1/*
2 * Copyright (c) 2000-2004,2011-2014 Apple Inc. All Rights Reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24
25//
26// Authorization.cpp
27//
28// This file is the unified implementation of the Authorization and AuthSession APIs.
29//
30#include <stdint.h>
31#include <Security/AuthSession.h>
32#include <Security/AuthorizationPriv.h>
33#include <security_utilities/ccaudit.h>
34#include <security_cdsa_utilities/cssmbridge.h>
35#include <Security/SecBase.h>
36#include <security_utilities/logging.h>
37
38//
39// This no longer talks to securityd; it is a kernel function.
40//
41OSStatus SessionGetInfo(SecuritySessionId requestedSession,
42    SecuritySessionId *sessionId,
43    SessionAttributeBits *attributes)
44{
45    BEGIN_API
46	CommonCriteria::AuditInfo session;
47	if (requestedSession == callerSecuritySession)
48		session.get();
49	else
50		session.get(requestedSession);
51	if (sessionId)
52		*sessionId = session.sessionId();
53	if (attributes)
54        *attributes = (SessionAttributeBits)session.flags();
55    END_API(CSSM)
56}
57
58
59//
60// Create a new session.
61// This no longer talks to securityd; it is a kernel function.
62// Securityd will pick up the new session when we next talk to it.
63//
64OSStatus SessionCreate(SessionCreationFlags flags,
65    SessionAttributeBits attributes)
66{
67    BEGIN_API
68
69	// we don't support the session creation flags anymore
70	if (flags)
71		Syslog::warning("SessionCreate flags=0x%lx unsupported (ignored)", (unsigned long)flags);
72	CommonCriteria::AuditInfo session;
73	session.create(attributes);
74
75	// retrieve the (new) session id and set it into the process environment
76	session.get();
77	char idString[80];
78	snprintf(idString, sizeof(idString), "%x", session.sessionId());
79	setenv("SECURITYSESSIONID", idString, 1);
80
81    END_API(CSSM)
82}
83
84
85//
86// Get and set the distinguished uid (optionally) associated with the session.
87//
88OSStatus SessionSetDistinguishedUser(SecuritySessionId session, uid_t user)
89{
90	BEGIN_API
91	CommonCriteria::AuditInfo session;
92	session.get();
93	session.ai_auid = user;
94	session.set();
95	END_API(CSSM)
96}
97
98
99OSStatus SessionGetDistinguishedUser(SecuritySessionId session, uid_t *user)
100{
101    BEGIN_API
102	CommonCriteria::AuditInfo session;
103	session.get();
104	Required(user) = session.uid();
105    END_API(CSSM)
106}
107
108//OSStatus _SessionSetUserPreferences(SecuritySessionId session);
109//
110//static
111//void SessionUserPreferencesChanged(CFNotificationCenterRef center, void *observer, CFStringRef name, const void *object, CFDictionaryRef userInfo)
112//{
113//#warning "The cast will loose some information"
114//	_SessionSetUserPreferences((SecuritySessionId)uintptr_t(observer));
115//}
116//
117//OSStatus _SessionSetUserPreferences(SecuritySessionId session)
118//{
119//    BEGIN_API
120//	CFStringRef appleLanguagesStr = CFSTR("AppleLanguages");
121//	CFStringRef controlTintStr = CFSTR("AppleAquaColorVariant");
122//	CFStringRef keyboardUIModeStr = CFSTR("AppleKeyboardUIMode");
123//	CFStringRef textDirectionStr = CFSTR("AppleTextDirection");
124//	CFStringRef hitoolboxAppIDStr = CFSTR("com.apple.HIToolbox");
125//	CFNotificationCenterRef center = CFNotificationCenterGetDistributedCenter();
126//
127//	CFRef<CFMutableDictionaryRef> userPrefsDict(CFDictionaryCreateMutable(NULL, 10, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
128//	CFRef<CFMutableDictionaryRef> globalPrefsDict(CFDictionaryCreateMutable(NULL, 10, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
129//
130//	if (!userPrefsDict || !globalPrefsDict)
131//		return errSessionValueNotSet;
132//
133//	CFRef<CFArrayRef> appleLanguagesArray(static_cast<CFArrayRef>(CFPreferencesCopyAppValue(appleLanguagesStr, kCFPreferencesCurrentApplication)));
134//	if (appleLanguagesArray)
135//		CFDictionarySetValue(globalPrefsDict, appleLanguagesStr, appleLanguagesArray);
136//
137//	CFRef<CFNumberRef> controlTintNumber(static_cast<CFNumberRef>(CFPreferencesCopyAppValue(controlTintStr, kCFPreferencesCurrentApplication)));
138//	if (controlTintNumber)
139//		CFDictionarySetValue(globalPrefsDict, controlTintStr, controlTintNumber);
140//
141//	CFRef<CFNumberRef> keyboardUIModeNumber(static_cast<CFNumberRef>(CFPreferencesCopyAppValue(keyboardUIModeStr, kCFPreferencesCurrentApplication)));
142//	if (keyboardUIModeNumber)
143//		CFDictionarySetValue(globalPrefsDict, keyboardUIModeStr, keyboardUIModeNumber);
144//
145//	CFRef<CFNumberRef> textDirectionNumber(static_cast<CFNumberRef>(CFPreferencesCopyAppValue(textDirectionStr, kCFPreferencesCurrentApplication)));
146//	if (textDirectionNumber)
147//		CFDictionarySetValue(globalPrefsDict, textDirectionStr, textDirectionNumber);
148//
149//	if (CFDictionaryGetCount(globalPrefsDict) > 0)
150//		CFDictionarySetValue(userPrefsDict, kCFPreferencesAnyApplication, globalPrefsDict);
151//
152//	CFPreferencesSynchronize(hitoolboxAppIDStr, kCFPreferencesCurrentUser,
153//			kCFPreferencesCurrentHost);
154//	CFRef<CFDictionaryRef> hitoolboxPrefsDict(static_cast<CFDictionaryRef>(CFPreferencesCopyMultiple(NULL, hitoolboxAppIDStr, kCFPreferencesCurrentUser, kCFPreferencesCurrentHost)));
155//	if (hitoolboxPrefsDict) {
156//		CFDictionarySetValue(userPrefsDict, hitoolboxAppIDStr, hitoolboxPrefsDict);
157//		CFNotificationCenterPostNotification(center, CFSTR("com.apple.securityagent.InputPrefsChanged"), CFSTR("com.apple.loginwindow"), hitoolboxPrefsDict, true);
158//	}
159//
160//	CFRef<CFDataRef> userPrefsData(CFPropertyListCreateXMLData(NULL, userPrefsDict));
161//	if (!userPrefsData)
162//		return errSessionValueNotSet;
163//	server().setSessionUserPrefs(session, (uint32_t)CFDataGetLength(userPrefsData), CFDataGetBytePtr(userPrefsData));
164//
165//    END_API(CSSM)
166//}
167
168OSStatus SessionSetUserPreferences(SecuritySessionId session)
169{
170//	OSStatus status = _SessionSetUserPreferences(session);
171//	if (errSecSuccess == status) {
172//		CFNotificationCenterRef center = CFNotificationCenterGetDistributedCenter();
173//		// We've succeeded in setting up a static set of prefs, now set up
174//		CFNotificationCenterAddObserver(center, (void*)session, SessionUserPreferencesChanged, CFSTR("com.apple.Carbon.TISNotifySelectedKeyboardInputSourceChanged"), NULL, CFNotificationSuspensionBehaviorDeliverImmediately);
175//		CFNotificationCenterAddObserver(center, (void*)session, SessionUserPreferencesChanged, CFSTR("com.apple.Carbon.TISNotifyEnabledKeyboardInputSourcesChanged"), NULL, CFNotificationSuspensionBehaviorDeliverImmediately);
176//	}
177//	return status;
178    return errSecSuccess;
179}
180