From ecf87aec8e5fde32f8f3e72849b434308900917d Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Mon, 22 May 2006 17:12:49 +0000 Subject: Source files containing common routines used by both the client and the server. git-svn-id: svn://anonsvn.mit.edu/krb5/branches/ccapi@18027 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/ccapi/common/NTMakefile | 15 + src/lib/ccapi/common/generic_lists.c | 402 ++++++++++++++++++++++ src/lib/ccapi/common/marshall.c | 440 ++++++++++++++++++++++++ src/lib/ccapi/common/msg.c | 628 +++++++++++++++++++++++++++++++++++ 4 files changed, 1485 insertions(+) create mode 100644 src/lib/ccapi/common/NTMakefile create mode 100644 src/lib/ccapi/common/generic_lists.c create mode 100644 src/lib/ccapi/common/marshall.c create mode 100644 src/lib/ccapi/common/msg.c (limited to 'src/lib/ccapi/common') diff --git a/src/lib/ccapi/common/NTMakefile b/src/lib/ccapi/common/NTMakefile new file mode 100644 index 000000000..d0d92fcbd --- /dev/null +++ b/src/lib/ccapi/common/NTMakefile @@ -0,0 +1,15 @@ +!INCLUDE + +CFLAGS = -I../include $(cdebug) $(cflags) $(cvarsdll) + +CC_COMMON_OBJS = marshall.obj msg.obj generic_lists.obj + +CC_COMMON_LIB = cc_common.lib + +$(CC_COMMON_LIB): $(CC_COMMON_OBJS) + $(implib) /NOLOGO /OUT:$@ $** + +all: $(CC_COMMON_LIB) + +clean: + del *.obj *.lib diff --git a/src/lib/ccapi/common/generic_lists.c b/src/lib/ccapi/common/generic_lists.c new file mode 100644 index 000000000..a48c528f9 --- /dev/null +++ b/src/lib/ccapi/common/generic_lists.c @@ -0,0 +1,402 @@ +/* $Copyright: +* +* Copyright 2004-2006 by the Massachusetts Institute of Technology. +* +* All rights reserved. +* +* Export of this software from the United States of America may require a +* specific license from the United States Government. It is the +* responsibility of any person or organization contemplating export to +* obtain such a license before exporting. +* +* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute +* this software and its documentation for any purpose and without fee is +* hereby granted, provided that the above copyright notice appear in all +* copies and that both that copyright notice and this permission notice +* appear in supporting documentation, and that the name of M.I.T. not be +* used in advertising or publicity pertaining to distribution of the +* software without specific, written prior permission. Furthermore if you +* modify this software you must label your software as modified software +* and not distribute it in such a fashion that it might be confused with +* the original MIT software. M.I.T. makes no representations about the +* suitability of this software for any purpose. It is provided "as is" +* without express or implied warranty. +* +* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED +* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF +* MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +* +* Individual source code files are copyright MIT, Cygnus Support, +* OpenVision, Oracle, Sun Soft, FundsXpress, and others. +* +* Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, +* and Zephyr are trademarks of the Massachusetts Institute of Technology +* (MIT). No commercial use of these trademarks may be made without prior +* written permission of MIT. +* +* "Commercial use" means use of a name in a product or other for-profit +* manner. It does NOT prevent a commercial firm from referring to the MIT +* trademarks in order to convey information (although in doing so, +* recognition of their trademark status should be given). +* $ +*/ + + +/* + * Lists implementation. + * + */ + +#include +#include +#include + +#include "CredentialsCache.h" +#include "generic_lists.h" + +/* this is an incomplete enumeration just including the generic type */ +enum cc_list_type { + generic = 0 +}; + +/** + * cci_generic_iterate_has_next() + * + * Purpose: Determine if an iterator has a next element + * + * Return: 1 if another element exists + * 0 if no additional elements exist + * + * Errors: None + * + */ +cc_int32 +cci_generic_iterate_has_next(cc_generic_iterate_t *iterate) +{ + return ((iterate == NULL || iterate->next == NULL) ? 0 : 1); +} + +/** + * cci_generic_iterate_next() + * + * Purpose: Retrieve the next element from an iterator and advance + * the iterator + * + * Return: non-NULL, the next element in the iterator + * NULL, the iterator list is empty or iterator is invalid + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_generic_iterate_next(cc_generic_iterate_t *iterator, cc_generic_list_node_t** nodepp) +{ + cc_generic_list_node_t* ret; + + if (iterator == NULL || nodepp == NULL) + return ccErrBadParam; + + ret = iterator->next; + if (iterator->next != NULL) + iterator->next = iterator->next->next; + + *nodepp = ret; + return ccNoError; +} + +/** + * cci_generic_list_new() + * + * Purpose: Allocate new generic list + * + * Return: non-NULL, an empty list + * NULL, failure + * + * Errors: ccErrNoMem + * + */ +cc_int32 +cci_generic_list_new(cc_generic_list_head_t ** listpp) +{ + cc_generic_list_head_t* ret = (cc_generic_list_head_t *)malloc(sizeof(cc_generic_list_head_t)); + if (ret == NULL) + return ccErrNoMem; + + ret->type = generic; + ret->head = ret->tail = NULL; + *listpp = ret; + + return ccNoError; +} + +/** + * cci_generic_list_append() + * + * Purpose: Appends a new node containing a copy of 'len' bytes of 'data' + * + * Return: non-NULL, a pointer to the newly allocated node + * NULL, failure + * + * Errors: ccErrNoMem,ccErrBadParam + * + */ +cc_int32 +cci_generic_list_append(cc_generic_list_head_t *head, void *data, cc_uint32 len, cc_generic_list_node_t** nodepp) +{ + cc_generic_list_node_t* new_node; + + if ( data == NULL || len == 0 ) + return ccErrBadParam; + + new_node = (cc_generic_list_node_t *)malloc(sizeof(cc_generic_list_node_t)); + if (new_node == NULL) + return ccErrNoMem; + + new_node->data = malloc(len); + if ( new_node->data == NULL ) { + free(new_node); + return ccErrNoMem; + } + + memcpy(new_node->data,data,len); + new_node->len = len; + + if (head->head == NULL) { /*empty list*/ + head->head = new_node; + head->tail = new_node; + new_node->next = new_node->prev = NULL; + } else { + new_node->prev = head->tail; + head->tail->next = new_node; + head->tail = new_node; + new_node->next = NULL; + } + if (nodepp != NULL) + *nodepp = new_node; + return ccNoError; +} + +/** + * cci_generic_list_prepend() + * + * Purpose: Prepends a new node containing a copy of 'len' bytes of 'data' + * + * Return: non-NULL, a pointer to the newly allocated node + * NULL, failure + * + * Errors: ccErrNoMem, ccErrBadParam + * + */ +cc_int32 +cci_generic_list_prepend(cc_generic_list_head_t *head, void *data, cc_uint32 len, cc_generic_list_node_t** nodepp) +{ + cc_generic_list_node_t* new_node; + + if ( data == NULL || len == 0 ) + return ccErrBadParam; + + new_node = (cc_generic_list_node_t *)malloc(sizeof(cc_generic_list_node_t)); + if (new_node == NULL) + return ccErrNoMem; + + new_node->data = malloc(len); + if ( new_node->data == NULL ) { + free(new_node); + return ccErrNoMem; + } + + memcpy(new_node->data,data,len); + new_node->len = len; + + if (head->head == NULL) { /*empty list*/ + head->head = new_node; + head->tail = new_node; + new_node->prev = new_node->next = NULL; + } else { + new_node->next = head->head; + head->head->prev = new_node; + new_node->prev = NULL; + head->head = new_node; + } + + if (nodepp != NULL) + *nodepp = new_node; + + return ccNoError; +} + +/** + * cci_generic_list_remove_element() + * + * Purpose: Remove a node from the list + * + * Return: 0, success + * -1, failure + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_generic_list_remove_element(cc_generic_list_head_t* head, cc_generic_list_node_t* rem) +{ + if (head->head == NULL || rem == NULL) + return ccErrBadParam; + + if (head->head == rem && head->tail == rem) { /*removing only element of list*/ + head->head = head->tail = NULL; + } else if (head->head == rem) { /*removing head*/ + head->head = head->head->next; + } else if (head->tail == rem) { /*removing tail*/ + head->tail = head->tail->prev; + head->tail->next = NULL; + } else { + rem->prev->next = rem->next; + rem->next->prev = rem->prev; + } + free(rem); + return ccNoError; +} + +/** + * cci_generic_free_element() + * + * Purpose: Free the memory associated with a node + * + * Return: 0, success + * -1, failure + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_generic_free_element(cc_generic_list_node_t* node) +{ + if ( node == NULL ) + return ccErrBadParam; + + if ( node->data ) { + free(node->data); + node->data = NULL; + } + node->len = 0; + node->next = node->prev = NULL; + free(node); + return ccNoError; +} + + +/** + * cci_generic_list_destroy() + * + * Purpose: Deallocate a list and all of its contents + * + * Return: 0, success + * -1, failure + * + * Errors: ccErrBadParam + */ +cc_int32 +cci_generic_list_destroy(cc_generic_list_head_t* head) +{ + cc_generic_list_node_t *cur, *next; + cc_int32 ret = ccNoError; + + if ( head == NULL ) + return ccErrBadParam; + + for (cur = head->head; ret == ccNoError && cur != NULL; cur = next) { + next = cur->next; + ret = cci_generic_free_element(cur); + } + free(head); + return(ret); +} + +/** + * cci_generic_list_copy() + * + * Purpose: Copy a list + * + * Return: non-NULL, a new list + * NULL, failure + * + * Errors: ccErrBadParam, ccErrNoMem + * + */ +cc_int32 +cci_generic_list_copy(cc_generic_list_head_t* head, cc_generic_list_head_t** headpp) +{ + cc_generic_list_head_t* copy; + cc_generic_list_node_t *src_node, *dst_node; + cc_int32 code; + + if (head == NULL || headpp == NULL) + return ccErrBadParam; + + code = cci_generic_list_new(©); + if (code != ccNoError) + return code; + + for (src_node = head->head; src_node != NULL; src_node = src_node->next) { + code = cci_generic_list_append(copy, src_node->data, src_node->len, &dst_node); + if (code != ccNoError) { + cci_generic_list_destroy(copy); + return code; + } + } + *headpp = copy; + return ccNoError; +} + +/** + * cci_generic_list_iterator() + * + * Purpose: Allocate an iterator for the specified list + * + * Return: non-NULL, an iterator + * NULL, failure + * + * Errors: ccErrNoMem + * + */ +cc_int32 +cci_generic_list_iterator(cc_generic_list_head_t *head, cc_generic_iterate_t** headpp) +{ + cc_generic_iterate_t* iterator; + + if ( head == NULL || headpp == NULL ) + return ccErrBadParam; + + iterator = (cc_generic_iterate_t*)malloc(sizeof(cc_generic_iterate_t)); + if (iterator == NULL) + return ccErrNoMem; + + iterator->next = head->head; + *headpp = iterator; + return ccNoError; +} + +/** + * cci_generic_free_iterator() + * + * Purpose: Deallocate memory associated with an iterator + * + * Return: 0, success + * -1, failure + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_generic_free_iterator(cc_generic_iterate_t* iterator) +{ + if ( iterator == NULL ) + return ccErrBadParam; + + iterator->next = NULL; + free(iterator); + return ccNoError; +} + + + diff --git a/src/lib/ccapi/common/marshall.c b/src/lib/ccapi/common/marshall.c new file mode 100644 index 000000000..960019cb0 --- /dev/null +++ b/src/lib/ccapi/common/marshall.c @@ -0,0 +1,440 @@ +/* $Copyright: + * + * Copyright 2004-2006 by the Massachusetts Institute of Technology. + * + * All rights reserved. + * + * Export of this software from the United States of America may require a + * specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute + * this software and its documentation for any purpose and without fee is + * hereby granted, provided that the above copyright notice appear in all + * copies and that both that copyright notice and this permission notice + * appear in supporting documentation, and that the name of M.I.T. not be + * used in advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. Furthermore if you + * modify this software you must label your software as modified software + * and not distribute it in such a fashion that it might be confused with + * the original MIT software. M.I.T. makes no representations about the + * suitability of this software for any purpose. It is provided "as is" + * without express or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF + * MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * Individual source code files are copyright MIT, Cygnus Support, + * OpenVision, Oracle, Sun Soft, FundsXpress, and others. + * + * Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, + * and Zephyr are trademarks of the Massachusetts Institute of Technology + * (MIT). No commercial use of these trademarks may be made without prior + * written permission of MIT. + * + * "Commercial use" means use of a name in a product or other for-profit + * manner. It does NOT prevent a commercial firm from referring to the MIT + * trademarks in order to convey information (although in doing so, + * recognition of their trademark status should be given). + * $ + */ + +/* marshall.c */ + +#include +#include +#include +#include "msg.h" +#include "msg_headers.h" +#include "marshall.h" + +cc_int32 +cci_creds_v4_marshall( cc_credentials_v4_t * creds, + char ** pflat, + cc_uint32 * plen) +{ + cc_uint32 len; + char * flat; + cci_flat_creds_v4_t * header; + cc_time64 t64; + + if ( creds == NULL || pflat == NULL || plen == NULL ) + return ccErrBadParam; + + len = sizeof(cci_flat_creds_v4_t); + flat = (char *)malloc(len); + if ( flat == NULL ) + return ccErrNoMem; + memset(flat, 0, len); + + header = (cci_flat_creds_v4_t *)flat; + header->version = htonl(creds->version); + memcpy(header->principal, creds->principal, cc_v4_name_size); + memcpy(header->principal_instance, creds->principal_instance, cc_v4_instance_size); + memcpy(header->service, creds->service, cc_v4_name_size); + memcpy(header->service_instance, creds->service_instance, cc_v4_instance_size); + memcpy(header->realm, creds->realm, cc_v4_realm_size); + memcpy(header->session_key, creds->session_key, cc_v4_key_size); + header->kvno = htonl(creds->kvno); + header->string_to_key_type = htonl(creds->string_to_key_type); + t64 = creds->issue_date; + header->issue_date = htonll(t64); + header->lifetime = htonl(creds->lifetime); + /* TODO: verify that address is stored in host order */ + header->address = htonl(creds->address); + header->ticket_size = htonl(creds->ticket_size); + memcpy(header->ticket, creds->ticket, cc_v4_ticket_size); + + *pflat = flat; + *plen = len; + + return ccNoError; +} + +cc_int32 +cci_creds_v4_unmarshall( char * flat, + cc_uint32 len, + cc_credentials_union * creds_union) +{ + struct cci_flat_creds_v4 * header; + cc_credentials_v4_t * creds; + cc_time64 t64; + + if ( flat == NULL || len == 0 || creds_union == NULL ) + return ccErrBadParam; + + creds_union->version = cc_credentials_v4; + + header = (cci_flat_creds_v4_t *)flat; + + creds = (cc_credentials_v4_t *)malloc(sizeof(cc_credentials_v4_t)); + if ( creds == NULL ) + return ccErrNoMem; + + creds->version = ntohl(header->version); + memcpy(creds->principal, header->principal, cc_v4_name_size); + memcpy(creds->principal_instance, header->principal_instance, cc_v4_instance_size); + memcpy(creds->service, header->service, cc_v4_name_size); + memcpy(creds->service_instance, header->service_instance, cc_v4_instance_size); + memcpy(creds->realm, header->realm, cc_v4_realm_size); + memcpy(creds->session_key, header->session_key, cc_v4_key_size); + creds->kvno = htonl(header->kvno); + creds->string_to_key_type = htonl(header->string_to_key_type); + t64 = header->issue_date; + creds->issue_date = (cc_time64)ntohll(t64); + creds->lifetime = (cc_int32)ntohl(header->lifetime); + /* TODO: verify that address is stored in host order */ + creds->address = ntohl(header->address); + creds->ticket_size = ntohl(header->ticket_size); + memcpy(creds->ticket, header->ticket, cc_v4_ticket_size); + + creds_union->credentials.credentials_v4 = creds; + + return ccNoError; +} + + +cc_int32 +cci_creds_cc_data_array_count_entries( cc_data ** array, cc_uint32 * pcount) +{ + cc_uint32 count; + + if (array == NULL) { + *pcount = 0; + return ccNoError; + } + + for ( count=0; array[count] != NULL ; count++) ; + + *pcount = count; + return ccNoError; +} + +cc_int32 +cci_creds_v5_compute_flat_size( cc_credentials_v5_t * creds, cc_uint32 * plen) +{ + cc_uint32 len; + cc_uint32 i, count; + + len = sizeof(struct cci_flat_creds_v5); + + if (creds->client) + len += strlen(creds->client) + 1; + + if (creds->server) + len += strlen(creds->server) + 1; + + len += creds->keyblock.length; + + cci_creds_cc_data_array_count_entries( creds->addresses, &count ); + len += count * sizeof(cc_flat_data); + for ( i=0; iaddresses[i]->length; + } + + len += creds->ticket.length; + len += creds->second_ticket.length; + + cci_creds_cc_data_array_count_entries( creds->authdata, &count ); + len += count * sizeof(cc_flat_data); + for ( i=0; iauthdata[i]->length; + } + + *plen = len; + return ccNoError; +} + +cc_int32 +cci_creds_v5_marshall( cc_credentials_v5_t * creds, + char ** pflat, + cc_uint32 * plen) +{ + cc_uint32 len; + char * flat; + struct cci_flat_creds_v5 * header; + cc_uint32 length; + cc_uint32 offset; + cc_time64 t64; + cc_uint32 count; + cc_uint32 i; + + if ( creds == NULL || pflat == NULL || plen == NULL ) + return ccErrBadParam; + + cci_creds_v5_compute_flat_size(creds, &len); + + flat = (char *)malloc(len); + if ( flat == NULL ) + return ccErrNoMem; + memset(flat, 0, len); + + offset = sizeof(struct cci_flat_creds_v5); + header = (struct cci_flat_creds_v5 *)flat; + header->version = htonl(FLAT_CREDS_V5_VERSION); + if (creds->client) { + length = strlen(creds->client) + 1; + header->client.length = htonl(length); + header->client.data = htonl(offset); + memcpy(flat + offset, creds->client, length); + offset += length; + } + + if (creds->server) { + length = strlen(creds->server) + 1; + header->server.length = htonl(length); + header->server.data = htonl(offset); + memcpy(flat + offset, creds->server, length); + offset += length; + } + + header->keyblock.type = htonl(creds->keyblock.type); + if (creds->keyblock.length) { + length = creds->keyblock.length; + header->keyblock.length = htonl(length); + header->keyblock.data = htonl(offset); + memcpy(flat + offset, creds->keyblock.data, length); + offset += length; + } + + t64 = creds->authtime; + header->authtime = htonll(t64); + t64 = creds->starttime; + header->starttime = htonll(t64); + t64 = creds->endtime; + header->endtime = htonll(t64); + t64 = creds->renew_till; + header->renew_till = htonll(t64); + + header->is_skey = htonl(creds->is_skey); + header->ticket_flags = htonl(creds->ticket_flags); + + cci_creds_cc_data_array_count_entries( creds->addresses, &count ); + if ( count ) { + cc_flat_data * addresses = (cc_flat_data *)flat + offset; + header->address_count = htonl(count); + header->addresses = htonl(offset); + offset += count * sizeof(cc_flat_data); + + for ( i=0; i < count; i++ ) { + addresses[i].type = htonl(creds->addresses[i]->type); + if (creds->addresses[i]->length) { + length = creds->addresses[i]->length; + addresses[i].length = htonl(length); + addresses[i].data = htonl(offset); + /* TODO: verify that addresses are stored in network order */ + memcpy(flat + offset, creds->addresses[i]->data, length); + offset += length; + } + } + } + + header->ticket.type = htonl(creds->ticket.type); + if (creds->ticket.length) { + length = creds->ticket.length; + header->ticket.length = htonl(length); + header->ticket.data = htonl(offset); + memcpy(flat + offset, creds->ticket.data, length); + offset += length; + } + + header->second_ticket.type = htonl(creds->second_ticket.type); + if (creds->second_ticket.length) { + length = creds->second_ticket.length; + header->second_ticket.length = htonl(length); + header->second_ticket.data = htonl(offset); + memcpy(flat + offset, creds->second_ticket.data, length); + offset += length; + } + + cci_creds_cc_data_array_count_entries( creds->authdata, &count ); + if ( count ) { + cc_flat_data * authdata = (cc_flat_data *)flat + offset; + + header->authdata_count = htonl(count); + header->authdata = (offset); + offset += count * sizeof(cc_flat_data); + + for ( i=0; i < count; i++ ) { + authdata[i].type = htonl(creds->authdata[i]->type); + if (creds->authdata[i]->length) { + length = creds->authdata[i]->length; + authdata[i].length = htonl(length); + authdata[i].data = htonl(offset); + memcpy(flat + offset, creds->authdata[i]->data, length); + offset += length; + } + } + } + + *pflat = flat; + *plen = len; + return ccNoError; +} + + +// TODO: a much better job of checking for out of memory errors +// and validating that we do not read beyond the flat input +// data buffer + +cc_int32 +cci_creds_v5_unmarshall( char * flat, + cc_uint32 len, + cc_credentials_union * creds_union) +{ + struct cci_flat_creds_v5 * header; + cc_credentials_v5_t * creds; + cc_flat_data * flat_data; + cc_time64 t64; + cc_uint32 length; + cc_uint32 count; + cc_uint32 i; + + if ( flat == NULL || len == 0 || creds_union == NULL ) + return ccErrBadParam; + + creds_union->version = cc_credentials_v5; + + header = (struct cci_flat_creds_v5 *)flat; + + if ( ntohl(header->version) != FLAT_CREDS_V5_VERSION ) + return ccErrBadParam; + + creds = (cc_credentials_v5_t *)malloc(sizeof(cc_credentials_v5_t)); + if ( creds == NULL ) + return ccErrNoMem; + memset(creds, 0, sizeof(cc_credentials_v5_t)); + + if ( header->client.length ) { + length = ntohl(header->client.length); + creds->client = (char *)malloc(length); + memcpy(creds->client, flat + header->client.data, length); + } + + if ( header->server.length ) { + length = ntohl(header->server.length); + creds->server = (char *)malloc(length); + memcpy(creds->server, flat + header->server.data, length); + } + + creds->keyblock.type = ntohl(header->keyblock.type); + if ( header->keyblock.length ) { + length = ntohl(header->keyblock.length); + creds->keyblock.length = length; + creds->keyblock.data = malloc(length); + memcpy(creds->keyblock.data, flat + header->keyblock.data, length); + } + + /* TODO: need to perform overflow validation checks to ensure + * that we do not attempt to store too large a value into cc_time_t + * when it is a 32-bit field. + */ + t64 = ntohll(header->authtime); + creds->authtime = (cc_time)t64; + t64 = ntohll(header->starttime); + creds->starttime = (cc_time)t64; + t64 = ntohll(header->endtime); + creds->endtime = (cc_time)t64; + t64 = ntohll(header->renew_till); + creds->renew_till = (cc_time)t64; + + creds->is_skey = ntohl(header->is_skey); + creds->ticket_flags = ntohl(header->ticket_flags); + + count = ntohl(header->address_count); + creds->addresses = (cc_data **) malloc((count + 1) * sizeof(cc_data *)); + flat_data = (cc_flat_data *)flat + header->addresses; + for ( i=0 ; i < count ; i++ ) { + creds->addresses[i] = (cc_data *)malloc(sizeof(cc_data)); + creds->addresses[i]->type = ntohl(flat_data[i].type); + length = ntohl(flat_data[i].length); + creds->addresses[i]->length = length; + if ( length ) { + creds->addresses[i]->data = malloc(length); + /* TODO: verify that addresses are stored in network order */ + memcpy(creds->addresses[i]->data, flat + flat_data[i].data, length); + } else { + creds->addresses[i]->data = NULL; + } + } + creds->addresses[i] = NULL; + + creds->ticket.type = ntohl(header->ticket.type); + length = ntohl(header->ticket.length); + if ( length ) { + creds->ticket.length = length; + creds->ticket.data = malloc(length); + memcpy(creds->ticket.data, flat + header->ticket.data, length); + } + + creds->second_ticket.type = header->second_ticket.type; + if ( header->second_ticket.length ) { + creds->second_ticket.length = header->second_ticket.length; + creds->second_ticket.data = malloc(creds->second_ticket.length); + memcpy(creds->second_ticket.data, flat + header->second_ticket.data, creds->second_ticket.length); + } + + count = ntohl(header->authdata_count); + creds->authdata = (cc_data **) malloc((count + 1) * sizeof(cc_data *)); + flat_data = (cc_flat_data *)flat + header->authdata; + for ( i=0 ; i < count ; i++ ) { + creds->authdata[i] = (cc_data *)malloc(sizeof(cc_data)); + creds->authdata[i]->type = ntohl(flat_data[i].type); + length = ntohl(flat_data[i].length); + creds->authdata[i]->length = length; + if ( length ) { + creds->authdata[i]->data = malloc(length); + memcpy(creds->authdata[i]->data, flat + flat_data[i].data, length); + } else { + creds->authdata[i]->data = NULL; + } + } + creds->authdata[i] = NULL; + + creds_union->credentials.credentials_v5 = creds; + + return ccNoError; +} + diff --git a/src/lib/ccapi/common/msg.c b/src/lib/ccapi/common/msg.c new file mode 100644 index 000000000..b7f60dd07 --- /dev/null +++ b/src/lib/ccapi/common/msg.c @@ -0,0 +1,628 @@ +/* $Copyright: + * + * Copyright 2004-2006 by the Massachusetts Institute of Technology. + * + * All rights reserved. + * + * Export of this software from the United States of America may require a + * specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute + * this software and its documentation for any purpose and without fee is + * hereby granted, provided that the above copyright notice appear in all + * copies and that both that copyright notice and this permission notice + * appear in supporting documentation, and that the name of M.I.T. not be + * used in advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. Furthermore if you + * modify this software you must label your software as modified software + * and not distribute it in such a fashion that it might be confused with + * the original MIT software. M.I.T. makes no representations about the + * suitability of this software for any purpose. It is provided "as is" + * without express or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF + * MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * Individual source code files are copyright MIT, Cygnus Support, + * OpenVision, Oracle, Sun Soft, FundsXpress, and others. + * + * Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, + * and Zephyr are trademarks of the Massachusetts Institute of Technology + * (MIT). No commercial use of these trademarks may be made without prior + * written permission of MIT. + * + * "Commercial use" means use of a name in a product or other for-profit + * manner. It does NOT prevent a commercial firm from referring to the MIT + * trademarks in order to convey information (although in doing so, + * recognition of their trademark status should be given). + * $ + */ + +/* + * Verifiable, extensible message format. + * + * Format: + * + * + * + * + * + * + * + * + * + * ... + * + * + * If the header has variable length data it is included in the data blobs. + * The header field has the offset from the beginning of the message of the 1st + * byte of the data and the length of the data. + */ + +#include "CredentialsCache.h" +#include "msg.h" +#include "generic_lists.h" + +#include +#include +#include +#include + +/** + * cci_msg_new() + * + * Purpose: Allocate and initialize a new cc_msg_t structure + * + * Input parameter (type) in host order + * + * Return: non-NULL, the msg + * NULL, failure + * + * Errors: ccErrNoMem + * + */ +cc_int32 +cci_msg_new(cc_uint32 type, cc_msg_t** msgpp) +{ + // type should be validated. If invalid set error to ccErrBadParam + cc_msg_t* msg; + + if ( type > CC_MSG_MAX_TYPE || msgpp == NULL ) + return ccErrBadParam; + + msg = (cc_msg_t*)malloc(sizeof(cc_msg_t)); + if (msg == NULL) + return ccErrNoMem; + + msg->type = htonl(type); + msg->flat = NULL; + msg->header = NULL; + msg->flat_len = 0; + msg->header_len = 0; + msg->magic = 0; + cci_generic_list_new(&msg->data_blobs); + if (msg->data_blobs == NULL) { + // pass on error from previous call + free(msg); + return ccErrNoMem; + } + + *msgpp = msg; + return ccNoError; +} + +/** + * cci_msg_calc_header_size() + * + * Purpose: Calculates the size of the header + * + * Return: the size in bytes + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_msg_calc_header_size(cc_msg_t* msg, cc_uint32 * lenp) +{ + int header_len = 12; /* header size, entire size, type */ + + if ( msg == NULL || lenp == NULL ) + return ccErrBadParam; + + header_len += msg->header_len; + *lenp = header_len; + return ccNoError; +} + +/** + * cci_msg_calc_size() + * + * Purpose: Calculates the size of the message + * (does not include the magic bytes) + * + * Return: the size in bytes + * + * Errors: ccErrBadParam + * + */ +cc_int32 +cci_msg_calc_size(cc_msg_t* msg, cc_uint32 * lenp) +{ + cc_uint32 flat_len; + cc_generic_list_node_t* gen_node; + cc_generic_iterate_t* gen_iterator; + cc_int32 code; + + if ( msg == NULL || lenp == NULL ) + return ccErrBadParam; + + code = cci_msg_calc_header_size(msg, &flat_len); + if (code != ccNoError) + goto bad; + + code = cci_generic_list_iterator(msg->data_blobs, &gen_iterator); + if ( code != ccNoError ) + goto bad; + + while (cci_generic_iterate_has_next(gen_iterator)) { + code = cci_generic_iterate_next(gen_iterator, &gen_node); + if (code != ccNoError) + break; + flat_len += gen_node->len + BLOB_LEN; + } + cci_generic_free_iterator(gen_iterator); + if (code != ccNoError) + goto bad; + + flat_len += MAGIC_HEAD_LEN + MAGIC_DATA_LEN; + *lenp = flat_len; + + bad: + return code; +} + +/** + * cci_msg_add_data_blob() + * + * Purpose: Adds 'len' bytes of data to the msg + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_add_data_blob(cc_msg_t* msg, void *data, cc_uint32 len, cc_uint32 *lenp) +{ + cc_int32 code; + + if (msg == NULL || data == NULL || len <= 0 || lenp == NULL) + return ccErrBadParam; + + code = cci_generic_list_append(msg->data_blobs, data, len, NULL); + if ( code != ccNoError ) + return code; + return cci_msg_calc_blob_pos(msg, data, len, lenp); +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_calc_blob_pos(cc_msg_t* msg, void *data, cc_uint32 len, cc_uint32 * posp) +{ + cc_uint32 pos; + cc_generic_list_node_t* gen_node; + cc_generic_iterate_t* gen_iterator; + cc_int32 code; + + code = cci_msg_calc_header_size(msg, &pos); + pos += sizeof(cc_uint32); /*+ sizeof(cc_uint32) for magic*/ + + code = cci_generic_list_iterator(msg->data_blobs, &gen_iterator); + while (cci_generic_iterate_has_next(gen_iterator)) { + code = cci_generic_iterate_next(gen_iterator, &gen_node); + if (gen_node->len != len && gen_node->data != data) { + pos += gen_node->len + sizeof(cc_uint32); + } else { + cci_generic_free_iterator(gen_iterator); + *posp = pos + sizeof(cc_uint32); + return ccNoError; + } + } + + cci_generic_free_iterator(gen_iterator); + return ccIteratorEnd; +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_add_header(cc_msg_t* msg, void *header, cc_uint32 header_len) +{ + if ( msg == NULL || header == NULL ) + return ccErrBadParam; + + msg->header = header; + msg->header_len = header_len; + return ccNoError; +} + + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_flatten(cc_msg_t* msg, void **flatpp) +{ + cc_generic_list_node_t* gen_node; + cc_generic_iterate_t* gen_iterator; + char *cur_pos; + cc_uint32 zero = 0; + cc_uint32 magic = 0; + cc_uint32 msg_len; + cc_uint32 u32; + cc_int32 code; + + if (msg == NULL || flatpp == NULL) + return ccErrBadParam; + + code = cci_msg_calc_size(msg,&msg->flat_len); + if ( code != ccNoError ) + return code; + + if (msg->flat_len > CC_MSG_MAX_SIZE) + return ccErrBadParam; + + msg->flat = (void *)malloc(msg->flat_len); + if (msg->flat == NULL) + return ccErrNoMem; + + cur_pos = msg->flat; + + u32 = msg->header_len; + htonl(u32); + memcpy(cur_pos,&u32,sizeof(cc_uint32)); + cur_pos+=sizeof(cc_uint32); + + u32 = msg->flat_len; + htonl(u32); + memcpy(cur_pos,&u32,sizeof(cc_uint32)); + cur_pos+=sizeof(cc_uint32); + + u32 = msg->type; + htonl(u32); + memcpy(cur_pos,&u32,sizeof(cc_uint32)); + cur_pos+=sizeof(cc_uint32); + + /* header data is already in network order */ + memcpy(cur_pos, msg->header, msg->header_len); + cur_pos += msg->header_len; + + u32 = zero; + htonl(zero); + memcpy(cur_pos, &u32, sizeof(cc_uint32)); /*will be magic number later*/ + cur_pos += sizeof(cc_uint32); + + code = cci_generic_list_iterator(msg->data_blobs, &gen_iterator); + if ( code != ccNoError ) { + free(msg->flat); + return code; + } + + while (cci_generic_iterate_has_next(gen_iterator)) { + code = cci_generic_iterate_next(gen_iterator, &gen_node); + if (code != ccNoError) { + free(gen_iterator); + free(msg->flat); + return code; + } + u32 = gen_node->len; + htonl(u32); + memcpy(cur_pos, &u32, sizeof(cc_uint32)); + cur_pos+=sizeof(cc_uint32); + + /* data already in network order */ + memcpy(cur_pos, gen_node->data, gen_node->len); + cur_pos += gen_node->len; + } + free(gen_iterator); + + u32 = zero; + htonl(zero); + memcpy(cur_pos, &u32, sizeof(cc_uint32)); /*magic number will go here later*/ + cur_pos += sizeof(cc_uint32); + + if (cur_pos - (char *)msg->flat != msg->flat_len) { + fprintf(stderr, "ERROR cur_pos - msg->flat = %d\n",msg->flat_len); + } + + cci_msg_calc_magic(msg->flat, msg->flat_len, &magic); + printf("magic = %d\n",magic); + + cci_msg_calc_header_size(msg, &msg_len); + memcpy((char *)msg->flat + msg_len, &magic, sizeof(cc_uint32)); + memcpy((char *)msg->flat + msg->flat_len - sizeof(cc_uint32), &magic, sizeof(cc_uint32)); + + if ( flatpp != NULL ) + *flatpp = msg->flat; + + return ccNoError; +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_calc_magic(void *flat, int flat_len, cc_uint32 * magicp) +{ + cc_uint32 magic = 0; + int i; + + for (i = 0; i < flat_len; i += sizeof(cc_uint32)) { + magic = magic ^ *(int *)((char *)flat + i); + } + *magicp = htonl(magic); + return ccNoError; +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_verify(void *flat, int flat_len, cc_uint32 * validp) +{ + cc_uint32 *magic1, *magic2; + cc_uint32 *pheader_len; + cc_uint32 header_len; + cc_uint32 *ptotal_len; + cc_uint32 total_len; + cc_uint32 *pblob_len; + cc_uint32 blob_len; + cc_uint32 *ptype; + cc_uint32 type; + cc_uint32 num_blobs = 0; + cc_uint32 zero = 0; + cc_uint32 msg_magic, msg_magic2; + + if (flat == NULL || flat_len <= 0 || validp == NULL) + return ccErrBadParam; + + pheader_len = flat; + ptotal_len = (cc_uint32 *)((char *)pheader_len + sizeof(cc_uint32)); + ptype = (cc_uint32 *)((char *)ptotal_len + sizeof(cc_uint32)); + + header_len = ntohl(*pheader_len); + total_len = ntohl(*ptotal_len); + type = ntohl(*ptype); + + if (total_len != flat_len) { + *validp = 0; + return ccNoError; + } + + if (header_len > flat_len) { + /*too weak. We could verify header_len against type spec header.*/ + *validp = 0; + return ccNoError; + } + if (type > CC_MSG_MAX_TYPE) { + *validp = 0; + return ccNoError; + } + + magic1 = (cc_uint32 *)((char *)ptype + sizeof(cc_uint32) + header_len); + if ((char *)magic1 - (char *)flat == (flat_len - 8)) { + /*There are no data blobs*/ + magic2 = (cc_uint32 *)((char *)magic1 + sizeof(cc_uint32)); + num_blobs = 0; + } else { + pblob_len = (cc_uint32 *)((char *)magic1 + sizeof(cc_uint32)); + num_blobs = 1; + blob_len = ntohl(*pblob_len); + + while (blob_len + sizeof(cc_uint32) + ((char *)pblob_len - (char *)flat) < (flat_len - sizeof(cc_uint32))) { + pblob_len = (cc_uint32 *)((char *)pblob_len + blob_len + sizeof(cc_uint32)); + num_blobs++; + blob_len = ntohl(*pblob_len); + } + + if (blob_len + sizeof(cc_uint32) + ((char *)pblob_len - (char *)flat) != (flat_len - sizeof(cc_uint32))) { + /*blobs didn't line up*/ + *validp = 0; + return ccNoError; + } + magic2 = (cc_uint32 *)((char *)pblob_len + blob_len + sizeof(cc_uint32)); /*2nd magic should be directly after the last blob*/ + } + + if (*magic1 != *magic2) { + *validp = 0; + return ccNoError; + } + msg_magic = *magic1; + + printf("%d %d\n", (char *)magic1 - (char *)flat, (char *)magic2 - (char *)flat); + + memcpy(magic1, &zero, sizeof(cc_uint32)); + memcpy(magic2, &zero, sizeof(cc_uint32)); + cci_msg_calc_magic(flat, flat_len, &msg_magic2); + /* both msg_magic and msg_magic2 are in network order */ + if (msg_magic != msg_magic2) { + *validp = 0; + return ccNoError; + } + memcpy(magic1, &msg_magic, sizeof(cc_uint32)); + memcpy(magic2, &msg_magic, sizeof(cc_uint32)); + + *validp = 1; + return ccNoError; +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_unflatten(void *flat, int flat_len, cc_msg_t** msgpp) +{ + cc_msg_t* msg; + char *cur_pos; + cc_uint32 blob_len; + char *blob; + cc_uint32 valid; + cc_int32 code; + + if ( flat == NULL || flat_len <= 0 || msgpp == NULL ) + return ccErrBadParam; + + code = cci_msg_new(0, &msg); + if (code) + return code; + + cci_msg_verify(flat, flat_len, &valid); + if (valid != 1) { + cci_msg_destroy(msg); + return ccErrBadParam; + } + + cur_pos = flat; + msg->flat = flat; + + msg->header_len = ntohl(*(cc_uint32 *)cur_pos); + cur_pos += sizeof(cc_uint32); + + msg->flat_len = ntohl(*(cc_uint32 *)cur_pos); + cur_pos += sizeof(cc_uint32); + + msg->type = ntohl(*(cc_uint32 *)cur_pos); + cur_pos += sizeof(cc_uint32); + + msg->header = (void *)malloc(msg->header_len); + if (msg->header == NULL) { + cci_msg_destroy(msg); + return ccErrNoMem; + } + memcpy(msg->header, cur_pos, msg->header_len); + cur_pos += msg->header_len; + + msg->magic = ntohl(*(cc_uint32 *)cur_pos); + cur_pos += sizeof(cc_uint32); + + if (cur_pos - (char *)flat != flat_len - 8) { /*at least 1 blob*/ + blob_len = ntohl(*(cc_uint32 *)cur_pos); + while (blob_len + (cur_pos - (char *)flat) + sizeof(cc_uint32) <= flat_len - sizeof(cc_uint32)) { + blob = (void *)malloc(blob_len); + if (blob == NULL) { + cci_msg_destroy(msg); + return ccErrNoMem; + } + memcpy(blob, cur_pos + sizeof(cc_uint32), blob_len); + cci_generic_list_append(msg->data_blobs, blob, blob_len, NULL); + + cur_pos += sizeof(cc_uint32) + blob_len; + blob_len = ntohl(*(int *)cur_pos); + } + } + *msgpp = msg; + return ccNoError; +} + +cc_int32 +cci_msg_retrieve_blob(cc_msg_t* msg, cc_uint32 blob_offset, cc_uint32 blob_len, void **blobp) +{ + cc_generic_iterate_t* gen_iterator; + cc_generic_list_node_t* gen_node; + void *ret; + cc_uint32 blob_pos; + cc_int32 code; + + /*Ensure that the message has been unflattened*/ + if ( msg == NULL || msg->flat == NULL || blob_offset > msg->flat_len || + blob_len > msg->flat_len - blob_offset || blobp == NULL) + return ccErrBadParam; + + code = cci_generic_list_iterator(msg->data_blobs, &gen_iterator); + while (cci_generic_iterate_has_next(gen_iterator)) { + code = cci_generic_iterate_next(gen_iterator, &gen_node); + code = cci_msg_calc_blob_pos(msg, gen_node->data, gen_node->len, &blob_pos); + if (blob_pos == blob_offset && gen_node->len == blob_len) { + free(gen_iterator); + ret = (void *)malloc(blob_len); + if (ret == NULL) + return ccErrNoMem; + memcpy(ret,(char *)msg->flat + blob_offset, blob_len); + *blobp = ret; + return ccNoError; + } + } + free(gen_iterator); + return ccIteratorEnd; +} + +/** + * cc_msg_ + * + * Purpose: + * + * Return: + * + * Errors: + * + */ +cc_int32 +cci_msg_destroy(cc_msg_t* msg) +{ + if (msg->flat != NULL) + free(msg->flat); + if (msg->header != NULL) + free(msg->flat); + cci_generic_list_destroy(msg->data_blobs); + free(msg); + return ccNoError; +} + -- cgit From 3d6591dd63c23bcc0ae68e94a960c85fd53daad0 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Mon, 5 Jun 2006 04:30:35 +0000 Subject: more updates git-svn-id: svn://anonsvn.mit.edu/krb5/branches/ccapi@18082 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/ccapi/common/NTMakefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/lib/ccapi/common') diff --git a/src/lib/ccapi/common/NTMakefile b/src/lib/ccapi/common/NTMakefile index d0d92fcbd..a43985af3 100644 --- a/src/lib/ccapi/common/NTMakefile +++ b/src/lib/ccapi/common/NTMakefile @@ -1,6 +1,6 @@ !INCLUDE -CFLAGS = -I../include $(cdebug) $(cflags) $(cvarsdll) +CFLAGS = -I../include $(cdebug) $(cflags) $(cvarsmt) CC_COMMON_OBJS = marshall.obj msg.obj generic_lists.obj -- cgit From f42fa33b985c230736ad5d9080055916de33be8c Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Mon, 5 Jun 2006 17:49:34 +0000 Subject: improved error handling git-svn-id: svn://anonsvn.mit.edu/krb5/branches/ccapi@18083 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/ccapi/common/msg.c | 24 +++++++++--------------- 1 file changed, 9 insertions(+), 15 deletions(-) (limited to 'src/lib/ccapi/common') diff --git a/src/lib/ccapi/common/msg.c b/src/lib/ccapi/common/msg.c index b7f60dd07..ed053ada5 100644 --- a/src/lib/ccapi/common/msg.c +++ b/src/lib/ccapi/common/msg.c @@ -289,7 +289,7 @@ cci_msg_flatten(cc_msg_t* msg, void **flatpp) cc_uint32 u32; cc_int32 code; - if (msg == NULL || flatpp == NULL) + if (msg == NULL) return ccErrBadParam; code = cci_msg_calc_size(msg,&msg->flat_len); @@ -305,18 +305,15 @@ cci_msg_flatten(cc_msg_t* msg, void **flatpp) cur_pos = msg->flat; - u32 = msg->header_len; - htonl(u32); + u32 = htonl(msg->header_len); memcpy(cur_pos,&u32,sizeof(cc_uint32)); cur_pos+=sizeof(cc_uint32); - u32 = msg->flat_len; - htonl(u32); + u32 = htonl(msg->flat_len); memcpy(cur_pos,&u32,sizeof(cc_uint32)); cur_pos+=sizeof(cc_uint32); - u32 = msg->type; - htonl(u32); + u32 = htonl(msg->type); memcpy(cur_pos,&u32,sizeof(cc_uint32)); cur_pos+=sizeof(cc_uint32); @@ -324,8 +321,7 @@ cci_msg_flatten(cc_msg_t* msg, void **flatpp) memcpy(cur_pos, msg->header, msg->header_len); cur_pos += msg->header_len; - u32 = zero; - htonl(zero); + u32 = htonl(zero); memcpy(cur_pos, &u32, sizeof(cc_uint32)); /*will be magic number later*/ cur_pos += sizeof(cc_uint32); @@ -342,9 +338,8 @@ cci_msg_flatten(cc_msg_t* msg, void **flatpp) free(msg->flat); return code; } - u32 = gen_node->len; - htonl(u32); - memcpy(cur_pos, &u32, sizeof(cc_uint32)); + u32 = htonl(gen_node->len); + memcpy(cur_pos, &u32, sizeof(cc_uint32)); cur_pos+=sizeof(cc_uint32); /* data already in network order */ @@ -353,8 +348,7 @@ cci_msg_flatten(cc_msg_t* msg, void **flatpp) } free(gen_iterator); - u32 = zero; - htonl(zero); + u32 = htonl(zero); memcpy(cur_pos, &u32, sizeof(cc_uint32)); /*magic number will go here later*/ cur_pos += sizeof(cc_uint32); @@ -620,7 +614,7 @@ cci_msg_destroy(cc_msg_t* msg) if (msg->flat != NULL) free(msg->flat); if (msg->header != NULL) - free(msg->flat); + free(msg->header); cci_generic_list_destroy(msg->data_blobs); free(msg); return ccNoError; -- cgit From 2e2e04bf3cbf340637fa6ccd3dbdd20b09e57f19 Mon Sep 17 00:00:00 2001 From: Jeffrey Altman Date: Fri, 9 Jun 2006 14:42:04 +0000 Subject: * corrections to windows rpc layer * corrections to network byte order conversions git-svn-id: svn://anonsvn.mit.edu/krb5/branches/ccapi@18094 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/ccapi/common/msg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/lib/ccapi/common') diff --git a/src/lib/ccapi/common/msg.c b/src/lib/ccapi/common/msg.c index ed053ada5..8c8cc29de 100644 --- a/src/lib/ccapi/common/msg.c +++ b/src/lib/ccapi/common/msg.c @@ -97,7 +97,7 @@ cci_msg_new(cc_uint32 type, cc_msg_t** msgpp) if (msg == NULL) return ccErrNoMem; - msg->type = htonl(type); + msg->type = type; msg->flat = NULL; msg->header = NULL; msg->flat_len = 0; -- cgit From 2ab8b381a83da20415f8b6f52b329154276c59c2 Mon Sep 17 00:00:00 2001 From: Alexandra Ellwood Date: Fri, 9 Jun 2006 21:46:24 +0000 Subject: cci_msg_retrieve_blob(): changed argument 4 from void** to char** to suppress the warnings from gcc. git-svn-id: svn://anonsvn.mit.edu/krb5/branches/ccapi@18095 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/ccapi/common/msg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/lib/ccapi/common') diff --git a/src/lib/ccapi/common/msg.c b/src/lib/ccapi/common/msg.c index 8c8cc29de..789fc8746 100644 --- a/src/lib/ccapi/common/msg.c +++ b/src/lib/ccapi/common/msg.c @@ -567,7 +567,7 @@ cci_msg_unflatten(void *flat, int flat_len, cc_msg_t** msgpp) } cc_int32 -cci_msg_retrieve_blob(cc_msg_t* msg, cc_uint32 blob_offset, cc_uint32 blob_len, void **blobp) +cci_msg_retrieve_blob(cc_msg_t* msg, cc_uint32 blob_offset, cc_uint32 blob_len, char **blobp) { cc_generic_iterate_t* gen_iterator; cc_generic_list_node_t* gen_node; -- cgit From 816c50541d4af289c6dc737ab0cb945457d8bcaa Mon Sep 17 00:00:00 2001 From: Alexandra Ellwood Date: Fri, 9 Jun 2006 21:55:32 +0000 Subject: moved enum cc_list_type to generic_lists.h to avoid "incomplete enum" warnings when compiling generic_lists.c git-svn-id: svn://anonsvn.mit.edu/krb5/branches/ccapi@18096 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/ccapi/common/generic_lists.c | 5 ----- 1 file changed, 5 deletions(-) (limited to 'src/lib/ccapi/common') diff --git a/src/lib/ccapi/common/generic_lists.c b/src/lib/ccapi/common/generic_lists.c index a48c528f9..2c7398313 100644 --- a/src/lib/ccapi/common/generic_lists.c +++ b/src/lib/ccapi/common/generic_lists.c @@ -54,11 +54,6 @@ #include "CredentialsCache.h" #include "generic_lists.h" -/* this is an incomplete enumeration just including the generic type */ -enum cc_list_type { - generic = 0 -}; - /** * cci_generic_iterate_has_next() * -- cgit From 350cfced455d45368065095201bc2f674093cf41 Mon Sep 17 00:00:00 2001 From: Alexandra Ellwood Date: Fri, 9 Jun 2006 21:57:20 +0000 Subject: Include string.h to get memcpy, strlen, etc on BSD OSes git-svn-id: svn://anonsvn.mit.edu/krb5/branches/ccapi@18098 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/ccapi/common/marshall.c | 1 + 1 file changed, 1 insertion(+) (limited to 'src/lib/ccapi/common') diff --git a/src/lib/ccapi/common/marshall.c b/src/lib/ccapi/common/marshall.c index 960019cb0..48abb3370 100644 --- a/src/lib/ccapi/common/marshall.c +++ b/src/lib/ccapi/common/marshall.c @@ -45,6 +45,7 @@ #include #include +#include #include #include "msg.h" #include "msg_headers.h" -- cgit From 3b5e562ae1fca86bb7396ecb0eaf5a7d3a40acfd Mon Sep 17 00:00:00 2001 From: Alexandra Ellwood Date: Fri, 9 Jun 2006 21:59:36 +0000 Subject: Added Mac OS X project file and Mach-IPC support code git-svn-id: svn://anonsvn.mit.edu/krb5/branches/ccapi@18099 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/ccapi/common/mac/mig.defs | 58 ++++++++++++++++++++++++++++++++++++ src/lib/ccapi/common/mac/mig_types.h | 48 +++++++++++++++++++++++++++++ 2 files changed, 106 insertions(+) create mode 100755 src/lib/ccapi/common/mac/mig.defs create mode 100644 src/lib/ccapi/common/mac/mig_types.h (limited to 'src/lib/ccapi/common') diff --git a/src/lib/ccapi/common/mac/mig.defs b/src/lib/ccapi/common/mac/mig.defs new file mode 100755 index 000000000..dd3ee1b51 --- /dev/null +++ b/src/lib/ccapi/common/mac/mig.defs @@ -0,0 +1,58 @@ +/* $Copyright: + * + * Copyright 2004-2006 by the Massachusetts Institute of Technology. + * + * All rights reserved. + * + * Export of this software from the United States of America may require a + * specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute + * this software and its documentation for any purpose and without fee is + * hereby granted, provided that the above copyright notice appear in all + * copies and that both that copyright notice and this permission notice + * appear in supporting documentation, and that the name of M.I.T. not be + * used in advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. Furthermore if you + * modify this software you must label your software as modified software + * and not distribute it in such a fashion that it might be confused with + * the original MIT software. M.I.T. makes no representations about the + * suitability of this software for any purpose. It is provided "as is" + * without express or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF + * MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + * + * Individual source code files are copyright MIT, Cygnus Support, + * OpenVision, Oracle, Sun Soft, FundsXpress, and others. + * + * Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, + * and Zephyr are trademarks of the Massachusetts Institute of Technology + * (MIT). No commercial use of these trademarks may be made without prior + * written permission of MIT. + * + * "Commercial use" means use of a name in a product or other for-profit + * manner. It does NOT prevent a commercial firm from referring to the MIT + * trademarks in order to convey information (although in doing so, + * recognition of their trademark status should be given). + * $ + */ + +import "mig_types.h"; + +#include +#include + +subsystem ccapi 128; + +type msg_request_t = array [] of char; +type msg_reply_t = array [] of char; +type msg_error_t = int32; + +routine ccapi_msg (in_server_port : mach_port_t; + in_request : msg_request_t; + out out_reply : msg_reply_t; + out out_error : msg_error_t); diff --git a/src/lib/ccapi/common/mac/mig_types.h b/src/lib/ccapi/common/mac/mig_types.h new file mode 100644 index 000000000..586a01994 --- /dev/null +++ b/src/lib/ccapi/common/mac/mig_types.h @@ -0,0 +1,48 @@ +/* $Copyright: +* +* Copyright 2004-2006 by the Massachusetts Institute of Technology. +* +* All rights reserved. +* +* Export of this software from the United States of America may require a +* specific license from the United States Government. It is the +* responsibility of any person or organization contemplating export to +* obtain such a license before exporting. +* +* WITHIN THAT CONSTRAINT, permission to use, copy, modify, and distribute +* this software and its documentation for any purpose and without fee is +* hereby granted, provided that the above copyright notice appear in all +* copies and that both that copyright notice and this permission notice +* appear in supporting documentation, and that the name of M.I.T. not be +* used in advertising or publicity pertaining to distribution of the +* software without specific, written prior permission. Furthermore if you +* modify this software you must label your software as modified software +* and not distribute it in such a fashion that it might be confused with +* the original MIT software. M.I.T. makes no representations about the +* suitability of this software for any purpose. It is provided "as is" +* without express or implied warranty. +* +* THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED +* WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF +* MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. +* +* Individual source code files are copyright MIT, Cygnus Support, +* OpenVision, Oracle, Sun Soft, FundsXpress, and others. +* +* Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, +* and Zephyr are trademarks of the Massachusetts Institute of Technology +* (MIT). No commercial use of these trademarks may be made without prior +* written permission of MIT. +* +* "Commercial use" means use of a name in a product or other for-profit +* manner. It does NOT prevent a commercial firm from referring to the MIT +* trademarks in order to convey information (although in doing so, +* recognition of their trademark status should be given). +* $ +*/ + +#include "CredentialsCache.h" + +typedef const char *msg_request_t; +typedef char *msg_reply_t; +typedef cc_int32 msg_error_t; -- cgit From 6f294bfe674c557255eca075d2fa2f3064ce4ff5 Mon Sep 17 00:00:00 2001 From: Alexandra Ellwood Date: Fri, 9 Jun 2006 22:01:11 +0000 Subject: Temporarily copied KerberosIPC libary from the KfM repository for testing purposes. Note that this will be removed when the CCAPI branch is merged onto the trunk. git-svn-id: svn://anonsvn.mit.edu/krb5/branches/ccapi@18100 dc483132-0cff-0310-8789-dd5450dbe970 --- .../common/mac/KerberosIPC/Kerberos/kipc_client.h | 47 ++++ .../common/mac/KerberosIPC/Kerberos/kipc_common.h | 76 +++++ .../common/mac/KerberosIPC/Kerberos/kipc_server.h | 54 ++++ .../common/mac/KerberosIPC/Kerberos/kipc_session.h | 59 ++++ src/lib/ccapi/common/mac/KerberosIPC/README | 3 + src/lib/ccapi/common/mac/KerberosIPC/kipc_client.c | 86 ++++++ src/lib/ccapi/common/mac/KerberosIPC/kipc_common.c | 93 ++++++ src/lib/ccapi/common/mac/KerberosIPC/kipc_server.c | 313 +++++++++++++++++++++ .../ccapi/common/mac/KerberosIPC/kipc_session.c | 141 ++++++++++ src/lib/ccapi/common/mac/KerberosIPC/notify.defs | 36 +++ 10 files changed, 908 insertions(+) create mode 100644 src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_client.h create mode 100644 src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_common.h create mode 100644 src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_server.h create mode 100644 src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_session.h create mode 100644 src/lib/ccapi/common/mac/KerberosIPC/README create mode 100644 src/lib/ccapi/common/mac/KerberosIPC/kipc_client.c create mode 100644 src/lib/ccapi/common/mac/KerberosIPC/kipc_common.c create mode 100644 src/lib/ccapi/common/mac/KerberosIPC/kipc_server.c create mode 100644 src/lib/ccapi/common/mac/KerberosIPC/kipc_session.c create mode 100644 src/lib/ccapi/common/mac/KerberosIPC/notify.defs (limited to 'src/lib/ccapi/common') diff --git a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_client.h b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_client.h new file mode 100644 index 000000000..89923eb16 --- /dev/null +++ b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_client.h @@ -0,0 +1,47 @@ +/* + * kipc_client.h + * + * $Header$ + * + * Copyright 2006 Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#ifndef KIPC_CLIENT_H +#define KIPC_CLIENT_H + +#include + +#if __cplusplus +extern "C" { +#endif + +kipc_err_t +kipc_client_lookup_server (const char *in_service_id, + boolean_t in_launch_if_necessary, + mach_port_t *out_service_port); + +#if __cplusplus +} +#endif + +#endif /* KIPC_CLIENT_H */ diff --git a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_common.h b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_common.h new file mode 100644 index 000000000..361f7f576 --- /dev/null +++ b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_common.h @@ -0,0 +1,76 @@ +/* + * KerberosIPCCommon.h + * + * $Header$ + * + * Copyright 2006 Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#ifndef KIPC_COMMON_H +#define KIPC_COMMON_H + +//#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + + +#if __cplusplus +extern "C" { +#endif + +typedef kern_return_t kipc_err_t; +typedef boolean_t kipc_boolean_t; +typedef char *kipc_string; + +#define kkipc_max_message_size 2048 + MAX_TRAILER_SIZE +#define kkipc_timeout 200 + +// Debugging API used by library +kipc_err_t __kipc_err (kipc_err_t inError, const char *function, const char *file, int line); +#define kipc_err(err) __kipc_err(err, __FUNCTION__, __FILE__, __LINE__) + +const char *kipc_error_string (kipc_err_t in_error); + +kipc_err_t kipc_get_lookup_name (char **out_lookup_name, const char *in_service_id); +kipc_err_t kipc_get_service_name (char **out_service_name, const char *in_service_id); + +void kipc_free_string (char *io_string); + +#if __cplusplus +} +#endif + +#endif /* KIPC_COMMON_H */ diff --git a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_server.h b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_server.h new file mode 100644 index 000000000..5d9754758 --- /dev/null +++ b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_server.h @@ -0,0 +1,54 @@ +/* + * kipc_server.h + * + * $Header$ + * + * Copyright 2006 Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#ifndef KIPC_SERVER_H +#define KIPC_SERVER_H + +#include + +#define kKerberosIPCMaxMsgSize 2048 + MAX_TRAILER_SIZE +#define kKerberosIPCTimeout 200 + +#if __cplusplus +extern "C" { +#endif + +typedef kipc_boolean_t (*kipc_demux_proc) (mach_msg_header_t *, mach_msg_header_t *); + + +kipc_err_t kipc_server_run_server (kipc_demux_proc in_demux_proc); + +mach_port_t kipc_server_get_service_port (); + +kipc_boolean_t kipc_server_quit (void); + +#if __cplusplus +} +#endif + +#endif /* KIPC_SERVER_H */ diff --git a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_session.h b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_session.h new file mode 100644 index 000000000..3f259561e --- /dev/null +++ b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_session.h @@ -0,0 +1,59 @@ +/* + * kipc_session.h + * + * $Header$ + * + * Copyright 2006 Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#ifndef KIPC_SESSION_H +#define KIPC_SESSION_H + +#include + +#if __cplusplus +extern "C" { +#endif + +#define kkipc_session_has_gui_access 0x00000001 +#define kkipc_session_caller_uses_gui 0x00000002 +#define kkipc_session_has_cli_access 0x00000004 + +typedef u_int32_t kipc_session_attributes_t; + + +kipc_boolean_t kipc_session_is_root_session (void); + +kipc_session_attributes_t kipc_session_get_attributes (void); + +kipc_string kipc_get_session_id_string (void); + +uid_t kipc_session_get_session_uid (void); + +uid_t kipc_session_get_server_uid (void); + +#if __cplusplus +} +#endif + +#endif /* KIPC_SESSION_H */ diff --git a/src/lib/ccapi/common/mac/KerberosIPC/README b/src/lib/ccapi/common/mac/KerberosIPC/README new file mode 100644 index 000000000..2e2d70d4d --- /dev/null +++ b/src/lib/ccapi/common/mac/KerberosIPC/README @@ -0,0 +1,3 @@ +This is a temporary copy of the KfM KerberosIPC library sources. +Once this gets merged onto the trunk the KfM build will use the +KerberosIPC library instead. diff --git a/src/lib/ccapi/common/mac/KerberosIPC/kipc_client.c b/src/lib/ccapi/common/mac/KerberosIPC/kipc_client.c new file mode 100644 index 000000000..2e48c42cd --- /dev/null +++ b/src/lib/ccapi/common/mac/KerberosIPC/kipc_client.c @@ -0,0 +1,86 @@ +/* + * kipc_client.c + * + * $Header$ + * + * Copyright 2006 Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#include + +// --------------------------------------------------------------------------- + +kipc_err_t +kipc_client_lookup_server (const char *in_service_id, + boolean_t in_launch_if_necessary, + mach_port_t *out_service_port) +{ + kipc_err_t err = 0; + mach_port_t boot_port = MACH_PORT_NULL; + char *service_name = NULL; + + if (in_service_id == NULL) { err = kipc_err (EINVAL); } + if (out_service_port == NULL) { err = kipc_err (EINVAL); } + + if (!err) { + // Get our bootstrap port + err = task_get_bootstrap_port (mach_task_self (), &boot_port); + } + + if (!err && !in_launch_if_necessary) { + char *lookup_name = NULL; + mach_port_t lookup_port = MACH_PORT_NULL; + + err = kipc_get_lookup_name (&lookup_name, in_service_id); + + if (!err) { + // Use the lookup name because the service name will return + // a valid port even if the server isn't running + err = bootstrap_look_up (boot_port, lookup_name, &lookup_port); + //dprintf ("%s(): bootstrap_look_up('%s'): port is %x (err = %d '%s')", + // __FUNCTION__, lookup_name, lookup_port, err, mach_error_string (err)); + } + + if (lookup_name != NULL ) { kipc_free_string (lookup_name); } + if (lookup_port != MACH_PORT_NULL) { mach_port_deallocate (mach_task_self (), lookup_port); } + } + + if (!err) { + err = kipc_get_service_name (&service_name, in_service_id); + } + + if (!err) { + err = bootstrap_look_up (boot_port, service_name, out_service_port); + //dprintf ("%s(): bootstrap_look_up('%s'): port is %x (err = %d '%s')", + // __FUNCTION__, service_name, *out_service_port, err, mach_error_string (err)); + } + + if (service_name != NULL ) { kipc_free_string (service_name); } + if (boot_port != MACH_PORT_NULL) { mach_port_deallocate (mach_task_self (), boot_port); } + + if (err == BOOTSTRAP_UNKNOWN_SERVICE) { + return err; // Avoid spewing to the log file + } else { + return kipc_err (err); + } +} diff --git a/src/lib/ccapi/common/mac/KerberosIPC/kipc_common.c b/src/lib/ccapi/common/mac/KerberosIPC/kipc_common.c new file mode 100644 index 000000000..438650f2a --- /dev/null +++ b/src/lib/ccapi/common/mac/KerberosIPC/kipc_common.c @@ -0,0 +1,93 @@ +/* + * kipc_common.c + * + * $Header$ + * + * Copyright 2006 Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#include +#include + + +// --------------------------------------------------------------------------- + +kipc_err_t __kipc_err (kipc_err_t in_error, const char *in_function, const char *in_file, int in_line) +{ + if (in_error && (ddebuglevel () > 0)) { + dprintf ("%s() got %d ('%s') at %s: %d", + in_function, in_error, mach_error_string (in_error), in_file, in_line); + dprintsession (); + //dprintbootstrap (mach_task_self ()); + } + return in_error; +} +// --------------------------------------------------------------------------- + + +const char *kipc_error_string (kipc_err_t in_error) +{ + return mach_error_string (in_error); +} + +// --------------------------------------------------------------------------- + +kipc_err_t kipc_get_service_name (char **out_service_name, const char *in_service_id) +{ + kipc_err_t err = 0; + + if (out_service_name == NULL) { err = EINVAL; } + if (in_service_id == NULL) { err = EINVAL; } + + if (!err) { + int wrote = asprintf (out_service_name, "%s%s", in_service_id, ".ipcService"); + if (wrote < 0) { err = ENOMEM; } + } + + return kipc_err (err); +} + +// --------------------------------------------------------------------------- + +kipc_err_t kipc_get_lookup_name (char **out_lookup_name, const char *in_service_id) +{ + kipc_err_t err = 0; + + if (out_lookup_name == NULL) { err = EINVAL; } + if (in_service_id == NULL) { err = EINVAL; } + + if (!err) { + int wrote = asprintf (out_lookup_name, "%s%s", in_service_id, ".ipcLookup"); + if (wrote < 0) { err = ENOMEM; } + } + + return kipc_err (err); +} + +// --------------------------------------------------------------------------- + +void kipc_free_string (char *io_string) +{ + free (io_string); +} + diff --git a/src/lib/ccapi/common/mac/KerberosIPC/kipc_server.c b/src/lib/ccapi/common/mac/KerberosIPC/kipc_server.c new file mode 100644 index 000000000..c7c973bee --- /dev/null +++ b/src/lib/ccapi/common/mac/KerberosIPC/kipc_server.c @@ -0,0 +1,313 @@ +/* + * kipc_server.c + * + * $Header$ + * + * Copyright 2006 Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#include +#include +#include "notifyServer.h" + +// Global variables for servers (used by demux) +static mach_port_t g_service_port = MACH_PORT_NULL; +static kipc_boolean_t g_ready_to_quit = FALSE; +static kipc_demux_proc g_demux_proc = NULL; + +#pragma mark - + +// --------------------------------------------------------------------------- + +mach_port_t +kipc_server_get_service_port () +{ + return g_service_port; +} + +#pragma mark - + +// --------------------------------------------------------------------------- + +kipc_boolean_t +kipc_server_quit (void) +{ + // Do not unregister our port because then we won't get automatically launched again. + dprintf ("mach_server_quit_self(): quitting..."); + g_ready_to_quit = true; + return g_ready_to_quit; +} + +#pragma mark - + +// --------------------------------------------------------------------------- + +static kipc_boolean_t +kipc_server_demux (mach_msg_header_t *request, mach_msg_header_t *reply) +{ + if (mach_notify_server (request, reply) != false) { + return true; + } else { + return g_demux_proc (request, reply); + } + return false; +} + +#pragma mark - + +// --------------------------------------------------------------------------- + +static kipc_err_t +kipc_get_server_id (char **out_server_id) +{ + kern_return_t err = KERN_SUCCESS; + CFBundleRef bundle = NULL; + CFStringRef id_string = NULL; + CFIndex id_length = 0; + char *server_id = NULL; + + if (out_server_id == NULL) { err = kipc_err (EINVAL); } + + if (!err) { + bundle = CFBundleGetMainBundle (); + if (bundle == NULL) { err = ENOENT; } + } + + if (!err) { + id_string = CFBundleGetIdentifier (bundle); + if (id_string == NULL) { err = ENOMEM; } + } + + if (!err) { + id_length = CFStringGetMaximumSizeForEncoding (CFStringGetLength (id_string), + CFStringGetSystemEncoding ()) + 1; + server_id = calloc (id_length, sizeof (char)); + if (server_id == NULL) { err = errno; } + } + + if (!err) { + if (!CFStringGetCString (id_string, server_id, id_length, CFStringGetSystemEncoding ())) { + err = ENOMEM; + } + } + + if (!err) { + *out_server_id = server_id; + server_id = NULL; + } + + if (server_id != NULL) { kipc_free_string (server_id); } + + return kipc_err (err); +} + +// --------------------------------------------------------------------------- + +kipc_err_t +kipc_server_run_server (kipc_demux_proc in_demux_proc) +{ + kern_return_t err = KERN_SUCCESS; + char *server_id = NULL; + char *service_name = NULL; + char *lookup_name = NULL; + mach_port_t boot_port = MACH_PORT_NULL; + mach_port_t lookup_port = MACH_PORT_NULL; + mach_port_t notify_port = MACH_PORT_NULL; + mach_port_t previous_notify_port = MACH_PORT_NULL; + mach_port_t listen_port_set = MACH_PORT_NULL; + + if (in_demux_proc == NULL) { err = kipc_err (EINVAL); } + + // Shed root privileges if any + if (!err && (geteuid () == 0)) { + uid_t new_uid = kipc_session_get_server_uid (); + if (setuid (new_uid) < 0) { + dprintf ("%s(): setuid(%d) failed (euid is %d)", __FUNCTION__, new_uid, geteuid ()); + } + } + + if (!err) { + // Set up the globals so the demux can find them + g_demux_proc = in_demux_proc; + } + + if (!err) { + err = kipc_get_server_id (&server_id); + } + + if (!err) { + err = kipc_get_service_name (&service_name, server_id); + } + + if (!err) { + err = kipc_get_lookup_name (&lookup_name, server_id); + } + + if (!err) { + // Get the bootstrap port + err = task_get_bootstrap_port (mach_task_self (), &boot_port); + dprintf ("%s(): task_get_bootstrap_port(): port is %x (err = %d '%s')", + __FUNCTION__, boot_port, err, mach_error_string (err)); + } + + if (!err) { + // Create the lookup port: + err = mach_port_allocate (mach_task_self (), MACH_PORT_RIGHT_RECEIVE, &lookup_port); + } + + if (!err) { + err = mach_port_insert_right (mach_task_self (), lookup_port, lookup_port, MACH_MSG_TYPE_MAKE_SEND); + } + + if (!err) { + // Register the lookup port so others can tell whether or not we are running + err = bootstrap_register (boot_port, lookup_name, lookup_port); + dprintf ("%s(): bootstrap_register('%s', %x): (err = %d '%s')", + __FUNCTION__, lookup_name, lookup_port, err, mach_error_string (err)); + } + + if (!err) { + // We are an on-demand server so our port already exists. Just ask for it. + err = bootstrap_check_in (boot_port, (char *) service_name, &g_service_port); + dprintf ("%s(): bootstrap_check_in('%s'): port is %d (err = %d '%s')", + __FUNCTION__, service_name, g_service_port, err, mach_error_string (err)); + } + + if (!err) { + // Create the notification port: + err = mach_port_allocate (mach_task_self (), MACH_PORT_RIGHT_RECEIVE, ¬ify_port); + } + + if (!err) { + // Ask for notification when the server port has no more senders + // A send-once right != a send right so our send-once right will not interfere with the notification + err = mach_port_request_notification (mach_task_self (), g_service_port, MACH_NOTIFY_NO_SENDERS, true, + notify_port, MACH_MSG_TYPE_MAKE_SEND_ONCE, &previous_notify_port); + dprintf ("%s(): requesting notification for no senders of %x returned '%s', err = %d\n", + __FUNCTION__, g_service_port, mach_error_string (err), err); + } + + if (!err) { + // Create the port set that the server will listen on + err = mach_port_allocate (mach_task_self (), MACH_PORT_RIGHT_PORT_SET, &listen_port_set); + } + + if (!err) { + // Add the service port to the port set + err = mach_port_move_member (mach_task_self (), g_service_port, listen_port_set); + } + + if (!err) { + // Add the notify port to the port set + err = mach_port_move_member (mach_task_self (), notify_port, listen_port_set); + } + + if (!err) { + dprintf ("%s(): \"%s\": starting up. service port = %x, bootstrap port = %x\n", + __FUNCTION__, service_name, g_service_port, boot_port); + } + + while (!err && !g_ready_to_quit) { + // Handle one message at a time so we can check to see if the server wants to quit + err = mach_msg_server_once (kipc_server_demux, kkipc_max_message_size, listen_port_set, MACH_MSG_OPTION_NONE); + } + + // Regardless of whether there was an error, unregister ourselves from no senders notifications + // so we don't get launched again by the notification message when we quit + // A send-once right != a send right so our send-once right will not interfere with the notification + if (g_service_port != MACH_PORT_NULL) { + err = mach_port_request_notification (mach_task_self (), g_service_port, MACH_NOTIFY_NO_SENDERS, + true, MACH_PORT_NULL, MACH_MSG_TYPE_MAKE_SEND_ONCE, + &previous_notify_port); + dprintf ("%s(): removing notification for no senders of %x returned '%s', err = %d\n", + __FUNCTION__, previous_notify_port, mach_error_string (err), err); + } + + // Clean up the ports and strings + if (lookup_port != MACH_PORT_NULL) { + kipc_err_t terr = bootstrap_register (boot_port, lookup_name, MACH_PORT_NULL); + dprintf ("%s(): bootstrap_register('%s', MACH_PORT_NULL): (err = %d '%s')", + __FUNCTION__, lookup_name, terr, mach_error_string (terr)); + mach_port_deallocate (mach_task_self (), lookup_port); + } + if (notify_port != MACH_PORT_NULL) { mach_port_deallocate (mach_task_self (), notify_port); } + if (listen_port_set != MACH_PORT_NULL) { mach_port_deallocate (mach_task_self (), listen_port_set); } + if (boot_port != MACH_PORT_NULL) { mach_port_deallocate (mach_task_self (), boot_port); } + if (lookup_name != NULL ) { kipc_free_string (lookup_name); } + if (service_name != NULL ) { kipc_free_string (service_name); } + if (server_id != NULL ) { kipc_free_string (server_id); } + + return kipc_err (err); +} + +#pragma mark - + +// --------------------------------------------------------------------------- + +kern_return_t +do_mach_notify_port_deleted (mach_port_t notify, mach_port_name_t name) +{ + dprintf ("Received MACH_NOTIFY_PORT_DELETED... quitting self"); + kipc_server_quit (); + return KERN_SUCCESS; +} + +// --------------------------------------------------------------------------- + +kern_return_t +do_mach_notify_port_destroyed (mach_port_t notify, mach_port_t rights) +{ + dprintf ("Received MACH_NOTIFY_PORT_DESTROYED... quitting self"); + kipc_server_quit (); + return KERN_SUCCESS; +} + +// --------------------------------------------------------------------------- + +kern_return_t +do_mach_notify_no_senders (mach_port_t notify, mach_port_mscount_t mscount) +{ + dprintf ("Received MACH_NOTIFY_NO_SENDERS... quitting self"); + kipc_server_quit (); + return KERN_SUCCESS; +} + +// --------------------------------------------------------------------------- + +kern_return_t +do_mach_notify_send_once (mach_port_t notify) +{ + dprintf ("Received MACH_NOTIFY_SEND_ONCE"); + return KERN_SUCCESS; +} + +// --------------------------------------------------------------------------- + +kern_return_t +do_mach_notify_dead_name (mach_port_t notify, mach_port_name_t name) +{ + dprintf ("Received MACH_NOTIFY_DEAD_NAME... quitting self"); + kipc_server_quit (); + return KERN_SUCCESS; +} + diff --git a/src/lib/ccapi/common/mac/KerberosIPC/kipc_session.c b/src/lib/ccapi/common/mac/KerberosIPC/kipc_session.c new file mode 100644 index 000000000..c08e1bc32 --- /dev/null +++ b/src/lib/ccapi/common/mac/KerberosIPC/kipc_session.c @@ -0,0 +1,141 @@ +/* + * kipc_session.c + * + * $Header$ + * + * Copyright 2006 Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#include +#include +#include + +// --------------------------------------------------------------------------- + +kipc_boolean_t kipc_session_is_root_session (void) +{ + kipc_err_t err = 0; + kipc_boolean_t is_root_session = TRUE; // safer to assume root session + SessionAttributeBits sattrs = 0L; + + err = SessionGetInfo (callerSecuritySession, NULL, &sattrs); + + if (!err) { + is_root_session = (sattrs & sessionIsRoot); + dprintf ("%s(): running in %s session", + __FUNCTION__, is_root_session ? "the root" : "a user"); + } else { + dprintf ("%s(): SessionGetInfo() failed with %d", __FUNCTION__, err); + } + + return is_root_session; +} + +// --------------------------------------------------------------------------- + +kipc_session_attributes_t kipc_session_get_attributes (void) +{ + kipc_session_attributes_t attributes = 0L; + SessionAttributeBits sattrs = 0L; + int fd_stdin = fileno (stdin); + int fd_stdout = fileno (stdout); + char *fd_stdin_name = ttyname (fd_stdin); + + if ((SessionGetInfo (callerSecuritySession, NULL, &sattrs) == noErr) && (sattrs & sessionHasGraphicAccess)) { + dprintf ("%s(): Session has graphic access.", __FUNCTION__); + attributes |= kkipc_session_has_gui_access; + + // Check for the HIToolbox (Carbon) or AppKit (Cocoa). If either is loaded, we are a GUI app! + CFBundleRef hiToolBoxBundle = CFBundleGetBundleWithIdentifier (CFSTR ("com.apple.HIToolbox")); + if (hiToolBoxBundle != NULL && CFBundleIsExecutableLoaded (hiToolBoxBundle)) { + dprintf ("%s(): Carbon Toolbox is loaded.", __FUNCTION__); + attributes |= kkipc_session_caller_uses_gui; + } + + CFBundleRef appKitBundle = CFBundleGetBundleWithIdentifier (CFSTR ("com.apple.AppKit")); + if (appKitBundle != NULL && CFBundleIsExecutableLoaded (appKitBundle)) { + dprintf ("%s(): AppKit is loaded.", __FUNCTION__); + attributes |= kkipc_session_caller_uses_gui; + } + } + + // Session info isn't reliable for remote sessions. + // Check manually for terminal access with file descriptors + if (isatty (fd_stdin) && isatty (fd_stdout) && (fd_stdin_name != NULL)) { + dprintf ("%s(): Terminal '%s' of type '%s' exists.", + __FUNCTION__, fd_stdin_name, getenv ("TERM")); + attributes |= kkipc_session_has_cli_access; + } + + dprintf ("%s(): Attributes are %x", __FUNCTION__, attributes); + return attributes; +} + +// --------------------------------------------------------------------------- + +kipc_string kipc_get_session_id_string (void) +{ + // Session ID is a 32 bit quanitity, so the longest string is 0xFFFFFFFF + static char s_session_name[16]; + SecuritySessionId id; + + s_session_name[0] = '\0'; + + if (SessionGetInfo (callerSecuritySession, &id, NULL) == noErr) { + snprintf (s_session_name, sizeof (s_session_name), "0x%lx", id); + } + + return s_session_name; +} + +// --------------------------------------------------------------------------- + +uid_t kipc_session_get_session_uid (void) +{ + // Get the uid of the user that the server will be run and named for. + uid_t uid = geteuid (); + + // Avoid root because the client can later go back to the real uid + if (uid == 0 /* root */) { + dprintf ("%s(): geteuid returned UID %d, trying getuid...\n", __FUNCTION__, uid); + uid = getuid (); + } + + return uid; +} + +// --------------------------------------------------------------------------- + +uid_t kipc_session_get_server_uid (void) +{ + uid_t server_uid = 92; + + struct passwd *pw = getpwnam ("securityagent"); + if (pw != NULL) { + server_uid = pw->pw_uid; + } else { + dprintf ("%s: getpwnam(securityagent) failed, using hardcoded value.", __FUNCTION__); + } + + return server_uid; +} diff --git a/src/lib/ccapi/common/mac/KerberosIPC/notify.defs b/src/lib/ccapi/common/mac/KerberosIPC/notify.defs new file mode 100644 index 000000000..fea03c9d5 --- /dev/null +++ b/src/lib/ccapi/common/mac/KerberosIPC/notify.defs @@ -0,0 +1,36 @@ +/* + * mach_notify.defs + * + * $Header$ + * + * Copyright 2003 Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +/* + * This is totally disgusting. + * Rename the demux function so we don't collide with other libraries using this. + */ + +#define notify_server mach_notify_server + +#include -- cgit From 90c9fe974de343ffec87efbed89ddcfefd431d9e Mon Sep 17 00:00:00 2001 From: Sam Hartman Date: Thu, 22 Jun 2006 18:42:12 +0000 Subject: Revert 18100 before merging onto trunk git-svn-id: svn://anonsvn.mit.edu/krb5/branches/ccapi@18199 dc483132-0cff-0310-8789-dd5450dbe970 --- .../common/mac/KerberosIPC/Kerberos/kipc_client.h | 47 ---- .../common/mac/KerberosIPC/Kerberos/kipc_common.h | 76 ----- .../common/mac/KerberosIPC/Kerberos/kipc_server.h | 54 ---- .../common/mac/KerberosIPC/Kerberos/kipc_session.h | 59 ---- src/lib/ccapi/common/mac/KerberosIPC/README | 3 - src/lib/ccapi/common/mac/KerberosIPC/kipc_client.c | 86 ------ src/lib/ccapi/common/mac/KerberosIPC/kipc_common.c | 93 ------ src/lib/ccapi/common/mac/KerberosIPC/kipc_server.c | 313 --------------------- .../ccapi/common/mac/KerberosIPC/kipc_session.c | 141 ---------- src/lib/ccapi/common/mac/KerberosIPC/notify.defs | 36 --- 10 files changed, 908 deletions(-) delete mode 100644 src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_client.h delete mode 100644 src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_common.h delete mode 100644 src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_server.h delete mode 100644 src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_session.h delete mode 100644 src/lib/ccapi/common/mac/KerberosIPC/README delete mode 100644 src/lib/ccapi/common/mac/KerberosIPC/kipc_client.c delete mode 100644 src/lib/ccapi/common/mac/KerberosIPC/kipc_common.c delete mode 100644 src/lib/ccapi/common/mac/KerberosIPC/kipc_server.c delete mode 100644 src/lib/ccapi/common/mac/KerberosIPC/kipc_session.c delete mode 100644 src/lib/ccapi/common/mac/KerberosIPC/notify.defs (limited to 'src/lib/ccapi/common') diff --git a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_client.h b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_client.h deleted file mode 100644 index 89923eb16..000000000 --- a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_client.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * kipc_client.h - * - * $Header$ - * - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIPC_CLIENT_H -#define KIPC_CLIENT_H - -#include - -#if __cplusplus -extern "C" { -#endif - -kipc_err_t -kipc_client_lookup_server (const char *in_service_id, - boolean_t in_launch_if_necessary, - mach_port_t *out_service_port); - -#if __cplusplus -} -#endif - -#endif /* KIPC_CLIENT_H */ diff --git a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_common.h b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_common.h deleted file mode 100644 index 361f7f576..000000000 --- a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_common.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * KerberosIPCCommon.h - * - * $Header$ - * - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIPC_COMMON_H -#define KIPC_COMMON_H - -//#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - - -#if __cplusplus -extern "C" { -#endif - -typedef kern_return_t kipc_err_t; -typedef boolean_t kipc_boolean_t; -typedef char *kipc_string; - -#define kkipc_max_message_size 2048 + MAX_TRAILER_SIZE -#define kkipc_timeout 200 - -// Debugging API used by library -kipc_err_t __kipc_err (kipc_err_t inError, const char *function, const char *file, int line); -#define kipc_err(err) __kipc_err(err, __FUNCTION__, __FILE__, __LINE__) - -const char *kipc_error_string (kipc_err_t in_error); - -kipc_err_t kipc_get_lookup_name (char **out_lookup_name, const char *in_service_id); -kipc_err_t kipc_get_service_name (char **out_service_name, const char *in_service_id); - -void kipc_free_string (char *io_string); - -#if __cplusplus -} -#endif - -#endif /* KIPC_COMMON_H */ diff --git a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_server.h b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_server.h deleted file mode 100644 index 5d9754758..000000000 --- a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_server.h +++ /dev/null @@ -1,54 +0,0 @@ -/* - * kipc_server.h - * - * $Header$ - * - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIPC_SERVER_H -#define KIPC_SERVER_H - -#include - -#define kKerberosIPCMaxMsgSize 2048 + MAX_TRAILER_SIZE -#define kKerberosIPCTimeout 200 - -#if __cplusplus -extern "C" { -#endif - -typedef kipc_boolean_t (*kipc_demux_proc) (mach_msg_header_t *, mach_msg_header_t *); - - -kipc_err_t kipc_server_run_server (kipc_demux_proc in_demux_proc); - -mach_port_t kipc_server_get_service_port (); - -kipc_boolean_t kipc_server_quit (void); - -#if __cplusplus -} -#endif - -#endif /* KIPC_SERVER_H */ diff --git a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_session.h b/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_session.h deleted file mode 100644 index 3f259561e..000000000 --- a/src/lib/ccapi/common/mac/KerberosIPC/Kerberos/kipc_session.h +++ /dev/null @@ -1,59 +0,0 @@ -/* - * kipc_session.h - * - * $Header$ - * - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifndef KIPC_SESSION_H -#define KIPC_SESSION_H - -#include - -#if __cplusplus -extern "C" { -#endif - -#define kkipc_session_has_gui_access 0x00000001 -#define kkipc_session_caller_uses_gui 0x00000002 -#define kkipc_session_has_cli_access 0x00000004 - -typedef u_int32_t kipc_session_attributes_t; - - -kipc_boolean_t kipc_session_is_root_session (void); - -kipc_session_attributes_t kipc_session_get_attributes (void); - -kipc_string kipc_get_session_id_string (void); - -uid_t kipc_session_get_session_uid (void); - -uid_t kipc_session_get_server_uid (void); - -#if __cplusplus -} -#endif - -#endif /* KIPC_SESSION_H */ diff --git a/src/lib/ccapi/common/mac/KerberosIPC/README b/src/lib/ccapi/common/mac/KerberosIPC/README deleted file mode 100644 index 2e2d70d4d..000000000 --- a/src/lib/ccapi/common/mac/KerberosIPC/README +++ /dev/null @@ -1,3 +0,0 @@ -This is a temporary copy of the KfM KerberosIPC library sources. -Once this gets merged onto the trunk the KfM build will use the -KerberosIPC library instead. diff --git a/src/lib/ccapi/common/mac/KerberosIPC/kipc_client.c b/src/lib/ccapi/common/mac/KerberosIPC/kipc_client.c deleted file mode 100644 index 2e48c42cd..000000000 --- a/src/lib/ccapi/common/mac/KerberosIPC/kipc_client.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - * kipc_client.c - * - * $Header$ - * - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include - -// --------------------------------------------------------------------------- - -kipc_err_t -kipc_client_lookup_server (const char *in_service_id, - boolean_t in_launch_if_necessary, - mach_port_t *out_service_port) -{ - kipc_err_t err = 0; - mach_port_t boot_port = MACH_PORT_NULL; - char *service_name = NULL; - - if (in_service_id == NULL) { err = kipc_err (EINVAL); } - if (out_service_port == NULL) { err = kipc_err (EINVAL); } - - if (!err) { - // Get our bootstrap port - err = task_get_bootstrap_port (mach_task_self (), &boot_port); - } - - if (!err && !in_launch_if_necessary) { - char *lookup_name = NULL; - mach_port_t lookup_port = MACH_PORT_NULL; - - err = kipc_get_lookup_name (&lookup_name, in_service_id); - - if (!err) { - // Use the lookup name because the service name will return - // a valid port even if the server isn't running - err = bootstrap_look_up (boot_port, lookup_name, &lookup_port); - //dprintf ("%s(): bootstrap_look_up('%s'): port is %x (err = %d '%s')", - // __FUNCTION__, lookup_name, lookup_port, err, mach_error_string (err)); - } - - if (lookup_name != NULL ) { kipc_free_string (lookup_name); } - if (lookup_port != MACH_PORT_NULL) { mach_port_deallocate (mach_task_self (), lookup_port); } - } - - if (!err) { - err = kipc_get_service_name (&service_name, in_service_id); - } - - if (!err) { - err = bootstrap_look_up (boot_port, service_name, out_service_port); - //dprintf ("%s(): bootstrap_look_up('%s'): port is %x (err = %d '%s')", - // __FUNCTION__, service_name, *out_service_port, err, mach_error_string (err)); - } - - if (service_name != NULL ) { kipc_free_string (service_name); } - if (boot_port != MACH_PORT_NULL) { mach_port_deallocate (mach_task_self (), boot_port); } - - if (err == BOOTSTRAP_UNKNOWN_SERVICE) { - return err; // Avoid spewing to the log file - } else { - return kipc_err (err); - } -} diff --git a/src/lib/ccapi/common/mac/KerberosIPC/kipc_common.c b/src/lib/ccapi/common/mac/KerberosIPC/kipc_common.c deleted file mode 100644 index 438650f2a..000000000 --- a/src/lib/ccapi/common/mac/KerberosIPC/kipc_common.c +++ /dev/null @@ -1,93 +0,0 @@ -/* - * kipc_common.c - * - * $Header$ - * - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include -#include - - -// --------------------------------------------------------------------------- - -kipc_err_t __kipc_err (kipc_err_t in_error, const char *in_function, const char *in_file, int in_line) -{ - if (in_error && (ddebuglevel () > 0)) { - dprintf ("%s() got %d ('%s') at %s: %d", - in_function, in_error, mach_error_string (in_error), in_file, in_line); - dprintsession (); - //dprintbootstrap (mach_task_self ()); - } - return in_error; -} -// --------------------------------------------------------------------------- - - -const char *kipc_error_string (kipc_err_t in_error) -{ - return mach_error_string (in_error); -} - -// --------------------------------------------------------------------------- - -kipc_err_t kipc_get_service_name (char **out_service_name, const char *in_service_id) -{ - kipc_err_t err = 0; - - if (out_service_name == NULL) { err = EINVAL; } - if (in_service_id == NULL) { err = EINVAL; } - - if (!err) { - int wrote = asprintf (out_service_name, "%s%s", in_service_id, ".ipcService"); - if (wrote < 0) { err = ENOMEM; } - } - - return kipc_err (err); -} - -// --------------------------------------------------------------------------- - -kipc_err_t kipc_get_lookup_name (char **out_lookup_name, const char *in_service_id) -{ - kipc_err_t err = 0; - - if (out_lookup_name == NULL) { err = EINVAL; } - if (in_service_id == NULL) { err = EINVAL; } - - if (!err) { - int wrote = asprintf (out_lookup_name, "%s%s", in_service_id, ".ipcLookup"); - if (wrote < 0) { err = ENOMEM; } - } - - return kipc_err (err); -} - -// --------------------------------------------------------------------------- - -void kipc_free_string (char *io_string) -{ - free (io_string); -} - diff --git a/src/lib/ccapi/common/mac/KerberosIPC/kipc_server.c b/src/lib/ccapi/common/mac/KerberosIPC/kipc_server.c deleted file mode 100644 index c7c973bee..000000000 --- a/src/lib/ccapi/common/mac/KerberosIPC/kipc_server.c +++ /dev/null @@ -1,313 +0,0 @@ -/* - * kipc_server.c - * - * $Header$ - * - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include -#include -#include "notifyServer.h" - -// Global variables for servers (used by demux) -static mach_port_t g_service_port = MACH_PORT_NULL; -static kipc_boolean_t g_ready_to_quit = FALSE; -static kipc_demux_proc g_demux_proc = NULL; - -#pragma mark - - -// --------------------------------------------------------------------------- - -mach_port_t -kipc_server_get_service_port () -{ - return g_service_port; -} - -#pragma mark - - -// --------------------------------------------------------------------------- - -kipc_boolean_t -kipc_server_quit (void) -{ - // Do not unregister our port because then we won't get automatically launched again. - dprintf ("mach_server_quit_self(): quitting..."); - g_ready_to_quit = true; - return g_ready_to_quit; -} - -#pragma mark - - -// --------------------------------------------------------------------------- - -static kipc_boolean_t -kipc_server_demux (mach_msg_header_t *request, mach_msg_header_t *reply) -{ - if (mach_notify_server (request, reply) != false) { - return true; - } else { - return g_demux_proc (request, reply); - } - return false; -} - -#pragma mark - - -// --------------------------------------------------------------------------- - -static kipc_err_t -kipc_get_server_id (char **out_server_id) -{ - kern_return_t err = KERN_SUCCESS; - CFBundleRef bundle = NULL; - CFStringRef id_string = NULL; - CFIndex id_length = 0; - char *server_id = NULL; - - if (out_server_id == NULL) { err = kipc_err (EINVAL); } - - if (!err) { - bundle = CFBundleGetMainBundle (); - if (bundle == NULL) { err = ENOENT; } - } - - if (!err) { - id_string = CFBundleGetIdentifier (bundle); - if (id_string == NULL) { err = ENOMEM; } - } - - if (!err) { - id_length = CFStringGetMaximumSizeForEncoding (CFStringGetLength (id_string), - CFStringGetSystemEncoding ()) + 1; - server_id = calloc (id_length, sizeof (char)); - if (server_id == NULL) { err = errno; } - } - - if (!err) { - if (!CFStringGetCString (id_string, server_id, id_length, CFStringGetSystemEncoding ())) { - err = ENOMEM; - } - } - - if (!err) { - *out_server_id = server_id; - server_id = NULL; - } - - if (server_id != NULL) { kipc_free_string (server_id); } - - return kipc_err (err); -} - -// --------------------------------------------------------------------------- - -kipc_err_t -kipc_server_run_server (kipc_demux_proc in_demux_proc) -{ - kern_return_t err = KERN_SUCCESS; - char *server_id = NULL; - char *service_name = NULL; - char *lookup_name = NULL; - mach_port_t boot_port = MACH_PORT_NULL; - mach_port_t lookup_port = MACH_PORT_NULL; - mach_port_t notify_port = MACH_PORT_NULL; - mach_port_t previous_notify_port = MACH_PORT_NULL; - mach_port_t listen_port_set = MACH_PORT_NULL; - - if (in_demux_proc == NULL) { err = kipc_err (EINVAL); } - - // Shed root privileges if any - if (!err && (geteuid () == 0)) { - uid_t new_uid = kipc_session_get_server_uid (); - if (setuid (new_uid) < 0) { - dprintf ("%s(): setuid(%d) failed (euid is %d)", __FUNCTION__, new_uid, geteuid ()); - } - } - - if (!err) { - // Set up the globals so the demux can find them - g_demux_proc = in_demux_proc; - } - - if (!err) { - err = kipc_get_server_id (&server_id); - } - - if (!err) { - err = kipc_get_service_name (&service_name, server_id); - } - - if (!err) { - err = kipc_get_lookup_name (&lookup_name, server_id); - } - - if (!err) { - // Get the bootstrap port - err = task_get_bootstrap_port (mach_task_self (), &boot_port); - dprintf ("%s(): task_get_bootstrap_port(): port is %x (err = %d '%s')", - __FUNCTION__, boot_port, err, mach_error_string (err)); - } - - if (!err) { - // Create the lookup port: - err = mach_port_allocate (mach_task_self (), MACH_PORT_RIGHT_RECEIVE, &lookup_port); - } - - if (!err) { - err = mach_port_insert_right (mach_task_self (), lookup_port, lookup_port, MACH_MSG_TYPE_MAKE_SEND); - } - - if (!err) { - // Register the lookup port so others can tell whether or not we are running - err = bootstrap_register (boot_port, lookup_name, lookup_port); - dprintf ("%s(): bootstrap_register('%s', %x): (err = %d '%s')", - __FUNCTION__, lookup_name, lookup_port, err, mach_error_string (err)); - } - - if (!err) { - // We are an on-demand server so our port already exists. Just ask for it. - err = bootstrap_check_in (boot_port, (char *) service_name, &g_service_port); - dprintf ("%s(): bootstrap_check_in('%s'): port is %d (err = %d '%s')", - __FUNCTION__, service_name, g_service_port, err, mach_error_string (err)); - } - - if (!err) { - // Create the notification port: - err = mach_port_allocate (mach_task_self (), MACH_PORT_RIGHT_RECEIVE, ¬ify_port); - } - - if (!err) { - // Ask for notification when the server port has no more senders - // A send-once right != a send right so our send-once right will not interfere with the notification - err = mach_port_request_notification (mach_task_self (), g_service_port, MACH_NOTIFY_NO_SENDERS, true, - notify_port, MACH_MSG_TYPE_MAKE_SEND_ONCE, &previous_notify_port); - dprintf ("%s(): requesting notification for no senders of %x returned '%s', err = %d\n", - __FUNCTION__, g_service_port, mach_error_string (err), err); - } - - if (!err) { - // Create the port set that the server will listen on - err = mach_port_allocate (mach_task_self (), MACH_PORT_RIGHT_PORT_SET, &listen_port_set); - } - - if (!err) { - // Add the service port to the port set - err = mach_port_move_member (mach_task_self (), g_service_port, listen_port_set); - } - - if (!err) { - // Add the notify port to the port set - err = mach_port_move_member (mach_task_self (), notify_port, listen_port_set); - } - - if (!err) { - dprintf ("%s(): \"%s\": starting up. service port = %x, bootstrap port = %x\n", - __FUNCTION__, service_name, g_service_port, boot_port); - } - - while (!err && !g_ready_to_quit) { - // Handle one message at a time so we can check to see if the server wants to quit - err = mach_msg_server_once (kipc_server_demux, kkipc_max_message_size, listen_port_set, MACH_MSG_OPTION_NONE); - } - - // Regardless of whether there was an error, unregister ourselves from no senders notifications - // so we don't get launched again by the notification message when we quit - // A send-once right != a send right so our send-once right will not interfere with the notification - if (g_service_port != MACH_PORT_NULL) { - err = mach_port_request_notification (mach_task_self (), g_service_port, MACH_NOTIFY_NO_SENDERS, - true, MACH_PORT_NULL, MACH_MSG_TYPE_MAKE_SEND_ONCE, - &previous_notify_port); - dprintf ("%s(): removing notification for no senders of %x returned '%s', err = %d\n", - __FUNCTION__, previous_notify_port, mach_error_string (err), err); - } - - // Clean up the ports and strings - if (lookup_port != MACH_PORT_NULL) { - kipc_err_t terr = bootstrap_register (boot_port, lookup_name, MACH_PORT_NULL); - dprintf ("%s(): bootstrap_register('%s', MACH_PORT_NULL): (err = %d '%s')", - __FUNCTION__, lookup_name, terr, mach_error_string (terr)); - mach_port_deallocate (mach_task_self (), lookup_port); - } - if (notify_port != MACH_PORT_NULL) { mach_port_deallocate (mach_task_self (), notify_port); } - if (listen_port_set != MACH_PORT_NULL) { mach_port_deallocate (mach_task_self (), listen_port_set); } - if (boot_port != MACH_PORT_NULL) { mach_port_deallocate (mach_task_self (), boot_port); } - if (lookup_name != NULL ) { kipc_free_string (lookup_name); } - if (service_name != NULL ) { kipc_free_string (service_name); } - if (server_id != NULL ) { kipc_free_string (server_id); } - - return kipc_err (err); -} - -#pragma mark - - -// --------------------------------------------------------------------------- - -kern_return_t -do_mach_notify_port_deleted (mach_port_t notify, mach_port_name_t name) -{ - dprintf ("Received MACH_NOTIFY_PORT_DELETED... quitting self"); - kipc_server_quit (); - return KERN_SUCCESS; -} - -// --------------------------------------------------------------------------- - -kern_return_t -do_mach_notify_port_destroyed (mach_port_t notify, mach_port_t rights) -{ - dprintf ("Received MACH_NOTIFY_PORT_DESTROYED... quitting self"); - kipc_server_quit (); - return KERN_SUCCESS; -} - -// --------------------------------------------------------------------------- - -kern_return_t -do_mach_notify_no_senders (mach_port_t notify, mach_port_mscount_t mscount) -{ - dprintf ("Received MACH_NOTIFY_NO_SENDERS... quitting self"); - kipc_server_quit (); - return KERN_SUCCESS; -} - -// --------------------------------------------------------------------------- - -kern_return_t -do_mach_notify_send_once (mach_port_t notify) -{ - dprintf ("Received MACH_NOTIFY_SEND_ONCE"); - return KERN_SUCCESS; -} - -// --------------------------------------------------------------------------- - -kern_return_t -do_mach_notify_dead_name (mach_port_t notify, mach_port_name_t name) -{ - dprintf ("Received MACH_NOTIFY_DEAD_NAME... quitting self"); - kipc_server_quit (); - return KERN_SUCCESS; -} - diff --git a/src/lib/ccapi/common/mac/KerberosIPC/kipc_session.c b/src/lib/ccapi/common/mac/KerberosIPC/kipc_session.c deleted file mode 100644 index c08e1bc32..000000000 --- a/src/lib/ccapi/common/mac/KerberosIPC/kipc_session.c +++ /dev/null @@ -1,141 +0,0 @@ -/* - * kipc_session.c - * - * $Header$ - * - * Copyright 2006 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include -#include -#include - -// --------------------------------------------------------------------------- - -kipc_boolean_t kipc_session_is_root_session (void) -{ - kipc_err_t err = 0; - kipc_boolean_t is_root_session = TRUE; // safer to assume root session - SessionAttributeBits sattrs = 0L; - - err = SessionGetInfo (callerSecuritySession, NULL, &sattrs); - - if (!err) { - is_root_session = (sattrs & sessionIsRoot); - dprintf ("%s(): running in %s session", - __FUNCTION__, is_root_session ? "the root" : "a user"); - } else { - dprintf ("%s(): SessionGetInfo() failed with %d", __FUNCTION__, err); - } - - return is_root_session; -} - -// --------------------------------------------------------------------------- - -kipc_session_attributes_t kipc_session_get_attributes (void) -{ - kipc_session_attributes_t attributes = 0L; - SessionAttributeBits sattrs = 0L; - int fd_stdin = fileno (stdin); - int fd_stdout = fileno (stdout); - char *fd_stdin_name = ttyname (fd_stdin); - - if ((SessionGetInfo (callerSecuritySession, NULL, &sattrs) == noErr) && (sattrs & sessionHasGraphicAccess)) { - dprintf ("%s(): Session has graphic access.", __FUNCTION__); - attributes |= kkipc_session_has_gui_access; - - // Check for the HIToolbox (Carbon) or AppKit (Cocoa). If either is loaded, we are a GUI app! - CFBundleRef hiToolBoxBundle = CFBundleGetBundleWithIdentifier (CFSTR ("com.apple.HIToolbox")); - if (hiToolBoxBundle != NULL && CFBundleIsExecutableLoaded (hiToolBoxBundle)) { - dprintf ("%s(): Carbon Toolbox is loaded.", __FUNCTION__); - attributes |= kkipc_session_caller_uses_gui; - } - - CFBundleRef appKitBundle = CFBundleGetBundleWithIdentifier (CFSTR ("com.apple.AppKit")); - if (appKitBundle != NULL && CFBundleIsExecutableLoaded (appKitBundle)) { - dprintf ("%s(): AppKit is loaded.", __FUNCTION__); - attributes |= kkipc_session_caller_uses_gui; - } - } - - // Session info isn't reliable for remote sessions. - // Check manually for terminal access with file descriptors - if (isatty (fd_stdin) && isatty (fd_stdout) && (fd_stdin_name != NULL)) { - dprintf ("%s(): Terminal '%s' of type '%s' exists.", - __FUNCTION__, fd_stdin_name, getenv ("TERM")); - attributes |= kkipc_session_has_cli_access; - } - - dprintf ("%s(): Attributes are %x", __FUNCTION__, attributes); - return attributes; -} - -// --------------------------------------------------------------------------- - -kipc_string kipc_get_session_id_string (void) -{ - // Session ID is a 32 bit quanitity, so the longest string is 0xFFFFFFFF - static char s_session_name[16]; - SecuritySessionId id; - - s_session_name[0] = '\0'; - - if (SessionGetInfo (callerSecuritySession, &id, NULL) == noErr) { - snprintf (s_session_name, sizeof (s_session_name), "0x%lx", id); - } - - return s_session_name; -} - -// --------------------------------------------------------------------------- - -uid_t kipc_session_get_session_uid (void) -{ - // Get the uid of the user that the server will be run and named for. - uid_t uid = geteuid (); - - // Avoid root because the client can later go back to the real uid - if (uid == 0 /* root */) { - dprintf ("%s(): geteuid returned UID %d, trying getuid...\n", __FUNCTION__, uid); - uid = getuid (); - } - - return uid; -} - -// --------------------------------------------------------------------------- - -uid_t kipc_session_get_server_uid (void) -{ - uid_t server_uid = 92; - - struct passwd *pw = getpwnam ("securityagent"); - if (pw != NULL) { - server_uid = pw->pw_uid; - } else { - dprintf ("%s: getpwnam(securityagent) failed, using hardcoded value.", __FUNCTION__); - } - - return server_uid; -} diff --git a/src/lib/ccapi/common/mac/KerberosIPC/notify.defs b/src/lib/ccapi/common/mac/KerberosIPC/notify.defs deleted file mode 100644 index fea03c9d5..000000000 --- a/src/lib/ccapi/common/mac/KerberosIPC/notify.defs +++ /dev/null @@ -1,36 +0,0 @@ -/* - * mach_notify.defs - * - * $Header$ - * - * Copyright 2003 Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* - * This is totally disgusting. - * Rename the demux function so we don't collide with other libraries using this. - */ - -#define notify_server mach_notify_server - -#include -- cgit