/opensource.apple.com/source/libsecurity_agent/libsecurity_agent-36399/lib/agentclient.h

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>agentclient.h</title>
<style type="text/css">
.enscript-comment { font-style: italic; color: rgb(178,34,34); }
.enscript-function-name { font-weight: bold; color: rgb(0,0,255); }
.enscript-variable-name { font-weight: bold; color: rgb(184,134,11); }
.enscript-keyword { font-weight: bold; color: rgb(160,32,240); }
.enscript-reference { font-weight: bold; color: rgb(95,158,160); }
.enscript-string { font-weight: bold; color: rgb(188,143,143); }
.enscript-builtin { font-weight: bold; color: rgb(218,112,214); }
.enscript-type { font-weight: bold; color: rgb(34,139,34); }
.enscript-highlight { text-decoration: underline; color: 0; }
</style>
</head>
<body id="top">
<h1 style="margin:8px;" id="f1">agentclient.h&nbsp;&nbsp;&nbsp;<span style="font-weight: normal; font-size: 0.5em;">[<a href="?txt">plain text</a>]</span></h1>
<hr/>
<div></div>
<pre>
<span class="enscript-comment">/*
 *  agentclient.h
 *  SecurityAgent
 *
 *  Copyright (c) 2002,2008 Apple Inc.. All rights reserved.
 *
 */</span>

#<span class="enscript-reference">ifndef</span> <span class="enscript-variable-name">_H_AGENTCLIENT</span>
#<span class="enscript-reference">define</span> <span class="enscript-variable-name">_H_AGENTCLIENT</span>

#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;Security/Authorization.h&gt;</span>
#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;Security/AuthorizationPlugin.h&gt;</span>
#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;Security/AuthorizationTags.h&gt;</span>
#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;Security/AuthorizationTagsPriv.h&gt;</span>

#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;security_agent_client/sa_types.h&gt;</span>

#<span class="enscript-reference">if</span> <span class="enscript-reference">defined</span>(<span class="enscript-variable-name">__cplusplus</span>)

#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;string&gt;</span>
#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;security_utilities/mach++.h&gt;</span>
#<span class="enscript-reference">include</span> <span class="enscript-string">&lt;security_cdsa_utilities/AuthorizationData.h&gt;</span>

namespace SecurityAgent {
#<span class="enscript-reference">endif</span> <span class="enscript-comment">/* __cplusplus__ */</span>

<span class="enscript-comment">// Manimum number of failed authentications before
</span><span class="enscript-comment">// SecurityAgent dialog is killed.
</span>#<span class="enscript-reference">define</span> <span class="enscript-variable-name">kMaximumAuthorizationTries</span> 10000

<span class="enscript-comment">// Number of failed authentications before a password
</span><span class="enscript-comment">// hint is displayed.
</span>#<span class="enscript-reference">define</span> <span class="enscript-variable-name">kAuthorizationTriesBeforeHint</span> 3

#<span class="enscript-reference">define</span> <span class="enscript-variable-name">maxPassphraseLength</span> 1024
    
<span class="enscript-comment">//
</span><span class="enscript-comment">// Unified reason codes transmitted to SecurityAgent (and internationalized there)
</span><span class="enscript-comment">//
</span><span class="enscript-type">enum</span> Reason {
    noReason = 0,                   <span class="enscript-comment">// no reason (not used, used as a NULL)
</span>    unknownReason,                  <span class="enscript-comment">// something else (catch-all internal error)
</span>
    <span class="enscript-comment">// reasons for asking for a new passphrase
</span>    newDatabase = 11,               <span class="enscript-comment">// need passphrase for a new database
</span>    changePassphrase,               <span class="enscript-comment">// changing passphrase for existing database
</span>
    <span class="enscript-comment">// reasons for retrying an unlock query
</span>    invalidPassphrase = 21,         <span class="enscript-comment">// passphrase was wrong
</span>
    <span class="enscript-comment">// reasons for retrying a new passphrase query
</span>    passphraseIsNull = 31,          <span class="enscript-comment">// empty passphrase
</span>    passphraseTooSimple,            <span class="enscript-comment">// passphrase is not complex enough
</span>    passphraseRepeated,             <span class="enscript-comment">// passphrase was used before (must use new one)
</span>    passphraseUnacceptable,         <span class="enscript-comment">// passphrase unacceptable for some other reason
</span>    oldPassphraseWrong,             <span class="enscript-comment">// the old passphrase given is wrong
</span>
    <span class="enscript-comment">// reasons for retrying an authorization query
</span>    userNotInGroup = 41,            <span class="enscript-comment">// authenticated user not in needed group
</span>    unacceptableUser,               <span class="enscript-comment">// authenticated user unacceptable for some other reason
</span>
    <span class="enscript-comment">// reasons for canceling a staged query
</span>    tooManyTries = 61,              <span class="enscript-comment">// too many failed attempts to get it right
</span>    noLongerNeeded,                 <span class="enscript-comment">// the queried item is no longer needed
</span>    keychainAddFailed,              <span class="enscript-comment">// the requested itemed couldn't be added to the keychain
</span>    generalErrorCancel,              <span class="enscript-comment">// something went wrong so we have to give up now
</span>	
	worldChanged = 101
};

<span class="enscript-type">typedef</span> <span class="enscript-type">enum</span> {
	tool = 'TOOL',
	bundle = 'BNDL',
	unknown = 'UNKN'
} RequestorType;

#<span class="enscript-reference">if</span> <span class="enscript-reference">defined</span>(<span class="enscript-variable-name">__cplusplus</span>)

using MachPlusPlus::Port;
using MachPlusPlus::PortSet;
using MachPlusPlus::Bootstrap;
using MachPlusPlus::ReceivePort;
using MachPlusPlus::Message;
using Authorization::AuthItemSet;
using Authorization::AuthValueVector;

class Clients;

class Client
{
friend class Clients;

<span class="enscript-type">enum</span> MessageType { requestInterruptMessage, didDeactivateMessage, reportErrorMessage };

<span class="enscript-reference">public</span>:
	Client();
	virtual ~Client();

    <span class="enscript-type">static</span> AuthItemSet clientHints(SecurityAgent::RequestorType type, std::string &amp;path, pid_t clientPid, uid_t clientUid);
    
    <span class="enscript-type">static</span> OSStatus startTransaction(Port serverPort);
    <span class="enscript-type">static</span> OSStatus endTransaction(Port serverPort);
	
<span class="enscript-reference">protected</span>:
	<span class="enscript-type">void</span> establishServer();
	
<span class="enscript-reference">public</span>:
	<span class="enscript-type">void</span> activate(Port serverPort);

	OSStatus create(<span class="enscript-type">const</span> <span class="enscript-type">char</span> *pluginId, <span class="enscript-type">const</span> <span class="enscript-type">char</span> *mechanismId, <span class="enscript-type">const</span> SessionId inSessionId);
    <span class="enscript-type">void</span> setArguments(<span class="enscript-type">const</span> Authorization::AuthValueVector&amp; inArguments) { mArguments = inArguments; }
    <span class="enscript-type">void</span> setInput(<span class="enscript-type">const</span> Authorization::AuthItemSet&amp; inHints, <span class="enscript-type">const</span> Authorization::AuthItemSet&amp; inContext) { mInHints = inHints; mInContext = inContext; }
    OSStatus invoke();
	OSStatus deactivate();
	OSStatus destroy();
	OSStatus terminate();
    <span class="enscript-type">void</span> receive();
	
	<span class="enscript-type">void</span> didCreate(<span class="enscript-type">const</span> mach_port_t inStagePort);
    <span class="enscript-type">void</span> setResult(<span class="enscript-type">const</span> AuthorizationResult inResult, <span class="enscript-type">const</span> AuthorizationItemSet *inHints, <span class="enscript-type">const</span> AuthorizationItemSet *inContext);
	<span class="enscript-type">void</span> requestInterrupt(); <span class="enscript-comment">// setMessageType(requestInterrupt);
</span>	<span class="enscript-type">void</span> didDeactivate(); <span class="enscript-comment">// setMessageType(didDeactivate);
</span>
	<span class="enscript-type">void</span> setError(<span class="enscript-type">const</span> OSStatus inMechanismError); <span class="enscript-comment">// setMessageType(reportError); setError(mechanismError);
</span>    OSStatus getError();
    AuthorizationResult result() { <span class="enscript-keyword">return</span> mResult; }

	<span class="enscript-type">typedef</span> <span class="enscript-type">enum</span> _PluginState {
		init,
		created,
		current,
		deactivating,
		active,
		interrupting,
		dead
	} PluginState;
    PluginState state() { <span class="enscript-keyword">return</span> mState; }

<span class="enscript-reference">protected</span>:
	<span class="enscript-type">void</span> setMessageType(<span class="enscript-type">const</span> MessageType inMessageType);
	<span class="enscript-comment">// allow didCreate to set stagePort 
</span>	<span class="enscript-type">void</span> setStagePort(<span class="enscript-type">const</span> mach_port_t inStagePort);
	<span class="enscript-comment">// allow server routines to use request port to find instance 
</span>
	<span class="enscript-comment">// @@@ implement lessThan operator for set in terms of instance	
</span>
<span class="enscript-reference">protected</span>:
	<span class="enscript-type">void</span> setup();
	<span class="enscript-type">void</span> teardown() throw();

    Port mServerPort;
	Port mStagePort;
    Port mClientPort;

	MessageType mMessageType;
    
    OSStatus mErrorState;

    AuthorizationResult mResult;
    AuthValueVector mArguments;
    AuthItemSet mInHints;
    AuthItemSet mInContext;
    AuthItemSet mOutHints;
    AuthItemSet mOutContext;
	
	PluginState mState;
	<span class="enscript-type">void</span> setState(PluginState mState);

<span class="enscript-reference">public</span>:
	mach_port_t instance() <span class="enscript-type">const</span> { <span class="enscript-keyword">return</span> mClientPort; }
<span class="enscript-comment">//	bool operator == (const Client &amp;other) const { return this-&gt;instance() == other.instance(); }
</span>	bool operator &lt; (<span class="enscript-type">const</span> Client &amp;other) <span class="enscript-type">const</span> { <span class="enscript-keyword">return</span> this-&gt;instance() &lt; other.instance(); }

    AuthItemSet &amp;inHints() { <span class="enscript-keyword">return</span> mInHints; }
    AuthItemSet &amp;inContext() { <span class="enscript-keyword">return</span> mInContext; }
    AuthItemSet &amp;outHints() { <span class="enscript-keyword">return</span> mOutHints; }
    AuthItemSet &amp;outContext() { <span class="enscript-keyword">return</span> mOutContext; }

<span class="enscript-reference">public</span>:
		<span class="enscript-type">void</span> check(mach_msg_return_t returnCode);
        <span class="enscript-type">void</span> checkResult();
};

class Clients
{
friend class Client;

<span class="enscript-reference">protected</span>:
	set&lt;Client*&gt; mClients;
    PortSet mClientPortSet;
<span class="enscript-reference">public</span>:
    Clients() {}
	<span class="enscript-type">void</span> create(); <span class="enscript-comment">// create an agentclient
</span>	<span class="enscript-type">void</span> insert(Client *agent) { StLock&lt;Mutex&gt; _(mLock); mClients.insert(agent); mClientPortSet += agent-&gt;instance(); }
	<span class="enscript-type">void</span> remove(Client *agent) { StLock&lt;Mutex&gt; _(mLock); mClientPortSet -= agent-&gt;instance(); mClients.erase(agent); }
	Client &amp;find(<span class="enscript-type">const</span> mach_port_t instance) <span class="enscript-type">const</span>;
    bool receive();
	bool compare(<span class="enscript-type">const</span> Client * client, mach_port_t instance);

	mutable Mutex mLock;
	<span class="enscript-type">static</span> ThreadNexus&lt;Clients&gt; gClients;
};

} <span class="enscript-comment">// end namespace Authorization
</span>
#<span class="enscript-reference">endif</span> <span class="enscript-comment">/* __cplusplus__ */</span>

#<span class="enscript-reference">endif</span> <span class="enscript-comment">/* _H_AGENTCLIENT */</span>

</pre>
<hr />
</body></html>