#import <xpc/xpc.h>
#import <Foundation/Foundation.h>
#import <CoreFoundation/CFRuntime.h>
#import <os/log.h>
#import <heim-ipc.h>
#import "common.h"
#import "GSSCredHelperClient.h"
#import "gssoslog.h"
#ifndef gsscred_h
#define gsscred_h
typedef enum {
IAKERB_NOT_CHECKED = 0,
IAKERB_ACCESS_DENIED = 1,
IAKERB_ACCESS_GRANTED = 2
} iakerb_access_status;
struct peer {
xpc_connection_t peer;
CFStringRef bundleID;
CFStringRef callingAppBundleID;
struct HeimSession *session;
bool needsManagedAppCheck;
bool isManagedApp;
CFStringRef currentDSID;
iakerb_access_status access_status;
};
@protocol ManagedAppProvider <NSObject>
- (BOOL)isManagedApp:(NSString*)bundleId;
@end
typedef NSString * (*HeimCredCurrentAltDSID)(void);
typedef bool (*HeimCredHasEntitlement)(struct peer *, const char *);
typedef uid_t (*HeimCredGetUid)(xpc_connection_t);
typedef NSData * (*HeimCredEncryptData)(NSData *);
typedef NSData * (*HeimCredDecryptData)(NSData *);
typedef au_asid_t (*HeimCredGetAsid)(xpc_connection_t);
typedef bool (*HeimCredVerifyAppleSigned)(struct peer *, NSString *);
typedef bool (*HeimCredSessionExists)(pid_t asid);
typedef void (*HeimCredSaveToDiskIfNeeded)(void);
typedef CFPropertyListRef (*HeimCredGetValueFromPreferences)(CFStringRef);
typedef void (*HeimExecuteOnRunQueue)(dispatch_block_t);
typedef struct {
bool isMultiUser;
HeimCredCurrentAltDSID currentAltDSID;
HeimCredHasEntitlement hasEntitlement;
HeimCredGetUid getUid;
HeimCredGetAsid getAsid;
HeimCredEncryptData encryptData;
HeimCredDecryptData decryptData;
HeimCredVerifyAppleSigned verifyAppleSigned;
HeimCredSessionExists sessionExists;
id<ManagedAppProvider> managedAppManager;
bool useUidMatching;
HeimCredSaveToDiskIfNeeded saveToDiskIfNeeded;
HeimCredGetValueFromPreferences getValueFromPreferences;
heim_ipc_event_callback_t expireFunction;
heim_ipc_event_callback_t renewFunction;
heim_ipc_event_final_t finalFunction;
HeimCredNotifyCaches notifyCaches;
time_t renewInterval;
Class<GSSCredHelperClient> gssCredHelperClientClass;
HeimExecuteOnRunQueue executeOnRunQueue;
} HeimCredGlobalContext;
extern HeimCredGlobalContext HeimCredGlobalCTX;
struct HeimSession {
CFRuntimeBase runtime;
uid_t session;
CFMutableDictionaryRef items;
CFMutableDictionaryRef defaultCredentials;
int updateDefaultCredential;
};
struct HeimMech {
CFRuntimeBase runtime;
CFStringRef name;
HeimCredStatusCallback statusCallback;
HeimCredAuthCallback authCallback;
HeimCredNotifyCaches notifyCaches;
bool readRestricted;
CFArrayRef readOnlyCommands;
};
typedef enum {
READ_SUCCESS = 0,
READ_EMPTY = 1,
READ_SIZE_ERROR = 2,
READ_EXCEPTION = 3
} cache_read_status;
cache_read_status readCredCache(void);
void storeCredCache(void);
void notifyChangedCaches(void);
bool isAcquireCred(HeimCredRef cred);
bool hasRenewTillInAttributes(CFDictionaryRef attributes);
void _HeimCredRegisterGeneric(void);
void _HeimCredRegisterConfiguration(void);
struct HeimSession * HeimCredCopySession(int sessionID);
void RemoveSession(au_asid_t asid);
void peer_final(void *ptr);
extern NSString *archivePath;
void do_Delete(struct peer *peer, xpc_object_t request, xpc_object_t reply);
void do_SetAttrs(struct peer *peer, xpc_object_t request, xpc_object_t reply);
void do_Auth(struct peer *peer, xpc_object_t request, xpc_object_t reply);
void do_Fetch(struct peer *peer, xpc_object_t request, xpc_object_t reply);
void do_Query(struct peer *peer, xpc_object_t request, xpc_object_t reply);
void do_GetDefault(struct peer *peer, xpc_object_t request, xpc_object_t reply);
void do_Move(struct peer *peer, xpc_object_t request, xpc_object_t reply);
void do_Status(struct peer *peer, xpc_object_t request, xpc_object_t reply);
void do_DeleteAll(struct peer *peer, xpc_object_t request, xpc_object_t reply);
void do_CreateCred(struct peer *peer, xpc_object_t request, xpc_object_t reply);
void do_RetainCache(struct peer *peer, xpc_object_t request, xpc_object_t reply);
void do_ReleaseCache(struct peer *peer, xpc_object_t request, xpc_object_t reply);
CFTypeRef KerberosStatusCallback(HeimCredRef cred) CF_RETURNS_RETAINED;
CFTypeRef KerberosAcquireCredStatusCallback(HeimCredRef cred) CF_RETURNS_RETAINED;
CFTypeRef ConfigurationStatusCallback(HeimCredRef cred) CF_RETURNS_RETAINED;
#endif