/opensource.apple.com/source/libsecurity_agent/libsecurity_agent-36399/lib/agentclient.h
C Header | 235 lines | 191 code | 39 blank | 5 comment | 0 complexity | 743f2ae6563c7bfd199244f8a6ae7b53 MD5 | raw file
Possible License(s): MPL-2.0-no-copyleft-exception, GPL-2.0, BSD-3-Clause, GPL-3.0, MPL-2.0, LGPL-2.0, LGPL-2.1, CC-BY-SA-3.0, IPL-1.0, ISC, AGPL-1.0, AGPL-3.0, JSON, Apache-2.0, 0BSD
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
- "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
- <head>
- <title>agentclient.h</title>
- <style type="text/css">
- .enscript-comment { font-style: italic; color: rgb(178,34,34); }
- .enscript-function-name { font-weight: bold; color: rgb(0,0,255); }
- .enscript-variable-name { font-weight: bold; color: rgb(184,134,11); }
- .enscript-keyword { font-weight: bold; color: rgb(160,32,240); }
- .enscript-reference { font-weight: bold; color: rgb(95,158,160); }
- .enscript-string { font-weight: bold; color: rgb(188,143,143); }
- .enscript-builtin { font-weight: bold; color: rgb(218,112,214); }
- .enscript-type { font-weight: bold; color: rgb(34,139,34); }
- .enscript-highlight { text-decoration: underline; color: 0; }
- </style>
- </head>
- <body id="top">
- <h1 style="margin:8px;" id="f1">agentclient.h <span style="font-weight: normal; font-size: 0.5em;">[<a href="?txt">plain text</a>]</span></h1>
- <hr/>
- <div></div>
- <pre>
- <span class="enscript-comment">/*
- * agentclient.h
- * SecurityAgent
- *
- * Copyright (c) 2002,2008 Apple Inc.. All rights reserved.
- *
- */</span>
- #<span class="enscript-reference">ifndef</span> <span class="enscript-variable-name">_H_AGENTCLIENT</span>
- #<span class="enscript-reference">define</span> <span class="enscript-variable-name">_H_AGENTCLIENT</span>
- #<span class="enscript-reference">include</span> <span class="enscript-string"><Security/Authorization.h></span>
- #<span class="enscript-reference">include</span> <span class="enscript-string"><Security/AuthorizationPlugin.h></span>
- #<span class="enscript-reference">include</span> <span class="enscript-string"><Security/AuthorizationTags.h></span>
- #<span class="enscript-reference">include</span> <span class="enscript-string"><Security/AuthorizationTagsPriv.h></span>
- #<span class="enscript-reference">include</span> <span class="enscript-string"><security_agent_client/sa_types.h></span>
- #<span class="enscript-reference">if</span> <span class="enscript-reference">defined</span>(<span class="enscript-variable-name">__cplusplus</span>)
- #<span class="enscript-reference">include</span> <span class="enscript-string"><string></span>
- #<span class="enscript-reference">include</span> <span class="enscript-string"><security_utilities/mach++.h></span>
- #<span class="enscript-reference">include</span> <span class="enscript-string"><security_cdsa_utilities/AuthorizationData.h></span>
- namespace SecurityAgent {
- #<span class="enscript-reference">endif</span> <span class="enscript-comment">/* __cplusplus__ */</span>
- <span class="enscript-comment">// Manimum number of failed authentications before
- </span><span class="enscript-comment">// SecurityAgent dialog is killed.
- </span>#<span class="enscript-reference">define</span> <span class="enscript-variable-name">kMaximumAuthorizationTries</span> 10000
- <span class="enscript-comment">// Number of failed authentications before a password
- </span><span class="enscript-comment">// hint is displayed.
- </span>#<span class="enscript-reference">define</span> <span class="enscript-variable-name">kAuthorizationTriesBeforeHint</span> 3
- #<span class="enscript-reference">define</span> <span class="enscript-variable-name">maxPassphraseLength</span> 1024
-
- <span class="enscript-comment">//
- </span><span class="enscript-comment">// Unified reason codes transmitted to SecurityAgent (and internationalized there)
- </span><span class="enscript-comment">//
- </span><span class="enscript-type">enum</span> Reason {
- noReason = 0, <span class="enscript-comment">// no reason (not used, used as a NULL)
- </span> unknownReason, <span class="enscript-comment">// something else (catch-all internal error)
- </span>
- <span class="enscript-comment">// reasons for asking for a new passphrase
- </span> newDatabase = 11, <span class="enscript-comment">// need passphrase for a new database
- </span> changePassphrase, <span class="enscript-comment">// changing passphrase for existing database
- </span>
- <span class="enscript-comment">// reasons for retrying an unlock query
- </span> invalidPassphrase = 21, <span class="enscript-comment">// passphrase was wrong
- </span>
- <span class="enscript-comment">// reasons for retrying a new passphrase query
- </span> passphraseIsNull = 31, <span class="enscript-comment">// empty passphrase
- </span> passphraseTooSimple, <span class="enscript-comment">// passphrase is not complex enough
- </span> passphraseRepeated, <span class="enscript-comment">// passphrase was used before (must use new one)
- </span> passphraseUnacceptable, <span class="enscript-comment">// passphrase unacceptable for some other reason
- </span> oldPassphraseWrong, <span class="enscript-comment">// the old passphrase given is wrong
- </span>
- <span class="enscript-comment">// reasons for retrying an authorization query
- </span> userNotInGroup = 41, <span class="enscript-comment">// authenticated user not in needed group
- </span> unacceptableUser, <span class="enscript-comment">// authenticated user unacceptable for some other reason
- </span>
- <span class="enscript-comment">// reasons for canceling a staged query
- </span> tooManyTries = 61, <span class="enscript-comment">// too many failed attempts to get it right
- </span> noLongerNeeded, <span class="enscript-comment">// the queried item is no longer needed
- </span> keychainAddFailed, <span class="enscript-comment">// the requested itemed couldn't be added to the keychain
- </span> generalErrorCancel, <span class="enscript-comment">// something went wrong so we have to give up now
- </span>
- worldChanged = 101
- };
- <span class="enscript-type">typedef</span> <span class="enscript-type">enum</span> {
- tool = 'TOOL',
- bundle = 'BNDL',
- unknown = 'UNKN'
- } RequestorType;
- #<span class="enscript-reference">if</span> <span class="enscript-reference">defined</span>(<span class="enscript-variable-name">__cplusplus</span>)
- using MachPlusPlus::Port;
- using MachPlusPlus::PortSet;
- using MachPlusPlus::Bootstrap;
- using MachPlusPlus::ReceivePort;
- using MachPlusPlus::Message;
- using Authorization::AuthItemSet;
- using Authorization::AuthValueVector;
- class Clients;
- class Client
- {
- friend class Clients;
- <span class="enscript-type">enum</span> MessageType { requestInterruptMessage, didDeactivateMessage, reportErrorMessage };
- <span class="enscript-reference">public</span>:
- Client();
- virtual ~Client();
- <span class="enscript-type">static</span> AuthItemSet clientHints(SecurityAgent::RequestorType type, std::string &path, pid_t clientPid, uid_t clientUid);
-
- <span class="enscript-type">static</span> OSStatus startTransaction(Port serverPort);
- <span class="enscript-type">static</span> OSStatus endTransaction(Port serverPort);
-
- <span class="enscript-reference">protected</span>:
- <span class="enscript-type">void</span> establishServer();
-
- <span class="enscript-reference">public</span>:
- <span class="enscript-type">void</span> activate(Port serverPort);
- OSStatus create(<span class="enscript-type">const</span> <span class="enscript-type">char</span> *pluginId, <span class="enscript-type">const</span> <span class="enscript-type">char</span> *mechanismId, <span class="enscript-type">const</span> SessionId inSessionId);
- <span class="enscript-type">void</span> setArguments(<span class="enscript-type">const</span> Authorization::AuthValueVector& inArguments) { mArguments = inArguments; }
- <span class="enscript-type">void</span> setInput(<span class="enscript-type">const</span> Authorization::AuthItemSet& inHints, <span class="enscript-type">const</span> Authorization::AuthItemSet& inContext) { mInHints = inHints; mInContext = inContext; }
- OSStatus invoke();
- OSStatus deactivate();
- OSStatus destroy();
- OSStatus terminate();
- <span class="enscript-type">void</span> receive();
-
- <span class="enscript-type">void</span> didCreate(<span class="enscript-type">const</span> mach_port_t inStagePort);
- <span class="enscript-type">void</span> setResult(<span class="enscript-type">const</span> AuthorizationResult inResult, <span class="enscript-type">const</span> AuthorizationItemSet *inHints, <span class="enscript-type">const</span> AuthorizationItemSet *inContext);
- <span class="enscript-type">void</span> requestInterrupt(); <span class="enscript-comment">// setMessageType(requestInterrupt);
- </span> <span class="enscript-type">void</span> didDeactivate(); <span class="enscript-comment">// setMessageType(didDeactivate);
- </span>
- <span class="enscript-type">void</span> setError(<span class="enscript-type">const</span> OSStatus inMechanismError); <span class="enscript-comment">// setMessageType(reportError); setError(mechanismError);
- </span> OSStatus getError();
- AuthorizationResult result() { <span class="enscript-keyword">return</span> mResult; }
- <span class="enscript-type">typedef</span> <span class="enscript-type">enum</span> _PluginState {
- init,
- created,
- current,
- deactivating,
- active,
- interrupting,
- dead
- } PluginState;
- PluginState state() { <span class="enscript-keyword">return</span> mState; }
- <span class="enscript-reference">protected</span>:
- <span class="enscript-type">void</span> setMessageType(<span class="enscript-type">const</span> MessageType inMessageType);
- <span class="enscript-comment">// allow didCreate to set stagePort
- </span> <span class="enscript-type">void</span> setStagePort(<span class="enscript-type">const</span> mach_port_t inStagePort);
- <span class="enscript-comment">// allow server routines to use request port to find instance
- </span>
- <span class="enscript-comment">// @@@ implement lessThan operator for set in terms of instance
- </span>
- <span class="enscript-reference">protected</span>:
- <span class="enscript-type">void</span> setup();
- <span class="enscript-type">void</span> teardown() throw();
- Port mServerPort;
- Port mStagePort;
- Port mClientPort;
- MessageType mMessageType;
-
- OSStatus mErrorState;
- AuthorizationResult mResult;
- AuthValueVector mArguments;
- AuthItemSet mInHints;
- AuthItemSet mInContext;
- AuthItemSet mOutHints;
- AuthItemSet mOutContext;
-
- PluginState mState;
- <span class="enscript-type">void</span> setState(PluginState mState);
- <span class="enscript-reference">public</span>:
- mach_port_t instance() <span class="enscript-type">const</span> { <span class="enscript-keyword">return</span> mClientPort; }
- <span class="enscript-comment">// bool operator == (const Client &other) const { return this->instance() == other.instance(); }
- </span> bool operator < (<span class="enscript-type">const</span> Client &other) <span class="enscript-type">const</span> { <span class="enscript-keyword">return</span> this->instance() < other.instance(); }
- AuthItemSet &inHints() { <span class="enscript-keyword">return</span> mInHints; }
- AuthItemSet &inContext() { <span class="enscript-keyword">return</span> mInContext; }
- AuthItemSet &outHints() { <span class="enscript-keyword">return</span> mOutHints; }
- AuthItemSet &outContext() { <span class="enscript-keyword">return</span> mOutContext; }
- <span class="enscript-reference">public</span>:
- <span class="enscript-type">void</span> check(mach_msg_return_t returnCode);
- <span class="enscript-type">void</span> checkResult();
- };
- class Clients
- {
- friend class Client;
- <span class="enscript-reference">protected</span>:
- set<Client*> mClients;
- PortSet mClientPortSet;
- <span class="enscript-reference">public</span>:
- Clients() {}
- <span class="enscript-type">void</span> create(); <span class="enscript-comment">// create an agentclient
- </span> <span class="enscript-type">void</span> insert(Client *agent) { StLock<Mutex> _(mLock); mClients.insert(agent); mClientPortSet += agent->instance(); }
- <span class="enscript-type">void</span> remove(Client *agent) { StLock<Mutex> _(mLock); mClientPortSet -= agent->instance(); mClients.erase(agent); }
- Client &find(<span class="enscript-type">const</span> mach_port_t instance) <span class="enscript-type">const</span>;
- bool receive();
- bool compare(<span class="enscript-type">const</span> Client * client, mach_port_t instance);
- mutable Mutex mLock;
- <span class="enscript-type">static</span> ThreadNexus<Clients> gClients;
- };
- } <span class="enscript-comment">// end namespace Authorization
- </span>
- #<span class="enscript-reference">endif</span> <span class="enscript-comment">/* __cplusplus__ */</span>
- #<span class="enscript-reference">endif</span> <span class="enscript-comment">/* _H_AGENTCLIENT */</span>
- </pre>
- <hr />
- </body></html>