1/* 2 * Copyright (c) 2000-2001 Apple Computer, Inc. All Rights Reserved. 3 * 4 * @APPLE_LICENSE_HEADER_START@ 5 * 6 * This file contains Original Code and/or Modifications of Original Code 7 * as defined in and that are subject to the Apple Public Source License 8 * Version 2.0 (the 'License'). You may not use this file except in 9 * compliance with the License. Please obtain a copy of the License at 10 * http://www.opensource.apple.com/apsl/ and read it before using this 11 * file. 12 * 13 * The Original Code and all software distributed under the License are 14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER 15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, 16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. 18 * Please see the License for the specific language governing rights and 19 * limitations under the License. 20 * 21 * @APPLE_LICENSE_HEADER_END@ 22 */ 23 24 25// 26// trampolineServer.cpp - tool-side trampoline support functions 27// 28#include <cstdlib> 29#include <unistd.h> 30#include <Security/Authorization.h> 31#include <Security/SecBase.h> 32 33// 34// In a tool launched via AuthorizationCopyPrivilegedReference, retrieve a copy 35// of the AuthorizationRef that started it all. 36// 37OSStatus AuthorizationCopyPrivilegedReference(AuthorizationRef *authorization, 38 AuthorizationFlags flags) 39{ 40 // flags are currently reserved 41 if (flags != 0) 42 return errAuthorizationInvalidFlags; 43 44 // retrieve hex form of external form from environment 45 const char *mboxFdText = getenv("__AUTHORIZATION"); 46 if (!mboxFdText) 47 return errAuthorizationInvalidRef; 48 49 // retrieve mailbox file and read external form 50 AuthorizationExternalForm extForm; 51 int fd; 52 if (sscanf(mboxFdText, "auth %d", &fd) != 1) 53 return errAuthorizationInvalidRef; 54 if (lseek(fd, 0, SEEK_SET) || 55 read(fd, &extForm, sizeof(extForm)) != sizeof(extForm)) { 56 close(fd); 57 return errAuthorizationInvalidRef; 58 } 59 60 // internalize the authorization 61 AuthorizationRef auth; 62 if (OSStatus error = AuthorizationCreateFromExternalForm(&extForm, &auth)) 63 return error; 64 65 // well, here you go 66 *authorization = auth; 67 return errSecSuccess; 68} 69