv +__ZSt24__uninitialized_copy_auxIPN8Security10RefPointerINS0_6BundleEEES4_ET0_T_S6_S5_St12__false_type +__ZN8Security10RefPointerINS_6BundleEE7releaseEv +__ZNSt6vectorIN8Security10RefPointerINS0_6BundleEEESaIS3_EED2Ev +__ZNSt12_Vector_baseIN8Security10RefPointerINS0_6BundleEEESaIS3_EED2Ev +__ZNK8Security6Bundle13infoPlistItemEPKc +__ZNK8Security6Bundle8cfBundleEv +__ZN8Security14CodeRepositoryINS_6BundleEED2Ev +__ZN8Security8PathListD2Ev +__ZNSt6vectorISsSaISsEED2Ev +__ZNSt12_Vector_baseISsSaISsEED2Ev +__ZN8Security6BundleD0Ev +__ZN8Security12MachPlusPlus10MachServer5Timer8unselectEv +__ZL10_XdecodeDbP17mach_msg_header_tS0_ +__Z20ucsp_server_decodeDbjj13audit_token_tPiPjPvjS2_jS2_j +__ZN7CopyOutC2EPvmPFiP9__rpc_xdrzEbP9cssm_data +_copyout +_sec_xdrmem_create +_sec_xdr_sizeof_out +_sec_xdr_arena_init_size_alloc +__Z25xdr_DLDbFlatIdentifierRefP9__rpc_xdrPPN8Security11DataWalkers18DLDbFlatIdentifierE +_sec_xdr_reference +_sec_xdr_arena_size_allocator +_sec_mem_alloc +__Z22xdr_DLDbFlatIdentifierP9__rpc_xdrPN8Security11DataWalkers18DLDbFlatIdentifierE +_sec_xdr_pointer +_sec_xdrmem_getlong_aligned +_xdr_CSSM_SUBSERVICE_UID +_sec_xdrmem_getbytes +_xdr_CSSM_VERSION +_sec_xdr_charp +_sec_xdr_bytes +_sec_xdr_arena_init +__ZN8Security14DLDbIdentifierC2ERK19cssm_subservice_uidPKcPK16cssm_net_address +__ZN8Security14DLDbIdentifier4ImplC2ERK19cssm_subservice_uidPKcPK16cssm_net_address +__ZN8Security6DbNameC1EPKcPK16cssm_net_address +__ZN8Security6DbNameC2EPKcPK16cssm_net_address +__Z8makeBlobIN8Security14SecurityServer6DbBlobEEPKT_RKNS0_8CssmDataEi +__ZN16KeychainDatabaseC1ERKN8Security14DLDbIdentifierEPKNS0_14SecurityServer6DbBlobER7ProcessPKNS0_17AccessCredentialsE +__ZN17SecurityServerAclC2Ev +__ZN8Security9ObjectAclC2ERNS_9AllocatorE +__ZN13LocalDatabaseC2ER7Process +__ZN8DatabaseC2ER7Process __ZN8NodeCore8referentERS_ -__ZN13Authorization6Engine9authorizeERKNS_11AuthItemSetES3_mPKSt3setINS_10CredentialESt4lessIS5_ESaIS5_EEPS9_RS1_R18AuthorizationToken +__ZN16KeychainDatabase12validateBlobEPKN8Security14SecurityServer6DbBlobE +__ZNK8Security14SecurityServer10CommonBlob8validateEi +__ZN8Security11DataWalkers4copyINS_17AccessCredentialsEEEPT_PKS3_RNS_9AllocatorE +__ZNK8Security14SecurityServer6DbBlob4copyERNS_9AllocatorE +__ZN8Security9Allocator6mallocINS_14SecurityServer6DbBlobEEEPT_m +__ZNK8Database7processEv +__ZN8NodeCore9findFirstI16KeychainDbCommonRK12DbIdentifierEEN8Security10RefPointerIT_EEMS7_KFT0_vES9_ +__ZN8Security10RefPointerI16KeychainDbCommonE7releaseEv +__ZN16KeychainDbCommonC2ER7SessionRK12DbIdentifier +__ZN13LocalDbCommonC2ER7Session +__ZN8DbCommonC2ER7Session +__ZN18DatabaseCryptoCoreC2Ev +__ZN8NodeCore9findFirstI16KeychainDbGlobalRK12DbIdentifierEEN8Security10RefPointerIT_EEMS7_KFT0_vES9_ +__ZN8Security10RefPointerI16KeychainDbGlobalE7releaseEv +__ZN16KeychainDbGlobalC2ERK12DbIdentifier +__ZNK8DbCommon7sessionEv +__ZN8NodeCore12addReferenceERS_ +__ZNSt8_Rb_treeIN8Security10RefPointerI8NodeCoreEES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE16_M_insert_uniqueERKS3_ +__ZNSt8_Rb_treeIN8Security10RefPointerI8NodeCoreEES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE9_M_insertEPSt18_Rb_tree_node_baseSB_ +__ZNSt8_Rb_treeIN8Security10RefPointerI8NodeCoreEES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE14_M_create_nodeERKS3_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIN8Security10RefPointerI8NodeCoreEEEE8allocateEmPKv +__ZN8Security10RefPointerINS_14DLDbIdentifier4ImplEE7releaseEv +__ZN7CopyOutD1Ev +__ZN7CopyOutD2Ev +__ZL16_XauthenticateDbP17mach_msg_header_tS0_ +__Z26ucsp_server_authenticateDbjj13audit_token_tPijjPvj +_xdr_CSSM_ACCESS_CREDENTIALS_PTR +_xdr_CSSM_ACCESS_CREDENTIALS +_xdr_CSSM_BASE_CERTS +_xdr_CSSM_CERTGROUP +_sec_xdr_array +_xdr_CSSM_SAMPLE +_xdr_CSSM_LIST +_xdr_CSSM_LIST_ELEMENT +__ZN6Server8databaseEj +__ZN6Server4findI8DatabaseEEN8Security10RefPointerIT_EEji +__ZN8Security13MappingHandleIjE7findRefI8DatabaseEENS_10RefPointerIT_EEji +__ZN8Security13MappingHandleIjE5State6locateEji +__ZN16KeychainDatabase12authenticateEjPKN8Security17AccessCredentialsE +__ZN8Security11DataWalkers4sizeIPNS_17AccessCredentialsEEEmT_ +__ZN8Security11DataWalkers14enumerateArrayINS0_10SizeWalkerENS_11SampleGroupENS_10CssmSampleEEEvRT_RT0_MS7_FRPT1_vE +__ZN8Security11SampleGroup7samplesEv +__ZN8Security11DataWalkers4walkINS0_10SizeWalkerEEEPNS_11ListElementERT_RS4_ +__ZN8Security11DataWalkers4copyINS_17AccessCredentialsEEEPT_PKS3_RNS_9AllocatorEm +__ZN8Security11DataWalkers4walkINS0_10CopyWalkerEEEPNS_17AccessCredentialsERT_RS4_ +__ZN8Security11DataWalkers14enumerateArrayINS0_10CopyWalkerENS_11SampleGroupENS_10CssmSampleEEEvRT_RT0_MS7_FRPT1_vE +__ZN8Security11DataWalkers4walkINS0_10CopyWalkerEEEvRT_RNS_10CssmSampleE +__ZN8Security11DataWalkers9enumerateINS0_10CopyWalkerEEEvRT_RNS_8CssmListE +__ZN8Security11DataWalkers4walkINS0_10CopyWalkerEEEPNS_11ListElementERT_RS4_ +__ZN8Security11ListElement4lastEv +__ZN8Security10RefPointerI8DatabaseE7releaseEv +__ZL11_XdecodeKeyP17mach_msg_header_tS0_ +__Z21ucsp_server_decodeKeyjj13audit_token_tPiPjPPvS1_jS2_j +__ZN6Server8keychainEj +__ZN6Server4findI16KeychainDatabaseEEN8Security10RefPointerIT_EEji +__ZN8Security13MappingHandleIjE7findRefI16KeychainDatabaseEENS_10RefPointerIT_EEji +__Z8makeBlobIN8Security14SecurityServer7KeyBlobEEPKT_RKNS0_8CssmDataEi +__ZN11KeychainKeyC1ER8DatabasePKN8Security14SecurityServer7KeyBlobE +__ZN11KeychainKeyC2ER8DatabasePKN8Security14SecurityServer7KeyBlobE +__ZN8LocalKeyC2ER8Databasej +__ZN3KeyC2ER8Database +__ZN8Database10SubsidiaryC2ERS_ +__ZNK8Security14SecurityServer7KeyBlob4copyERNS_9AllocatorE +__ZN8Security9Allocator6mallocINS_14SecurityServer7KeyBlobEEEPT_m +__ZN8Security10RefPointerI16KeychainDatabaseE7releaseEv +__ZN8LocalKey9returnKeyERjRN8Security7CssmKey6HeaderE +__ZN11KeychainKey9getHeaderERN8Security7CssmKey6HeaderE +__ZN8Security4n2hiERNS_7CssmKey6HeaderE +_copyin +_sec_xdr_sizeof_in +_xdr_CSSM_KEYHEADER +_sec_x_putlong +_sec_x_putbytes +_sec_xdrmem_putlong_aligned +_sec_xdrmem_putbytes +__ZN6Server15releaseWhenDoneEPv +__ZN6Server15releaseWhenDoneERN8Security9AllocatorEPv +__ZN8Security12MachPlusPlus10MachServer15releaseWhenDoneERNS_9AllocatorEPv +__ZNSt8_Rb_treeIN8Security12MachPlusPlus10MachServer10AllocationES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE16_M_insert_uniqueERKS +__ZNSt8_Rb_treeIN8Security12MachPlusPlus10MachServer10AllocationES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE9_M_insertEPSt18_Rb_tr +__ZNSt8_Rb_treeIN8Security12MachPlusPlus10MachServer10AllocationES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE14_M_create_nodeERKS3_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIN8Security12MachPlusPlus10MachServer10AllocationEEE8allocateEmPKv +__ZN8Security10RefPointerI3KeyE7releaseEv +__ZL9_XdecryptP17mach_msg_header_tS0_ +__Z19ucsp_server_decryptjj13audit_token_tPiPvjjS1_jPS1_Pj +_xdr_CSSM_CONTEXT_PTR +_xdr_CSSM_CONTEXT +_xdr_CSSM_CONTEXT_ATTRIBUTE +_xdr_CSSM_KEY +_xdr_CSSM_DATA +__ZN6Server3keyEj +__ZN8Security13MappingHandleIjE7findRefI3KeyEENS_10RefPointerIT_EEji +__ZN13LocalDatabase7decryptERKN8Security7ContextER3KeyRKNS0_8CssmDataERS6_ +__ZN8LocalKey7cssmKeyEv +__ZN8LocalKey8keyValueEv +__ZN11KeychainKey6getKeyEv +__ZN11KeychainKey6decodeEv +__ZN16KeychainDatabase9decodeKeyEPN8Security14SecurityServer7KeyBlobERNS0_7CssmKeyERPvS7_ +__ZN8Security14SecurityServer7KeyBlob11isClearTextEv +__ZN16KeychainDatabase8unlockDbEv +__ZN16KeychainDatabase12makeUnlockedEPKN8Security17AccessCredentialsE +__ZN16KeychainDatabase8isLockedEv +__ZN16KeychainDatabase19establishOldSecretsEPKN8Security17AccessCredentialsE +__ZNK16KeychainDbCommon15belongsToSystemEv +__ZN17SystemKeychainKeyC1EPKc +__ZN17SystemKeychainKeyC2EPKc +__ZN17SystemKeychainKey7matchesERKN8Security14SecurityServer6DbBlob9SignatureE +__ZN17SystemKeychainKey6updateEv +__ZNK8Security14SecurityServer10CommonBlob7isValidEv +__ZN8Security4Time8AbsoluteC1ERK8timespec +__ZN8Security10CssmClient3KeyC2ERKNS0_3CSPERK8cssm_keyb +__ZN8Security10CssmClient7KeyImplC1ERKNS0_3CSPERK8cssm_keyb +__ZN8Security7CssmKeyC2ERK8cssm_key +__ZN8Security12CssmAutoDataC2INS_8CssmDataEEERNS_9AllocatorERKT_ +__ZN8Security13CssmOwnedData4copyIvEEvPKT_m +__ZN8Security12CssmAutoData5resetEv +__ZN8Security7destroyEPvRNS_9AllocatorE +__ZN8Security12CssmAutoData7releaseEv +__ZN8Security12CssmAutoDataD2Ev +__ZN8Security13CssmOwnedDataD2Ev +__ZN8Security15CssmManagedDataD2Ev +__ZN18DatabaseCryptoCore5setupEPKN8Security14SecurityServer6DbBlobENS0_10CssmClient3KeyE +__ZNK8Security10CssmClient6Object4implINS0_7KeyImplEEERT_v +__ZN8Security10RefPointerINS_10CssmClient10ObjectImplEE10setPointerEPS2_ +__ZN16KeychainDatabase6decodeEv +__ZN16KeychainDbCommon8unlockDbEPN8Security14SecurityServer6DbBlobEPPv +__ZN18DatabaseCryptoCore10decodeCoreEPKN8Security14SecurityServer6DbBlobEPPv +__ZN8Security10CssmClient7DecryptC1ERKNS0_3CSPEj +__ZN8Security10CssmClient5CryptC2ERKNS0_3CSPEj +__ZN8Security10CssmClient7ContextC2ERKNS0_3CSPEj +__ZN8Security10CssmClient7Context3setEjj +__ZN8Security10CssmClient5Crypt3keyERKNS0_3KeyE +__ZN8Security10CssmClient7Context3setINS_7CssmKeyEEEvjRKT_ +__ZN8Security10CssmClient7Context3setINS_8CssmDataEEEvjRKT_ +__ZN8Security10CssmClient7Decrypt7decryptEPKNS_8CssmDataEjPS2_jRS2_ +__ZN8Security10CssmClient7Context8unstagedEv +__ZN8Security10CssmClient5Crypt8activateEv +__ZN8Security10CssmClient10ObjectImpl5checkEi +__ZN18DatabaseCryptoCore10makeRawKeyEPvmjj +__ZN8Security10CssmClient9UnwrapKeyC1ERKNS0_3CSPEj +__ZN8Security10CssmClient9RccBearerC2Ev +__ZN8Security10CssmClient9UnwrapKeyclERKNS_7CssmKeyERKNS0_7KeySpecERS2_PNS_8CssmDataEPS3_ +__ZNK8Security10CssmClient9RccBearer12compositeRccEv +__ZN8Security10CssmClient9UnwrapKeyD1Ev +__ZN8Security10CssmClient5CryptD2Ev +__ZN8Security10CssmClient7ContextD2Ev +__ZN8Security10CssmClient7Context10deactivateEv +__ZN8Security10CssmClient10ObjectImplD2Ev +__ZN8Security10CssmClient9VerifyMacC1ERKNS0_3CSPEj +__ZN8Security10CssmClient10MacContextC2ERKNS0_3CSPEj +__ZN8Security10CssmClient10MacContext3keyERKNS0_3KeyE +__ZN8Security10CssmClient7Context3setINS0_3KeyEEEvjRKT_ +__ZN8Security10CssmClient9VerifyMac6verifyEPKNS_8CssmDataEjRS3_ +__ZN8Security10CssmClient10MacContext8activateEv +__ZN8Security10CssmClient9VerifyMacD1Ev +__ZN8Security10CssmClient10MacContextD2Ev +__ZN8Security10CssmClient7DecryptD1Ev +__ZN16KeychainDbCommon11setUnlockedEv +__ZN16KeychainDbCommon8activityEv +__ZN8DbCommon6notifyEjRKN8Security14DLDbIdentifierE +__ZN8Security19NameValueDictionaryC1Ev +__ZN8Security19NameValueDictionary41MakeNameValueDictionaryFromDLDbIdentifierERKNS_14DLDbIdentifierERS0_ +__ZN8Security13NameValuePair9CloneDataERKNS_8CssmDataE +__ZNSt6vectorIPN8Security13NameValuePairESaIS2_EE9push_backERKS2_ +__ZNSt6vectorIPN8Security13NameValuePairESaIS2_EE13_M_insert_auxEN9__gnu_cxx17__normal_iteratorIPS2_S4_EERKS2_ +__ZN9__gnu_cxx13new_allocatorIPN8Security13NameValuePairEE8allocateEmPKv +__ZN8Security19NameValueDictionary6ExportERNS_8CssmDataE +__ZNK8Security13NameValuePair6ExportERNS_8CssmDataE +__ZN8Listener6notifyEjjRKN8Security8CssmDataE +__ZN8Listener12NotificationC2EjjjRKN8Security8CssmDataE +__ZN8Listener16sendNotificationEPNS_12NotificationE +__ZN20SharedMemoryListener8notifyMeEPN8Listener12NotificationE +__ZNK8Security13CssmOwnedData3getEv +__ZN18SharedMemoryServer12WriteMessageEjjPKvj +_CalculateCRC +__ZN18SharedMemoryServer11WriteOffsetEj +__ZN18SharedMemoryServer9WriteDataEPKvj +__ZN8Security10RefPointerIN8Listener12NotificationEE7releaseEv +__ZN8Listener12NotificationD0Ev +__ZN8Security19NameValueDictionaryD1Ev +__ZN8Security19NameValueDictionaryD2Ev +__ZNSt6vectorIPN8Security13NameValuePairESaIS2_EE5eraseEN9__gnu_cxx17__normal_iteratorIPS2_S4_EE +__ZNSt6vectorIPN8Security13NameValuePairESaIS2_EED2Ev +__ZNSt12_Vector_baseIPN8Security13NameValuePairESaIS2_EED2Ev +__ZN16KeychainDatabase3aclEv +__ZN8Security9ObjectAcl10importBlobEPKvS2_ +__ZN8Security9ObjectAcl5Entry10importBlobERNS_23LowLevelMemoryUtilities6ReaderES4_ +__ZN8Security9ObjectAcl13importSubjectERNS_23LowLevelMemoryUtilities6ReaderES3_ +__ZN8Security9ObjectAcl4makeEjRNS_23LowLevelMemoryUtilities6ReaderES3_ +__ZN8Security9ObjectAcl8makerForEi +__ZNK8Security13AnyAclSubject5Maker4makeEhRNS_23LowLevelMemoryUtilities6ReaderES4_ +__ZN8Security10AclSubjectC2Ejh +__ZN8Security10RefPointerINS_10AclSubjectEE10setPointerEPS1_ +__ZN8Security10RefPointerINS_10AclSubjectEE7releaseEv +__ZNSt8_Rb_treeISsSt4pairIKSsN8Security9ObjectAcl8AclEntryEESt10_Select1stIS5_ESt4lessISsESaIS5_EE8_M_eraseEPSt13_Rb_tree_nodeI +__ZN8Security9ObjectAcl8AclEntryC2Ev +__ZN8Security9ObjectAcl8AclEntry10importBlobERNS_23LowLevelMemoryUtilities6ReaderES4_ +__ZN8Security23LowLevelMemoryUtilities6ReaderclERPKc +__ZNSt8_Rb_treeIiiSt9_IdentityIiESt4lessIiESaIiEE5eraseESt23_Rb_tree_const_iteratorIiES7_ +__ZNSt8_Rb_treeIiiSt9_IdentityIiESt4lessIiESaIiEE8_M_eraseEPSt13_Rb_tree_nodeIiE +__ZN8Security9ObjectAcl3addERKSsRKNS0_8AclEntryE +__ZN8Security9ObjectAcl8AclEntryC2ERKS1_ +__ZNSt8_Rb_treeIiiSt9_IdentityIiESt4lessIiESaIiEEC2ERKS5_ +__ZN8Security9ObjectAcl3addERKSsNS0_8AclEntryEl +__ZNSt4pairISsN8Security9ObjectAcl8AclEntryEEC2ERKSsRKS2_ +__ZNSt4pairIKSsN8Security9ObjectAcl8AclEntryEEC2ISsS3_EERKS_IT_T0_E +__ZNSt8_Rb_treeISsSt4pairIKSsN8Security9ObjectAcl8AclEntryEESt10_Select1stIS5_ESt4lessISsESaIS5_EE15_M_insert_equalERKS5_ +__ZNSt8_Rb_treeISsSt4pairIKSsN8Security9ObjectAcl8AclEntryEESt10_Select1stIS5_ESt4lessISsESaIS5_EE9_M_insertEPSt18_Rb_tree_node +__ZNSt8_Rb_treeISsSt4pairIKSsN8Security9ObjectAcl8AclEntryEESt10_Select1stIS5_ESt4lessISsESaIS5_EE14_M_create_nodeERKS5_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKSsN8Security9ObjectAcl8AclEntryEEEE8allocateEmPKv +__ZNSt4pairIKSsN8Security9ObjectAcl8AclEntryEEC2ERKS4_ +__ZNSt4pairIKSsN8Security9ObjectAcl8AclEntryEED2Ev +__ZN8Security9ObjectAcl8AclEntryD2Ev +__ZN8Security9ObjectAcl5EntryD2Ev +__ZNSt4pairISsN8Security9ObjectAcl8AclEntryEED2Ev +__ZN17SystemKeychainKeyD1Ev +__ZNK18DatabaseCryptoCore13decodeKeyCoreEPN8Security14SecurityServer7KeyBlobERNS0_7CssmKeyERPvS7_ +__ZN8Security4h2niERNS_7CssmKey6HeaderE +__ZN8Security10CssmClient7Context3addEjj +__ZN8Security10CssmClient9UnwrapKeyclERKNS_7CssmKeyERKNS0_7KeySpecERS2_PNS_8CssmDataE +__ZN11KeychainKey3aclEv +__ZNK8Security17ProcessAclSubject5Maker4makeEhRNS_23LowLevelMemoryUtilities6ReaderES4_ +__ZNK8Security7Context7replaceINS_7CssmKeyEEEvjRKT_ +__ZN8Security7Context4findEjPK22cssm_context_attributej +__ZN9AclSource8validateEiRKN8Security7ContextE +__ZThn160_N11KeychainKey15relatedDatabaseEv +__ZN11KeychainKey15relatedDatabaseEv +__ZThn160_N11KeychainKey3aclEv +__ZN17SecurityServerAcl8validateEiRKN8Security7ContextEP8Database +__ZThn232_N11KeychainKey8validateEiPKN8Security17AccessCredentialsEP8Database +__ZN11KeychainKey8validateEiPKN8Security17AccessCredentialsEP8Database +__ZN17SecurityServerAcl8validateEiPKN8Security17AccessCredentialsEP8Database +__ZN25SecurityServerEnvironmentC1ER17SecurityServerAclP8Database +__ZN6Server7processEv +__ZN8Security9ObjectAcl8validateEiPKNS_17AccessCredentialsEPNS_24AclValidationEnvironmentE +__ZN8Security9ObjectAcl9validatesEiPKNS_17AccessCredentialsEPNS_24AclValidationEnvironmentE +__ZN8Security9ObjectAcl9validatesERNS_20AclValidationContextE +__ZThn232_N11KeychainKey14instantiateAclEv +__ZN11KeychainKey14instantiateAclEv +__ZNK8Security20AclValidationContext9s_credTagEv +__ZNK8Security20AclValidationContext7credTagEv +__ZNK8Security9ObjectAcl8getRangeERKSsRSt4pairISt23_Rb_tree_const_iteratorIS3_IS1_NS0_8AclEntryEEES7_E +__ZNK8Security9ObjectAcl8AclEntry10authorizesEi +__ZN8Security20AclValidationContext4initEPNS_9ObjectAclEPNS_10AclSubjectE +__ZN8Security20AclValidationContext8entryTagERKSs +__ZNK8Security17ProcessAclSubject8validateERKNS_20AclValidationContextE +__ZNK25SecurityServerEnvironment6getuidEv +__ZN21BaseValidationContextD2Ev +__ZN8Security20AclValidationContextD2Ev +__ZN25SecurityServerEnvironmentD1Ev +__ZN8Security20PreAuthorizationAcls11EnvironmentD2Ev +__ZN8Security18PromptedAclSubject11EnvironmentD2Ev +__ZN8Security16SecretAclSubject11EnvironmentD2Ev +__ZN8Security23CodeSignatureAclSubject11EnvironmentD2Ev +__ZN8Security17ProcessAclSubject11EnvironmentD2Ev +__ZN8Security24AclValidationEnvironmentD2Ev +__ZNK16KeychainDatabase8activityEv +__ZNK16KeychainDatabase6commonEv +__ZN8Security10CssmClient7Context8overrideERKNS_7ContextE +__ZL12_XreleaseKeyP17mach_msg_header_tS0_ +__Z22ucsp_server_releaseKeyjj13audit_token_tPij +__ZN8Database10releaseKeyER3Key +__ZN8NodeCore4killERS_ +__ZN8NodeCore4killEv +__ZN8NodeCore15clearReferencesEv +__ZNSt8_Rb_treeIN8Security10RefPointerI8NodeCoreEES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE8_M_eraseEPSt13_Rb_tree_nodeIS3_E +__ZN8NodeCore15removeReferenceERS_ +__ZNSt8_Rb_treeIN8Security10RefPointerI8NodeCoreEES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE5eraseERKS3_ +__ZNSt8_Rb_treeIN8Security10RefPointerI8NodeCoreEES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE11equal_rangeERKS3_ +__ZNSt8_Rb_treeIN8Security10RefPointerI8NodeCoreEES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE5eraseESt17_Rb_tree_iteratorIS3_ESB_ +__ZNSt8_Rb_treeIN8Security10RefPointerI8NodeCoreEES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE15_M_destroy_nodeEPSt13_Rb_tree_nodeI +__ZN11KeychainKeyD0Ev +__ZN17SecurityServerAclD2Ev +__ZN8Security9ObjectAclD2Ev +__ZN8Security9ObjectAcl10OwnerEntryD2Ev +__ZN8Security17ProcessAclSubjectD0Ev +__ZN8Security10AclSubjectD2Ev +__ZNSt8_Rb_treeISsSt4pairIKSsN8Security9ObjectAcl8AclEntryEESt10_Select1stIS5_ESt4lessISsESaIS5_EE15_M_destroy_nodeEPSt13_Rb_tr +__ZN8LocalKeyD2Ev +__ZN8Security10CssmClient7KeyImplD0Ev +__ZN8Security10CssmClient7KeyImpl10deactivateEv +__ZN8Security10CssmClient9AclBearerD2Ev +__ZN3KeyD2Ev +__ZN9AclSourceD2Ev +__ZN8Database10SubsidiaryD2Ev +__ZN10PerProcessD2Ev +__ZN4NodeI10PerProcess10PerSessionED2Ev +__ZN8NodeCoreD2Ev +__ZN8Security13MappingHandleIjED2Ev +__ZN9__gnu_cxx9hashtableISt4pairIKjPN8Security13MappingHandleIjEEEjNS_4hashIjEESt10_Select1stIS7_ESt8equal_toIjESaIS6_EE5eraseE +__ZL18_XpostNotificationP17mach_msg_header_tS0_ +__Z28ucsp_server_postNotificationjj13audit_token_tPijjPvjj +__ZN8Listener6notifyEjjjRKN8Security8CssmDataE +__ZN8Listener12JitterBuffer10inSequenceEPNS_12NotificationE +__ZN8Listener12JitterBuffer15popNotificationEv +__ZThn88_N20SharedMemoryListener6actionEv +__ZN20SharedMemoryListener6actionEv +__ZL21_XauthorizationCreateP17mach_msg_header_tS0_ +__Z31ucsp_server_authorizationCreatejj13audit_token_tPiPvjjS1_jPN8Security14SecurityServer17AuthorizationBlobE +__ZN13Authorization11AuthItemSetC1EPK20AuthorizationItemSet +__ZN13Authorization11AuthItemSetC2EPK20AuthorizationItemSet +__ZN7Session10authCreateERKN13Authorization11AuthItemSetES3_jRN8Security14SecurityServer17AuthorizationBlobERK13audit_token_t +__ZN18AuthorizationTokenC1ER7SessionRKSt3setIN13Authorization10CredentialESt4lessIS4_ESaIS4_EERK13audit_token_tb +__ZN18AuthorizationTokenC2ER7SessionRKSt3setIN13Authorization10CredentialESt4lessIS4_ESaIS4_EERK13audit_token_tb +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EEC2ERKS7_ +__ZN13Authorization11AuthItemSetC1Ev +__ZNK20ClientIdentification12currentGuestEv +__ZNK20ClientIdentification7currentEv +__ZN8Security12MachPlusPlus10MachServer16longTermActivityEv +__ZN8Security5CFRefIP9__SecCodeEaSERKS3_ +__ZNSt3mapIjN20ClientIdentification10GuestStateESt4lessIjESaISt4pairIKjS1_EEEixERS5_ +__ZNSt8_Rb_treeIjSt4pairIKjN20ClientIdentification10GuestStateEESt10_Select1stIS4_ESt4lessIjESaIS4_EE16_M_insert_uniqueESt17_Rb +__ZNSt8_Rb_treeIjSt4pairIKjN20ClientIdentification10GuestStateEESt10_Select1stIS4_ESt4lessIjESaIS4_EE16_M_insert_uniqueERKS4_ +__ZNSt8_Rb_treeIjSt4pairIKjN20ClientIdentification10GuestStateEESt10_Select1stIS4_ESt4lessIjESaIS4_EE9_M_insertEPSt18_Rb_tree_n +__ZNSt8_Rb_treeIjSt4pairIKjN20ClientIdentification10GuestStateEESt10_Select1stIS4_ESt4lessIjESaIS4_EE14_M_create_nodeERKS4_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKjN20ClientIdentification10GuestStateEEEE8allocateEmPKv +__ZNSt3mapIN8Security14SecurityServer17AuthorizationBlobENS0_10RefPointerI18AuthorizationTokenEESt4lessIS2_ESaISt4pairIKS2_S5_E +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKN8Security14SecurityServer17AuthorizationBlobENS3_10RefPointerI18Autho +__ZN8Security10RefPointerI18AuthorizationTokenE7releaseEv +__ZN8Security10RefPointerI18AuthorizationTokenE10setPointerEPS1_ +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EEaSERKS7_ +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE8_M_eraseEPSt13_Rb_tree_nodeIS1_E +__ZN13Authorization6Engine9authorizeERKNS_11AuthItemSetES3_jPKSt3setINS_10CredentialESt4lessIS5_ESaIS5_EEPS9_RS1_R18Authorizati __ZN13Authorization20AuthorizationDBPlist4syncEd -__ZN13Authorization20AuthorizationDBPlist4loadEd +__ZN13Authorization20AuthorizationDBPlist4loadEv __ZN13Authorization20AuthorizationDBPlist11parseConfigEPK14__CFDictionary +__ZN8Security5CFRefIP14__CFDictionaryEaSES2_ +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization4RuleEESt10_Select1stIS4_ESt4lessISsESaIS4_EE8_M_eraseEPSt13_Rb_tree_nodeIS4_E __ZN13Authorization20AuthorizationDBPlist9parseRuleEPKvS2_Pv __ZN13Authorization20AuthorizationDBPlist8addRightEPK10__CFStringPK14__CFDictionary __ZN8Security8cfStringEPK10__CFStringb -__ZNSsC4Ev -__ZNSs6assignEPKcm -__ZdaPv -__ZN13Authorization4RuleC1Ev -__ZN13Authorization4RuleC4Ev -__ZN13Authorization8RuleImplC4Ev __ZN13Authorization4RuleC1ERKSsPK14__CFDictionaryS5_ -__ZN13Authorization4RuleC4ERKSsPK14__CFDictionaryS5_ -__ZN13Authorization8RuleImplC4ERKSsPK14__CFDictionaryS5_ -__ZN13Authorization8RuleImpl9Attribute9getStringEPK14__CFDictionaryPK10__CFStringbPc -__ZNKSs7compareEPKc -__ZNSs6assignERKSs -__ZNSs4_Rep7_M_grabERKSaIcES2_ +__ZN13Authorization4RuleC2ERKSsPK14__CFDictionaryS5_ +__ZN13Authorization8RuleImplC2ERKSsPK14__CFDictionaryS5_ +__ZN13Authorization8RuleImpl9Attribute9getStringEPK14__CFDictionaryPK10__CFStringbPKc __ZN13Authorization8RuleImpl9Attribute9getDoubleEPK14__CFDictionaryPK10__CFStringbd __ZN13Authorization8RuleImpl9Attribute7getBoolEPK14__CFDictionaryPK10__CFStringbb __ZN13Authorization8RuleImpl9Attribute9getVectorEPK14__CFDictionaryPK10__CFStringb -__ZSt13__destroy_auxIPSsEvT_S1_12__false_type -__ZNSt24__default_alloc_templateILb1ELi0EE10deallocateEPvm +__ZNSt6vectorISsSaISsEEaSERKS1_ +__ZNSt6__copyILb0ESt26random_access_iterator_tagE4copyIPKSsPSsEET0_T_S7_S6_ +__ZNSt6vectorISsSaISsEE20_M_allocate_and_copyIN9__gnu_cxx17__normal_iteratorIPKSsS1_EEEEPSsmT_S9_ +__ZSt24__uninitialized_copy_auxIN9__gnu_cxx17__normal_iteratorIPKSsSt6vectorISsSaISsEEEEPSsET0_T_SA_S9_St12__false_type __ZN13Authorization8RuleImpl9Attribute19getLocalizedPromptsEPK14__CFDictionaryRSt3mapISsSsSt4lessISsESaISt4pairIKSsSsEEE -__ZNKSs7compareERKSs +__ZNSt6vectorIN13Authorization4RuleESaIS1_EE9push_backERKS1_ +__ZNSt6vectorIN13Authorization4RuleESaIS1_EE13_M_insert_auxEN9__gnu_cxx17__normal_iteratorIPS1_S3_EERKS1_ +__ZN9__gnu_cxx13new_allocatorIN13Authorization4RuleEE8allocateEmPKv +__ZSt24__uninitialized_copy_auxIPN13Authorization4RuleES2_ET0_T_S4_S3_St12__false_type +__ZN8Security10RefPointerIN13Authorization8RuleImplEE7releaseEv +__ZNSt3mapISsN13Authorization4RuleESt4lessISsESaISt4pairIKSsS1_EEEixERS5_ +__ZN13Authorization4RuleC1Ev +__ZN13Authorization4RuleC2Ev +__ZN13Authorization8RuleImplC2Ev +__ZNSt4pairIKSsN13Authorization4RuleEEC2ERS0_RKS2_ +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization4RuleEESt10_Select1stIS4_ESt4lessISsESaIS4_EE16_M_insert_uniqueESt17_Rb_tree_itera +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization4RuleEESt10_Select1stIS4_ESt4lessISsESaIS4_EE16_M_insert_uniqueERKS4_ +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization4RuleEESt10_Select1stIS4_ESt4lessISsESaIS4_EE9_M_insertEPSt18_Rb_tree_node_baseSC_ +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization4RuleEESt10_Select1stIS4_ESt4lessISsESaIS4_EE14_M_create_nodeERKS4_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKSsN13Authorization4RuleEEEE8allocateEmPKv +__ZNSt4pairIKSsN13Authorization4RuleEEC2ERKS3_ +__ZNSt4pairIKSsN13Authorization4RuleEED2Ev +__ZN8Security10RefPointerIN13Authorization8RuleImplEE10setPointerEPS2_ +__ZN13Authorization8RuleImplD2Ev +__ZNSt8_Rb_treeISsSt4pairIKSsSsESt10_Select1stIS2_ESt4lessISsESaIS2_EE8_M_eraseEPSt13_Rb_tree_nodeIS2_E +__ZNSt6vectorIN13Authorization4RuleESaIS1_EED2Ev +__ZNSt12_Vector_baseIN13Authorization4RuleESaIS1_EED2Ev +__ZN8Security5CFRefIPK14__CFDictionaryEaSES3_ +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EEC2ERKS7_ +__ZN8Security14CommonCriteria9Securityd25RightAuthenticationLoggerC1ERKNS0_10AuditTokenEs +__ZN8Security14CommonCriteria9Securityd25RightAuthenticationLoggerC2ERKNS0_10AuditTokenEs +__ZN8Security14CommonCriteria9Securityd11AuditLogger13setClientInfoERKNS0_10AuditTokenE +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE4swapERS7_ +__ZN8Security14CommonCriteria9Securityd25RightAuthenticationLoggerD2Ev +__ZN8Security14CommonCriteria9Securityd11RightLoggerD2Ev +__ZN8Security14CommonCriteria9Securityd11AuditLoggerD2Ev +__ZN8Security14CommonCriteria9Securityd11AuditLogger5closeEb __ZN13Authorization11AuthItemSetD1Ev -__ZN13Authorization11AuthItemSetD4Ev +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE8_M_eraseEPSt13_Rb_tree_nodeIS1_E __ZN7Process16addAuthorizationEP18AuthorizationToken +__ZNSt8_Rb_treeIP18AuthorizationTokenS1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE9_M_insertEPSt18_Rb_tree_node_baseS9_RKS1_ +__ZNSt8_Rb_treeIP18AuthorizationTokenS1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE14_M_create_nodeERKS1_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIP18AuthorizationTokenEE8allocateEmPKv __ZN18AuthorizationToken10addProcessER7Process -__ZN6Server15requestCompleteEv -__ZN10Connection7endWorkEv -__Z26_XauthorizationInternalizeP17mach_msg_header_tS0_ -__Z36ucsp_server_authorizationInternalizejj13audit_token_tPl25AuthorizationExternalFormPN8Security14SecurityServer17AuthorizationBlobE -__ZN7Session15authInternalizeERK25AuthorizationExternalFormRN8Security14SecurityServer17AuthorizationBlobE -__ZN18AuthorizationToken4findERKN8Security14SecurityServer17AuthorizationBlobE -__ZN13Authorization5Error7throwMeEi -___cxa_allocate_exception -__ZN13Authorization5ErrorC4Ei -__ZN8Security11CommonErrorC2Ev -__ZN8Security11CommonErrorC4Ev -___cxa_throw -___cxa_get_globals -__Z21get_globals_init_oncev -__Unwind_RaiseException -save_world -_uw_init_context_1 -_uw_frame_state_for -__Unwind_Find_FDE -__Unwind_Find_registered_FDE -_examine_objects -_search_object -_init_object -_classify_object_over_fdes -_get_cie_encoding -_read_uleb128 -_read_sleb128 -_base_from_object -_read_encoded_value_with_base -_size_of_encoded_value -_add_fdes -_fde_split -_fde_single_encoding_compare -_frame_heapsort -_extract_cie_info -_read_uleb128 -_read_sleb128 -_execute_cfa_program -_size_of_encoded_value -_uw_update_context_1 -_base_of_encoded_value -_read_encoded_value_with_base -___gxx_personality_v0 -__Unwind_GetLanguageSpecificData -_uw_update_context -__Z17parse_lsda_headerP15_Unwind_ContextPKhP16lsda_header_info -__Unwind_GetRegionStart -__Z12read_uleb128PKhPj -__Z21base_of_encoded_valuehP15_Unwind_Context -__Unwind_GetIP -__Z28read_encoded_value_with_basehjPKhPj -__Z12read_sleb128PKhPi -__Z15get_ttype_entryP16lsda_header_infoj -__Z21size_of_encoded_valueh -__Z16get_adjusted_ptrPKSt9type_infoS1_PPv -__ZNKSt9type_info14__is_pointer_pEv -__ZNK10__cxxabiv117__class_type_info10__do_catchEPKSt9type_infoPPvj -__ZNK10__cxxabiv117__class_type_info11__do_upcastEPKS0_PPv -__ZNK10__cxxabiv120__si_class_type_info11__do_upcastEPKNS_17__class_type_infoEPKvRNS1_15__upcast_resultE -__ZNK10__cxxabiv117__class_type_info11__do_upcastEPKS0_PKvRNS0_15__upcast_resultE -__Unwind_RaiseException_Phase2 -__Unwind_SetGR -__Unwind_SetIP -_uw_install_context_1 -_init_dwarf_reg_size_table -eh_rest_world_r10 -rest_world_eh_r7r8 -___cxa_begin_catch -__ZN8Security9CssmError9cssmErrorERKNS_11CommonErrorEl -__ZNK13Authorization5Error8osStatusEv -___cxa_end_catch -___cxa_get_globals_fast -__Unwind_DeleteException -__Z23__gxx_exception_cleanup19_Unwind_Reason_CodeP17_Unwind_Exception -__ZN8Security11CommonErrorD2Ev -__ZN8Security11CommonErrorD4Ev -__ZNSt9exceptionD2Ev -__ZNSt9exceptionD4Ev -___cxa_free_exception -__Z26_XauthorizationExternalizeP17mach_msg_header_tS0_ -__Z36ucsp_server_authorizationExternalizejj13audit_token_tPlN8Security14SecurityServer17AuthorizationBlobEP25AuthorizationExternalForm -__ZN7Session15authExternalizeERKN8Security14SecurityServer17AuthorizationBlobER25AuthorizationExternalForm +__ZNSt8_Rb_treeIP7ProcessS1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE16_M_insert_uniqueERKS1_ +__ZNSt8_Rb_treeIP7ProcessS1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE9_M_insertEPSt18_Rb_tree_node_baseS9_RKS1_ +__ZNSt8_Rb_treeIP7ProcessS1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE14_M_create_nodeERKS1_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIP7ProcessEE8allocateEmPKv +__ZL20_XauthorizationdbGetP17mach_msg_header_tS0_ +__Z30ucsp_server_authorizationdbGetjj13audit_token_tPiPKcPPvPj +__ZN7Session18authorizationdbGetEPKcPPK14__CFDictionary +__ZN13Authorization6Engine7getRuleERSsPPK14__CFDictionary +__ZN13Authorization20AuthorizationDBPlist17getRuleDefinitionERSs +__ZL20_XauthorizationdbSetP17mach_msg_header_tS0_ +__Z30ucsp_server_authorizationdbSetjj13audit_token_tPiN8Security14SecurityServer17AuthorizationBlobEPKcPvj +__ZN7Session18authorizationdbSetERKN8Security14SecurityServer17AuthorizationBlobEPKcPK14__CFDictionary __ZN7Session13authorizationERKN8Security14SecurityServer17AuthorizationBlobE +__ZN18AuthorizationToken4findERKN8Security14SecurityServer17AuthorizationBlobE __ZN7Process18checkAuthorizationEP18AuthorizationToken -__ZNK18AuthorizationToken14mayExternalizeER7Process -__ZN18AuthorizationToken14mayInternalizeER7Processb -__Z16_XgetSessionInfoP17mach_msg_header_tS0_ -__Z38__MIG_check__Request__getSessionInfo_tP27__Request__getSessionInfo_t -__Z26ucsp_server_getSessionInfojj13audit_token_tPlPmS1_ -__ZN7Session4findEm -__ZN6Server7sessionEv +__ZNK18AuthorizationToken14effectiveCredsEv +__ZN13Authorization6Engine7setRuleEPKcPK14__CFDictionaryPKSt3setINS_10CredentialESt4lessIS7_ESaIS7_EEPSB_R18AuthorizationToken +__ZNK13Authorization20AuthorizationDBPlist12validateRuleESsPK14__CFDictionary +__ZN13Authorization6Engine18verifyModificationESsbPKSt3setINS_10CredentialESt4lessIS2_ESaIS2_EEPS6_R18AuthorizationToken +__ZNK13Authorization20AuthorizationDBPlist9existRuleERSs +__ZN13Authorization11AuthItemRefC1EPKc +__ZN13Authorization11AuthItemRefC2EPKc +__ZNK13Authorization20AuthorizationDBPlist7getRuleERKNS_11AuthItemRefE +__ZNKSt8_Rb_treeISsSt4pairIKSsN13Authorization4RuleEESt10_Select1stIS4_ESt4lessISsESaIS4_EE4findERS1_ +__ZN8Security10RefPointerIN13Authorization8AuthItemEE7releaseEv +__ZN13Authorization8AuthItemD1Ev +__ZN13Authorization8AuthItemD2Ev +__ZStplIcSt11char_traitsIcESaIcEESbIT_T0_T1_ERKS6_S8_ +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE16_M_insert_uniqueERKS1_ +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE9_M_insertEPSt18_Rb_tree_node_baseS9_RKS1 +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE14_M_create_nodeERKS1_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIN13Authorization11AuthItemRefEEE8allocateEmPKv +__ZNK13Authorization8RuleImpl8evaluateERKNS_11AuthItemRefERKNS_4RuleERNS_11AuthItemSetEjdPKSt3setINS_10CredentialESt4lessISA_ES +__ZNK13Authorization8RuleImpl13evaluateRulesERKNS_11AuthItemRefERKNS_4RuleERNS_11AuthItemSetEjdPKSt3setINS_10CredentialESt4less +__ZNK13Authorization8RuleImpl12evaluateUserERKNS_11AuthItemRefERKNS_4RuleERNS_11AuthItemSetEjdPKSt3setINS_10CredentialESt4lessI +__ZN8Security14CommonCriteria9Securityd11RightLogger8setRightEPKc +__ZN8Security14CommonCriteria9Securityd11RightLogger8setRightERKSs +__ZN8Security14CommonCriteria9Securityd25RightAuthenticationLogger22logAuthorizationResultEPKcS4_i +__ZN8Security14CommonCriteria9Securityd11AuditLogger4openEv +__ZN8Security14CommonCriteria9Securityd25RightAuthenticationLogger11writeCommonEv +__ZN8Security14CommonCriteria9Securityd11AuditLogger12writeSubjectEv +__ZN8Security14CommonCriteria9Securityd11AuditLogger10writeTokenEP8au_tokenPKc +__ZN8Security14CommonCriteria9Securityd11AuditLogger11writeReturnEci +__ZN8Security6Syslog4infoEPKcz +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE15_M_destroy_nodeEPSt13_Rb_tree_nodeIS1_E +__ZN13Authorization20AuthorizationDBPlist7setRuleEPKcPK14__CFDictionary +__ZN13Authorization20AuthorizationDBPlist4saveEv +__ZStplIcSt11char_traitsIcESaIcEESbIT_T0_T1_ERKS6_PKS3_ +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization4RuleEESt10_Select1stIS4_ESt4lessISsESaIS4_EE15_M_destroy_nodeEPSt13_Rb_tree_nodeI +__ZN7Session16mergeCredentialsERSt3setIN13Authorization10CredentialESt4lessIS2_ESaIS2_EE +__ZN18AuthorizationToken16mergeCredentialsERKSt3setIN13Authorization10CredentialESt4lessIS2_ESaIS2_EE +__ZL22_XauthorizationReleaseP17mach_msg_header_tS0_ +__Z32ucsp_server_authorizationReleasejj13audit_token_tPiN8Security14SecurityServer17AuthorizationBlobEj +__ZN7Session8authFreeERKN8Security14SecurityServer17AuthorizationBlobEj +__ZN18AuthorizationToken7DeleterC1ERKN8Security14SecurityServer17AuthorizationBlobE +__ZN18AuthorizationToken7DeleterC2ERKN8Security14SecurityServer17AuthorizationBlobE +__ZN7Process19removeAuthorizationEP18AuthorizationToken +__ZNSt8_Rb_treeIP18AuthorizationTokenS1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE5eraseESt23_Rb_tree_const_iteratorIS1_E +__ZN18AuthorizationToken10endProcessER7Process +__ZNSt8_Rb_treeIP7ProcessS1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE5eraseERKS1_ +__ZNSt8_Rb_treeIP7ProcessS1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE5eraseESt17_Rb_tree_iteratorIS1_ES9_ +__ZNSt8_Rb_treeIP7ProcessS1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE8_M_eraseEPSt13_Rb_tree_nodeIS1_E +__ZN18AuthorizationToken7Deleter6removeEv +__ZNSt8_Rb_treeIN8Security14SecurityServer17AuthorizationBlobESt4pairIKS2_NS0_10RefPointerI18AuthorizationTokenEEESt10_Select1s +__ZN18AuthorizationTokenD0Ev +__ZN10PerSessionD2Ev +__ZN4NodeI10PerSession9PerGlobalED2Ev _cdsa_notify_server __Xmach_notify_dead_name _cdsa_mach_notify_dead_name +__ZThn144_N6Server14notifyDeadNameEN8Security12MachPlusPlus4PortE __ZN6Server14notifyDeadNameEN8Security12MachPlusPlus4PortE __ZN10Connection5abortEb +__ZN8Security12MachPlusPlus4Port7destroyEv +__ZNSt8_Rb_treeIN8Security12MachPlusPlus4PortESt4pairIKS2_NS0_10RefPointerI10ConnectionEEESt10_Select1stIS8_ESt4lessIS2_ESaIS8_ __ZN10ConnectionD0Ev -__ZN10ConnectionD4Ev -__ZN8NodeCoreD2Ev -__ZN8NodeCoreD4Ev -__ZN8Security5MutexD2Ev -__Z22_XauthorizationReleaseP17mach_msg_header_tS0_ -__Z44__MIG_check__Request__authorizationRelease_tP33__Request__authorizationRelease_t -__Z32ucsp_server_authorizationReleasejj13audit_token_tPlN8Security14SecurityServer17AuthorizationBlobEm -__ZN7Session8authFreeERKN8Security14SecurityServer17AuthorizationBlobEm -__ZN18AuthorizationToken7DeleterC1ERKN8Security14SecurityServer17AuthorizationBlobE -__ZN18AuthorizationToken7DeleterC4ERKN8Security14SecurityServer17AuthorizationBlobE -__ZN7Process19removeAuthorizationEP18AuthorizationToken -__ZN18AuthorizationToken10endProcessER7Process +__ZNSt8_Rb_treeIjSt4pairIKjN8Security10RefPointerIN8Listener12NotificationEEEESt10_Select1stIS7_ESt4lessIjESaIS7_EE8_M_eraseEPS +__ZN13PerConnectionD2Ev +__ZN4NodeI13PerConnection10PerProcessED2Ev __ZN7Process4killEv -__ZN8NodeCore4killEv -__ZN8NodeCore15clearReferencesEv +__ZN8Security10RefPointerI13LocalDatabaseE10setPointerEPS1_ +__ZN8Security10RefPointerI13LocalDatabaseE7releaseEv +__ZNSt8_Rb_treeIiSt4pairIKiP7ProcessESt10_Select1stIS4_ESt4lessIiESaIS4_EE5eraseERS1_ +__ZNSt8_Rb_treeIiSt4pairIKiP7ProcessESt10_Select1stIS4_ESt4lessIiESaIS4_EE5eraseESt17_Rb_tree_iteratorIS4_ESC_ +__ZNSt8_Rb_treeIiSt4pairIKiP7ProcessESt10_Select1stIS4_ESt4lessIiESaIS4_EE5eraseESt17_Rb_tree_iteratorIS4_E +__ZNSt8_Rb_treeIN8Security12MachPlusPlus4PortESt4pairIKS2_NS0_10RefPointerI7ProcessEEESt10_Select1stIS8_ESt4lessIS2_ESaIS8_EE5e +__ZNSt8_Rb_treeIN8Security12MachPlusPlus4PortESt4pairIKS2_NS0_10RefPointerI7ProcessEEESt10_Select1stIS8_ESt4lessIS2_ESaIS8_EE15 __ZN7ProcessD0Ev -__ZN7ProcessD4Ev -__ZN18AuthorizationTokenD0Ev -__ZN18AuthorizationTokenD4Ev +__ZNSt8_Rb_treeIP18AuthorizationTokenS1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE8_M_eraseEPSt13_Rb_tree_nodeIS1_E +__ZN20ClientIdentificationD2Ev +__ZNSt8_Rb_treeIjSt4pairIKjN20ClientIdentification10GuestStateEESt10_Select1stIS4_ESt4lessIjESaIS4_EE15_M_destroy_nodeEPSt13_Rb __ZN14CodeSignatures8IdentityD2Ev -__ZN14CodeSignatures8IdentityD4Ev -__ZN8Security12HandleObjectD2Ev -__ZN8Security12HandleObjectD4Ev -__ZN8Security12HandleObject5State5eraseEPS0_ -__ZN18AuthorizationToken7Deleter6removeEv -__ZN8Security13GenericBundleC1EPKcS2_ -__ZN8Security13GenericBundleC4EPKcS2_ -__Z10_XsetupNewP17mach_msg_header_tS0_ -__Z32__MIG_check__Request__setupNew_tP21__Request__setupNew_t -__Z20ucsp_server_setupNewjj13audit_token_tPljN8Security14SecurityServer15ClientSetupInfoEPKcPj +__ZN15CodeSigningHostD2Ev +__ZN15CodeSigningHost5resetEv +__ZNSt8_Rb_treeIjSt4pairIKjN8Security10RefPointerIN15CodeSigningHost5GuestEEEESt10_Select1stIS7_ESt4lessIjESaIS7_EE8_M_eraseEPS +__ZN8Security12MachPlusPlus10MachServer7HandlerD2Ev +__ZNK16KeychainDbCommon10identifierEv +__ZNK12DbIdentifiereqERKS_ +__ZNK8Security14DLDbIdentifier4ImpleqERKS1_ +__ZNK8Security17CssmSubserviceUideqERK19cssm_subservice_uid +__ZNK8Security6DbNameeqERKS0_ +__ZNK8Security6DbNameltERKS0_ +__ZN8Security6DbNameD1Ev +__ZN8Security6DbNameD2Ev +__ZL17_XgetDbParametersP17mach_msg_header_tS0_ +__Z27ucsp_server_getDbParametersjj13audit_token_tPijPN8Security14SecurityServer12DBParametersE +__ZN16KeychainDatabase13getParametersERN8Security14SecurityServer12DBParametersE +__ZThn16_N16KeychainDatabaseD0Ev +__ZN16KeychainDatabaseD0Ev +__ZN13LocalDatabaseD2Ev +__ZN8DatabaseD2Ev +__ZN8Security13AnyAclSubjectD0Ev +__ZN8Security13MappingHandleIjE4findI7SessionEERT_ji +__ZN8Security13MappingHandleIjE5State4findEji +__ZL13_XsetupThreadP17mach_msg_header_tS0_ +__Z23ucsp_server_setupThreadjj13audit_token_tPij +__ZL10_XsetupNewP17mach_msg_header_tS0_ +__Z20ucsp_server_setupNewjj13audit_token_tPijN8Security14SecurityServer15ClientSetupInfoEPKcPj __ZN14DynamicSessionC1EN8Security12MachPlusPlus8TaskPortE -__ZN14DynamicSessionC4EN8Security12MachPlusPlus8TaskPortE -__ZN8Security12MachPlusPlus11ReceivePortC2EPKcRKNS0_9BootstrapE +__ZN14DynamicSessionC2EN8Security12MachPlusPlus8TaskPortE +__ZNK8Security12MachPlusPlus8TaskPort9bootstrapEv +__ZN8Security12MachPlusPlus4Port11insertRightEj +__ZNK8Security12MachPlusPlus9Bootstrap10registerAsEjPKc __ZN8Security12MachPlusPlus10MachServer3addENS0_4PortE __ZNK8Security12MachPlusPlus10MachServer14notifyIfUnusedENS0_4PortEb __ZN7Process13changeSessionEN8Security12MachPlusPlus4PortE -__Z14_XsetupSessionP17mach_msg_header_tS0_ -__Z36__MIG_check__Request__setupSession_tP25__Request__setupSession_t -__Z24ucsp_server_setupSessionjj13audit_token_tPlmm -__ZN14DynamicSession15setupAttributesEmm +__ZL14_XsetupSessionP17mach_msg_header_tS0_ +__Z24ucsp_server_setupSessionjj13audit_token_tPijj +__ZN14DynamicSession15setupAttributesEjj __ZN14DynamicSession15checkOriginatorEv -__Z13_XsetupThreadP17mach_msg_header_tS0_ -__Z23ucsp_server_setupThreadjj13audit_token_tPlj -__Z25_XauthorizationCopyRightsP17mach_msg_header_tS0_ -__Z47__MIG_check__Request__authorizationCopyRights_tP36__Request__authorizationCopyRights_t -__Z35ucsp_server_authorizationCopyRightsjj13audit_token_tPlN8Security14SecurityServer17AuthorizationBlobEP20AuthorizationItemSetjS5_mS5_jS5_PS5_PjS6_ -__ZN26CheckingReconstituteWalkerC1EPvS0_mb -__ZN26CheckingReconstituteWalkerC4EPvS0_mb -__ZN13Authorization11AuthItemRefC4ERK17AuthorizationItem -__ZN13Authorization8AuthItemC4ERK17AuthorizationItem -__ZN7Session13authGetRightsERKN8Security14SecurityServer17AuthorizationBlobERKN13Authorization11AuthItemSetES8_mRS6_ -__ZNK18AuthorizationToken14effectiveCredsEv +__ZL25_XauthorizationCopyRightsP17mach_msg_header_tS0_ +__Z35ucsp_server_authorizationCopyRightsjj13audit_token_tPiN8Security14SecurityServer17AuthorizationBlobEPvjjS4_jPS4_Pj +_copyout_AuthorizationItemSet +_xdr_AuthorizationItemSetPtr +_xdr_AuthorizationItemSet +_xdr_AuthorizationItem +__ZN13Authorization11AuthItemRefC2ERK17AuthorizationItem +__ZN13Authorization8AuthItemC2ERK17AuthorizationItem +__ZN7Session13authGetRightsERKN8Security14SecurityServer17AuthorizationBlobERKN13Authorization11AuthItemSetES8_jRS6_ __ZNK18AuthorizationToken7sessionEv -__ZNK13Authorization20AuthorizationDBPlist7getRuleERKNS_11AuthItemRefE -__ZNK13Authorization8RuleImpl8evaluateERKNS_11AuthItemRefERKNS_4RuleERNS_11AuthItemSetEmdPKSt3setINS_10CredentialESt4lessISA_ESaISA_EERSE_R18AuthorizationToken -__ZNK13Authorization8RuleImpl21evaluateMechanismOnlyERKNS_11AuthItemRefERKNS_4RuleERNS_11AuthItemSetER18AuthorizationTokenRSt3setINS_10CredentialESt4lessISC_ESaISC_EE -__ZN13Authorization23AgentMechanismEvaluatorC1EjRK7SessionRKSt6vectorISsSaISsEE -__ZN13Authorization23AgentMechanismEvaluatorC4EjRK7SessionRKSt6vectorISsSaISsEE +__ZN7Session13authGetRightsER18AuthorizationTokenRKN13Authorization11AuthItemSetES5_jRS3_ +__ZNK13Authorization8RuleImpl21evaluateMechanismOnlyERKNS_11AuthItemRefERKNS_4RuleERNS_11AuthItemSetER18AuthorizationTokenRSt3s +__ZN13Authorization23AgentMechanismEvaluatorC1EjR7SessionRKSt6vectorISsSaISsEE +__ZN13Authorization23AgentMechanismEvaluatorC2EjR7SessionRKSt6vectorISsSaISsEE +__ZNSt6vectorISsSaISsEEC2ERKS1_ +__ZNSt12_Vector_baseISsSaISsEEC2EmRKS0_ +__ZN13Authorization12AuthValueRefC1EjPv +__ZN13Authorization12AuthValueRefC2EjPv +__ZN13Authorization9AuthValueC2EjPv +__ZNSt6vectorIN13Authorization12AuthValueRefESaIS1_EE9push_backERKS1_ +__ZNSt6vectorIN13Authorization12AuthValueRefESaIS1_EE13_M_insert_auxEN9__gnu_cxx17__normal_iteratorIPS1_S3_EERKS1_ +__ZN9__gnu_cxx13new_allocatorIN13Authorization12AuthValueRefEE8allocateEmPKv +__ZSt24__uninitialized_copy_auxIPN13Authorization12AuthValueRefES2_ET0_T_S4_S3_St12__false_type __ZNK13Authorization8RuleImpl13setAgentHintsERKNS_11AuthItemRefERKNS_4RuleERNS_11AuthItemSetER18AuthorizationToken -__ZN13Authorization11AuthItemRefC1EPKc -__ZN13Authorization11AuthItemRefC4EPKc -__ZN13Authorization8AuthItemC4EPKc -__ZN13Authorization8AuthItemD1Ev -__ZN13Authorization8AuthItemD4Ev -__ZN13Authorization11AuthItemRefC1EPKc18AuthorizationValuem -__ZN13Authorization11AuthItemRefC4EPKc18AuthorizationValuem -__ZN13Authorization8AuthItemC4EPKc18AuthorizationValuem +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE5eraseERKS1_ +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE11equal_rangeERKS1_ +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE5eraseESt17_Rb_tree_iteratorIS1_ES9_ +__ZN13Authorization11AuthItemRefC1EPKc18AuthorizationValuej +__ZN13Authorization11AuthItemRefC2EPKc18AuthorizationValuej +__ZN13Authorization8AuthItemC2EPKc18AuthorizationValuej __ZNK13Authorization8AuthItemltERKS0_ -__ZNK8Security13GenericBundle6encodeEv -__ZStplIcSt11char_traitsIcESaIcEESbIT_T0_T1_EPKS3_RKS6_ -__ZNSs7replaceEN9__gnu_cxx17__normal_iteratorIPcSsEES2_PKcS4_ -__ZNSs7replaceEmmPKcm -__ZNSs6appendERKSs -__ZNSs15_M_replace_safeIN9__gnu_cxx17__normal_iteratorIPcSsEEEERSsS3_S3_T_S5_ -__ZNSs13_S_copy_charsEPcN9__gnu_cxx17__normal_iteratorIS_SsEES2_ -__ZNK8Security13GenericBundle13canonicalPathEv +__Z8codePathPK9__SecCode __ZN13SecurityAgent6Client11clientHintsENS_13RequestorTypeERSsij -__ZNKSs5c_strEv +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE16_M_insert_uniqueISt23_Rb_tree_const_ite +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE16_M_insert_uniqueESt17_Rb_tree_iteratorI +__ZNSt8_Rb_treeISsSt4pairIKSsSsESt10_Select1stIS2_ESt4lessISsESaIS2_EEC2ERKS8_ +__ZNSt8_Rb_treeISsSt4pairIKSsSsESt10_Select1stIS2_ESt4lessISsESaIS2_EEaSERKS8_ __ZN13Authorization23AgentMechanismEvaluator3runERKNS_15AuthValueVectorERKNS_11AuthItemSetERK18AuthorizationToken +__ZN8Security14CommonCriteria9Securityd14AuthMechLoggerC1ERKNS0_10AuditTokenEs +__ZN8Security14CommonCriteria9Securityd14AuthMechLoggerC2ERKNS0_10AuditTokenEs +__ZNKSt6vectorIN13Authorization12AuthValueRefESaIS1_EE14_M_range_checkEm __ZN18AuthorizationToken7infoSetEPKc -__ZNKSs4findEcm -__ZNKSs6substrEmm -__ZNSsC1ERKSsmm -__ZNSsC4ERKSsmm -__ZNKSs8_M_checkEm -__ZNKSs7_M_foldEmm -__ZNSs12_S_constructIN9__gnu_cxx17__normal_iteratorIPcSsEEEES2_T_S4_RKSaIcESt20forward_iterator_tag -__ZNKSs5rfindEcm -__ZN13Authorization17AgentMechanismRefC4E12AuthHostType -__ZN20QueryInvokeMechanismC1E12AuthHostType -__ZN20QueryInvokeMechanismC4E12AuthHostType -__ZN18SecurityAgentQueryC4E12AuthHostType +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EEaSERKS7_ +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE7_M_copyEPKSt13_Rb_tree_nodeIS1_EPS9_ +__ZN8Security14CommonCriteria9Securityd14AuthMechLogger19setCurrentMechanismEPKc +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization17AgentMechanismRefEESt10_Select1stIS4_ESt4lessISsESaIS4_EE4findERS1_ +__ZN13Authorization17AgentMechanismRefC2E12AuthHostTypeR7Session +__ZN20QueryInvokeMechanismC1E12AuthHostTypeR7Session +__ZN20QueryInvokeMechanismC2E12AuthHostTypeR7Session +__ZN18SecurityAgentQueryC2E12AuthHostTypeR7Session __ZN13SecurityAgent6ClientC2Ev -__ZN13SecurityAgent6ClientC4Ev +__ZN8Security11ThreadNexusIN13SecurityAgent7ClientsEEclEv +__ZN13SecurityAgent7ClientsC2Ev +__ZN13SecurityAgent7Clients6insertEPNS_6ClientE +__ZNSt8_Rb_treeIPN13SecurityAgent6ClientES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE16_M_insert_uniqueERKS2_ +__ZNSt8_Rb_treeIPN13SecurityAgent6ClientES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE9_M_insertEPSt18_Rb_tree_node_baseSA_RKS2_ +__ZNSt8_Rb_treeIPN13SecurityAgent6ClientES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE14_M_create_nodeERKS2_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIPN13SecurityAgent6ClientEEE8allocateEmPKv +__ZN23SecurityAgentConnectionC2E12AuthHostTypeR7Session __ZN7Session8authhostE12AuthHostTypeb __ZN16AuthHostInstanceC1ER7Session12AuthHostType -__ZN16AuthHostInstanceC4ER7Session12AuthHostType +__ZN16AuthHostInstanceC2ER7Session12AuthHostType __ZN11ServerChildC2Ev -__ZN11ServerChildC4Ev __ZN8Security9ConditionC1ERNS_5MutexE -__ZN8Security9ConditionC4ERNS_5MutexE -__ZN8NodeCore12addReferenceERS_ +__ZN8Security9ConditionC2ERNS_5MutexE __ZN20QueryInvokeMechanism10initializeERKSsS1_RKN13Authorization15AuthValueVectorEj __ZN18SecurityAgentQuery6createEPKcS1_j __ZN18SecurityAgentQuery8activateEv -__ZN8Security12MachPlusPlus10MachServer16longTermActivityEv -__ZN8Security6Thread3runEv +__ZN23SecurityAgentConnection8activateEv +__ZN10Connection8useAgentEP32SecurityAgentConnectionInterface __ZN16AuthHostInstance8activateEv -__ZN8Security6Thread6runnerEPv -__ZNK16AuthHostInstance7sessionEv -__ZN8Security12MachPlusPlus10MachServer10LoadThread6actionEv __ZN8Security12MachPlusPlus11StBootstrapC1ERKNS0_9BootstrapERKNS0_8TaskPortE -__ZN8Security12MachPlusPlus10MachServer9addThreadEPNS_6ThreadE -__ZN8Security12MachPlusPlus11StBootstrapC4ERKNS0_9BootstrapERKNS0_8TaskPortE +__ZN8Security12MachPlusPlus11StBootstrapC2ERKNS0_9BootstrapERKNS0_8TaskPortE +__ZN8Security12MachPlusPlus8TaskPort9bootstrapENS0_9BootstrapE __ZN8Security12UnixPlusPlus5Child4forkEv +__ZNSt8_Rb_treeIiSt4pairIKiPN8Security12UnixPlusPlus5ChildEESt10_Select1stIS6_ESt4lessIiESaIS6_EE16_M_insert_uniqueERKS6_ +__ZNSt8_Rb_treeIiSt4pairIKiPN8Security12UnixPlusPlus5ChildEESt10_Select1stIS6_ESt4lessIiESaIS6_EE9_M_insertEPSt18_Rb_tree_node_ +__ZNSt8_Rb_treeIiSt4pairIKiPN8Security12UnixPlusPlus5ChildEESt10_Select1stIS6_ESt4lessIiESaIS6_EE14_M_create_nodeERKS6_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKiPN8Security12UnixPlusPlus5ChildEEEE8allocateEmPKv __ZN11ServerChild12parentActionEv __ZN8Security9Condition4waitEv -__Z14_XchildCheckInP17mach_msg_header_tS0_ +__ZL14_XchildCheckInP17mach_msg_header_tS0_ __Z24ucsp_server_childCheckInjjj __ZN11ServerChild7checkInEN8Security12MachPlusPlus4PortEi -__ZN8Security12UnixPlusPlus5Child11findGenericEi __ZN8Security9Condition6signalEv __ZN8Security12MachPlusPlus11StBootstrapD1Ev -__ZN8Security12MachPlusPlus11StBootstrapD4Ev +__ZN8Security12MachPlusPlus11StBootstrapD2Ev __ZN13SecurityAgent6Client8activateEN8Security12MachPlusPlus4PortE __ZN13SecurityAgent6Client6createEPKcS2_j _sa_request_client_create __ZN13SecurityAgent6Client7receiveEv __ZN13SecurityAgent7Clients7receiveEv __ZN8Security12MachPlusPlus7Message7receiveEjijj -__ZN8Security12MachPlusPlus7Message5checkEi _secagentreply_server -__XdidCreate -_sa_reply_server_didCreate +__ZL11_XdidCreateP17mach_msg_header_tS0_ +__Z25sa_reply_server_didCreatejj __ZNK13SecurityAgent7Clients4findEj -__ZN13SecurityAgent6Client12setStagePortEj __ZN8Security12MachPlusPlus7MessageD1Ev -__ZN8Security12MachPlusPlus7MessageD4Ev -__ZN20QueryInvokeMechanism3runERKN13Authorization15AuthValueVectorERNS0_11AuthItemSetES5_Pm +__ZN8Security12MachPlusPlus7MessageD2Ev +__ZNSt6vectorIN13Authorization12AuthValueRefESaIS1_EEaSERKS3_ +__ZNSt6vectorIN13Authorization12AuthValueRefESaIS1_EE20_M_allocate_and_copyIN9__gnu_cxx17__normal_iteratorIPKS1_S3_EEEEPS1_mT_S +__ZSt24__uninitialized_copy_auxIN9__gnu_cxx17__normal_iteratorIPKN13Authorization12AuthValueRefESt6vectorIS3_SaIS3_EEEEPS3_ET0_ +__ZNSt4pairIKSsN13Authorization17AgentMechanismRefEEC2ERS0_RKS2_ +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization17AgentMechanismRefEESt10_Select1stIS4_ESt4lessISsESaIS4_EE16_M_insert_uniqueERKS4 +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization17AgentMechanismRefEESt10_Select1stIS4_ESt4lessISsESaIS4_EE9_M_insertEPSt18_Rb_tre +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization17AgentMechanismRefEESt10_Select1stIS4_ESt4lessISsESaIS4_EE14_M_create_nodeERKS4_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeISt4pairIKSsN13Authorization17AgentMechanismRefEEEE8allocateEmPKv +__ZNSt4pairIKSsN13Authorization17AgentMechanismRefEEC2ERKS3_ +__ZNSt4pairIKSsN13Authorization17AgentMechanismRefEED2Ev +__ZN8Security10RefPointerI20QueryInvokeMechanismE7releaseEv +__ZN20QueryInvokeMechanism3runERKN13Authorization15AuthValueVectorERNS0_11AuthItemSetES5_Pj +__ZN13SecurityAgent6Client8setInputERKN13Authorization11AuthItemSetES4_ __ZN13SecurityAgent6Client6invokeEv __ZNK13Authorization11AuthItemSet4copyERP20AuthorizationItemSetRmRN8Security9AllocatorE +__ZN8Security11DataWalkers6CopierI20AuthorizationItemSetEC2EPKS2_RNS_9AllocatorE +__ZN8Security11DataWalkers4walkINS0_10SizeWalkerEEEP20AuthorizationItemSetRT_RS4_ +__ZN8Security11DataWalkers4walkINS0_10CopyWalkerEEEP20AuthorizationItemSetRT_RS4_ +__ZN8Security11DataWalkers4walkINS0_10CopyWalkerEEEvRT_R17AuthorizationItem +__ZN8Security11DataWalkers4walkINS0_10CopyWalkerEEEPcRT_RS3_ __ZNK13Authorization15AuthValueVector4copyEPP24AuthorizationValueVectorPm +__ZN8Security11DataWalkers6CopierI24AuthorizationValueVectorEC2EPKS2_RNS_9AllocatorE +__ZN8Security11DataWalkers4walkINS0_10CopyWalkerEEEP24AuthorizationValueVectorRT_RS4_ _sa_request_client_invoke __ZN13SecurityAgent6Client5checkEi -__XsetResult -___MIG_check__Request__setResult_t -_sa_reply_server_setResult +__ZL11_XsetResultP17mach_msg_header_tS0_ +__Z25sa_reply_server_setResultjjP20AuthorizationItemSetjS0_S0_jS0_ +__ZN8Security11DataWalkers4walkIN13SecurityAgent26CheckingReconstituteWalkerEEEP20AuthorizationItemSetRT_RS5_ +__ZN13SecurityAgent26CheckingReconstituteWalker4blobI20AuthorizationItemSetEEvRPT_m +__ZN13SecurityAgent26CheckingReconstituteWalker4blobI17AuthorizationItemEEvRPT_m +__ZN8Security11DataWalkers4walkIN13SecurityAgent26CheckingReconstituteWalkerEEEvRT_R17AuthorizationItem +__ZN13SecurityAgent26CheckingReconstituteWalker4blobIcEEvRPT_m +__ZN13SecurityAgent26CheckingReconstituteWalker4blobIvEEvRPT_m +__ZN13SecurityAgent6Client9setResultEjPK20AuthorizationItemSetS3_ __ZN13Authorization11AuthItemSetaSERK20AuthorizationItemSet -__ZN8Security12MachPlusPlus10deallocateEjm -__ZN13Authorization23AgentMechanismEvaluator12authinternalERNS_11AuthItemSetE -__ZNSsC1EPKcmRKSaIcE -__ZNSsC4EPKcmRKSaIcE -__ZN13Authorization10CredentialC1ERKSsS2_b -__ZN13Authorization10CredentialC4ERKSsS2_b -__ZN13Authorization14CredentialImplC4ERKSsS2_b -__ZNK13Authorization14CredentialImpl7isValidEv -__ZN8Security6Syslog4infoEPKcz -__ZN13Authorization10CredentialD1Ev -__ZN13Authorization10CredentialD4Ev -__ZN13Authorization14CredentialImplD4Ev -__ZN13Authorization11AuthItemSet4findEPKc -__ZN8Security14CommonCriteria11AuditRecord6submitEsiPKc +__ZN8Security14CommonCriteria9Securityd11AuditLogger10logSuccessEv +__ZN8Security14CommonCriteria9Securityd14AuthMechLogger11writeCommonEv +__Z22initialize_agent_credsv +__ZN8Security14CommonCriteria9Securityd11AuditLogger10logFailureEPKci +__ZN8Security14CommonCriteria9Securityd14AuthMechLoggerD2Ev +__ZNSt8_Rb_treeIN13Authorization11AuthItemRefES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE5eraseESt17_Rb_tree_iteratorIS1_E +__ZNSt6__copyILb0ESt26random_access_iterator_tagE4copyIPKN13Authorization12AuthValueRefEPS4_EET0_T_S9_S8_ +__ZN8Security10RefPointerIN13Authorization9AuthValueEE10setPointerEPS2_ +__ZN8Security10RefPointerIN13Authorization9AuthValueEE7releaseEv __ZN18AuthorizationToken10setInfoSetERN13Authorization11AuthItemSetE __ZNK13Authorization8RuleImpl15makeCredentialsERK18AuthorizationToken -__ZN13Authorization10CredentialC1ERKSsjjb -__ZN13Authorization10CredentialC4ERKSsjjb -__ZN13Authorization14CredentialImplC4ERKSsjjb -__ZN18SecurityAgentQueryD4Ev +__ZSt7find_ifISt23_Rb_tree_const_iteratorIN13Authorization11AuthItemRefEENS1_23FindAuthItemByRightNameEET_S5_S5_T0_ +__ZSt9__find_ifISt23_Rb_tree_const_iteratorIN13Authorization11AuthItemRefEENS1_23FindAuthItemByRightNameEET_S5_S5_T0_St18input_ +__ZN13Authorization10CredentialC1EjRKSsS2_S2_b +__ZN13Authorization10CredentialC2EjRKSsS2_S2_b +__ZN13Authorization14CredentialImplC2EjRKSsS2_S2_b +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE16_M_insert_uniqueERKS1_ +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE9_M_insertEPSt18_Rb_tree_node_baseS9_RKS1_ +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE14_M_create_nodeERKS1_ +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIN13Authorization10CredentialEEE8allocateEmPKv +__ZN13Authorization10CredentialD1Ev +__ZN8Security10RefPointerIN13Authorization14CredentialImplEE7releaseEv +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE7_M_copyEPKSt13_Rb_tree_nodeIS1_EPS9_ +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE15_M_destroy_nodeEPSt13_Rb_tree_nodeIS1_E +__ZNSt6vectorIN13Authorization12AuthValueRefESaIS1_EED2Ev +__ZNSt12_Vector_baseIN13Authorization12AuthValueRefESaIS1_EED2Ev +__ZN13Authorization23AgentMechanismEvaluatorD2Ev +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization17AgentMechanismRefEESt10_Select1stIS4_ESt4lessISsESaIS4_EE8_M_eraseEPSt13_Rb_tree +__ZNSt8_Rb_treeISsSt4pairIKSsN13Authorization17AgentMechanismRefEESt10_Select1stIS4_ESt4lessISsESaIS4_EE15_M_destroy_nodeEPSt13 +__ZN20QueryInvokeMechanismD0Ev +__ZN18SecurityAgentQueryD2Ev __ZN13SecurityAgent6Client7destroyEv _sa_request_client_destroy +__ZN23SecurityAgentConnectionD2Ev +__ZN8Security10RefPointerI16AuthHostInstanceE7releaseEv __ZN13SecurityAgent6ClientD2Ev -__ZN13SecurityAgent6ClientD4Ev __ZN13SecurityAgent6Client8teardownEv -__ZN20QueryInvokeMechanism14terminateAgentEv -__ZN18SecurityAgentQuery9terminateEv -__ZN13SecurityAgent6Client9terminateEv -_sa_request_client_terminate -__ZN7Session16mergeCredentialsERSt3setIN13Authorization10CredentialESt4lessIS2_ESaIS2_EE +__ZN13SecurityAgent7Clients6removeEPNS_6ClientE +__ZN8Security12MachPlusPlus7PortSetmIERKNS0_4PortE +__ZNSt8_Rb_treeIPN13SecurityAgent6ClientES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE5eraseERKS2_ +__ZNSt8_Rb_treeIPN13SecurityAgent6ClientES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE5eraseESt17_Rb_tree_iteratorIS2_ESA_ +__ZNSt8_Rb_treeIPN13SecurityAgent6ClientES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE5eraseESt17_Rb_tree_iteratorIS2_E +__ZNSt8_Rb_treeIPN13SecurityAgent6ClientES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE8_M_eraseEPSt13_Rb_tree_nodeIS2_E +__ZN13Authorization9AuthValueD1Ev +__ZN13Authorization9AuthValueD2Ev __ZNK13Authorization14CredentialImpl8isSharedEv -__ZN18AuthorizationToken16mergeCredentialsERKSt3setIN13Authorization10CredentialESt4lessIS2_ESaIS2_EE -__Z10flipClientv -__ZN8Security12MachPlusPlus10MachServer15releaseWhenDoneERNS_9AllocatorEPv -__Z13handleSignalsi -__ZN8Security13GenericBundleD0Ev +__ZNK13Authorization14CredentialImpl7isValidEv +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE4findERKS1_ +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE5eraseERKS1_ +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE11equal_rangeERKS1_ +__ZNSt8_Rb_treeIN13Authorization10CredentialES1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE5eraseESt17_Rb_tree_iteratorIS1_ES9_ +__ZNK13Authorization11AuthItemSet4copyEv +_copyin_AuthorizationItemSet +__ZL23_XauthorizationCopyInfoP17mach_msg_header_tS0_ +__Z33ucsp_server_authorizationCopyInfojj13audit_token_tPiN8Security14SecurityServer17AuthorizationBlobEPKcPPvPj +__ZN7Session11authGetInfoERKN8Security14SecurityServer17AuthorizationBlobEPKcRN13Authorization11AuthItemSetE +__ZL24_XunlockDbWithPassphraseP17mach_msg_header_tS0_ +__Z34ucsp_server_unlockDbWithPassphrasejj13audit_token_tPijPvj +__ZN16KeychainDatabase8unlockDbERKN8Security8CssmDataE +__ZN16KeychainDatabase12makeUnlockedERKN8Security8CssmDataE +__ZN16KeychainDatabase6decodeERKN8Security8CssmDataE +__ZN18DatabaseCryptoCore5setupEPKN8Security14SecurityServer6DbBlobERKNS0_8CssmDataE +__ZNK18DatabaseCryptoCore17deriveDbMasterKeyERKN8Security8CssmDataE +__ZN8Security10CssmClient9DeriveKeyC1ERKNS0_3CSPEjjj +__ZN8Security10CssmClient9DeriveKeyclEPNS_8CssmDataERKNS0_7KeySpecE +__ZN8Security10CssmClient3Key10makeNewKeyERKNS0_3CSPE +__ZN8Security10CssmClient3KeyC2ERKNS0_3CSPE +__ZN8Security10CssmClient7KeyImplC1ERKNS0_3CSPE +__ZN8Security10CssmClient9DeriveKey8activateEv +__ZN8Security10CssmClient7KeyImpl8activateEv +__ZN8Security10CssmClient9DeriveKeyD1Ev +__ZL13handleSignalsi _self_client_handleSignal -__ZN8Security13GenericBundleD4Ev __Z11self_serverP17mach_msg_header_tS0_ -__Z14_XhandleSignalP17mach_msg_header_tS0_ -__Z36__MIG_check__Request__handleSignal_tP25__Request__handleSignal_t +__ZL14_XhandleSignalP17mach_msg_header_tS0_ __Z24self_server_handleSignaljji __ZN8Security12UnixPlusPlus5Child13checkChildrenEv +__ZNSt3mapIiPN8Security12UnixPlusPlus5ChildESt4lessIiESaISt4pairIKiS3_EEEixERS7_ __ZN8Security12UnixPlusPlus5Child4buryEi +__ZNSt8_Rb_treeIiSt4pairIKiPN8Security12UnixPlusPlus5ChildEESt10_Select1stIS6_ESt4lessIiESaIS6_EE5eraseERS1_ +__ZNSt8_Rb_treeIiSt4pairIKiPN8Security12UnixPlusPlus5ChildEESt10_Select1stIS6_ESt4lessIiESaIS6_EE5eraseESt17_Rb_tree_iteratorIS +__ZNSt4listIPN8Security12UnixPlusPlus5ChildESaIS3_EE9_M_insertESt14_List_iteratorIS3_ERKS3_ +__ZNSt4listIPN8Security12UnixPlusPlus5ChildESaIS3_EE14_M_create_nodeERKS3_ +__ZN9__gnu_cxx13new_allocatorISt10_List_nodeIPN8Security12UnixPlusPlus5ChildEEE8allocateEmPKv +__ZN8Security12UnixPlusPlus5Child4Bier6notifyEv __ZN11ServerChild5dyingEv -__Z23_XauthorizationCopyInfoP17mach_msg_header_tS0_ -__Z45__MIG_check__Request__authorizationCopyInfo_tP34__Request__authorizationCopyInfo_t -__Z33ucsp_server_authorizationCopyInfojj13audit_token_tPlN8Security14SecurityServer17AuthorizationBlobEPKcPP20AuthorizationItemSetPjS8_ -__ZN7Session11authGetInfoERKN8Security14SecurityServer17AuthorizationBlobEPKcRN13Authorization11AuthItemSetE -__Z28_XsetSessionDistinguishedUidP17mach_msg_header_tS0_ -__Z50__MIG_check__Request__setSessionDistinguishedUid_tP39__Request__setSessionDistinguishedUid_t -__Z38ucsp_server_setSessionDistinguishedUidjj13audit_token_tPlmj +__ZL28_XsetSessionDistinguishedUidP17mach_msg_header_tS0_ +__Z38ucsp_server_setSessionDistinguishedUidjj13audit_token_tPijj +__ZN7Session4findI14DynamicSessionEERT_j __ZN14DynamicSession13originatorUidEj -__Z21_XsetSessionUserPrefsP17mach_msg_header_tS0_ -__Z43__MIG_check__Request__setSessionUserPrefs_tP32__Request__setSessionUserPrefs_t -__Z31ucsp_server_setSessionUserPrefsjj13audit_token_tPlmPvj +__ZN8Security10RefPointerIN13Authorization14CredentialImplEE10setPointerEPS2_ +__ZN13Authorization14CredentialImplD1Ev +__ZN13Authorization14CredentialImplD2Ev +__ZL21_XsetSessionUserPrefsP17mach_msg_header_tS0_ +__Z31ucsp_server_setSessionUserPrefsjj13audit_token_tPijPvj __ZN14DynamicSession12setUserPrefsEPK8__CFData +__ZN8Security5CFRefIPK8__CFDataEaSES3_ +__ZN20QueryInvokeMechanism14terminateAgentEv +__ZN18SecurityAgentQuery9terminateEv +__ZN23SecurityAgentConnection9terminateEv +__ZThn256_N18SecurityAgentQuery8activateEv +__ZN13SecurityAgent6Client9terminateEv +_sa_request_client_terminate +__ZNSt8_Rb_treeIN8Security10RefPointerI8NodeCoreEES3_St9_IdentityIS3_ESt4lessIS3_ESaIS3_EE5eraseESt17_Rb_tree_iteratorIS3_E +__ZN16AuthHostInstanceD0Ev +__ZN11ServerChildD2Ev +__ZN8Security9ConditionD1Ev +__ZN8Security9ConditionD2Ev +__ZN8Security12UnixPlusPlus5ChildD2Ev +__ZN20QueryInvokeMechanismD2Ev __ZNK13Authorization10CredentialltERKS0_ __ZNK13Authorization14CredentialImplltERKS0_ __ZN13Authorization14CredentialImpl5mergeERKS0_ -__Z10_XdecodeDbP17mach_msg_header_tS0_ -__Z32__MIG_check__Request__decodeDb_tP21__Request__decodeDb_t -__Z20ucsp_server_decodeDbjj13audit_token_tPlPmPN8Security11DataWalkers18DLDbFlatIdentifierEjS5_PNS2_17AccessCredentialsEjS7_Pvj -__ZN8Security6DbNameC1EPKcPK16cssm_net_address -__ZN8Security6DbNameC4EPKcPK16cssm_net_address -__ZN16KeychainDatabaseC1ERKN8Security14DLDbIdentifierEPKNS0_14SecurityServer6DbBlobER7ProcessPKNS0_17AccessCredentialsE -__ZN16KeychainDatabaseC4ERKN8Security14DLDbIdentifierEPKNS0_14SecurityServer6DbBlobER7ProcessPKNS0_17AccessCredentialsE -__ZN8Security9ObjectAclC2ERNS_9AllocatorE -__ZN8Security9ObjectAclC4ERNS_9AllocatorE -__ZN13LocalDatabaseC2ER7Process -__ZN13LocalDatabaseC4ER7Process -__ZN8DatabaseC2ER7Process -__ZN8DatabaseC4ER7Process -__ZN16KeychainDatabase12validateBlobEPKN8Security14SecurityServer6DbBlobE -__ZNK8Security14SecurityServer10CommonBlob8validateEl -__ZNK8Security14SecurityServer10CommonBlob7isValidEv -__ZNK8Database7processEv -__ZNK10__cxxabiv117__class_type_info12__do_dyncastEiNS0_10__sub_kindEPKS0_PKvS3_S5_RNS0_16__dyncast_resultE -__ZN16KeychainDbCommonC1ER7SessionRK12DbIdentifier -__ZN16KeychainDbCommonC4ER7SessionRK12DbIdentifier -__ZN8DbCommonC2ER7Session -__ZN8DbCommonC4ER7Session -__ZN18DatabaseCryptoCoreC2Ev -__ZN18DatabaseCryptoCoreC4Ev -__ZN16KeychainDbGlobalC1ERK12DbIdentifier -__ZN16KeychainDbGlobalC4ERK12DbIdentifier -__ZNK8DbCommon7sessionEv -__ZNK16KeychainDatabase6commonEv -__Z16_XauthenticateDbP17mach_msg_header_tS0_ -__Z38__MIG_check__Request__authenticateDb_tP27__Request__authenticateDb_t -__Z26ucsp_server_authenticateDbjj13audit_token_tPlmmPN8Security17AccessCredentialsEjS3_ -__ZN8Security11ListElement4lastEv -__ZN8Security11ListElement4listEv -__ZN8Security11ListElement4dataEv -__ZN6Server8databaseEm -__ZN8Security12HandleObject5State6locateEml -__ZN16KeychainDatabase12authenticateEmPKN8Security17AccessCredentialsE -__Z24_XunlockDbWithPassphraseP17mach_msg_header_tS0_ -__Z46__MIG_check__Request__unlockDbWithPassphrase_tP35__Request__unlockDbWithPassphrase_t -__Z34ucsp_server_unlockDbWithPassphrasejj13audit_token_tPlmPvj -__ZN6Server8keychainEm -__ZN16KeychainDatabase8unlockDbERKN8Security8CssmDataE -__ZN16KeychainDatabase12makeUnlockedERKN8Security8CssmDataE -__ZN16KeychainDatabase6decodeERKN8Security8CssmDataE -__ZN18DatabaseCryptoCore5setupEPKN8Security14SecurityServer6DbBlobERKNS0_8CssmDataE -__ZNK18DatabaseCryptoCore17deriveDbMasterKeyERKN8Security8CssmDataE -__ZN8Security10CssmClient5CryptC2ERKNS0_3CSPEm -__ZN8Security10CssmClient5CryptC4ERKNS0_3CSPEm -__ZN8Security10CssmClient7ContextC2ERKNS0_3CSPEm -__ZN8Security10CssmClient7ContextC4ERKNS0_3CSPEm -__ZN8Security10CssmClient10ObjectImplC2ERKNS0_6ObjectE -__ZN8Security10CssmClient9DeriveKeyclEPNS_8CssmDataERKNS0_7KeySpecE -__ZN8Security10CssmClient9DeriveKey8activateEv -__ZN8Security10CssmClient10ObjectImpl5checkEl -__ZNK8Security10CssmClient9RccBearer12compositeRccEv -__ZN8Security10CssmClient7KeyImplC1ERKNS0_3CSPE -__ZN8Security10CssmClient7KeyImplC4ERKNS0_3CSPE -__ZN8Security10CssmClient7KeyImpl8activateEv -__ZN8Security10CssmClient7ContextD2Ev -__ZN8Security10CssmClient7ContextD4Ev -__ZN8Security10CssmClient7Context10deactivateEv -__ZN8Security10CssmClient10ObjectImplD2Ev -__ZN8Security10CssmClient10ObjectImplD4Ev -__ZN8Security10CssmClient10ObjectImpl11removeChildEv -__ZN16KeychainDatabase6decodeEv -__ZN16KeychainDbCommon8unlockDbEPN8Security14SecurityServer6DbBlobEPPv -__ZN18DatabaseCryptoCore10decodeCoreEPN8Security14SecurityServer6DbBlobEPPv -__ZN8Security10CssmClient5Crypt3keyERKNS0_3KeyE -__ZN8Security10CssmClient7Decrypt7decryptEPKNS_8CssmDataEmPS2_mRS2_ -__ZN8Security10CssmClient5Crypt8activateEv -__ZN18DatabaseCryptoCore10makeRawKeyEPvmmm -__ZN8Security10CssmClient9UnwrapKeyclERKNS_7CssmKeyERKNS0_7KeySpecERS2_PNS_8CssmDataEPS3_ -__ZN8Security10CssmClient7KeyImplC1ERKNS0_3CSPERK8cssm_keyb -__ZN8Security10CssmClient7KeyImplC4ERKNS0_3CSPERK8cssm_keyb -__ZN8Security7CssmKeyC2ERK8cssm_key -__ZN8Security7CssmKeyC4ERK8cssm_key -__ZN8Security10CssmClient9VerifyMac6verifyEPKNS_8CssmDataEmRS3_ -__ZN8Security10CssmClient10MacContext8activateEv -__ZN16KeychainDbCommon11setUnlockedEv -__ZN16KeychainDbCommon8activityEv -__ZN16KeychainDbCommon6notifyEm -__ZN8Security19NameValueDictionaryC1Ev -__ZN8Security19NameValueDictionaryC4Ev -__ZN8Security19NameValueDictionary41MakeNameValueDictionaryFromDLDbIdentifierERKNS_14DLDbIdentifierERS0_ -__ZN8Security13NameValuePairC4EmRKNS_8CssmDataE -__ZN8Security13NameValuePair9CloneDataERKNS_8CssmDataE -__ZN8Security19NameValueDictionary6InsertEPNS_13NameValuePairE -__ZN8Security19NameValueDictionary6ExportERNS_8CssmDataE -__ZNK8Security19NameValueDictionary13CountElementsEv -__ZN8Security19NameValueDictionary10GetElementEi -__ZNK8Security13NameValuePair6ExportERNS_8CssmDataE -__ZN8Listener6notifyEmmRKN8Security8CssmDataE -__ZN8Security19NameValueDictionaryD1Ev -__ZN8Security19NameValueDictionaryD4Ev -__ZN8Security13NameValuePairD4Ev -__ZN16KeychainDatabase3aclEv -__ZN8Security9ObjectAcl10importBlobEPKvS2_ -__ZN8Security9ObjectAcl5Entry10importBlobERNS_23LowLevelMemoryUtilities6ReaderES4_ -__ZN8Security9ObjectAcl13importSubjectERNS_23LowLevelMemoryUtilities6ReaderES3_ -__ZN8Security9ObjectAcl4makeEmRNS_23LowLevelMemoryUtilities6ReaderES3_ -__ZN8Security9ObjectAcl8makerForEl -__ZNK8Security13AnyAclSubject5Maker4makeEhRNS_23LowLevelMemoryUtilities6ReaderES4_ -__ZN8Security10AclSubjectC2Emh -__ZN8Security10AclSubjectC4Emh -__ZN8Security9ObjectAcl8AclEntry10importBlobERNS_23LowLevelMemoryUtilities6ReaderES4_ -__ZN8Security9ObjectAcl3addERKSsRKNS0_8AclEntryE -__ZN8Security9ObjectAcl3addERKSsNS0_8AclEntryEm -__ZN8Security9ObjectAcl5EntryD2Ev -__ZN8Security9ObjectAcl5EntryD4Ev -__Z11_XreleaseDbP17mach_msg_header_tS0_ -__Z33__MIG_check__Request__releaseDb_tP22__Request__releaseDb_t -__Z21ucsp_server_releaseDbjj13audit_token_tPlm -__ZN8NodeCore4killERS_ -__ZN8NodeCore15removeReferenceERS_ -__ZN16KeychainDatabaseD0Ev -__ZN16KeychainDatabaseD4Ev -__ZN17SecurityServerAclD2Ev -__ZN17SecurityServerAclD4Ev -__ZN8Security9ObjectAclD2Ev -__ZN8Security9ObjectAclD4Ev -__ZN8Security10AclSubjectD2Ev -__ZN8Security10AclSubjectD4Ev -__Z21_XrequestNotificationP17mach_msg_header_tS0_ -__Z43__MIG_check__Request__requestNotification_tP32__Request__requestNotification_t -__Z31ucsp_server_requestNotificationjj13audit_token_tPljmm -__ZN7Process20requestNotificationsEN8Security12MachPlusPlus4PortEmm -__ZN15ProcessListenerC1ER7ProcessN8Security12MachPlusPlus4PortEmm -__ZN15ProcessListenerC4ER7ProcessN8Security12MachPlusPlus4PortEmm -__ZN8ListenerC4EN8Security12MachPlusPlus4PortEmm -__ZNK8Security17CssmSubserviceUideqERK19cssm_subservice_uid -__ZN8Security6DbNameD1Ev -__ZN8Security6DbNameD4Ev -__Z10_XisLockedP17mach_msg_header_tS0_ -__Z32__MIG_check__Request__isLocked_tP21__Request__isLocked_t -__Z20ucsp_server_isLockedjj13audit_token_tPlmPi -__Z11_XdecodeKeyP17mach_msg_header_tS0_ -__Z33__MIG_check__Request__decodeKey_tP22__Request__decodeKey_t -__Z21ucsp_server_decodeKeyjj13audit_token_tPlPmPN8Security7CssmKey6HeaderEmPvj -__ZN11KeychainKeyC1ER8DatabasePKN8Security14SecurityServer7KeyBlobE -__ZN11KeychainKeyC4ER8DatabasePKN8Security14SecurityServer7KeyBlobE -__ZN8LocalKeyC2ER8Databasem -__ZN8LocalKeyC4ER8Databasem -__ZN3KeyC2ER8Database -__ZN3KeyC4ER8Database -__ZN8LocalKey9returnKeyERmRN8Security7CssmKey6HeaderE -__ZN11KeychainKey9getHeaderERN8Security7CssmKey6HeaderE -__Z9_XdecryptP17mach_msg_header_tS0_ -__Z31__MIG_check__Request__decrypt_tP20__Request__decrypt_t -__Z19ucsp_server_decryptjj13audit_token_tPlN8Security7ContextEPvPNS2_4AttrEjmS3_jPS3_Pj -__Z8relocateRN8Security7ContextEPvPNS0_4AttrEm -__ZN6Server3keyEm -__ZN13LocalDatabase7decryptERKN8Security7ContextER3KeyRKNS0_8CssmDataERS6_ -__ZN8LocalKey8keyValueEv -__ZN11KeychainKey6getKeyEv -__ZN11KeychainKey6decodeEv -__ZNK11KeychainKey8databaseEv -__ZN16KeychainDatabase9decodeKeyEPN8Security14SecurityServer7KeyBlobERNS0_7CssmKeyERPvS7_ -__ZN16KeychainDatabase8unlockDbEv -__ZN16KeychainDatabase12makeUnlockedEv -__ZN16KeychainDatabase12makeUnlockedEPKN8Security17AccessCredentialsE -__ZN8Security10CssmClient7KeyImplD0Ev -__ZN8Security10CssmClient7KeyImplD4Ev -__ZN8Security10CssmClient7KeyImpl10deactivateEv -__ZN8Security10CssmClient9AclBearerD2Ev -__ZN8Security10CssmClient9AclBearerD4Ev -__ZN15ProcessListener8notifyMeEmmRKN8Security8CssmDataE -_ucsp_notify_sender_notify -__ZNK18DatabaseCryptoCore13decodeKeyCoreEPN8Security14SecurityServer7KeyBlobERNS0_7CssmKeyERPvS7_ -__ZN8Security4h2niERNS_7CssmKey6HeaderE -__ZN8Security4n2hiERNS_7CssmKey6HeaderE -__ZN8Security10CssmClient9UnwrapKeyclERKNS_7CssmKeyERKNS0_7KeySpecERS2_PNS_8CssmDataE -__ZN11KeychainKey3aclEv +__ZNSt8_Rb_treeIiSt4pairIKiPN8Security12UnixPlusPlus5ChildEESt10_Select1stIS6_ESt4lessIiESaIS6_EE8_M_eraseEPSt13_Rb_tree_nodeIS +__ZL26_XauthorizationExternalizeP17mach_msg_header_tS0_ +__Z36ucsp_server_authorizationExternalizejj13audit_token_tPiN8Security14SecurityServer17AuthorizationBlobEP25AuthorizationExter +__ZN7Session15authExternalizeERKN8Security14SecurityServer17AuthorizationBlobER25AuthorizationExternalForm +__ZNK18AuthorizationToken14mayExternalizeER7Process +__ZL26_XauthorizationInternalizeP17mach_msg_header_tS0_ +__Z36ucsp_server_authorizationInternalizejj13audit_token_tPi25AuthorizationExternalFormPN8Security14SecurityServer17Authorizati +__ZN7Session15authInternalizeERK25AuthorizationExternalFormRN8Security14SecurityServer17AuthorizationBlobE +__ZN18AuthorizationToken14mayInternalizeER7Processb +__ZL11_XreleaseDbP17mach_msg_header_tS0_ +__Z21ucsp_server_releaseDbjj13audit_token_tPij +__ZL10_XisLockedP17mach_msg_header_tS0_ +__Z20ucsp_server_isLockedjj13audit_token_tPijPj +__ZNK13Authorization8RuleImpl26evaluateCredentialForRightERK18AuthorizationTokenRKNS_11AuthItemRefERKNS_4RuleERKNS_11AuthItemSe +__ZNK13Authorization8RuleImpl30evaluateUserCredentialForRightERK18AuthorizationTokenRKNS_11AuthItemRefERKNS_4RuleERKNS_11AuthIt +__ZNK13Authorization14CredentialImpl12creationTimeEv +__ZNK13Authorization8RuleImpl22evaluateAuthenticationERKNS_11AuthItemRefERKNS_4RuleERNS_11AuthItemSetEjdPKSt3setINS_10Credentia +__ZNK13Authorization8RuleImpl20evaluateSessionOwnerERKNS_11AuthItemRefERKNS_4RuleERKNS_11AuthItemSetEdRK18AuthorizationTokenRNS +__ZNK14DynamicSession17haveOriginatorUidEv +__ZN18AuthorizationToken12scrubInfoSetEv +__ZN8Security14CommonCriteria9Securityd25RightAuthenticationLogger10logSuccessEjjPKc +__ZN18AuthorizationToken17setCredentialInfoERKN13Authorization10CredentialE +__ZNSt8_Rb_treeIP7ProcessS1_St9_IdentityIS1_ESt4lessIS1_ESaIS1_EE5eraseESt17_Rb_tree_iteratorIS1_E +__ZThn272_N16KeychainDbCommon6selectEv +__ZN16KeychainDbCommon6selectEv +__ZThn272_N16KeychainDbCommon6actionEv +__ZN16KeychainDbCommon6actionEv +__ZN16KeychainDbCommon6lockDbEv +__ZN18DatabaseCryptoCore10invalidateEv +__ZN8Security12MachPlusPlus10MachServer10clearTimerEPNS1_5TimerE +__ZThn272_N16KeychainDbCommon8unselectEv +__ZN16KeychainDbCommon8unselectEv +__ZN8Security12MachPlusPlus10MachServer12removeThreadEPNS_6ThreadE +__ZNSt8_Rb_treeIPN8Security6ThreadES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE5eraseERKS2_ +__ZNSt8_Rb_treeIPN8Security6ThreadES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE5eraseESt17_Rb_tree_iteratorIS2_ESA_ +__ZNSt8_Rb_treeIPN8Security6ThreadES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE5eraseESt17_Rb_tree_iteratorIS2_E +__ZN8Security12MachPlusPlus10MachServer10LoadThreadD0Ev +__ZN8Security6ThreadD2Ev +__ZN8Security16PerThreadPointerIN13SecurityAgent7ClientsEE10destructorEPv +__ZN13SecurityAgent7ClientsD2Ev +__ZN8Security16PerThreadPointerINS_10RefPointerI10ConnectionEEE10destructorEPv +__ZN8Security16PerThreadPointerINS_12MachPlusPlus10MachServer9PerThreadEE10destructorEPv +__ZNSt8_Rb_treeIPN8Security6ThreadES2_St9_IdentityIS2_ESt4lessIS2_ESaIS2_EE8_M_eraseEPSt13_Rb_tree_nodeIS2_E __ZNK8Security19ThresholdAclSubject5Maker4makeEhRNS_23LowLevelMemoryUtilities6ReaderES4_ +__ZNSt6vectorIN8Security10RefPointerINS0_10AclSubjectEEESaIS3_EEC2EmRKS3_RKS4_ +__ZNSt12_Vector_baseIN8Security10RefPointerINS0_10AclSubjectEEESaIS3_EEC2EmRKS4_ +__ZN9__gnu_cxx13new_allocatorIN8Security10RefPointerINS1_10AclSubjectEEEE8allocateEmPKv +__ZSt26__uninitialized_fill_n_auxIPN8Security10RefPointerINS0_10AclSubjectEEEmS3_EvT_T0_RKT1_St12__false_type __ZNK24KeychainPromptAclSubject5Maker4makeEhRN8Security23LowLevelMemoryUtilities6ReaderES4_ -__ZN24KeychainPromptAclSubjectC1ESsRK33cssm_acl_keychain_prompt_selector -__ZN24KeychainPromptAclSubjectC4ESsRK33cssm_acl_keychain_prompt_selector -__ZN8Security19ThresholdAclSubjectC1EmmRKSt6vectorINS_10RefPointerINS_10AclSubjectEEESaIS4_EE -__ZN8Security19ThresholdAclSubjectC4EmmRKSt6vectorINS_10RefPointerINS_10AclSubjectEEESaIS4_EE +__ZN24KeychainPromptAclSubjectC2ESsRK33cssm_acl_keychain_prompt_selector +__ZN8Security19ThresholdAclSubjectC2EjjRKSt6vectorINS_10RefPointerINS_10AclSubjectEEESaIS4_EE +__ZNSt6vectorIN8Security10RefPointerINS0_10AclSubjectEEESaIS3_EEC2ERKS5_ +__ZSt24__uninitialized_copy_auxIN9__gnu_cxx17__normal_iteratorIPKN8Security10RefPointerINS2_10AclSubjectEEESt6vectorIS5_SaIS5_E +__ZNSt6vectorIN8Security10RefPointerINS0_10AclSubjectEEESaIS3_EED2Ev +__ZNSt12_Vector_baseIN8Security10RefPointerINS0_10AclSubjectEEESaIS3_EED2Ev __ZNK8Security23CodeSignatureAclSubject5Maker4makeEhRNS_23LowLevelMemoryUtilities6ReaderES4_ -__ZN8Security11CodeSigning9OSXSigner7restoreEjPKvm -__ZN8Security23CodeSignatureAclSubjectC4ERNS_9AllocatorEPKNS_11CodeSigning9SignatureEPKvm -__ZN8Security12CssmAutoData5resetEv -__ZN8Security7Context4findEmPK22cssm_context_attributej -__ZN11KeychainKey15relatedDatabaseEv -__ZN17SecurityServerAcl8validateElRKN8Security7ContextEP8Database -__ZN17SecurityServerAcl8validateElPKN8Security17AccessCredentialsEP8Database -__ZN8Security9ObjectAcl8validateElPKNS_17AccessCredentialsEPNS_24AclValidationEnvironmentE -__ZN8Security9ObjectAcl9validatesElPKNS_17AccessCredentialsEPNS_24AclValidationEnvironmentE -__ZN8Security9ObjectAcl9validatesERNS_20AclValidationContextE -__ZN11KeychainKey14instantiateAclEv -__ZNK8Security20AclValidationContext9s_credTagEv -__ZNK8Security20AclValidationContext7credTagEv -__ZNK8Security9ObjectAcl8getRangeERKSsRSt4pairISt17_Rb_tree_iteratorIS3_IS1_NS0_8AclEntryEERKS6_PS7_ESA_E -__ZNK8Security9ObjectAcl8AclEntry10authorizesEl -__ZN8Security20AclValidationContext8entryTagERKSs -__ZNK8Security9ObjectAcl8AclEntry8validateERKNS_20AclValidationContextE +__ZN8Security23LowLevelMemoryUtilities6Reader11countedDataERPKvRm +__ZNK8Security23CodeSignatureAclSubject5Maker4makeEPKhRKNS_8CssmDataE +__ZN8Security23CodeSignatureAclSubjectC2EPKhRKSs +__ZN8Security11OSXVerifierC2EPKhRKSs +__ZN8Security11OSXVerifier3addEPKNS_8BlobCoreE +__ZN8Security10CFTempDataC2INS_8BlobCoreEEERKT_ +__ZNSt8_Rb_treeIiiSt9_IdentityIiESt4lessIiESaIiEE16_M_insert_uniqueERKi +__ZNSt8_Rb_treeIiiSt9_IdentityIiESt4lessIiESaIiEE9_M_insertEPSt18_Rb_tree_node_baseS7_RKi +__ZN9__gnu_cxx13new_allocatorISt13_Rb_tree_nodeIiEE8allocateEmPKv +__ZNSt8_Rb_treeIiiSt9_IdentityIiESt4lessIiESaIiEE7_M_copyEPKSt13_Rb_tree_nodeIiEPS7_ __ZNK8Security16SimpleAclSubject8validateERKNS_20AclValidationContextE +__ZNK21BaseValidationContext5countEv +__ZNK21BaseValidationContext6sampleEj __ZNK8Security9TypedList8isProperEv __ZNK8Security11ListElement4wordEv __ZNK8Security19ThresholdAclSubject8validateERKNS_20AclValidationContextERKNS_9TypedListE __ZNK8Security23CodeSignatureAclSubject8validateERKNS_20AclValidationContextE -__ZNK8Security13CssmOwnedData3getEv -__ZN25SecurityServerEnvironment19verifyCodeSignatureEPKN8Security11CodeSigning9SignatureEPKNS0_8CssmDataE -__ZN14CodeSignatures6verifyER7ProcessPKN8Security11CodeSigning9SignatureEPKNS2_8CssmDataE -__ZNK7Process7getHashERN8Security11CodeSigning9OSXSignerE -__ZN8Security11CodeSigning9OSXSigner4signERKNS0_8SignableE -__ZNK8Security13GenericBundle12scanContentsERNS_11CodeSigning6Signer5StateE -__ZNK8Security13GenericBundle14executablePathEv -__ZNK8Security13GenericBundle8cfBundleEv -__ZN8Security8cfStringEPK7__CFURLb -__ZN8Security7OSXCode8scanFileEPKcRNS_11CodeSigning6Signer5StateE -__ZN8Security11CodeSigning9OSXSigner8Digester17enumerateContentsEPKvm -__ZN8Security10CssmClient6Digest6digestEPKNS_8CssmDataEm -__ZN8Security10CssmClient6Digest8activateEv -__ZN8Security10CssmClient6DigestclERNS_8CssmDataE -__ZN14CodeSignatures4findERNS_8IdentityEj -__ZN5DbKeyC4EcRKN8Security8CssmDataEbj -__ZNK8Security12UnixPlusPlus6UnixDb3getERKNS_8CssmDataERS2_i -__ZN8Security15CssmManagedDataD2Ev -__ZN8Security15CssmManagedDataD4Ev -__ZN14CodeSignatures8Identity13canonicalNameERKSs -__ZNK7Process7getPathEv -__ZNK8Security8CssmList6lengthEv -__ZNK8Security8CssmListixEj -__ZNK24KeychainPromptAclSubject8validateERKN8Security20AclValidationContextERKNS0_9TypedListE -__ZNK10__cxxabiv121__vmi_class_type_info20__do_find_public_srcEiPKvPKNS_17__class_type_infoES2_ -__ZNK10__cxxabiv117__class_type_info20__do_find_public_srcEiPKvPKS0_S2_ -__ZN16QueryKeychainUseC1EbPK8Database -__ZN16QueryKeychainUseC4EbPK8Database -__ZN16AuthHostInstanceD0Ev -__ZN16AuthHostInstanceD4Ev -__ZN11ServerChildD2Ev -__ZN11ServerChildD4Ev -__ZN8Security9ConditionD1Ev -__ZN8Security9ConditionD4Ev -__ZN8Security12UnixPlusPlus5ChildD2Ev -__ZN8Security12UnixPlusPlus5ChildD4Ev -__ZN18SecurityAgentQuery10inferHintsER7Process -__ZNK16KeychainDatabase6dbNameEv -__ZN16QueryKeychainUse9queryUserEPKcS1_l -__ZN13SecurityAgent6Client11checkResultEv -__ZN13Authorization8AuthItem11getCssmDataERN8Security12CssmAutoDataE -__ZN18SensitiveAllocator4freeEPv -__ZN18SecurityAgentQuery10readChoiceEv -__ZN13Authorization8AuthItem9getStringERSs -__ZN18SecurityAgentQueryD2Ev -__ZN8Security20AclValidationContextD2Ev -__ZN8Security20AclValidationContextD4Ev -__ZN8Security24AclValidationEnvironmentD2Ev -__ZN8Security24AclValidationEnvironmentD4Ev -__ZN8Security10CssmClient7Context8overrideERKNS_7ContextE -__Z12_XreleaseKeyP17mach_msg_header_tS0_ -__Z34__MIG_check__Request__releaseKey_tP23__Request__releaseKey_t -__Z22ucsp_server_releaseKeyjj13audit_token_tPlm -__ZN8Database10releaseKeyER3Key -__ZN11KeychainKeyD0Ev -__ZN11KeychainKeyD4Ev +__ZTv0_n48_N25SecurityServerEnvironment19verifyCodeSignatureERKN8Security11OSXVerifierERKNS0_20AclValidationContextE +__ZN25SecurityServerEnvironment19verifyCodeSignatureERKN8Security11OSXVerifierERKNS0_20AclValidationContextE +__ZN14CodeSignatures6verifyER7ProcessRKN8Security11OSXVerifierERKNS2_20AclValidationContextE +__ZN24SublistValidationContextD2Ev +__ZNK21BaseValidationContext7matchedEPKN8Security9TypedListE +__ZN8Security19ThresholdAclSubjectD0Ev +__ZN24KeychainPromptAclSubjectD0Ev +__ZN8Security16SimpleAclSubjectD2Ev __ZN8Security23CodeSignatureAclSubjectD0Ev -__ZN8Security23CodeSignatureAclSubjectD4Ev -__ZN8LocalKeyD2Ev -__ZN8LocalKeyD4Ev -__Z18_XpostNotificationP17mach_msg_header_tS0_ -__Z40__MIG_check__Request__postNotification_tP29__Request__postNotification_t -__Z28ucsp_server_postNotificationjmmPvj -__ZN8Listener6removeEN8Security12MachPlusPlus4PortE -__ZN8ListenerD4Ev -__ZNK13Authorization8RuleImpl12evaluateUserERKNS_11AuthItemRefERKNS_4RuleERNS_11AuthItemSetEmdPKSt3setINS_10CredentialESt4lessISA_ESaISA_EERSE_R18AuthorizationToken -__ZNK13Authorization8RuleImpl26evaluateCredentialForRightERKNS_11AuthItemRefERKNS_4RuleERKNS_11AuthItemSetEdRKNS_10CredentialEb -__ZNK13Authorization14CredentialImpl12creationTimeEv -__ZN18AuthorizationToken17setCredentialInfoERKN13Authorization10CredentialE -__ZNK8Security14ExecutableTool13canonicalPathEv -__ZN13Authorization14CredentialImpl10invalidateEv -__ZNK13Authorization8RuleImpl21evaluateAuthorizationERKNS_11AuthItemRefERKNS_4RuleERNS_11AuthItemSetEmdPKSt3setINS_10CredentialESt4lessISA_ESaISA_EERSE_R18AuthorizationToken -__ZNK13Authorization8RuleImpl20evaluateSessionOwnerERKNS_11AuthItemRefERKNS_4RuleERKNS_11AuthItemSetEdRK18AuthorizationTokenRSs -__ZNK14DynamicSession13originatorUidEv -__ZN18AuthorizationToken12scrubInfoSetEv -__ZNK8Security14ExecutableTool6encodeEv +__ZN8Security11OSXVerifierD2Ev +__ZN8Security11OSXVerifier6AuxMapD2Ev +__ZNSt8_Rb_treeIjSt4pairIKjPN8Security8BlobCoreEESt10_Select1stIS5_ESt4lessIjESaIS5_EE8_M_eraseEPSt13_Rb_tree_nodeIS5_E +__ZThn16_N7ProcessD0Ev diff --git a/src/server.cpp b/src/server.cpp index 9f4fb6b..4b6f8d8 100644 --- a/src/server.cpp +++ b/src/server.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -55,17 +55,19 @@ Authority::~Authority() { } + // // Construct the server object // Server::Server(Authority &authority, CodeSignatures &signatures, const char *bootstrapName) : MachServer(bootstrapName), mBootstrapName(bootstrapName), - mShutdown(shutdownImmediately), mCSPModule(gGuidAppleCSP, mCssm), mCSP(mCSPModule), mAuthority(authority), mCodeSignatures(signatures), - mAudit(geteuid(), getpid()) + mAudit(geteuid(), getpid()), + mVerbosity(0), + mWaitForClients(true), mShuttingDown(false) { // make me eternal (in the object mesh) ref(); @@ -92,13 +94,13 @@ Server::~Server() // by calling Server::connection() [no argument] until it is released by // calling Connection::endWork(). // -Connection &Server::connection(mach_port_t port) +Connection &Server::connection(mach_port_t port, audit_token_t &auditToken) { Server &server = active(); StLock _(server); Connection *conn = server.mConnections.get(port, CSSM_ERRCODE_INVALID_CONTEXT_HANDLE); active().mCurrentConnection() = conn; - conn->beginWork(); + conn->beginWork(auditToken); return *conn; } @@ -138,7 +140,7 @@ Session &Server::session() RefPointer Server::key(KeyHandle key) { - return HandleObject::findRef(key, CSSMERR_CSP_INVALID_KEY_REFERENCE); + return U32HandleObject::findRef(key, CSSMERR_CSP_INVALID_KEY_REFERENCE); } RefPointer Server::database(DbHandle db) @@ -162,10 +164,11 @@ RefPointer Server::optionalDatabase(DbHandle db, bool persistent) // // Locate an ACL bearer (database or key) by handle +// The handle might be used across IPC, so we clamp it accordingly // -AclSource &Server::aclBearer(AclKind kind, CSSM_HANDLE handle) +AclSource &Server::aclBearer(AclKind kind, U32HandleObject::Handle handle) { - AclSource &bearer = HandleObject::find(handle, CSSMERR_CSSM_INVALID_ADDIN_HANDLE); + AclSource &bearer = U32HandleObject::find(handle, CSSMERR_CSSM_INVALID_ADDIN_HANDLE); if (kind != bearer.acl().aclKind()) CssmError::throwMe(CSSMERR_CSSM_INVALID_HANDLE_USAGE); return bearer; @@ -205,31 +208,9 @@ boolean_t ucsp_server(mach_msg_header_t *, mach_msg_header_t *); boolean_t self_server(mach_msg_header_t *, mach_msg_header_t *); -#if !defined(NDEBUG) - -struct IPCName { const char *name; int ipc; }; -static IPCName ucspNames[] = { subsystem_to_name_map_ucsp }; // generated by MIG -static IPCName selfNames[] = { subsystem_to_name_map_self }; // generated by MIG - -#endif //NDEBUG - boolean_t Server::handle(mach_msg_header_t *in, mach_msg_header_t *out) { -#if !defined(NDEBUG) - const int id = in->msgh_id; - const int ucspBase = ucspNames[0].ipc; - const int selfBase = selfNames[0].ipc; - const char *name = - (id >= ucspBase && id < ucspBase + ucsp_MSG_COUNT) ? ucspNames[id - ucspBase].name : - (id >= selfBase && id < selfBase + self_MSG_COUNT) ? selfNames[id - selfBase].name : - "OUT OF BOUNDS"; - secdebug("SSreq", "begin %s (%d)", name, in->msgh_id); -#endif //NDEBUG - - boolean_t result = ucsp_server(in, out) || self_server(in, out); - IFDEBUG(secdebug("SSreq", "end %s (%d)", name, in->msgh_id)); - - return result; + return ucsp_server(in, out) || self_server(in, out); } @@ -302,6 +283,7 @@ void Server::notifyDeadName(Port port) // is it a connection? PortMap::iterator conIt = mConnections.find(port); if (conIt != mConnections.end()) { + SECURITYD_PORTS_DEAD_CONNECTION(port); conIt->second->abort(); mConnections.erase(conIt); return; @@ -310,6 +292,7 @@ void Server::notifyDeadName(Port port) // is it a process? PortMap::iterator procIt = mProcesses.find(port); if (procIt != mProcesses.end()) { + SECURITYD_PORTS_DEAD_PROCESS(port); Process *proc = procIt->second; proc->kill(); mPids.erase(proc->pid()); @@ -318,6 +301,7 @@ void Server::notifyDeadName(Port port) } // well, what IS IT?! + SECURITYD_PORTS_DEAD_ORPHAN(port); secdebug("server", "spurious dead port notification for port %d", port.port()); } @@ -328,6 +312,7 @@ void Server::notifyDeadName(Port port) // void Server::notifyNoSenders(Port port, mach_port_mscount_t) { + SECURITYD_PORTS_DEAD_SESSION(port); secdebug("SSports", "port %d no senders", port.port()); Session::destroy(port); } @@ -342,32 +327,24 @@ kern_return_t self_server_handleSignal(mach_port_t sport, mach_port_t taskPort, int sig) { try { + SECURITYD_SIGNAL_HANDLED(sig); if (taskPort != mach_task_self()) { Syslog::error("handleSignal: received from someone other than myself"); - secdebug("SS", "unauthorized handleSignal"); return KERN_SUCCESS; } - secdebug("SS", "dispatching indirect signal %d", sig); switch (sig) { case SIGCHLD: ServerChild::checkChildren(); break; case SIGINT: - secdebug("SS", "SIGINT received: terminating immediately"); + SECURITYD_SHUTDOWN_NOW(); Syslog::notice("securityd terminated due to SIGINT"); - exit(0); + _exit(0); case SIGTERM: - if (Server::active().beginShutdown()) { - Syslog::notice("securityd shutting down; lingering for remaining clients"); - } else { - secdebug("SS", "SIGTERM received: terminating immediately"); - Syslog::notice("securityd terminated due to SIGTERM"); - exit(0); - } + Server::active().beginShutdown(); break; case SIGPIPE: - secdebug("SS", "SIGPIPE received: ignoring"); - Syslog::notice("securityd ignoring SIGPIPE received"); + fprintf(stderr, "securityd ignoring SIGPIPE received"); break; #if defined(DEBUGDUMP) @@ -399,20 +376,27 @@ kern_return_t self_server_handleSignal(mach_port_t sport, // void Server::SleepWatcher::systemWillSleep() { - secdebug("SS", "sleep notification received"); + SECURITYD_POWER_SLEEP(); Session::processSystemSleep(); - secdebug("server", "distributing sleep event to %ld clients", mPowerClients.size()); for (set::const_iterator it = mPowerClients.begin(); it != mPowerClients.end(); it++) (*it)->systemWillSleep(); } void Server::SleepWatcher::systemIsWaking() { - secdebug("server", "distributing wakeup event to %ld clients", mPowerClients.size()); + SECURITYD_POWER_WAKE(); for (set::const_iterator it = mPowerClients.begin(); it != mPowerClients.end(); it++) (*it)->systemIsWaking(); } +void Server::SleepWatcher::systemWillPowerOn() +{ + SECURITYD_POWER_ON(); + Server::active().longTermActivity(); + for (set::const_iterator it = mPowerClients.begin(); it != mPowerClients.end(); it++) + (*it)->systemWillPowerOn(); +} + void Server::SleepWatcher::add(PowerWatcher *client) { assert(mPowerClients.find(client) == mPowerClients.end()); @@ -441,69 +425,78 @@ Process *Server::findPid(pid_t pid) const // void Server::waitForClients(bool waiting) { - if (mShutdown == shuttingDown) // too late to change your mind now - return; - if (waiting) - mShutdown = shutdownDelayed; - else - mShutdown = shutdownImmediately; + mWaitForClients = waiting; } // -// Shutdown processing +// Begin shutdown processing. +// We relinquish our primary state authority. From now on, we'll be +// kept alive (only) by our current clients. // -bool Server::beginShutdown() -{ - if (mShutdown != shutdownDelayed) - return false; +static FILE *reportFile; - secdebug("server", "beginning shutdown with %d client(s)", int(mProcesses.size())); - mShutdown = shuttingDown; - -#if defined(SHUTDOWN_SNITCH) - struct Snitch : public MachServer::Timer { - void action() { Server::active().shutdownSnitch(); } - }; - setTimer(new Snitch, Time::Interval(29)); // right before we get SIGKILLed -#endif - - return true; +void Server::beginShutdown() +{ + StLock _(*this); + if (!mWaitForClients) { + SECURITYD_SHUTDOWN_NOW(); + _exit(0); + } else { + if (!mShuttingDown) { + mShuttingDown = true; + Session::invalidateAuthHosts(); + SECURITYD_SHUTDOWN_BEGIN(); + if (verbosity() >= 2) { + reportFile = fopen("/var/log/securityd-shutdown.log", "w"); + shutdownSnitch(); + } + } + } } +// +// During shutdown, we report residual clients to dtrace, and allow a state dump +// for debugging. +// We don't bother locking for the shuttingDown() check; it's a latching boolean +// and we'll be good enough without a lock. +// void Server::eventDone() { - if (mShutdown == shuttingDown) { - if (mProcesses.empty()) { - secdebug("SS", "out of clients - shutdown complete"); - Syslog::notice("securityd has finished serving its clients - terminating now"); - exit(0); - } else { - secdebug("SS", "shutdown in progress - %d process(es) left", int(mProcesses.size())); - IFDUMPING("shutdown", NodeCore::dumpAll()); + if (this->shuttingDown()) { + StLock lazy(*this, false); // lazy lock acquisition + if (SECURITYD_SHUTDOWN_COUNT_ENABLED()) { + lazy.lock(); + SECURITYD_SHUTDOWN_COUNT(mProcesses.size(), VProc::Transaction::debugCount()); } + if (verbosity() >= 2) { + lazy.lock(); + shutdownSnitch(); + } + IFDUMPING("shutdown", NodeCore::dumpAll()); } } -#if defined(SHUTDOWN_SNITCH) void Server::shutdownSnitch() { - Syslog::notice("29 seconds after shutdown began, securityd still has %d clients:", int(mPids.size())); + time_t now; + time(&now); + fprintf(reportFile, "%.24s %d residual clients:\n", ctime(&now), int(mPids.size())); for (PidMap::const_iterator it = mPids.begin(); it != mPids.end(); ++it) if (SecCodeRef clientCode = it->second->processCode()) { CFRef path; - SecCodeCopyPath(clientCode, kSecCSDefaultFlags, &path.aref()); + OSStatus rc = SecCodeCopyPath(clientCode, kSecCSDefaultFlags, &path.aref()); if (path) - Syslog::notice(" %s (%d)", cfString(path).c_str(), it->first); + fprintf(reportFile, " %s (%d)\n", cfString(path).c_str(), it->first); else - Syslog::notice(" pid=%d", it->first); + fprintf(reportFile, "pid=%d (error %d)\n", it->first, int32_t(rc)); } + fprintf(reportFile, "\n"); + fflush(reportFile); } -#endif //SHUTDOWN_SNITCH - // // Initialize the CSSM/MDS subsystem. @@ -511,14 +504,17 @@ void Server::shutdownSnitch() // system MDS here, and CSSM is pretty much always needed, so this is called // early during program startup. Do note that the server may not (yet) be running. // -void Server::loadCssm() +void Server::loadCssm(bool mdsIsInstalled) { if (!mCssm->isActive()) { StLock _(*this); + VProc::Transaction xact; if (!mCssm->isActive()) { - secdebug("SS", "Installing MDS"); - IFDEBUG(if (geteuid() == 0)) + if (!mdsIsInstalled) { // non-system securityd instance should not reinitialize MDS + secdebug("SS", "Installing MDS"); + IFDEBUG(if (geteuid() == 0)) MDSClient::mds().install(); + } secdebug("SS", "CSSM initializing"); mCssm->init(); mCSP->attach(); diff --git a/src/server.h b/src/server.h index 5d6717b..f3c5b4c 100644 --- a/src/server.h +++ b/src/server.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2008-2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -20,7 +20,6 @@ * * @APPLE_LICENSE_HEADER_END@ */ -#define SHUTDOWN_SNITCH // @@ -37,6 +36,7 @@ #include #include #include +#include #include "codesigdb.h" #include "connection.h" #include "key.h" @@ -86,13 +86,14 @@ public: // static Server &active() { return safer_cast(MachServer::active()); } static const char *bootstrapName() { return active().mBootstrapName.c_str(); } + static unsigned int verbosity() { return active().mVerbosity; } // // Each thread has at most one "active connection". If the server is currently // servicing a request received through a Connection, that's it. Otherwise // there is none. // - static Connection &connection(mach_port_t replyPort); // find by reply port and make active + static Connection &connection(mach_port_t replyPort, audit_token_t &auditToken); // find by reply port and make active static Connection &connection(bool tolerant = false); // return active (or fail unless tolerant) static void requestComplete(CSSM_RETURN &rcode); // de-activate active connection @@ -111,14 +112,14 @@ public: static RefPointer database(DbHandle db); static RefPointer keychain(DbHandle db); static RefPointer optionalDatabase(DbHandle db, bool persistent = true); - static AclSource &aclBearer(AclKind kind, CSSM_HANDLE handle); + static AclSource &aclBearer(AclKind kind, U32HandleObject::Handle handle); // Generic version of handle lookup template - static RefPointer find(CSSM_HANDLE handle, CSSM_RETURN notFoundError) + static RefPointer find(uint32_t handle, CSSM_RETURN notFoundError) { RefPointer object = - HandleObject::findRef(handle, notFoundError); + U32HandleObject::findRef(handle, notFoundError); if (object->process() != Server::process()) CssmError::throwMe(notFoundError); return object; @@ -135,7 +136,7 @@ public: // // Initialize CSSM and MDS // - void loadCssm(); + void loadCssm(bool mdsIsInstalled); public: // set up a new connection @@ -168,6 +169,7 @@ private: public: void systemWillSleep(); void systemIsWaking(); + void systemWillPowerOn(); void add(PowerWatcher *client); void remove(PowerWatcher *client); @@ -187,8 +189,11 @@ public: public: Process *findPid(pid_t pid) const; + void verbosity(unsigned int v) { mVerbosity = v; } void waitForClients(bool waiting); // set waiting behavior - bool beginShutdown(); // start delayed shutdown if configured + void beginShutdown(); // start delayed shutdown if configured + bool shuttingDown() const { return mShuttingDown; } + void shutdownSnitch(); // report lingering clients private: // mach bootstrap registration name @@ -202,13 +207,6 @@ private: PortMap mProcesses; // strong reference PidMap mPids; // weak reference (subsidiary to mProcesses) - enum ShutdownMode { - shutdownImmediately, // shut down immediately on SIGTERM - shutdownDelayed, // wait for clients on SIGTERM - shuttingDown // delayed shutdown in progress - } mShutdown; // shutdown mode - void shutdownSnitch(); // rat out lingering clients (to syslog) - // Current connection, if any (per thread). // Set as a side effect of calling connection(mach_port_t) // and returned by connection(bool). @@ -224,6 +222,11 @@ private: // Per-process audit initialization CommonCriteria::AuditSession mAudit; + + // busy state for primary state authority + unsigned int mVerbosity; + bool mWaitForClients; + bool mShuttingDown; }; diff --git a/src/session.cpp b/src/session.cpp index 105b2af..704cf90 100644 --- a/src/session.cpp +++ b/src/session.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2008-2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -32,12 +32,13 @@ // Sessions are multi-threaded objects. // #include +#include // SIGTERM #include // kAuthorizationFlagLeastPrivileged - #include "session.h" #include "connection.h" #include "database.h" #include "server.h" +#include // // The static session map @@ -54,8 +55,10 @@ Session::Session(Bootstrap bootstrap, Port servicePort, SessionAttributeBits att : mBootstrap(bootstrap), mServicePort(servicePort), mAttributes(attrs), mSecurityAgent(NULL), mAuthHost(NULL) { - secdebug("SSsession", "%p CREATED: handle=0x%lx bootstrap=%d service=%d attrs=0x%lx", - this, handle(), mBootstrap.port(), mServicePort.port(), mAttributes); + secdebug("SSsession", "%p CREATED: handle=%#x bootstrap=%d service=%d attrs=%#x", + this, handle(), mBootstrap.port(), mServicePort.port(), uint32_t(mAttributes)); + SECURITYD_SESSION_CREATE(this, attrs, servicePort); + Syslog::notice("Session 0x%lx created", this->handle()); } @@ -64,8 +67,9 @@ Session::Session(Bootstrap bootstrap, Port servicePort, SessionAttributeBits att // Session::~Session() { - secdebug("SSsession", "%p DESTROYED: handle=0x%lx bootstrap=%d", + secdebug("SSsession", "%p DESTROYED: handle=%#x bootstrap=%d", this, handle(), mBootstrap.port()); + Syslog::notice("Session 0x%lx destroyed", this->handle()); } @@ -86,7 +90,15 @@ Session &Session::find(SecuritySessionId id) case callerSecuritySession: return Server::session(); default: - return HandleObject::find(id, CSSMERR_CSSM_INVALID_ADDIN_HANDLE); + try { + return U32HandleObject::find(id, CSSMERR_CSSM_INVALID_ADDIN_HANDLE); + } catch (const CommonError &err) { + Syslog::warning("Session::find(%#x) failed rcode=%d", id, err.osStatus()); + for (PortMap::const_iterator it = mSessions.begin(); it != mSessions.end(); ++it) + Syslog::notice(" Valid sessions include %#x attrs=%#x", + it->second->handle(), it->second->attributes()); + throw; + } } } @@ -103,20 +115,17 @@ void Session::destroy(Port servPort) PortMap::iterator it = mSessions.find(servPort); assert(it != mSessions.end()); RefPointer session = it->second; + SECURITYD_SESSION_DESTROY(session); + Syslog::notice("Session 0x%lx dead", session->handle()); mSessions.erase(it); session->kill(); } void Session::kill() { - StLock _(*this); + StLock _(*this); // do we need to take this so early? - // release authorization host objects - { - StLock _(mAuthHostLock); - mSecurityAgent = NULL; - mAuthHost = NULL; - } + invalidateSessionAuthHosts(); // invalidate shared credentials { @@ -133,6 +142,24 @@ void Session::kill() PerSession::kill(); } +void Session::invalidateSessionAuthHosts() +{ + StLock _(mAuthHostLock); + + // if you got here, we don't care about pending operations: the auth hosts die + Syslog::warning("Killing auth hosts"); + if (mSecurityAgent) mSecurityAgent->UnixPlusPlus::Child::kill(SIGTERM); + if (mAuthHost) mAuthHost->UnixPlusPlus::Child::kill(SIGTERM); + mSecurityAgent = NULL; + mAuthHost = NULL; +} + +void Session::invalidateAuthHosts() +{ + StLock _(mSessions); + for (PortMap::const_iterator it = mSessions.begin(); it != mSessions.end(); it++) + it->second->invalidateSessionAuthHosts(); +} // // On system sleep, call sleepProcessing on all DbCommons of all Sessions @@ -153,7 +180,6 @@ void Session::processLockAll() allReferences(&DbCommon::lockProcessing); } - // // The root session inherits the startup bootstrap and service port // @@ -218,7 +244,9 @@ void DynamicSession::kill() void DynamicSession::setupAttributes(SessionCreationFlags flags, SessionAttributeBits attrs) { StLock _(*this); - secdebug("SSsession", "%p setup flags=0x%lx attrs=0x%lx", this, flags, attrs); + SECURITYD_SESSION_SETATTR(this, attrs); + Syslog::notice("Session 0x%lx attributes 0x%x", this->handle(), attrs); + secdebug("SSsession", "%p setup flags=%#x attrs=%#x", this, uint32_t(flags), uint32_t(attrs)); if (attrs & ~settableAttributes) MacOSError::throwMe(errSessionInvalidAttributes); checkOriginator(); @@ -265,7 +293,7 @@ void DynamicSession::originatorUid(uid_t uid) if (pw != NULL) { - mOriginatorCredential = Credential(uid, pw->pw_name ? pw->pw_name : "", pw->pw_gecos ? pw->pw_gecos : "", true/*shared*/); + mOriginatorCredential = Credential(uid, pw->pw_name ? pw->pw_name : "", pw->pw_gecos ? pw->pw_gecos : "", "", true/*shared*/); endpwent(); } @@ -287,6 +315,8 @@ OSStatus Session::authCreate(const AuthItemSet &rights, // this will acquire the object lock, so we delay acquiring it (@@@ no longer needed) auto_ptr auth(new AuthorizationToken(*this, resultCreds, auditToken, (flags&kAuthorizationFlagLeastPrivileged))); + SECURITYD_AUTH_CREATE(this, auth.get()); + // Make a copy of the mSessionCreds CredentialSet sessionCreds; { @@ -458,8 +488,8 @@ OSStatus Session::authorizationdbSet(const AuthorizationBlob &authBlob, Authoriz auth.mergeCredentials(resultCreds); } - secdebug("SSauth", "Authorization %p authorizationdbSet %s (result=%ld)", - &authorization(authBlob), inRightName, result); + secdebug("SSauth", "Authorization %p authorizationdbSet %s (result=%d)", + &authorization(authBlob), inRightName, int32_t(result)); return result; } @@ -483,8 +513,8 @@ OSStatus Session::authorizationdbRemove(const AuthorizationBlob &authBlob, Autho auth.mergeCredentials(resultCreds); } - secdebug("SSauth", "Authorization %p authorizationdbRemove %s (result=%ld)", - &authorization(authBlob), inRightName, result); + secdebug("SSauth", "Authorization %p authorizationdbRemove %s (result=%d)", + &authorization(authBlob), inRightName, int32_t(result)); return result; } @@ -523,6 +553,42 @@ AuthorizationToken &Session::authorization(const AuthorizationBlob &blob) return auth; } +// +// Run the Authorization engine to check if a given right has been authorized, +// independent of an external client request. +// +OSStatus Session::authCheckRight(string &rightName, Connection &connection, bool allowUI) +{ + // dummy up the arguments for authCreate() + AuthorizationItem rightItem = { rightName.c_str(), 0, NULL, 0 }; + AuthorizationItemSet rightItemSet = { 1, &rightItem }; + AuthItemSet rightAuthItemSet(&rightItemSet); + AuthItemSet envAuthItemSet(kAuthorizationEmptyEnvironment); + AuthorizationFlags flags = kAuthorizationFlagDefaults | kAuthorizationFlagExtendRights; + if (true == allowUI) + flags |= kAuthorizationFlagInteractionAllowed; + AuthorizationBlob dummyHandle; + const audit_token_t *at = connection.auditToken(); + + return authCreate(rightAuthItemSet, envAuthItemSet, flags, dummyHandle, *at); +} + +// for places within securityd that don't want to #include +// or to fuss about exceptions +bool Session::isRightAuthorized(string &rightName, Connection &connection, bool allowUI) +{ + bool isAuthorized = false; + + try { + OSStatus status = authCheckRight(rightName, connection, allowUI); + if (errAuthorizationSuccess == status) + isAuthorized = true; + } + catch (...) { + } + return isAuthorized; +} + RefPointer Session::authhost(const AuthHostType hostType, const bool restart) { @@ -576,8 +642,8 @@ CFDataRef DynamicSession::copyUserPrefs() void Session::dumpNode() { PerSession::dumpNode(); - Debug::dump(" boot=%d service=%d attrs=0x%lx authhost=%p securityagent=%p", - mBootstrap.port(), mServicePort.port(), mAttributes, mAuthHost, mSecurityAgent); + Debug::dump(" boot=%d service=%d attrs=%#x authhost=%p securityagent=%p", + mBootstrap.port(), mServicePort.port(), uint32_t(mAttributes), mAuthHost, mSecurityAgent); } #endif //DEBUGDUMP diff --git a/src/session.h b/src/session.h index 2575794..08042ac 100644 --- a/src/session.h +++ b/src/session.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2004,2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -33,7 +33,8 @@ #include "authority.h" #include "authhost.h" #include -#include +#include +#include #include #if __GNUC__ > 2 @@ -57,7 +58,7 @@ class AuthHostInstance; // with a modicum of security, and so Sessions are the natural nexus of // single-sign-on functionality. // -class Session : public HandleObject, public PerSession { +class Session : public U32HandleObject, public PerSession { public: typedef MachPlusPlus::Bootstrap Bootstrap; @@ -93,6 +94,9 @@ protected: public: const CredentialSet &authCredentials() const { return mSessionCreds; } + // + // For external Authorization clients + // OSStatus authCreate(const AuthItemSet &rights, const AuthItemSet &environment, AuthorizationFlags flags, AuthorizationBlob &newHandle, const audit_token_t &auditToken); void authFree(const AuthorizationBlob &auth, AuthorizationFlags flags); @@ -107,6 +111,13 @@ public: OSStatus authorizationdbGet(AuthorizationString inRightName, CFDictionaryRef *rightDict); OSStatus authorizationdbSet(const AuthorizationBlob &authBlob, AuthorizationString inRightName, CFDictionaryRef rightDict); OSStatus authorizationdbRemove(const AuthorizationBlob &authBlob, AuthorizationString inRightName); + + // + // Authorization methods for securityd's internal use + // + OSStatus authCheckRight(string &rightName, Connection &connection, bool allowUI); + // authCheckRight() with exception-handling and Boolean return semantics + bool isRightAuthorized(string &rightName, Connection &connection, bool allowUI); private: struct AuthorizationExternalBlob { @@ -126,6 +137,8 @@ public: static Session &find(SecuritySessionId id); template static SessionType &find(SecuritySessionId id); static void destroy(Port servPort); + void invalidateSessionAuthHosts(); // invalidate auth hosts in this session + static void invalidateAuthHosts(); // invalidate auth hosts in all sessions static void processSystemSleep(); void processLockAll(); diff --git a/src/structure.cpp b/src/structure.cpp index 0f1c8e7..effd439 100644 --- a/src/structure.cpp +++ b/src/structure.cpp @@ -153,7 +153,7 @@ NodeCore::NodeCore() // override this to add text to your Node type's state dump output void NodeCore::dumpNode() { - Debug::dump("%s@%p rc=%u", Debug::typeName(*this).c_str(), this, unsigned(refCountForDebuggingOnly())); + Debug::dump("%s@%p rc=%u", Debug::typeName(*this).c_str(), this, unsigned(refCountForDebuggingOnly())); if (mParent) Debug::dump(" parent=%p", mParent.get()); if (mReferent) @@ -164,7 +164,7 @@ void NodeCore::dumpNode() // override this to completely re-implement the dump format for your Node type void NodeCore::dump() { - dumpNode(); + dumpNode(); if (!mReferences.empty()) { Debug::dump(" {"); for (ReferenceSet::const_iterator it = mReferences.begin(); it != mReferences.end(); it++) { @@ -180,7 +180,7 @@ void NodeCore::dump() // dump all known nodes void NodeCore::dumpAll() { - StLock _(mCoreLock); + StLock _(mCoreLock); time_t now; time(&now); Debug::dump("\nNODE DUMP (%24.24s)\n", ctime(&now)); for (set::const_iterator it = mCoreNodes.begin(); it != mCoreNodes.end(); it++) diff --git a/src/structure.h b/src/structure.h index 66f0d92..3a63970 100644 --- a/src/structure.h +++ b/src/structure.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2000-2001,2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -30,8 +30,9 @@ #include #include -#include +#include #include +#include "dtrace.h" using MachPlusPlus::Port; @@ -194,7 +195,7 @@ public: // // Process (client process) layer nodes // -class PerProcess : public HandleObject, public Node { +class PerProcess : public U32HandleObject, public Node { public: }; diff --git a/src/tempdatabase.cpp b/src/tempdatabase.cpp index 6be1e05..c3f29ce 100644 --- a/src/tempdatabase.cpp +++ b/src/tempdatabase.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved. + * Copyright (c) 2004,2008 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * diff --git a/src/tokencache.cpp b/src/tokencache.cpp index 2460db1..0d3a747 100644 --- a/src/tokencache.cpp +++ b/src/tokencache.cpp @@ -65,27 +65,31 @@ static const char cacheDir[] = "cache"; // Note that the defaulted read functions do NOT write the default // to disk; they work fine in read-only disk areas. // -static uint32 getFile(const string &path, uint32 defaultValue) +static unsigned long getFile(const string &path, unsigned long defaultValue) { try { - AutoFileDesc fd(path); - string s; fd.readAll(s); - uint32 value; sscanf(s.c_str(), "%ld", &value); - return value; + AutoFileDesc fd(path, O_RDONLY, FileDesc::modeMissingOk); + if (fd) { + string s; fd.readAll(s); + unsigned long value; sscanf(s.c_str(), "%lu", &value); + return value; + } } catch (...) { - return defaultValue; } + return defaultValue; } static string getFile(const string &path, const string &defaultValue) { try { - AutoFileDesc fd(path); - string s; fd.readAll(s); - return s; + AutoFileDesc fd(path, O_RDONLY, FileDesc::modeMissingOk); + if (fd) { + string s; fd.readAll(s); + return s; + } } catch (...) { - return defaultValue; } + return defaultValue; } @@ -131,14 +135,7 @@ TokenCache::TokenCache(const char *where) makedir(path(configDir), O_CREAT, 0700, securityd); makedir(path(tokensDir), O_CREAT, 0711, securityd); - // get the path for the SSID file. Don't call getFile unless the file exists (avoids exception overhead) - string idFilePath = path (lastSSIDFile); - struct stat st; - if (stat (idFilePath.c_str (), &st) == -1) { - mLastSubservice = 1; - } else { - mLastSubservice = getFile(idFilePath, 1); - } + mLastSubservice = getFile(path(lastSSIDFile), 1); // identify uid/gid for token daemons struct passwd *pw = getpwnam(TOKEND_UID); diff --git a/src/tokendatabase.cpp b/src/tokendatabase.cpp index 2525623..db2bd69 100644 --- a/src/tokendatabase.cpp +++ b/src/tokendatabase.cpp @@ -767,7 +767,7 @@ TokenDatabase::Search::~Search() try { database().token().tokend().Tokend::ClientSession::releaseSearch(mHandle); } catch (...) { - secdebug("tokendb", "%p release search handle %ld threw (ignored)", + secdebug("tokendb", "%p release search handle %u threw (ignored)", this, mHandle); } } @@ -778,7 +778,7 @@ TokenDatabase::Record::~Record() try { database().token().tokend().Tokend::ClientSession::releaseRecord(mHandle); } catch (...) { - secdebug("tokendb", "%p release record handle %ld threw (ignored)", + secdebug("tokendb", "%p release record handle %u threw (ignored)", this, mHandle); } } diff --git a/src/tokendatabase.h b/src/tokendatabase.h index cf39062..8ffa2fd 100644 --- a/src/tokendatabase.h +++ b/src/tokendatabase.h @@ -113,11 +113,11 @@ protected: class Handler { public: Handler() : mHandle(0) { } - CSSM_HANDLE &tokenHandle() { return mHandle; } - CSSM_HANDLE tokenHandle() const { return mHandle; } + GenericHandle &tokenHandle() { return mHandle; } + GenericHandle tokenHandle() const { return mHandle; } protected: - CSSM_HANDLE mHandle; + GenericHandle mHandle; }; // CSSM-style search handles (returned by findFirst) diff --git a/src/tokenkey.cpp b/src/tokenkey.cpp index def8cbd..fd952b6 100644 --- a/src/tokenkey.cpp +++ b/src/tokenkey.cpp @@ -47,7 +47,7 @@ TokenKey::~TokenKey() try { database().token().tokend().releaseKey(mKey); } catch (...) { - secdebug("tokendb", "%p release key handle %ld threw (ignored)", + secdebug("tokendb", "%p release key handle %u threw (ignored)", this, mKey); } } diff --git a/src/transition.cpp b/src/transition.cpp index 40f3646..f97237b 100644 --- a/src/transition.cpp +++ b/src/transition.cpp @@ -1,5 +1,5 @@ /* - * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved. + * Copyright (c) 2000-2009 Apple Inc. All Rights Reserved. * * @APPLE_LICENSE_HEADER_START@ * @@ -33,15 +33,18 @@ #include #include "server.h" #include "session.h" +#include "agentquery.h" #include "database.h" #include "kcdatabase.h" #include "tokendatabase.h" #include "kckey.h" #include "child.h" +#include #include #include #include #include +#include #include #include @@ -53,10 +56,15 @@ audit_token_t auditToken, CSSM_RETURN *rcode #define BEGIN_IPCN *rcode = CSSM_OK; try { -#define BEGIN_IPC BEGIN_IPCN RefPointer connRef(&Server::connection(replyPort)); \ - Connection &connection __attribute__((unused)) = *connRef; +#define BEGIN_IPC(name) BEGIN_IPCN RefPointer connRef(&Server::connection(replyPort, auditToken)); \ + Connection &connection __attribute__((unused)) = *connRef; \ + if (SECURITYD_REQUEST_ENTRY_ENABLED()) { \ + const char * volatile s = #name; volatile char __attribute__((unused)) pagein = s[0]; \ + SECURITYD_REQUEST_ENTRY((char *)s, &connection, &connection.process()); \ + } #define END_IPC(base) END_IPCN(base) Server::requestComplete(*rcode); return KERN_SUCCESS; -#define END_IPCN(base) } \ +#define END_IPCN(base) SECURITYD_REQUEST_RETURN(*rcode); \ + } \ catch (const CommonError &err) { *rcode = CssmError::cssmError(err, CSSM_ ## base ## _BASE_ERROR); } \ catch (const std::bad_alloc &) { *rcode = CssmError::merge(CSSM_ERRCODE_MEMORY_ERROR, CSSM_ ## base ## _BASE_ERROR); } \ catch (Connection *conn) { *rcode = 0; } \ @@ -214,9 +222,12 @@ Database *pickDb(Database *db1, Database *db2) kern_return_t ucsp_server_setup(UCSP_ARGS, mach_port_t taskPort, ClientSetupInfo info, const char *identity) { BEGIN_IPCN + SECURITYD_REQUEST_ENTRY((char*)"setup", NULL, NULL); Server::active().setupConnection(Server::connectNewProcess, servicePort, replyPort, taskPort, auditToken, &info, identity); END_IPCN(CSSM) + if (*rcode) + Syslog::notice("setup(%s) failed rcode=%d", identity ? identity : "", *rcode); return KERN_SUCCESS; } @@ -225,6 +236,7 @@ kern_return_t ucsp_server_setupNew(UCSP_ARGS, mach_port_t taskPort, mach_port_t *newServicePort) { BEGIN_IPCN + SECURITYD_REQUEST_ENTRY((char*)"setupNew", NULL, NULL); try { RefPointer session = new DynamicSession(taskPort); Server::active().setupConnection(Server::connectNewSession, session->servicePort(), replyPort, @@ -239,15 +251,20 @@ kern_return_t ucsp_server_setupNew(UCSP_ARGS, mach_port_t taskPort, } } END_IPCN(CSSM) + if (*rcode) + Syslog::notice("setupNew(%s) failed rcode=%d", identity ? identity : "", *rcode); return KERN_SUCCESS; } kern_return_t ucsp_server_setupThread(UCSP_ARGS, mach_port_t taskPort) { + SECURITYD_REQUEST_ENTRY((char*)"setupThread", NULL, NULL); BEGIN_IPCN Server::active().setupConnection(Server::connectNewThread, servicePort, replyPort, taskPort, auditToken); END_IPCN(CSSM) + if (*rcode) + Syslog::notice("setupThread failed rcode=%d", *rcode); return KERN_SUCCESS; } @@ -255,6 +272,7 @@ kern_return_t ucsp_server_setupThread(UCSP_ARGS, mach_port_t taskPort) kern_return_t ucsp_server_teardown(UCSP_ARGS) { BEGIN_IPCN + SECURITYD_REQUEST_ENTRY((char*)"teardown", NULL, NULL); Server::active().endConnection(replyPort); END_IPCN(CSSM) return KERN_SUCCESS; @@ -263,7 +281,8 @@ kern_return_t ucsp_server_teardown(UCSP_ARGS) kern_return_t ucsp_server_verifyPrivileged(UCSP_ARGS) { BEGIN_IPCN - // This line intentionally left blank. + SECURITYD_REQUEST_ENTRY((char*)"verifyPrivileged", NULL, NULL); + // doing nothing (we just want securityd's audit credentials returned) END_IPCN(CSSM) return KERN_SUCCESS; } @@ -271,10 +290,10 @@ kern_return_t ucsp_server_verifyPrivileged(UCSP_ARGS) // // Common database operations // -kern_return_t ucsp_server_authenticateDb(UCSP_ARGS, IPCDbHandle db, +kern_return_t ucsp_server_authenticateDb(UCSP_ARGS, DbHandle db, CSSM_DB_ACCESS_TYPE accessType, DATA_IN(cred)) { - BEGIN_IPC + BEGIN_IPC(authenticateDb) secdebug("dl", "authenticateDb"); CopyOutAccessCredentials creds(cred, credLength); // ignoring accessType @@ -282,26 +301,26 @@ kern_return_t ucsp_server_authenticateDb(UCSP_ARGS, IPCDbHandle db, END_IPC(DL) } -kern_return_t ucsp_server_releaseDb(UCSP_ARGS, IPCDbHandle db) +kern_return_t ucsp_server_releaseDb(UCSP_ARGS, DbHandle db) { - BEGIN_IPC + BEGIN_IPC(releaseDb) connection.process().kill(*Server::database(db)); END_IPC(DL) } -kern_return_t ucsp_server_getDbName(UCSP_ARGS, IPCDbHandle db, char name[PATH_MAX]) +kern_return_t ucsp_server_getDbName(UCSP_ARGS, DbHandle db, char name[PATH_MAX]) { - BEGIN_IPC + BEGIN_IPC(getDbName) string result = Server::database(db)->dbName(); assert(result.length() < PATH_MAX); memcpy(name, result.c_str(), result.length() + 1); END_IPC(DL) } -kern_return_t ucsp_server_setDbName(UCSP_ARGS, IPCDbHandle db, const char *name) +kern_return_t ucsp_server_setDbName(UCSP_ARGS, DbHandle db, const char *name) { - BEGIN_IPC + BEGIN_IPC(setDbName) Server::database(db)->dbName(name); END_IPC(DL) } @@ -311,20 +330,20 @@ kern_return_t ucsp_server_setDbName(UCSP_ARGS, IPCDbHandle db, const char *name) // External database interface // kern_return_t ucsp_server_openToken(UCSP_ARGS, uint32 ssid, FilePath name, - DATA_IN(accessCredentials), IPCDbHandle *db) + DATA_IN(accessCredentials), DbHandle *db) { - BEGIN_IPC + BEGIN_IPC(openToken) CopyOutAccessCredentials creds(accessCredentials, accessCredentialsLength); *db = (new TokenDatabase(ssid, connection.process(), name, creds))->handle(); END_IPC(DL) } -kern_return_t ucsp_server_findFirst(UCSP_ARGS, IPCDbHandle db, +kern_return_t ucsp_server_findFirst(UCSP_ARGS, DbHandle db, DATA_IN(inQuery), DATA_IN(inAttributes), DATA_OUT(outAttributes), boolean_t getData, DATA_OUT(data), - IPCKeyHandle *hKey, IPCSearchHandle *hSearch, IPCRecordHandle *hRecord) + KeyHandle *hKey, SearchHandle *hSearch, IPCRecordHandle *hRecord) { - BEGIN_IPC + BEGIN_IPC(findFirst) CopyOutQuery query(inQuery, inQueryLength); CopyOutDbRecordAttributes attrs(inAttributes, inAttributesLength); @@ -370,13 +389,13 @@ kern_return_t ucsp_server_findFirst(UCSP_ARGS, IPCDbHandle db, } -kern_return_t ucsp_server_findNext(UCSP_ARGS, IPCSearchHandle hSearch, +kern_return_t ucsp_server_findNext(UCSP_ARGS, SearchHandle hSearch, DATA_IN(inAttributes), DATA_OUT(outAttributes), - boolean_t getData, DATA_OUT(data), IPCKeyHandle *hKey, + boolean_t getData, DATA_OUT(data), KeyHandle *hKey, IPCRecordHandle *hRecord) { - BEGIN_IPC + BEGIN_IPC(findNext) CopyOutDbRecordAttributes attrs(inAttributes, inAttributesLength); RefPointer search = Server::find(hSearch, CSSMERR_DL_INVALID_RESULTS_HANDLE); @@ -421,9 +440,9 @@ kern_return_t ucsp_server_findNext(UCSP_ARGS, IPCSearchHandle hSearch, kern_return_t ucsp_server_findRecordHandle(UCSP_ARGS, IPCRecordHandle hRecord, DATA_IN(inAttributes), DATA_OUT(outAttributes), - boolean_t getData, DATA_OUT(data), IPCKeyHandle *hKey) + boolean_t getData, DATA_OUT(data), KeyHandle *hKey) { - BEGIN_IPC + BEGIN_IPC(findRecordHandle) CopyOutDbRecordAttributes attrs(inAttributes, inAttributesLength); RefPointer record = Server::find(hRecord, CSSMERR_DL_INVALID_RECORD_UID); @@ -445,6 +464,12 @@ kern_return_t ucsp_server_findRecordHandle(UCSP_ARGS, IPCRecordHandle hRecord, // return data (temporary fix) if (getData) { + /* + We can't release this with the usual allocator (which calls free(), since + it was VM allocated. Part of the fix for: + securityd leaks VM memory during certain smartcard operations + will be to call Server::releaseWhenDone below with a new vm allocator param + */ Server::releaseWhenDone(outData.data()); xdrproc_t encode_proc = reinterpret_cast(xdr_CSSM_NO_KEY_IN_DATA); if (key) @@ -456,10 +481,10 @@ kern_return_t ucsp_server_findRecordHandle(UCSP_ARGS, IPCRecordHandle hRecord, END_IPC(DL) } -kern_return_t ucsp_server_insertRecord(UCSP_ARGS, IPCDbHandle db, CSSM_DB_RECORDTYPE recordType, +kern_return_t ucsp_server_insertRecord(UCSP_ARGS, DbHandle db, CSSM_DB_RECORDTYPE recordType, DATA_IN(inAttributes), DATA_IN(data), IPCRecordHandle *record) { - BEGIN_IPC + BEGIN_IPC(insertRecord) RecordHandle recordHandle; CopyOutDbRecordAttributes attrs(inAttributes, inAttributesLength); Server::database(db)->insertRecord(recordType, attrs.attribute_data(), attrs.length(), @@ -468,11 +493,11 @@ kern_return_t ucsp_server_insertRecord(UCSP_ARGS, IPCDbHandle db, CSSM_DB_RECORD END_IPC(DL) } -kern_return_t ucsp_server_modifyRecord(UCSP_ARGS, IPCDbHandle db, IPCRecordHandle *hRecord, +kern_return_t ucsp_server_modifyRecord(UCSP_ARGS, DbHandle db, IPCRecordHandle *hRecord, CSSM_DB_RECORDTYPE recordType, DATA_IN(attributes), boolean_t setData, DATA_IN(data), CSSM_DB_MODIFY_MODE modifyMode) { - BEGIN_IPC + BEGIN_IPC(modifyRecord) CopyOutDbRecordAttributes attrs(attributes, attributesLength); CssmData newData(DATA(data)); RefPointer record = @@ -484,17 +509,17 @@ kern_return_t ucsp_server_modifyRecord(UCSP_ARGS, IPCDbHandle db, IPCRecordHandl END_IPC(DL) } -kern_return_t ucsp_server_deleteRecord(UCSP_ARGS, IPCDbHandle db, IPCRecordHandle hRecord) +kern_return_t ucsp_server_deleteRecord(UCSP_ARGS, DbHandle db, IPCRecordHandle hRecord) { - BEGIN_IPC + BEGIN_IPC(deleteRecord) Server::database(db)->deleteRecord( Server::find(hRecord, CSSMERR_DL_INVALID_RECORD_UID)); END_IPC(DL) } -kern_return_t ucsp_server_releaseSearch(UCSP_ARGS, IPCSearchHandle hSearch) +kern_return_t ucsp_server_releaseSearch(UCSP_ARGS, SearchHandle hSearch) { - BEGIN_IPC + BEGIN_IPC(releaseSearch) RefPointer search = Server::find(hSearch, 0); search->database().releaseSearch(*search); END_IPC(DL) @@ -502,7 +527,7 @@ kern_return_t ucsp_server_releaseSearch(UCSP_ARGS, IPCSearchHandle hSearch) kern_return_t ucsp_server_releaseRecord(UCSP_ARGS, IPCRecordHandle hRecord) { - BEGIN_IPC + BEGIN_IPC(releaseRecord) RefPointer record = Server::find(hRecord, 0); record->database().releaseRecord(*record); END_IPC(DL) @@ -512,11 +537,11 @@ kern_return_t ucsp_server_releaseRecord(UCSP_ARGS, IPCRecordHandle hRecord) // // Internal database management // -kern_return_t ucsp_server_createDb(UCSP_ARGS, IPCDbHandle *db, +kern_return_t ucsp_server_createDb(UCSP_ARGS, DbHandle *db, DATA_IN(ident), DATA_IN(cred), DATA_IN(owner), DBParameters params) { - BEGIN_IPC + BEGIN_IPC(createDb) CopyOutAccessCredentials creds(cred, credLength); CopyOutEntryAcl owneracl(owner, ownerLength); CopyOut flatident(ident, identLength, reinterpret_cast(xdr_DLDbFlatIdentifierRef)); @@ -524,23 +549,47 @@ kern_return_t ucsp_server_createDb(UCSP_ARGS, IPCDbHandle *db, END_IPC(DL) } -// keychain synchronization -// @@@ caller should be required to call decodeDb() to get a DbHandle -// instead of passing the blob itself -kern_return_t ucsp_server_cloneDbForSync(UCSP_ARGS, DATA_IN(blob), - IPCDbHandle srcDb, DATA_IN(agentData), IPCDbHandle *newDb) +kern_return_t ucsp_server_recodeDbForSync(UCSP_ARGS, DbHandle dbToClone, + DbHandle srcDb, DbHandle *newDb) { - BEGIN_IPC + BEGIN_IPC(recodeDbForSync) RefPointer srcKC = Server::keychain(srcDb); - *newDb = (new KeychainDatabase(*srcKC, connection.process(), - SSBLOB(DbBlob, blob), DATA(agentData)))->handle(); + *newDb = (new KeychainDatabase(*srcKC, connection.process(), dbToClone))->handle(); + END_IPC(DL) +} + +kern_return_t ucsp_server_authenticateDbsForSync(UCSP_ARGS, DATA_IN(dbHandleArray), + DATA_IN(agentData), DbHandle* authenticatedDBHandle) +{ + BEGIN_IPC(authenticateDbsForSync) + QueryDBBlobSecret query; + query.inferHints(connection.process()); + query.addHint(AGENT_HINT_KCSYNC_DICT, agentData, agentDataLength); + CSSM_DATA dbData = DATA(dbHandleArray); + uint8 ipcDbHandleArrayCount = *(dbData.Data); + DbHandle *ipcDbHandleArray = (DbHandle *)Allocator::standard().malloc(ipcDbHandleArrayCount * sizeof(DbHandle)); + if ( ipcDbHandleArray == 0 ) + CssmError::throwMe(CSSMERR_CSSM_MEMORY_ERROR); + DbHandle *currIPCDbHandleArrayPtr = ipcDbHandleArray; + DbHandle *dbHandleArrayPtr = (DbHandle *)(dbData.Data+1); + int index; + for (index=0; index < ipcDbHandleArrayCount; index++) + { + *currIPCDbHandleArrayPtr = *dbHandleArrayPtr; + Server::keychain(*currIPCDbHandleArrayPtr)->lockDb(); // lock this db if it was unlocked in the past (user could have deleted the kc, resetLogin, etc.) + currIPCDbHandleArrayPtr++; + dbHandleArrayPtr++; + } + Server::releaseWhenDone(ipcDbHandleArray); + if (query(ipcDbHandleArray, ipcDbHandleArrayCount, authenticatedDBHandle) != SecurityAgent::noReason) + CssmError::throwMe(CSSM_ERRCODE_OPERATION_AUTH_DENIED); END_IPC(DL) } -kern_return_t ucsp_server_commitDbForSync(UCSP_ARGS, IPCDbHandle srcDb, - IPCDbHandle cloneDb, DATA_OUT(blob)) +kern_return_t ucsp_server_commitDbForSync(UCSP_ARGS, DbHandle srcDb, + DbHandle cloneDb, DATA_OUT(blob)) { - BEGIN_IPC + BEGIN_IPC(commitDbForSync) RefPointer srcKC = Server::keychain(srcDb); RefPointer cloneKC = Server::keychain(cloneDb); srcKC->commitSecretsForSync(*cloneKC); @@ -556,44 +605,47 @@ kern_return_t ucsp_server_commitDbForSync(UCSP_ARGS, IPCDbHandle srcDb, END_IPC(DL) } -kern_return_t ucsp_server_decodeDb(UCSP_ARGS, IPCDbHandle *db, +kern_return_t ucsp_server_decodeDb(UCSP_ARGS, DbHandle *db, DATA_IN(ident), DATA_IN(cred), DATA_IN(blob)) { - BEGIN_IPC + BEGIN_IPC(decodeDb) CopyOutAccessCredentials creds(cred, credLength); CopyOut flatident(ident, identLength, reinterpret_cast(xdr_DLDbFlatIdentifierRef)); - *db = (new KeychainDatabase(*reinterpret_cast(flatident.data()), SSBLOB(DbBlob, blob), + DLDbFlatIdentifier* flatID = (DLDbFlatIdentifier*) flatident.data(); + DLDbIdentifier id = *flatID; // invokes a casting operator + + *db = (new KeychainDatabase(id, SSBLOB(DbBlob, blob), connection.process(), creds))->handle(); END_IPC(DL) } -kern_return_t ucsp_server_encodeDb(UCSP_ARGS, IPCDbHandle db, DATA_OUT(blob)) +kern_return_t ucsp_server_encodeDb(UCSP_ARGS, DbHandle db, DATA_OUT(blob)) { - BEGIN_IPC + BEGIN_IPC(encodeDb) DbBlob *dbBlob = Server::keychain(db)->blob(); // memory owned by database *blob = dbBlob; *blobLength = dbBlob->length(); END_IPC(DL) } -kern_return_t ucsp_server_setDbParameters(UCSP_ARGS, IPCDbHandle db, DBParameters params) +kern_return_t ucsp_server_setDbParameters(UCSP_ARGS, DbHandle db, DBParameters params) { - BEGIN_IPC + BEGIN_IPC(setDbParameters) Server::keychain(db)->setParameters(params); END_IPC(DL) } -kern_return_t ucsp_server_getDbParameters(UCSP_ARGS, IPCDbHandle db, DBParameters *params) +kern_return_t ucsp_server_getDbParameters(UCSP_ARGS, DbHandle db, DBParameters *params) { - BEGIN_IPC + BEGIN_IPC(getDbParameters) Server::keychain(db)->getParameters(*params); END_IPC(DL) } -kern_return_t ucsp_server_changePassphrase(UCSP_ARGS, IPCDbHandle db, +kern_return_t ucsp_server_changePassphrase(UCSP_ARGS, DbHandle db, DATA_IN(cred)) { - BEGIN_IPC + BEGIN_IPC(changePassphrase) CopyOutAccessCredentials creds(cred, credLength); Server::keychain(db)->changePassphrase(creds); END_IPC(DL) @@ -601,28 +653,28 @@ kern_return_t ucsp_server_changePassphrase(UCSP_ARGS, IPCDbHandle db, kern_return_t ucsp_server_lockAll (UCSP_ARGS, boolean_t) { - BEGIN_IPC + BEGIN_IPC(lockAll) connection.session().processLockAll(); END_IPC(DL) } -kern_return_t ucsp_server_unlockDb(UCSP_ARGS, IPCDbHandle db) +kern_return_t ucsp_server_unlockDb(UCSP_ARGS, DbHandle db) { - BEGIN_IPC + BEGIN_IPC(unlockDb) Server::keychain(db)->unlockDb(); END_IPC(DL) } -kern_return_t ucsp_server_unlockDbWithPassphrase(UCSP_ARGS, IPCDbHandle db, DATA_IN(passphrase)) +kern_return_t ucsp_server_unlockDbWithPassphrase(UCSP_ARGS, DbHandle db, DATA_IN(passphrase)) { - BEGIN_IPC + BEGIN_IPC(unlockDbWithPassphrase) Server::keychain(db)->unlockDb(DATA(passphrase)); END_IPC(DL) } -kern_return_t ucsp_server_isLocked(UCSP_ARGS, IPCDbHandle db, boolean_t *locked) +kern_return_t ucsp_server_isLocked(UCSP_ARGS, DbHandle db, boolean_t *locked) { - BEGIN_IPC + BEGIN_IPC(isLocked) *locked = Server::database(db)->isLocked(); END_IPC(DL) } @@ -631,10 +683,10 @@ kern_return_t ucsp_server_isLocked(UCSP_ARGS, IPCDbHandle db, boolean_t *locked) // // Key management // -kern_return_t ucsp_server_encodeKey(UCSP_ARGS, IPCKeyHandle keyh, DATA_OUT(blob), +kern_return_t ucsp_server_encodeKey(UCSP_ARGS, KeyHandle keyh, DATA_OUT(blob), boolean_t wantUid, DATA_OUT(uid)) { - BEGIN_IPC + BEGIN_IPC(encodeKey) RefPointer gKey = Server::key(keyh); if (KeychainKey *key = dynamic_cast(gKey.get())) { KeyBlob *keyBlob = key->blob(); // still owned by key @@ -651,15 +703,13 @@ kern_return_t ucsp_server_encodeKey(UCSP_ARGS, IPCKeyHandle keyh, DATA_OUT(blob) END_IPC(CSP) } -kern_return_t ucsp_server_decodeKey(UCSP_ARGS, IPCKeyHandle *keyh, DATA_OUT(keyHeader), - IPCDbHandle db, DATA_IN(blob)) +kern_return_t ucsp_server_decodeKey(UCSP_ARGS, KeyHandle *keyh, DATA_OUT(keyHeader), + DbHandle db, DATA_IN(blob)) { - BEGIN_IPC + BEGIN_IPC(decodeKey) RefPointer key = new KeychainKey(*Server::keychain(db), SSBLOB(KeyBlob, blob)); CssmKey::Header header; - KeyHandle keyHandle; - key->returnKey(keyHandle, header); - *keyh = keyHandle; + key->returnKey(*keyh, header); if (!copyin(&header, reinterpret_cast (xdr_CSSM_KEYHEADER), keyHeader, keyHeaderLength)) CssmError::throwMe(CSSMERR_CSSM_MEMORY_ERROR); Server::releaseWhenDone(*keyHeader); @@ -667,10 +717,10 @@ kern_return_t ucsp_server_decodeKey(UCSP_ARGS, IPCKeyHandle *keyh, DATA_OUT(keyH } // keychain synchronization -kern_return_t ucsp_server_recodeKey(UCSP_ARGS, IPCDbHandle oldDb, IPCKeyHandle keyh, - IPCDbHandle newDb, DATA_OUT(newBlob)) +kern_return_t ucsp_server_recodeKey(UCSP_ARGS, DbHandle oldDb, KeyHandle keyh, + DbHandle newDb, DATA_OUT(newBlob)) { - BEGIN_IPC + BEGIN_IPC(recodeKey) // If the old key is passed in as DATA_IN(oldBlob): // RefPointer key = new KeychainKey(*Server::keychain(oldDb), SSBLOB(KeyBlob, oldBlob)); RefPointer key = Server::key(keyh); @@ -686,35 +736,35 @@ kern_return_t ucsp_server_recodeKey(UCSP_ARGS, IPCDbHandle oldDb, IPCKeyHandle k END_IPC(CSP) } -kern_return_t ucsp_server_releaseKey(UCSP_ARGS, IPCKeyHandle keyh) +kern_return_t ucsp_server_releaseKey(UCSP_ARGS, KeyHandle keyh) { - BEGIN_IPC + BEGIN_IPC(releaseKey) RefPointer key = Server::key(keyh); key->database().releaseKey(*key); END_IPC(CSP) } -kern_return_t ucsp_server_queryKeySizeInBits(UCSP_ARGS, IPCKeyHandle keyh, CSSM_KEY_SIZE *length) +kern_return_t ucsp_server_queryKeySizeInBits(UCSP_ARGS, KeyHandle keyh, CSSM_KEY_SIZE *length) { - BEGIN_IPC + BEGIN_IPC(queryKeySizeInBits) RefPointer key = Server::key(keyh); key->database().queryKeySizeInBits(*key, CssmKeySize::overlay(*length)); END_IPC(CSP) } -kern_return_t ucsp_server_getOutputSize(UCSP_ARGS, DATA_IN(context), IPCKeyHandle keyh, +kern_return_t ucsp_server_getOutputSize(UCSP_ARGS, DATA_IN(context), KeyHandle keyh, uint32 inputSize, boolean_t encrypt, uint32 *outputSize) { - BEGIN_IPC + BEGIN_IPC(getOutputSize) CopyOutContext ctx(context, contextLength); RefPointer key = Server::key(keyh); key->database().getOutputSize(*ctx, *key, inputSize, encrypt, *outputSize); END_IPC(CSP) } -kern_return_t ucsp_server_getKeyDigest(UCSP_ARGS, IPCKeyHandle key, DATA_OUT(digest)) +kern_return_t ucsp_server_getKeyDigest(UCSP_ARGS, KeyHandle key, DATA_OUT(digest)) { - BEGIN_IPC + BEGIN_IPC(getKeyDigest) CssmData digestData = Server::key(key)->canonicalDigest(); *digest = digestData.data(); *digestLength = digestData.length(); @@ -725,10 +775,10 @@ kern_return_t ucsp_server_getKeyDigest(UCSP_ARGS, IPCKeyHandle key, DATA_OUT(dig // // Signatures and MACs // -kern_return_t ucsp_server_generateSignature(UCSP_ARGS, DATA_IN(context), IPCKeyHandle keyh, +kern_return_t ucsp_server_generateSignature(UCSP_ARGS, DATA_IN(context), KeyHandle keyh, CSSM_ALGORITHMS signOnlyAlgorithm, DATA_IN(data), DATA_OUT(signature)) { - BEGIN_IPC + BEGIN_IPC(generateSignature) CopyOutContext ctx(context, contextLength); RefPointer key = Server::key(keyh); OutputData sigData(signature, signatureLength); @@ -737,10 +787,10 @@ kern_return_t ucsp_server_generateSignature(UCSP_ARGS, DATA_IN(context), IPCKeyH END_IPC(CSP) } -kern_return_t ucsp_server_verifySignature(UCSP_ARGS, DATA_IN(context), IPCKeyHandle keyh, +kern_return_t ucsp_server_verifySignature(UCSP_ARGS, DATA_IN(context), KeyHandle keyh, CSSM_ALGORITHMS verifyOnlyAlgorithm, DATA_IN(data), DATA_IN(signature)) { - BEGIN_IPC + BEGIN_IPC(verifySignature) CopyOutContext ctx(context, contextLength); RefPointer key = Server::key(keyh); key->database().verifySignature(*ctx, *key, verifyOnlyAlgorithm, @@ -748,10 +798,10 @@ kern_return_t ucsp_server_verifySignature(UCSP_ARGS, DATA_IN(context), IPCKeyHan END_IPC(CSP) } -kern_return_t ucsp_server_generateMac(UCSP_ARGS, DATA_IN(context), IPCKeyHandle keyh, +kern_return_t ucsp_server_generateMac(UCSP_ARGS, DATA_IN(context), KeyHandle keyh, DATA_IN(data), DATA_OUT(mac)) { - BEGIN_IPC + BEGIN_IPC(generateMac) CopyOutContext ctx(context, contextLength); RefPointer key = Server::key(keyh); OutputData macData(mac, macLength); @@ -759,10 +809,10 @@ kern_return_t ucsp_server_generateMac(UCSP_ARGS, DATA_IN(context), IPCKeyHandle END_IPC(CSP) } -kern_return_t ucsp_server_verifyMac(UCSP_ARGS, DATA_IN(context), IPCKeyHandle keyh, +kern_return_t ucsp_server_verifyMac(UCSP_ARGS, DATA_IN(context), KeyHandle keyh, DATA_IN(data), DATA_IN(mac)) { - BEGIN_IPC + BEGIN_IPC(verifyMac) CopyOutContext ctx(context, contextLength); RefPointer key = Server::key(keyh); key->database().verifyMac(*ctx, *key, DATA(data), DATA(mac)); @@ -773,10 +823,10 @@ kern_return_t ucsp_server_verifyMac(UCSP_ARGS, DATA_IN(context), IPCKeyHandle ke // // Encryption/Decryption // -kern_return_t ucsp_server_encrypt(UCSP_ARGS, DATA_IN(context), IPCKeyHandle keyh, +kern_return_t ucsp_server_encrypt(UCSP_ARGS, DATA_IN(context), KeyHandle keyh, DATA_IN(clear), DATA_OUT(cipher)) { - BEGIN_IPC + BEGIN_IPC(encrypt) CopyOutContext ctx(context, contextLength); RefPointer key = Server::key(keyh); OutputData cipherOut(cipher, cipherLength); @@ -784,10 +834,10 @@ kern_return_t ucsp_server_encrypt(UCSP_ARGS, DATA_IN(context), IPCKeyHandle keyh END_IPC(CSP) } -kern_return_t ucsp_server_decrypt(UCSP_ARGS, DATA_IN(context), IPCKeyHandle keyh, +kern_return_t ucsp_server_decrypt(UCSP_ARGS, DATA_IN(context), KeyHandle keyh, DATA_IN(cipher), DATA_OUT(clear)) { - BEGIN_IPC + BEGIN_IPC(decrypt) CopyOutContext ctx(context, contextLength); RefPointer key = Server::key(keyh); OutputData clearOut(clear, clearLength); @@ -799,11 +849,11 @@ kern_return_t ucsp_server_decrypt(UCSP_ARGS, DATA_IN(context), IPCKeyHandle keyh // // Key generation // -kern_return_t ucsp_server_generateKey(UCSP_ARGS, IPCDbHandle db, DATA_IN(context), +kern_return_t ucsp_server_generateKey(UCSP_ARGS, DbHandle db, DATA_IN(context), DATA_IN(cred), DATA_IN(owner), - uint32 usage, uint32 attrs, IPCKeyHandle *newKey, DATA_OUT(keyHeader)) + uint32 usage, uint32 attrs, KeyHandle *newKey, DATA_OUT(keyHeader)) { - BEGIN_IPC + BEGIN_IPC(generateKey) CopyOutContext ctx(context, contextLength); CopyOutAccessCredentials creds(cred, credLength); @@ -814,9 +864,7 @@ kern_return_t ucsp_server_generateKey(UCSP_ARGS, IPCDbHandle db, DATA_IN(context RefPointer key; database->generateKey(*ctx, creds, owneracl, usage, attrs, key); CssmKey::Header newHeader; - KeyHandle keyHandle; - key->returnKey(keyHandle, newHeader); - *newKey = keyHandle; + key->returnKey(*newKey, newHeader); if (!copyin(&newHeader, reinterpret_cast (xdr_CSSM_KEYHEADER), keyHeader, keyHeaderLength)) CssmError::throwMe(CSSMERR_CSSM_MEMORY_ERROR); @@ -824,12 +872,12 @@ kern_return_t ucsp_server_generateKey(UCSP_ARGS, IPCDbHandle db, DATA_IN(context END_IPC(CSP) } -kern_return_t ucsp_server_generateKeyPair(UCSP_ARGS, IPCDbHandle db, DATA_IN(context), +kern_return_t ucsp_server_generateKeyPair(UCSP_ARGS, DbHandle db, DATA_IN(context), DATA_IN(cred), DATA_IN(owner), uint32 pubUsage, uint32 pubAttrs, uint32 privUsage, uint32 privAttrs, - IPCKeyHandle *pubKey, DATA_OUT(pubHeader), IPCKeyHandle *privKey, DATA_OUT(privHeader)) + KeyHandle *pubKey, DATA_OUT(pubHeader), KeyHandle *privKey, DATA_OUT(privHeader)) { - BEGIN_IPC + BEGIN_IPC(generateKeyPair) CopyOutContext ctx(context, contextLength); CopyOutAccessCredentials creds(cred, credLength); CopyOutEntryAcl owneracl(owner, ownerLength); @@ -839,16 +887,13 @@ kern_return_t ucsp_server_generateKeyPair(UCSP_ARGS, IPCDbHandle db, DATA_IN(con database->generateKey(*ctx, creds, owneracl, pubUsage, pubAttrs, privUsage, privAttrs, pub, priv); CssmKey::Header tmpPubHeader, tmpPrivHeader; - KeyHandle pubKeyHandle, privKeyHandle; - pub->returnKey(pubKeyHandle, tmpPubHeader); - *pubKey = pubKeyHandle; + pub->returnKey(*pubKey, tmpPubHeader); if (!copyin(&tmpPubHeader, reinterpret_cast (xdr_CSSM_KEYHEADER), pubHeader, pubHeaderLength)) CssmError::throwMe(CSSMERR_CSSM_MEMORY_ERROR); Server::releaseWhenDone(*pubHeader); - priv->returnKey(privKeyHandle, tmpPrivHeader); - *privKey = privKeyHandle; + priv->returnKey(*privKey, tmpPrivHeader); if (!copyin(&tmpPrivHeader, reinterpret_cast (xdr_CSSM_KEYHEADER), privHeader, privHeaderLength)) CssmError::throwMe(CSSMERR_CSSM_MEMORY_ERROR); Server::releaseWhenDone(*privHeader); @@ -860,11 +905,11 @@ kern_return_t ucsp_server_generateKeyPair(UCSP_ARGS, IPCDbHandle db, DATA_IN(con // // Key wrapping and unwrapping // -kern_return_t ucsp_server_wrapKey(UCSP_ARGS, DATA_IN(context), IPCKeyHandle hWrappingKey, - DATA_IN(cred), IPCKeyHandle hKeyToBeWrapped, +kern_return_t ucsp_server_wrapKey(UCSP_ARGS, DATA_IN(context), KeyHandle hWrappingKey, + DATA_IN(cred), KeyHandle hKeyToBeWrapped, DATA_IN(descriptiveData), DATA_OUT(wrappedKeyData)) { - BEGIN_IPC + BEGIN_IPC(wrapKey) CssmKey wrappedKey; CopyOutContext ctx(context, contextLength); CopyOutAccessCredentials creds(cred, credLength); @@ -883,13 +928,13 @@ kern_return_t ucsp_server_wrapKey(UCSP_ARGS, DATA_IN(context), IPCKeyHandle hWra END_IPC(CSP) } -kern_return_t ucsp_server_unwrapKey(UCSP_ARGS, IPCDbHandle db, DATA_IN(context), - IPCKeyHandle hWrappingKey, DATA_IN(cred), DATA_IN(owner), - IPCKeyHandle hPublicKey, DATA_IN(wrappedKeyData), +kern_return_t ucsp_server_unwrapKey(UCSP_ARGS, DbHandle db, DATA_IN(context), + KeyHandle hWrappingKey, DATA_IN(cred), DATA_IN(owner), + KeyHandle hPublicKey, DATA_IN(wrappedKeyData), CSSM_KEYUSE usage, CSSM_KEYATTR_FLAGS attrs, DATA_OUT(descriptiveData), - IPCKeyHandle *newKey, DATA_OUT(keyHeader)/*CssmKey::Header *newHeader*/) + KeyHandle *newKey, DATA_OUT(keyHeader)/*CssmKey::Header *newHeader*/) { - BEGIN_IPC + BEGIN_IPC(unwrapKey) CopyOutContext ctx(context, contextLength); CopyOutKey wrappedKey(wrappedKeyData, wrappedKeyDataLength); CopyOutAccessCredentials creds(cred, credLength); @@ -902,9 +947,7 @@ kern_return_t ucsp_server_unwrapKey(UCSP_ARGS, IPCDbHandle db, DATA_IN(context), usage, attrs, wrappedKey.key(), unwrappedKey, descriptiveDatas); CssmKey::Header newHeader; - KeyHandle keyHandle; - unwrappedKey->returnKey(keyHandle, newHeader); - *newKey = keyHandle; + unwrappedKey->returnKey(*newKey, newHeader); if (!copyin(&newHeader, reinterpret_cast (xdr_CSSM_KEYHEADER), keyHeader, keyHeaderLength)) CssmError::throwMe(CSSMERR_CSSM_MEMORY_ERROR); Server::releaseWhenDone(*keyHeader); @@ -920,12 +963,12 @@ kern_return_t ucsp_server_unwrapKey(UCSP_ARGS, IPCDbHandle db, DATA_IN(context), // (artificial) POD CssmDeriveData handles those that are known; if you add // an algorithm with structured param, you need to add a case there. // -kern_return_t ucsp_server_deriveKey(UCSP_ARGS, IPCDbHandle db, DATA_IN(context), IPCKeyHandle hKey, +kern_return_t ucsp_server_deriveKey(UCSP_ARGS, DbHandle db, DATA_IN(context), KeyHandle hKey, DATA_IN(cred), DATA_IN(owner), DATA_IN(paramInput), DATA_OUT(paramOutput), - uint32 usage, uint32 attrs, IPCKeyHandle *newKey, DATA_OUT(keyHeader)) + uint32 usage, uint32 attrs, KeyHandle *newKey, DATA_OUT(keyHeader)) { - BEGIN_IPC + BEGIN_IPC(deriveKey) CopyOutContext ctx(context, contextLength); CopyOutAccessCredentials creds(cred, credLength); CopyOutEntryAcl owneracl(owner, ownerLength); @@ -942,9 +985,7 @@ kern_return_t ucsp_server_deriveKey(UCSP_ARGS, IPCDbHandle db, DATA_IN(context), key)->deriveKey(*ctx, key, creds, owneracl, static_cast(¶m), usage, attrs, derivedKey); CssmKey::Header newHeader; - KeyHandle keyHandle; - derivedKey->returnKey(keyHandle, newHeader); - *newKey = keyHandle; + derivedKey->returnKey(*newKey, newHeader); if (!copyin(&newHeader, reinterpret_cast (xdr_CSSM_KEYHEADER), keyHeader, keyHeaderLength)) CssmError::throwMe(CSSMERR_CSSM_MEMORY_ERROR); @@ -964,7 +1005,7 @@ kern_return_t ucsp_server_deriveKey(UCSP_ARGS, IPCDbHandle db, DATA_IN(context), // kern_return_t ucsp_server_generateRandom(UCSP_ARGS, uint32 ssid, DATA_IN(context), DATA_OUT(data)) { - BEGIN_IPC + BEGIN_IPC(generateRandom) CopyOutContext ctx(context, contextLength); if (ssid) CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED); @@ -986,10 +1027,10 @@ kern_return_t ucsp_server_generateRandom(UCSP_ARGS, uint32 ssid, DATA_IN(context // ACL management. // Watch out for the memory-management tap-dance. // -kern_return_t ucsp_server_getOwner(UCSP_ARGS, AclKind kind, IPCKeyHandle key, +kern_return_t ucsp_server_getOwner(UCSP_ARGS, AclKind kind, KeyHandle key, DATA_OUT(ownerOut)) { - BEGIN_IPC + BEGIN_IPC(getOwner) AclOwnerPrototype owner; Server::aclBearer(kind, key).getOwner(owner); // allocates memory in owner void *owners_data; u_int owners_length; @@ -1003,21 +1044,21 @@ kern_return_t ucsp_server_getOwner(UCSP_ARGS, AclKind kind, IPCKeyHandle key, END_IPC(CSP) } -kern_return_t ucsp_server_setOwner(UCSP_ARGS, AclKind kind, IPCKeyHandle key, +kern_return_t ucsp_server_setOwner(UCSP_ARGS, AclKind kind, KeyHandle key, DATA_IN(cred), DATA_IN(owner)) { - BEGIN_IPC + BEGIN_IPC(setOwner) CopyOutAccessCredentials creds(cred, credLength); CopyOutOwnerAcl owneracl(owner, ownerLength); Server::aclBearer(kind, key).changeOwner(*owneracl, creds); END_IPC(CSP) } -kern_return_t ucsp_server_getAcl(UCSP_ARGS, AclKind kind, IPCKeyHandle key, +kern_return_t ucsp_server_getAcl(UCSP_ARGS, AclKind kind, KeyHandle key, boolean_t haveTag, const char *tag, uint32 *countp, DATA_OUT(acls)) { - BEGIN_IPC + BEGIN_IPC(getAcl) uint32 count; AclEntryInfo *aclList; Server::aclBearer(kind, key).getAcl(haveTag ? tag : NULL, count, aclList); @@ -1044,11 +1085,11 @@ kern_return_t ucsp_server_getAcl(UCSP_ARGS, AclKind kind, IPCKeyHandle key, END_IPC(CSP) } -kern_return_t ucsp_server_changeAcl(UCSP_ARGS, AclKind kind, IPCKeyHandle key, - DATA_IN(cred), CSSM_ACL_EDIT_MODE mode, IPCGenericHandle handle, +kern_return_t ucsp_server_changeAcl(UCSP_ARGS, AclKind kind, KeyHandle key, + DATA_IN(cred), CSSM_ACL_EDIT_MODE mode, GenericHandle handle, DATA_IN(acl)) { - BEGIN_IPC + BEGIN_IPC(changeAcl) CopyOutAccessCredentials creds(cred, credLength); CopyOutAclEntryInput entryacl(acl, aclLength); @@ -1062,7 +1103,7 @@ kern_return_t ucsp_server_changeAcl(UCSP_ARGS, AclKind kind, IPCKeyHandle key, // kern_return_t ucsp_server_login(UCSP_ARGS, DATA_IN(cred), DATA_IN(name)) { - BEGIN_IPC + BEGIN_IPC(login) CopyOutAccessCredentials creds(cred, credLength); CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED); END_IPC(CSP) @@ -1070,7 +1111,7 @@ kern_return_t ucsp_server_login(UCSP_ARGS, DATA_IN(cred), DATA_IN(name)) kern_return_t ucsp_server_logout(UCSP_ARGS) { - BEGIN_IPC + BEGIN_IPC(logout) CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED); END_IPC(CSP) } @@ -1081,28 +1122,28 @@ kern_return_t ucsp_server_logout(UCSP_ARGS) // kern_return_t ucsp_server_getStatistics(UCSP_ARGS, uint32 ssid, CSSM_CSP_OPERATIONAL_STATISTICS *statistics) { - BEGIN_IPC + BEGIN_IPC(getStatistics) CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED); END_IPC(CSP) } kern_return_t ucsp_server_getTime(UCSP_ARGS, uint32 ssid, CSSM_ALGORITHMS algorithm, DATA_OUT(data)) { - BEGIN_IPC + BEGIN_IPC(getTime) CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED); END_IPC(CSP) } kern_return_t ucsp_server_getCounter(UCSP_ARGS, uint32 ssid, DATA_OUT(data)) { - BEGIN_IPC + BEGIN_IPC(getCounter) CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED); END_IPC(CSP) } kern_return_t ucsp_server_selfVerify(UCSP_ARGS, uint32 ssid) { - BEGIN_IPC + BEGIN_IPC(selfVerify) CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED); END_IPC(CSP) } @@ -1112,9 +1153,9 @@ kern_return_t ucsp_server_selfVerify(UCSP_ARGS, uint32 ssid) // Passthrough calls (separate for CSP and DL passthroughs) // kern_return_t ucsp_server_cspPassThrough(UCSP_ARGS, uint32 ssid, uint32 id, DATA_IN(context), - IPCKeyHandle hKey, DATA_IN(inData), DATA_OUT(outData)) + KeyHandle hKey, DATA_IN(inData), DATA_OUT(outData)) { - BEGIN_IPC + BEGIN_IPC(cspPassThrough) CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED); END_IPC(CSP) } @@ -1122,7 +1163,7 @@ kern_return_t ucsp_server_cspPassThrough(UCSP_ARGS, uint32 ssid, uint32 id, DATA kern_return_t ucsp_server_dlPassThrough(UCSP_ARGS, uint32 ssid, uint32 id, DATA_IN(inData), DATA_OUT(outData)) { - BEGIN_IPC + BEGIN_IPC(dlPassThrough) CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED); END_IPC(DL) } @@ -1133,11 +1174,11 @@ kern_return_t ucsp_server_dlPassThrough(UCSP_ARGS, uint32 ssid, uint32 id, // ExtractMasterKey looks vaguely like a key derivation operation, and is in fact // presented by the CSPDL's CSSM layer as such. // -kern_return_t ucsp_server_extractMasterKey(UCSP_ARGS, IPCDbHandle db, DATA_IN(context), IPCDbHandle sourceDb, +kern_return_t ucsp_server_extractMasterKey(UCSP_ARGS, DbHandle db, DATA_IN(context), DbHandle sourceDb, DATA_IN(cred), DATA_IN(owner), - uint32 usage, uint32 attrs, IPCKeyHandle *newKey, DATA_OUT(keyHeader)) + uint32 usage, uint32 attrs, KeyHandle *newKey, DATA_OUT(keyHeader)) { - BEGIN_IPC + BEGIN_IPC(extractMasterKey) CopyOutAccessCredentials creds(cred, credLength); CopyOutEntryAcl owneracl(owner, ownerLength); CopyOutContext ctx(context, contextLength); @@ -1145,10 +1186,8 @@ kern_return_t ucsp_server_extractMasterKey(UCSP_ARGS, IPCDbHandle db, DATA_IN(co RefPointer masterKey = keychain->extractMasterKey( *Server::optionalDatabase(db, attrs & CSSM_KEYATTR_PERMANENT), creds, owneracl, usage, attrs); - KeyHandle keyHandle; CssmKey::Header header; - masterKey->returnKey(keyHandle, header); - *newKey = keyHandle; + masterKey->returnKey(*newKey, header); if (!copyin(&header, reinterpret_cast (xdr_CSSM_KEYHEADER), keyHeader, keyHeaderLength)) CssmError::throwMe(CSSMERR_CSSM_MEMORY_ERROR); Server::releaseWhenDone(*keyHeader); @@ -1165,15 +1204,19 @@ kern_return_t ucsp_server_authorizationCreate(UCSP_ARGS, void *inEnvironment, mach_msg_type_number_t inEnvironmentLength, AuthorizationBlob *authorization) { - BEGIN_IPC + BEGIN_IPC(authorizationCreate) AuthorizationItemSet *authrights = NULL, *authenvironment = NULL; if (inRights && !copyout_AuthorizationItemSet(inRights, inRightsLength, &authrights)) + { + Syslog::alert("ucsp_server_authorizationCreate(): error converting 'rights' input"); CssmError::throwMe(errAuthorizationInternal); // allocation error probably + } if (inEnvironment && !copyout_AuthorizationItemSet(inEnvironment, inEnvironmentLength, &authenvironment)) { free(authrights); + Syslog::alert("ucsp_server_authorizationCreate(): error converting 'environment' input"); CssmError::throwMe(errAuthorizationInternal); // allocation error probably } @@ -1196,7 +1239,7 @@ kern_return_t ucsp_server_authorizationCreate(UCSP_ARGS, kern_return_t ucsp_server_authorizationRelease(UCSP_ARGS, AuthorizationBlob authorization, uint32 flags) { - BEGIN_IPC + BEGIN_IPC(authorizationRelease) connection.process().session().authFree(authorization, flags); END_IPC(CSSM) } @@ -1208,15 +1251,18 @@ kern_return_t ucsp_server_authorizationCopyRights(UCSP_ARGS, void *inEnvironment, mach_msg_type_number_t inEnvironmentLength, void **result, mach_msg_type_number_t *resultLength) { - BEGIN_IPC + BEGIN_IPC(authorizationCopyRights) AuthorizationItemSet *authrights = NULL, *authenvironment = NULL; if (inRights && !copyout_AuthorizationItemSet(inRights, inRightsLength, &authrights)) + { + Syslog::alert("ucsp_server_authorizationCopyRights(): error converting 'rights' input"); CssmError::throwMe(errAuthorizationInternal); // allocation error probably - + } if (inEnvironment && !copyout_AuthorizationItemSet(inEnvironment, inEnvironmentLength, &authenvironment)) { free(authrights); + Syslog::alert("ucsp_server_authorizationCopyRights(): error converting 'environment' input"); CssmError::throwMe(errAuthorizationInternal); // allocation error probably } @@ -1237,6 +1283,7 @@ kern_return_t ucsp_server_authorizationCopyRights(UCSP_ARGS, if (!copyin_AuthorizationItemSet(copyout, result, resultLength)) { free(copyout); + Syslog::alert("ucsp_server_authorizationCopyRights(): error packaging return information"); CssmError::throwMe(errAuthorizationInternal); } free(copyout); @@ -1250,7 +1297,7 @@ kern_return_t ucsp_server_authorizationCopyInfo(UCSP_ARGS, AuthorizationString tag, void **info, mach_msg_type_number_t *infoLength) { - BEGIN_IPC + BEGIN_IPC(authorizationCopyInfo) Authorization::AuthItemSet infoSet; *info = NULL; *infoLength = 0; @@ -1262,6 +1309,7 @@ kern_return_t ucsp_server_authorizationCopyInfo(UCSP_ARGS, if (!copyin_AuthorizationItemSet(copyout, info, infoLength)) { free(copyout); + Syslog::alert("ucsp_server_authorizationCopyInfo(): error packaging return information"); CssmError::throwMe(errAuthorizationInternal); } free(copyout); @@ -1273,7 +1321,7 @@ kern_return_t ucsp_server_authorizationCopyInfo(UCSP_ARGS, kern_return_t ucsp_server_authorizationExternalize(UCSP_ARGS, AuthorizationBlob authorization, AuthorizationExternalForm *extForm) { - BEGIN_IPC + BEGIN_IPC(authorizationExternalize) *rcode = connection.process().session().authExternalize(authorization, *extForm); END_IPC(CSSM) } @@ -1281,7 +1329,7 @@ kern_return_t ucsp_server_authorizationExternalize(UCSP_ARGS, kern_return_t ucsp_server_authorizationInternalize(UCSP_ARGS, AuthorizationExternalForm extForm, AuthorizationBlob *authorization) { - BEGIN_IPC + BEGIN_IPC(authorizationInternalize) *rcode = connection.process().session().authInternalize(extForm, *authorization); END_IPC(CSSM) } @@ -1293,17 +1341,17 @@ kern_return_t ucsp_server_authorizationInternalize(UCSP_ARGS, kern_return_t ucsp_server_getSessionInfo(UCSP_ARGS, SecuritySessionId *sessionId, SessionAttributeBits *attrs) { - BEGIN_IPC - Session &session = Session::find(*sessionId); - *sessionId = session.handle(); - *attrs = session.attributes(); + BEGIN_IPC(getSessionInfo) + Session &session = Session::find(*sessionId); + *sessionId = session.handle(); + *attrs = session.attributes(); END_IPC(CSSM) } kern_return_t ucsp_server_setupSession(UCSP_ARGS, SessionCreationFlags flags, SessionAttributeBits attrs) { - BEGIN_IPC + BEGIN_IPC(setupSession) Server::process().session().setupAttributes(flags, attrs); END_IPC(CSSM) } @@ -1311,7 +1359,7 @@ kern_return_t ucsp_server_setupSession(UCSP_ARGS, kern_return_t ucsp_server_setSessionDistinguishedUid(UCSP_ARGS, SecuritySessionId sessionId, uid_t user) { - BEGIN_IPC + BEGIN_IPC(setSessionDistinguishedUid) Session::find(sessionId).originatorUid(user); END_IPC(CSSM) } @@ -1319,14 +1367,14 @@ kern_return_t ucsp_server_setSessionDistinguishedUid(UCSP_ARGS, kern_return_t ucsp_server_getSessionDistinguishedUid(UCSP_ARGS, SecuritySessionId sessionId, uid_t *user) { - BEGIN_IPC + BEGIN_IPC(getSessionDistinguishedUid) *user = Session::find(sessionId).originatorUid(); END_IPC(CSSM) } kern_return_t ucsp_server_setSessionUserPrefs(UCSP_ARGS, SecuritySessionId sessionId, DATA_IN(userPrefs)) { - BEGIN_IPC + BEGIN_IPC(setSessionuserPrefs) CFRef data(CFDataCreate(NULL, (UInt8 *)userPrefs, userPrefsLength)); if (!data) @@ -1350,7 +1398,7 @@ kern_return_t ucsp_server_setSessionUserPrefs(UCSP_ARGS, SecuritySessionId sessi kern_return_t ucsp_server_postNotification(UCSP_ARGS, uint32 domain, uint32 event, DATA_IN(data), uint32 sequence) { - BEGIN_IPC + BEGIN_IPC(postNotification) Listener::notify(domain, event, sequence, DATA(data)); END_IPC(CSSM) } @@ -1361,7 +1409,7 @@ kern_return_t ucsp_server_postNotification(UCSP_ARGS, uint32 domain, uint32 even // kern_return_t ucsp_server_authorizationdbGet(UCSP_ARGS, const char *rightname, DATA_OUT(rightDefinition)) { - BEGIN_IPC + BEGIN_IPC(authorizationdbGet) CFDictionaryRef rightDict; *rcode = connection.process().session().authorizationdbGet(rightname, &rightDict); @@ -1371,7 +1419,10 @@ kern_return_t ucsp_server_authorizationdbGet(UCSP_ARGS, const char *rightname, D CFRef data(CFPropertyListCreateXMLData (NULL, rightDict)); CFRelease(rightDict); if (!data) + { + Syslog::alert("ucsp_server_authorizationGet(): unable to make XML version of right definition for '%s'", rightname); return errAuthorizationInternal; + } // @@@ copy data to avoid having to do a delayed cfrelease mach_msg_type_number_t length = CFDataGetLength(data); @@ -1387,16 +1438,22 @@ kern_return_t ucsp_server_authorizationdbGet(UCSP_ARGS, const char *rightname, D kern_return_t ucsp_server_authorizationdbSet(UCSP_ARGS, AuthorizationBlob authorization, const char *rightname, DATA_IN(rightDefinition)) { - BEGIN_IPC + BEGIN_IPC(authorizationdbSet) CFRef data(CFDataCreate(NULL, (UInt8 *)rightDefinition, rightDefinitionLength)); if (!data) + { + Syslog::alert("ucsp_server_authorizationSet(): CFDataCreate() error"); return errAuthorizationInternal; + } CFRef rightDefinition(static_cast(CFPropertyListCreateFromXMLData(NULL, data, kCFPropertyListImmutable, NULL))); if (!rightDefinition || (CFGetTypeID(rightDefinition) != CFDictionaryGetTypeID())) + { + Syslog::alert("ucsp_server_authorizationSet(): error converting XML right definition for '%s' to property list", rightname); return errAuthorizationInternal; + } *rcode = connection.process().session().authorizationdbSet(authorization, rightname, rightDefinition); @@ -1405,7 +1462,7 @@ kern_return_t ucsp_server_authorizationdbSet(UCSP_ARGS, AuthorizationBlob author kern_return_t ucsp_server_authorizationdbRemove(UCSP_ARGS, AuthorizationBlob authorization, const char *rightname) { - BEGIN_IPC + BEGIN_IPC(authorizationdbRemove) *rcode = connection.process().session().authorizationdbRemove(authorization, rightname); END_IPC(CSSM) } @@ -1417,7 +1474,7 @@ kern_return_t ucsp_server_authorizationdbRemove(UCSP_ARGS, AuthorizationBlob aut kern_return_t ucsp_server_addCodeEquivalence(UCSP_ARGS, DATA_IN(oldHash), DATA_IN(newHash), const char *name, boolean_t forSystem) { - BEGIN_IPC + BEGIN_IPC(addCodeEquivalence) Server::codeSignatures().addLink(DATA(oldHash), DATA(newHash), name, forSystem); END_IPC(CSSM) } @@ -1425,14 +1482,14 @@ kern_return_t ucsp_server_addCodeEquivalence(UCSP_ARGS, DATA_IN(oldHash), DATA_I kern_return_t ucsp_server_removeCodeEquivalence(UCSP_ARGS, DATA_IN(hash), const char *name, boolean_t forSystem) { - BEGIN_IPC + BEGIN_IPC(removeCodeEquivalence) Server::codeSignatures().removeLink(DATA(hash), name, forSystem); END_IPC(CSSM) } kern_return_t ucsp_server_setAlternateSystemRoot(UCSP_ARGS, const char *root) { - BEGIN_IPC + BEGIN_IPC(setAlternateSystemRoot) #if defined(NDEBUG) if (connection.process().uid() != 0) CssmError::throwMe(CSSM_ERRCODE_OS_ACCESS_DENIED); @@ -1450,7 +1507,7 @@ kern_return_t ucsp_server_childCheckIn(mach_port_t serverPort, mach_port_t servicePort, mach_port_t taskPort) { BEGIN_IPCS - ServerChild::checkIn(servicePort, TaskPort(taskPort).pid()); + ServerChild::checkIn(servicePort, TaskPort(taskPort).pid()); END_IPCS(mach_port_deallocate(mach_task_self(), taskPort)) } @@ -1462,14 +1519,14 @@ kern_return_t ucsp_server_childCheckIn(mach_port_t serverPort, // kern_return_t ucsp_server_registerHosting(UCSP_ARGS, mach_port_t hostingPort, uint32 flags) { - BEGIN_IPC + BEGIN_IPC(registerHosting) connection.process().registerCodeSigning(hostingPort, flags); END_IPC(CSSM) } kern_return_t ucsp_server_hostingPort(UCSP_ARGS, pid_t hostPid, mach_port_t *hostingPort) { - BEGIN_IPC + BEGIN_IPC(hostingPort) if (RefPointer process = Server::active().findPid(hostPid)) *hostingPort = process->hostingPort(); else @@ -1481,31 +1538,38 @@ kern_return_t ucsp_server_hostingPort(UCSP_ARGS, pid_t hostPid, mach_port_t *hos kern_return_t ucsp_server_setGuest(UCSP_ARGS, SecGuestRef guest, SecCSFlags flags) { - BEGIN_IPC + BEGIN_IPC(setGuest) connection.guestRef(guest, flags); END_IPC(CSSM) } kern_return_t ucsp_server_createGuest(UCSP_ARGS, SecGuestRef host, - uint32_t status, const char *path, DATA_IN(attributes), SecCSFlags flags, SecGuestRef *newGuest) + uint32_t status, const char *path, DATA_IN(cdhash), DATA_IN(attributes), + SecCSFlags flags, SecGuestRef *newGuest) { - BEGIN_IPC - *newGuest = connection.process().createGuest(host, status, path, DATA(attributes), flags); + BEGIN_IPC(createGuest) + *newGuest = connection.process().createGuest(host, status, path, DATA(cdhash), DATA(attributes), flags); END_IPC(CSSM) } kern_return_t ucsp_server_setGuestStatus(UCSP_ARGS, SecGuestRef guest, uint32_t status, DATA_IN(attributes)) { - BEGIN_IPC + BEGIN_IPC(setGuestStatus) connection.process().setGuestStatus(guest, status, DATA(attributes)); END_IPC(CSSM) } kern_return_t ucsp_server_removeGuest(UCSP_ARGS, SecGuestRef host, SecGuestRef guest) { - BEGIN_IPC + BEGIN_IPC(removeGuest) connection.process().removeGuest(host, guest); END_IPC(CSSM) } + +kern_return_t ucsp_server_helpCheckLoad(UCSP_ARGS, const char path[PATH_MAX], uint32_t type) +{ + BEGIN_IPC(helpCheckLoad) + END_IPC(CSSM) +} -- 2.45.2